Who we are
KISS Communications Limited collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as 'controller' of that personal information for the purposes of those laws.
The personal information we collect and use
We collect the following personal information from you when you use our website:
- When you sign up for our newsletter we collect your email address, your name and any comments that you leave in the comments box for the sign-up form.
- When you contact us we will collect your contact information that you used to contact us (such as the email address you used) as well as any information you include in your enquiry.
- When you use the client login feature of the website we will collect information about when you log in, your activity in the client area of the website, and the device you use to log in.
- When you browse the website we collect information from the device you use to browse, such as your IP address, unique device identifiers, and information from cookies and similar technologies stored on the device. For more information about cookies, see the Cookies section of our Website Terms.
Information collected from other sources
We also obtain personal information from other sources as follows:
- We collect information about your interests and browsing behaviour from Google Analytics, Google AdWords, and social media providers such as Facebook, LinkedIn, and Twitter.
How we use your personal information
We use your personal information for the following purposes:
- To respond to your enquiries and keep a record of our communications with you.
- To provide you with access to the client login features of the website and manage your account if you are a client.
- To send you our newsletter if you sign up for it, and to send you other material about our services that we think might interest you. We send that material by email if you have consented to receive email marketing from us, and in hardcopy unless you tell us that you prefer not to receive it.
- To help us understand our clients and potential clients, and the effectiveness of our advertising, so that we can plan and deliver effective campaigns to develop our business.
- To understand how people use our website, so that we can design the website to suit our users.
- As part of our efforts to keep our website secure.
Who we share your personal information with
We share your data with the businesses that provide IT and related services to us, such as our customer relationship management systems, and website hosting. We only share the types of data that those businesses need in order to provide us with those services and we make sure our data sharing is governed by a contract that controls what those businesses can do with that data.
If we sell our business we may provide your personal data to the new owner so that the new owner can continue to operate the business.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
How long your personal data will be kept
We will hold your personal data for no longer than necessary for the purposes explained above.
Reasons we can collect and use your personal information
We rely on Article 6(1)(f) of the GDPR as the lawful basis on which we collect and use your personal data. That means that we can collect and use your personal data on the basis that it is necessary for the purposes of our legitimate interests, except where our interests are overridden by your privacy interests.
Our legitimate interests are carrying on our business, providing services to our clients, and marketing our business online, in print, and in person.
We think that our use of your personal data has a minimal impact on your privacy, but if you disagree please contact us using the details below.
Transfer of your information out of the EEA
We may transfer your personal information outside the European Economic Area (EEA) in order for us to use the services of our suppliers where they are based outside the EEA. We do this, for examples, where we use IT services hosted on servers outside the EEA.
Such countries have different data protection laws to the United Kingdom and EEA. Where we transfer of your personal information to non-EEA countries we will do so in accordance with the General Data Protection Regulation, ensuring that appropriate safeguards are in place. In most cases, the safeguard will be the use of standard data protection clauses adopted by the European Commission.
To obtain more information about those safeguards please contact us (see 'How to contact us' below).
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals' rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us (see 'How to contact us' below).
If you would like to unsubscribe from any email or newsletter you can also click on the 'unsubscribe' button at the bottom of the email or newsletter. It may take a few days for the change to take effect.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at ico.org.uk/concerns.
Changes to this privacy notice
This privacy notice was published on 1st March 2018 and last updated on 1st March 2018.
We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version.
How to contact us
If you wish to contact us please send an email to firstname.lastname@example.org, write to KISS Communications Limited, St John's Innovation Centre, Cowley Road, Cambridge CB4 0WS or call 01223 911 123.