This policy was last updated on 1st May 2018
This policy explains how we collect and use personal data from and about visitors to our website.
This policy does not apply to the websites, apps, products or services of any other organisations that you may access through links on our website or how any third party organisations which advertise products and services on our website collect and use your personal data to offer relevant online advertising to you (see Cookies).
As we make changes to our website, we may need to update this policy. If we make any important changes that affect your rights and interests, we will make sure we bring this to your attention and explain what this means for you.
If you have any questions in relation to this policy or wish to exercise any of Your rights under data protection law, you should email email@example.com.
This website is operated by Kbase-Connect Limited (trading as Kbase Connect). We are a limited company registered in England and Wales under company number 3996601 and our registered office is at Bristol & Bath Science Park, 1 Dirac Crescent, Emerson’s Green, Bristol BS16 7FR. We are registered as a data controller with the UK Information Commissioner’s Office (ICO) under number Z1022081.
Personal data means any data that identifies or can be used to identify a person. It does not include data where the identity has been removed (anonymous data).
You may provide the following kinds of data to us:
We may collect the following kinds of data about you:
Unless you specifically inform us for any reason, we do not collect any details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.
The data that you may provide to us will generally be collected when you fill in a form or contact us.
We will only use your personal data when the law allows us to. We will generally rely on one of three legal grounds for using your personal data:
Generally, we do not rely on consent as a legal ground for using your personal data, except in relation to sending you marketing by email. You have the right to withdraw your consent to marketing at any time either by contacting us, clicking the unsubscribe link in an email or replying to a text message with the required words notified to you in each text message.
We do not sell any personal data for commercial purposes.
However we may have to share your personal data with:
Our website is hosted on servers within the United Kingdom only and any personal data provided by you to us will stored in the United Kingdom (though if our staff are travelling, they may access it from a device in another country).
Google Analytics is hosted on servers around the world to maintain service continuity in the event of a disaster or other incident in a particular country. Some of those servers are therefore hosted outside the European Economic Area (EEA).
Many of the service providers that we use in connection with our website and the services provided through it are based outside the European Economic Area (EEA), which means that your personal data may be transferred outside the EEA. Whenever we transfer your personal data outside the EEA, we ensure that a similar degree of protection applies to your personal data in one or more of the following ways:
The security of your personal data is important to us.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those within our organisation that have a need to access it. They will only process your personal data on our instructions and they are required to keep your personal data confidential.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Office or any other relevant regulator where we are legally required to do so.
We will only keep your personal data for as long as necessary in connection with the purposes we collected it for and to comply with any legal, accounting or reporting requirements. To determine how long we keep your personal data for, we consider the amount, nature and sensitivity of the personal data, the purposes for which it was collected and the potential risk of harm from us continuing to keep it.
We will retain the analytical data collected about your use of our website for a period of 25 months before 25 May 2018 and 14 months on and after 25 May 2018.
We may retain any data that does not identify you indefinitely.
Cookies are small text files that are stored on your device and contain a uniquely generated reference which is used to distinguish you from other people each time your visit our website, even if the IP address of the device used by you to visit our website changes. None of the cookies used on our website store data that can directly identify you.
You can read more information cookies and how they work at All About Cookies.org and information about how online advertising works at Your Online Choices (these are third party websites that do not control).
The cookies used by our website fall into the following categories:
We are required to obtain your consent to all cookies except those that are strictly necessary. You will be asked to confirm your consent when you first visit our website and you can change your cookie settings for our website at any time.
Alternatively, you can clear cookies after you visit our website, use a tracking blocker such as Privacy Badger or, for the analytical cookies stored by Google, install the Google Analytics opt-out extension.
If you block or restrict cookies, you may not be able to use certain features of our website.
You have a number of rights in relation to the personal data we hold about you:
You will not have to pay any fee to exercise any of the above rights though we may charge a reasonable fee or refuse to comply with your request if any request is clearly unfounded or excessive. Where this is the case, we will let you know.
To protect the confidentiality of your personal data we will ask you to verify your identity before fulfilling any request in relation to your personal data.