This is the start of our GDPR statement. We know we have a some way to go but it will hopefully answer some of the questions we are receiving from our customers.

Data Storage and Access:

• All of our data is hosted on Google servers located in Ireland or 1&1 servers located in Germany
• All administration access is restricted to the Hosting Companies Console or a white list of IP addresses
• All sites on the server have HTTPS access
• All passwords are encrypted
• All data and files are backed up nightly to a second Google hosted server
• All UDB customers are required to confirm that any data they store on our system conforms to GDPR regulations
• All https Requests to the database are subject to multiple security levels

Data Use

• All data stored by our customers in their area is restricted to that customer's use
• UDB will not access customers' data for any purpose other than that requested by the customer or for maintenance or testing purposes
• Although UDB will, when asked, advise on best practices, correct and legal use of data stored by the customer is the responsibility of the customer.
• UDB can provide facilities to assist customers in gaining consent for storing data but the responsibility for gaining and managing consent is the responsibility of the customer.
• Facilities will be provided to permanently delete any records as required by the customer.
• All UDB customers are required to confirm that any data use conforms to GDPR regulations

Data we store about you

• Any data stored by UDB about our customers or suppliers will only be stored for the purposes of normal business transactions
• None of the data we store will be used for marketing purposes or sold to any third party