Privacy Policy

Intro

We know the providing personal information is an act of trust, and we take that seriously here at Ikiji. This Privacy Policy aims to detail what information we collect, how we use it, and demonstrate our commitment towards protecting & securing personal data. After all, the team at Ikiji are people too and we live by the “treat others how you’d like to be treated” moto.

Please read the following carefully to understand our views and practices, and if you have any questions please do not hesitate to contact our Data Protection Officer by one of the means listed under the Contact Information section at the end of this document.

Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Information that we collect

Most of the data we collect and hold about you is for the purpose of providing you with products and/or services, ensuring you have the best possible customer experience with Ikiji and to help us improve our service in the future.

Generally speaking, we gather and process personal information for one or more of the following reasons:

Information you provide us at sign-up

Information captured while we provide you services

Processing your information

We have set out below, a table describing the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer
  • Identity

  • Contact

  • Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

(b) Collect and recover money owed to us

  • Identity

  • Contact

  • Financial

  • Transaction

  • Marketing and Communications

  • Performance of a contract with you

  • Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

  • Identity

  • Contact

  • Profile

  • Marketing and Communications

  • Performance of a contract with you

  • Necessary to comply with a legal obligation

  • Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Identity

  • Contact

  • Technical

  • Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

  • Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
  • Identity

  • Contact

  • Profile

  • Usage

  • Marketing and Communications

  • Technical

  • Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
  • Technical

  • Usage

  • Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you
  • Identity

  • Contact

  • Technical

  • Usage

  • Profile

  • Necessary for our legitimate interests (to develop our products/services and grow our business)

 

Sharing your information

When we share your information

We may share your information with third parties for the reasons outlined in 'Processing your information’ above.

These third parties include, but are not limited to: -

• Suppliers with whom we have carefully selected and entered into agreements with in order to support us in the delivery of the products and services we offer to our customers (e.g. Stripe, GoCardless, Kashflow)

• Our regulators (e.g. Ofcom, Nominet, ICANN) and the Information Commissioner’s Office for the UK (the ICO)

• Law enforcement and credit, risk & fraud agencies for the prevention and detection of criminal activities

• HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance

Whenever we share your personal information, we will do so in line with our principles and obligations outlined in this policy, all of which are designed to keep your information safe and secure. We will never sell your details to someone else.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

When you share your own information

Sometimes you may share your information publicly, such as by posting on our on social media sites. Remember, when you share information publicly it may become accessible through search engines.

Where your information is processed

The majority of your information is processed in the UK and European Economic Area (EEA). Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. the third party processing your information operates under the EU-US Privacy Shield agreement.

You’re in control of your information

It is important that the personal data we hold about you is accurate and current, and we therefore ask that if your personal data changes during your relationship with us, that you ensure it is updated. You can do this via the self-service portal at https://portal.ikiji.com, alternatively please contact us using the Contact Information details listed at the end of this document.

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights are listed below:

If you wish to exercise any of the rights set out above, you can contact us during normal business by one of the means listed in the Contact Information section later in this document.

You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under these circumstances.

Information security

Whilst we cannot ensure or guarantee that unauthorised access to or unauthorised alteration, disclosure or loss of information will never occur, we work hard to prevent it. In particular:

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.

Retention of information

We keep the personal information we collect for no longer than is necessary for the purposes for which we collected it.

The length of time depends on the purposes for which we use it, or otherwise to meet our legal obligations.

We will delete any information as soon as we no longer have a valid reason to hold it. If this is not possible (for example, because your personal information has been stored in backup archives or to comply with tax, accounting and financial reporting obligations), then we will securely store your personal information until deletion is possible.

Use by Minors

None of our products or services are directed to individuals under the age of thirteen (13), and we request that they not provide personal data by any means to Ikiji.

About this policy

For the purposes of this Policy, "we", "us", "our" and "Ikiji" means Ikiji Ltd. Unless otherwise stated, Ikiji is the Data Controller for your personal data.

This Policy applies to how we use your information in relation to our products and services generally.

This Policy doesn't apply to other companies' sites which may link to ourselves. Please be vigilant and make sure you've read their policy before putting your personal information into their site.

Changes to this policy

The most up to date version of Ikiji Ltd’s Privacy Policy can always be found on this website. We reserve the right to update this Policy at any time. Any copies downloaded, printed or taken offline in any other format are uncontrolled and may not be current.

Last updated on: 25 May 2018

Contact information

Below you can find the details on how to talk to Ikiji’s Data Protection Officer should you have any queries, issues or concerns in relation to your personal information which we control, and process as outlined in this policy.

Email: dpo@ikiji.com
Mail:
Data Protection Officer
Ikiji Ltd
12a Carden Place
Aberdeen,
AB10 1UR
Phone: 0345 0 95 00 50

Ikiji Ltd (SC237116) is registered with the Information Commissioner’s Office on the Data Protection Register, under ZA165831

Complaints

We will always strive to resolve any complaint you may have in relation to how we handle your personal data quickly, professionally and in a timely manner.

However, if you feel we have failed along the way, and cannot proceed further with ourselves directly, then it is within your rights to file a complaint with the ICO. Their details can be found on their website.