K3 Business Technology Group PLC (K3) and our group members (“we” or “us”) are committed to protecting and respecting your privacy.
This notice sets out how we may collect personal data from or about you, how we might use it and, importantly, what rights you have over your own personal data. Please read this notice carefully to understand how we will use and look after your personal data.
This notice applies to all of our products, services, activities and websites (unless they have their own privacy notice). By providing any personal information to us, visiting any of our websites or accessing or using any of our products or services, you agree that we may use your information as set out in this notice. This policy does not apply to third party products, services or activities that K3 does not control (and to which third party terms may apply).
This privacy notice is provided in a layered format so you can click through to the specific areas set out below.
This policy was first written in English. To the extent that any translated version conflicts with the English version, the English version will take priority.
Information About K3
The K3 group of companies is made up of different legal entities and more information about us can be found here http://www.k3btg.com/ (the K3 “Group”). This privacy notice is issued on behalf of the K3 Group so when we mention K3, “we”, “us” or “our” in this privacy notice, we are referring to the relevant company in the K3 Group responsible for processing (eg collecting, using and holding) your data.
For the purposes of data protection laws the (data) controller will be the company you or your employer purchased a product or service from or provided your data to.
We have appointed a data privacy manager who is responsible for matters relating to this notice. If you have any questions, including any requests to exercise your rights in relation to your personal data then please contact the data privacy manager at the address at the end of this privacy notice.
If you are not satisfied with how we handle your personal data then we would appreciate the chance to deal with your concerns in the first instance. However, you do have the right to make a complaint at any time to your data protection supervisory authority; in the UK this is the Information Commissioner’s Office (ICO) (www.ico.org.uk).
When we refer to data protection laws in this policy, we are referring primarily to (i) the GDPR (Regulations (EU) 2016/679 (the General Data Protection Regulations)); (ii) the UK Data Protection Act 2018; (iii) the UK GDPR (the GDPR as implemented into UK law); and (iv) the Privacy and Electronic Communications Regulations 2003.
Information We Collect From You Or Others
How and what information might you give us?
You may provide us with information about you when you:
- search for or purchase a product or service;
- order or use our products or services;
- contact us (for example by phone, post, SMS or email) for any reason (for example, regarding one of our products, services or websites);
- register with one of our websites;
- request a demo, telephone call or other contact or order brochures or sign up to a newsletter;
- participate in discussion boards or other social media functions on our websites or enter a competition, promotion or survey.
The information youThe information you give us may include your name, job title, address, e-mail address and phone number, demographic information such as preferences and interests (as relevant to your request), username and password as well as other information relevant to surveys and/or offers. This basic account information helps us to provide you with access to our products, services and websites.
How and what information might we collect about you?
On each of your visits to our websites and as you interact with it we might automatically collect the following information about you or that could help to identify you:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- We also collect, use and share aggregated data such as statistical or demographic data. Aggregated data may be derived from your personal data but is not considered personal data in law as it does not reveal your identity. For example, we may aggregate your information about how you use the site to calculate the percentage of users accessing a specific website feature. However, if we combine or connect this information with any other information we hold about you such that the combined information could identify you then we will treat the combined data as personal data which will be used in accordance with this privacy notice and data protection laws.
What information do we receive from other sources?
- We might receive information about you from third parties (such as our service or product partners, analytics providers, search engine providers or advertising networks). If this is the case, those third parties should have told you (at the time you provided your data) that it may be shared with us.
Do we collect sensitive information about you?
- No – we do not collect any particularly sensitive data about you (known legally as “Special Categories” of personal data), for example, details about your race or ethnicity, religious or philosophical beliefs, political opinions or health data). Nor do we collect any information about criminal convictions and offences.
How We Use Your Information
We will only use the personal information you have provided or that we have collected (as set out above) if we lawfully have the right to do so. Usually, we will use your personal information for one of the following reasons (but we are entitled to rely on other, less common, legal basis under data protection laws):
- Where we need to in order to deliver products or services or to perform a contract we are about to enter into or have entered into with you or your employer.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation, court order or to exercise or defend claims.Where we need to comply with a legal or regulatory obligation, court order or to exercise or defend claims.Where we need to in order to deliver products or services or to perform a contract we are about to enter into or have entered into with you or your employer.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation, court order or to exercise or defend claims.
The table below sets out in more detail how we may use your personal data, and which of the legal bases we will likely rely on to do so. Note that we may process your personal data for more than one lawful ground. Please get in touch if you need details about the specific legal ground we are relying on to use your personal data.
|PURPOSE / ACTIVITY||TYPE OF DATA||LAWFUL BASIS FOR PROCESSING|
|To register you or your employer or company as a new customer||Identity Contact information||Performance of a contract.|
|To process and deliver an order or perform a service including: managing payments and collect payments, fees and charges; contacting you in respect of a project, product or service delivery; notifying you of any product or service-related matters||Identity Contact information||Performance of a contract: necessary for our legitimate interests (to recover debts due to us and manage customer relationships).|
|To manage our relationship with you or your employer or company which will include general contact to obtain feedback on our products, services and customer relations management||Identity Contact information||Performance of a contract: necessary for our legitimate interests (to keep our records updated and to understand how customers use our products/services).|
|To deliver relevant website content and advertisements to you and/or your employer or company and measure or understand the effectiveness of that marketing including to make recommendations to you about products or services that may be of interest to you or your employer or company||Identity Contact information
Technical information from websites
|Necessary for our legitimate interests (to understand how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).|
|To enable you to partake in a competition or complete a survey||Identity Contact information||Performance of a contract: necessary for our legitimate interests (to understand how customers use our products/services, to develop them and grow our business).|
|To administer our websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Identity Contact information
Technical information from websites
|Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise). Necessary to comply with a legal obligation.|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical||Necessary for our legitimate interests (to identify types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).|
When And How We Might Share Your Information
We may share your personal information with:
- any company within the K3 Group for the purposes set out in this notice (but mainly for performance of a contract with you or your employer or company or for relationship management);
- our professional advisors, service providers and agents (including their sub-contractors) or third parties which process information on our behalf (e.g. internet service and platform providers, payment processing providers) generally to enable us to perform our contract with you or your employer;
- partners, including system implementers, resellers, value-added resellers, independent software vendors and developers that may help us to provide you or your employer with the applications, products, services and information;
- third parties used to facilitate payment transactions;
- credit reference and fraud prevention agencies;
- regulatory, governmental and law enforcement bodies or as is reasonably required pursuant to legal proceedings or to comply with a legal obligation;
- other third parties for marketing purposes where we reasonably believe the products and services offered by those third parties may be of interest to you or your employer;
- to any prospective seller or buyer of such business or assets;
- anyone else you have consented to us sending information to.
Any such sharing shall be limited to the minimum necessary pursuant to the purpose of the sharing and shall otherwise be in accordance with data Any such sharing shall be limited to the minimum necessary pursuant to the purpose of the sharing and shall otherwise be in accordance with data protection law. Should you require specific details of the identity of third parties we share your personal information with, please contact us on the details at the end of this privacy notice.
Where We Store Your Personal Data
The data that we collect from you will usually be stored on our secure servers in the United Kingdom (the “UK”) (or on our partners’ secure servers on our behalf) which is governed by strict data protection laws. Your personal data may also be stored in or accessed by staff who work for us or one of our suppliers or partners who are located in the European Economic Area (“EEA“) which is also governed by strict data protection laws.
However, your personal data may be transferred to, and stored at, a destination outside the UK and EEA. It might also be processed by staff operating outside the UK and EEA who work for us or for one of our suppliers or partners. By submitting your personal data or continuing to access our websites, products and services you agree to this transfer, storing or processing. If we do transfer your data outside of the UK and EEA, or if we transfer your data from the EEA to the UK, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice and our legal obligations under data protection laws by using one of the following approved safeguards:
- By only transferring personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission and/or the UK Government (as applicable).
- By implementing contracts or contract terms approved by the European Commission and/or the UK Government (as applicable) which give personal data the same protection it has in the EEA/UK.
- By implementing any other appropriate safeguarding mechanism that may be approved by the European Commission and/or the UK Government (as applicable) for the transfer of personal data.
We take numerous measures to safeguard the collection, transmission and storage of the data we receive and collect and we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They are contractually required to only process your personal data on our instructions and they are subject to a duty of confidentiality.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our products, services or websites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Although we employ reasonable security protection (appropriate to the sensitivity of the data in question) we are unable to guarantee or warrant the security of the information we receive or collect. In particular, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee or be held responsible for the security of your data transmitted to us (including to our websites) and any transmission is at your own risk.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so and in the required timescales.
How Long Will We Keep Your Personal Data?
We will only retain your personal data for as long as necessary for the purposes we collected it (or have told you we will use it) for. You also have the right to request that the data we hold about you be erased.
When considering how long we will keep your personal data we will look at the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means. We will never keep data for longer than we are allowed to under data protection law.
We may also retain information (to the extent permitted by law) in order to comply with any legal, accounting, or reporting requirements, prevent fraud, collect charges, resolve disputes and enforce any contractual obligations.
Communication, engagement and actions taken through external social media platforms that K3 Group members participate on are subject to the terms and conditions as well as the privacy policies held with each social media platform respectively.
We suggest that you use social media platforms wisely and with regard to your own privacy and personal details. We will never ask for personal or sensitive information through social media platforms and would encourage you to discuss sensitive details through primary communication channels such as by telephone or email instead.
Our websites may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Before using such social sharing buttons please be aware that you do so at your own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Our websites may, from time to time, contain links to and from the websites, plug-ins and applications of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that we do not have any control over these websites and they have their own privacy policies – we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Cookies And Similar Technologies
We use the information gathered to monitor traffic patterns and visitors’ behaviour and preferences and to report statistical information internally in order to optimize our web-based services and provide you with a tailored browsing experience. More detail on this activity is set out above under “How we use your information”.
Other cookies may be stored to your device’s hard drive by external vendors when our websites use referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
More information regarding cookies and how you can control them can be found here.
You can request to exercise your rights in respect of your personal data including:
- the right to access to information held about you;
- the right to have the data we hold updated or corrected or erased.
You can do this in accordance with the process under data protection law (including GDPR and the UK GDPR) and guidance on this can be found at https://ico.org.uk/ or (if outside of the UK) in guidance issued by your local data protection authority.
In particular, you have the right to ask us and/or third parties not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by emailing the address at the end of this privacy notice.
If you wish to correct, update or otherwise change the information you have given to us, or if you would like to make an objection to our use of this information, please contact us at the e-mail address below.
In addition, our web site allows users to choose if they would like to receive our newsletters and other information about new features, events, and services. You can at any time unsubscribe from our newsletters by emailing the address at the end of this privacy notice with “Unsubscribe” in the subject line, or use the unsubscribe function in one of our newsletters.
The K3 group has offices across the EEA and UK and, accordingly, we have not appointed any third-party UK or EEA representatives to act on our behalf (including liaising with you and regulatory authorities) regarding the exercise of your rights under data protection law. If you have any queries regarding the exercise of those rights, please contact us at the K3 central email address below.
Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice. Any previous versions of this notice can be accessed at the bottom of this page.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to firstname.lastname@example.org.