Catalyst2 Services Limited t/a Catalyst2 (‘we and us“) are committed to protecting and respecting your privacy.

This Policy (together with our terms and conditions and any other documents referred to on it) sets out how we process the Personal Data we collect from you or that you provide to us. Personal Data is a term used to describe data that allows you to be directly or indirectly identified.

Please read the following notice carefully to understand our views and practices regarding your Personal Data and how we will treat it.

Catalyst2 Services Limited is the data controller of your Personal Data provided or collected in connection with Catalyst2’s products and services (the “services“). Catalyst2 Services Limited is registered under company number NI049920, registered office address is Forsyth House, Cromac Square, Belfast, Co Antrim, BT2 8LA.

Catalyst2 is part of a wider organisation called and together our vision is to provide reliable, best in class tools and products to better enable companies and entrepreneurs to grow their businesses digitally. Although this privacy policy is issued on behalf of Catalyst2 we have included details of where your Personal Data may be shared with other organisations within our wider group.


If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager in the following ways:

  • Email address:
  • Postal address: Catalyst2, Acton House, Perdiswell Park, Worcester, Worcestershire, WR3 7GD

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.


We will collect and process the following data about you:


Please note in limited circumstances, for example when making a card payment, it may be necessary to collect information from a third party or cardholder. Please ensure that any third parties are made aware of this Privacy Policy and please ensure you obtain permission before providing their information.

For the purposes of security and detection of fraudulent behaviour, we have implemented an automated control system. This system makes use of cookies and other similar tracking technologies, to track and analyse certain behaviours of the users on the site associated with their IP addresses and other personal data associated with the browsing on the site. The consequence of such processing is that, if a visitor attempts to engage in fraudulent conduct on the site (for example in order to benefit several times from the same promotion without having the right to do so), we reserve the right to exclude such persons from the promotion or to take any other appropriate measures for our own protection.


With regard to each of your visits to our site we will also collect the following information:



We use information held about you in the following ways:

  • To help us identify you and the accounts you hold with us;
  • To provide customer care;
  • To enable us to review, develop and improve our services and website;
  • To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  • To carry out marketing and statistical analysis. As part of our marketing efforts and in the legitimate interest of Catalyst2, we may send marketing emails promoting similar products or services to our customers, in compliance with the soft opt-in exemption. This exemption allows us to contact our existing customers with offers for products or services that are similar to those they have previously purchased from us. Further information can be found here;
  • To provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
    • We will only contact you about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you would like to change your communication preferences to opt in or out of receiving specific communications, you can email us at;
  • To display targeted, or interest based, offers to you based on those services already purchased;
  • To notify you about changes to our service; and
  • To ensure that content from our site is presented in the most effective manner for you and your computer.


In addition to the specific purposes for which we may process your Personal Data set out above, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Please do not supply any other person’s Personal Data to us, unless we ask you to do so.


Catalyst2 works alongside third parties (including business partners, service providers and fraud protection services) and we may receive information from them about you. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).


To administer and provide Catalyst2 services we may share your Personal Data with:

  • Members of our wider group organisation, including our subsidiary companies, our ultimate holding company and its subsidiaries.
  • Selected third parties including:
    • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
    • Advertisers and advertising networks that require the data to select and serve relevant adverts to you on other websites. Our third party partners may use technologies such as cookies to gather information about your activities on this Site and other websites in order to provide you with advertising based upon your browsing activities and interests, and to measure advertising effectiveness;
    • Analytics activities by means of tracking through the use of cookies and similar technologies, aimed at verifying and measuring the quality and effectiveness of our online advertising campaigns, in order to improve the performance of those campaigns, as well as the services offered by us.
  • The requisite Registry for the domain name you have purchased (where applicable). Please see ‘DOMAIN REGISTRATION DATA IN THE PUBLIC WHOIS’ below for more information.

We may disclose your Personal Data to third parties:

  • In the event that we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of such business or assets;
  • If Catalyst2 Services Limited or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets;
  • If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of Catalyst2, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.


To register a domain name, you must provide certain personal information including:

  • Contact Information: your name, address, phone number, and email address.
  • Identity Verification: Some Registries may also require you to provide additional documentation to verify your identity, such as a government issued ID or passport.
  • Additional contact point: Some Registries may require you to provide one or more additional contact points, who will be responsible for e.g. administrative or technical aspects of the domain registration.

Your Personal Data will be used for the following purposes:

  • Verifying your identity and contact information
  • Billing and invoicing for the domain registration
  • Providing customer support and assistance
  • Communicating important information about the domain registration and renewal

The domain Registrar as the entity responsible for managing the registration of domain names, is responsible for collecting and storing your Personal Data in accordance with applicable laws and regulations. They may share the Personal Data with other Registrars in order to register a domain. The domain Registry, as the entity responsible for maintaining the database of registered domain names, will receive your Personal Data. The Registry uses this information to maintain accurate and up-to-date records of the registered domain names, and to ensure compliance with relevant laws and regulations. The Registrar and Registry may also be required to share your Personal Data with ICANN (Internet Corporation for Assigned Names and Numbers) as a part of the compliance process with ICANN’s policies.

The details of the Registry providing specific extensions can be found at – the ‘Root Zone Database’.

The Root Zone Database represents the delegation details of top-level domains (TLDs) which are classified as either generic (for example ‘.com’) or at country-code level (for example ‘.uk’). The Registry or Registrar which we contract with to register the domains may publish your Personal Data in the online directory known as the WHOIS.

For generic domains ending in .com .net and .jobs:

  • Enom will not publish your Personal Data in the online public WHOIS. As an ICANN accredited Registrar, Enom is required to adhere to the WHOIS policy set by ICANN.

For all Nominet domain registrations (, .uk,,

  • Your Personal Data will not be published to the public WHOIS.

For all .IE domain registrations (.ie):

  • .ie registrations completed as a business entity will have contact details published to the public WHOIS in line with .ie Registry rules. If Personal Data is included in the domain registration, this will be published to the public WHOIS. Registrations for non-business entities will not be published to the public WHOIS.

Should the publishing of your Personal Data to the public WHOIS be enforced by ICANN, or should Nominet or .IE’s policy about the publishing of Personal Data to the public WHOIS change, we will advise you by updating this Privacy Policy.

Please note that the location of the TLD registry will determine where your Personal Data is transferred and this may include the transfer of your Personal Data to a domain name Registry located outside of the UK and necessary for the registration of a country code domain name. We will ensure that the appropriate safeguards are implemented to ensure the protection of your Personal Data. We have provided further information about the appropriate safeguards at the bottom of this Privacy Policy.


All information you provide to us is stored on our secure servers located within the UK and the EEA. It will also be processed by colleagues operating within the UK and EEA. This includes colleagues engaged in, among other things, the fulfilment of your order and the provision of support services.

As of 31 December 2020, the UK ceased to be a member of the EU. There may be circumstances, depending on your location, where your Personal Data is transferred from the UK to the EEA and vice versa. We will ensure a similar degree of protection is afforded to your Personal Data by ensuring at least one of the approved safeguards (as described below) are implemented (commonly this will include the use of specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe) and to ensure that your Personal Data is treated securely and protected against unauthorised loss or damage.

Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.

The Group, consisting of several brands and subsidiaries, can improve coordination and resource allocation by sharing data internally. This allows for more efficient collaboration on product, campaign, and customer service improvements. Personal Data may be shared among Group companies for marketing statistics, internal administration, and reporting purposes, but only in an amount necessary for the intended use and with proper protective measures in place to prevent unauthorised access or disclosure.


Where we have given you (or where you have chosen) a username and password which enables you to access certain parts of our site, you are responsible for keeping this username and password confidential. We ask you not to share this information with anyone.


Unfortunately, the transmission of information through the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised loss or damage.


Our websites and services are not directed at individuals under the age of thirteen (13). We will not intentionally collect or maintain information about these individuals. If you believe that we may have collected Personal Data from someone under the age of 13, please let us know by emailing We will then take appropriate measures to investigate and, if appropriate, delete that information.


We will retain your Personal Data for as long as needed to provide you with the services or as long as needed to fulfil the purpose for which the Personal Data was originally collected. We may also be required to retain certain information by law and/or for legitimate business purposes (for example, VAT records).


Under certain circumstances, you have rights under data protection laws in relation to your Personal Data and more information is set out below.

Please note you may instruct us at any time not to process your personal information for marketing purposes.

Your rights under data protection law include:

The right to access;

You have the right to ask us to confirm whether or not we process your Personal Data and, to have access to the Personal Data, and any additional information. That additional information includes the purposes for which we process your Personal Data, the categories of Personal Data we hold and the recipients of that Personal Data. You may request a copy of your Personal Data.

The right to rectification;

If we hold any inaccurate Personal Data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete Personal Data about you completed.

The right to erasure;

In certain circumstances you have the right to have Personal Data that we hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those Personal Data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the Personal Data have been unlawfully processed. However, there are certain general exclusions of the right to erasure, including where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for establishing, exercising or defending legal claims.

The right to restrict processing;

In certain circumstances you have the right for the processing of your Personal Data to be restricted. This is the case where: you do not think that the Personal Data we hold about you is accurate; your Personal Data is being processed unlawfully, but you do not want your Personal Data to be erased; it is no longer necessary for us to hold your Personal Data for the purposes of our processing, but you still require that Personal Data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, we may continue to store your Personal Data. However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

The right to object to processing;

You can object to us processing your Personal Data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, we will stop processing your Personal Data unless we are able to: demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim.

The right to data portability;

In relation to the information you have given us and that we hold electronically, you have the right to request that your Personal Data be moved, copied or transferred from one database, storage or IT environment to another. You can make a portability request at any time where we have relied on your consent to use your Personal Data, or we have processed your data as part of a contract you have with us.

The right to complain to a supervisory authority;

If you think that our processing of your Personal Data infringes data protection laws, you can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

The right to withdraw consent; and

To the extent that the legal basis we are relying on for processing your Personal Data is consent, you are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

The right to object to direct marketing;

You can choose whether we process your Personal Data for direct marketing purposes. If you do not want us to process your Personal Data for direct marketing purposes, we will not process your Personal Data for this purpose.

If you wish to:

  • Request access to, deletion of or correction of, your Personal Data, please contact us to arrange this at
  • Request that your Personal Data be transferred to another person. You can exercise this right by contacting us at and requesting that your Personal Data be transferred.

Please note we reserve the right to charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We may additionally need to request specific information from you to help us confirm your identity.


Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.


We use the term “Client” to describe a customer of Catalyst2 and to whom we provide our services under the terms of our contractual relationship.

Our Clients use the services to host, transmit or process data to our hosting platform and this information may include Personal Data that allows their own customers to be identified. We refer to this type of data as “Client Customer Data”.

We only have a business or contractual relationship with our Clients and have no direct relationship with the individuals categorised as Client Customer Data.

We do not collect, view or share Client Customer Data except as outlined in the terms of our contractual agreement with the Client (the Contract), or, in exceptional circumstances as required by law or by order of a court. Nothing contained in this Privacy Policy shall alter specific terms and conditions applicable to the Contract.

In line with the Contract, our Clients retain responsibility for compliance with relevant data protection legislation, which includes setting standards and maintaining security standards to ensure the security of all data they upload to our platform which may include Client Customer Data. The security, including encryption of data prior to transmission to our network and confidentiality of their accounts and access to our platform, remains the responsibility at all times of our Clients.

To find out how Client Customer Data is collected, stored and processed by the Client (including information on how to gain access to and/or to make changes to Client Personal Data) please contact the Client directly, or refer to the applicable Client Privacy Policy for more information. Any enquiries received, or requests made, relating to Client Customer Data will be passed to the Client at the earliest opportunity.


Any changes we make to our Privacy Policy in the future will be posted on this page and/ or at our discretion, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.


Whenever we transfer your Personal Data out of the UK (including to one of our group companies), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer data to them if the appropriate Standard Contract Clauses (SCCs) are in place which requires them to provide similar protection to Personal Data shared between Europe and the US.
  • We will implement supplementary measures where appropriate, including additional security measures to ensure adequate protection for Personal Data in line with our obligations as a responsible data controller.
  • Catalyst2 has appointed Register S.p.A of Viale della Giovine Italia, 17. I-50122 Firenze Italy, to act as its representative in the EU with regard to Data Protection matters.