Roles depend on context
The customer usually controls hosted content, while BLCS Global may process limited data to provide the service.
Corporate information
The customer normally determines what personal data is placed in its hosted websites, applications and systems. Depending on the service, BLCS Global or its infrastructure providers may process limited data on the customer’s behalf to deliver hosting, security, backup and support.
The customer usually controls hosted content, while BLCS Global may process limited data to provide the service.
Data-residency and transfer requirements should be stated before the architecture is agreed.
A data-processing agreement can be considered where the service relationship requires one.
01 / Corporate information
Customers decide what personal data their websites and applications collect, why it is used and who can access it. They remain responsible for lawful notices, permissions, retention and application-level security. BLCS Global’s role is limited to the infrastructure and managed tasks set out in the service agreement.
02 / Corporate information
Datacentre, network, backup and communications providers may be used to deliver the selected service. The exact chain depends on product and location. Customers with contractual, regulatory or transfer requirements should raise them before order so a suitable design and documentation route can be assessed.
Who this information supports
The applicable order and service documents remain important where the enquiry or account relates to a purchased service.
Controllers hosting customer or employee data
SaaS businesses selecting infrastructure
Procurement teams reviewing supplier roles
Organisations with UK data-residency requirements
Clear answers
These answers explain the public policy at a practical level. Account-specific matters should use the secure Client Area.
No. The role depends on the activity. For hosted customer content BLCS Global may act as a processor, while for its own account, billing and enquiry records it may act as a controller.
Yes. The requirement should be raised during quotation so the service scope, parties, locations and sub-processing position can be reviewed.
Routine service delivery does not require general inspection of customer content. Access may occur where authorised support, security response, platform operation or law requires it.
Continue exploring
Need clarification?