Intro

We know the providing personal information is an act of trust, and we take that seriously here at Ikiji. This Privacy Policy aims to detail what information we collect, how we use it, and demonstrate our commitment towards protecting & securing personal data. After all, the team at Ikiji are people too and we live by the “treat others how you’d like to be treated” moto.

Please read the following carefully to understand our views and practices, and if you have any questions please do not hesitate to contact our Data Protection Officer by one of the means listed under the Contact Information section at the end of this document.

Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Information that we collect

Most of the data we collect and hold about you is for the purpose of providing you with products and/or services, ensuring you have the best possible customer experience with Ikiji and to help us improve our service in the future.

Generally speaking, we gather and process personal information for one or more of the following reasons:

  • Provide you with services and products

  • Process payments/financial transactions

  • Carry out credit checks

  • Verify your identity

  • Comply with required legal obligations

  • Communicate with you regarding your services and/or products

  • To be able to deliver our products and provide services

  • Process financial transaction such as credit card or direct debit payments

Information you provide us at sign-up

  • Contact information: such as name, address, email address, telephone number and security information.

  • Financial information: such as debit/credit card or bank account details. Note, we do not store these on our servers but instead pass them on securely to our payment partners for processing.

Information captured while we provide you services

  • Customer service data: when you get in touch by phone, email or support ticket then we record and review the majority of these communications so we can provide the best possible service to you and all our members and so we can show evidence of transactions or events.

  • Technical data: such as IP addresses (including the general information in such address, such as city, county and postcode) and browser session identifiers to keep you logged in when navigating across the customer portal pages. More detail is set out in our Cookie Policy.

Processing your information

We have set out below, a table describing the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer
  • Identity

  • Contact

  • Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

(b) Collect and recover money owed to us

  • Identity

  • Contact

  • Financial

  • Transaction

  • Marketing and Communications

  • Performance of a contract with you

  • Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

  • Identity

  • Contact

  • Profile

  • Marketing and Communications

  • Performance of a contract with you

  • Necessary to comply with a legal obligation

  • Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Identity

  • Contact

  • Technical

  • Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

  • Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
  • Identity

  • Contact

  • Profile

  • Usage

  • Marketing and Communications

  • Technical

  • Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
  • Technical

  • Usage

  • Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you
  • Identity

  • Contact

  • Technical

  • Usage

  • Profile

  • Necessary for our legitimate interests (to develop our products/services and grow our business)

 

Sharing your information

When we share your information

We may share your information with third parties for the reasons outlined in 'Processing your information’ above.

These third parties include, but are not limited to: -

• Suppliers with whom we have carefully selected and entered into agreements with in order to support us in the delivery of the products and services we offer to our customers (e.g. Stripe, GoCardless, Kashflow)

• Our regulators (e.g. Ofcom, Nominet, ICANN) and the Information Commissioner’s Office for the UK (the ICO)

• Law enforcement and credit, risk & fraud agencies for the prevention and detection of criminal activities

• HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance

Whenever we share your personal information, we will do so in line with our principles and obligations outlined in this policy, all of which are designed to keep your information safe and secure. We will never sell your details to someone else.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

When you share your own information

Sometimes you may share your information publicly, such as by posting on our on social media sites. Remember, when you share information publicly it may become accessible through search engines.

Where your information is processed

The majority of your information is processed in the UK and European Economic Area (EEA). Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. the third party processing your information operates under the EU-US Privacy Shield agreement.

You’re in control of your information

It is important that the personal data we hold about you is accurate and current, and we therefore ask that if your personal data changes during your relationship with us, that you ensure it is updated. You can do this via the self-service portal at https://portal.ikiji.com, alternatively please contact us using the Contact Information details listed at the end of this document.

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights are listed below:

  • Request access to your personal data.

  • Request correction of your personal data.

  • Request erasure of your personal data.

  • Object to processing of your personal data.

  • Request restriction of processing your personal data.

  • Request transfer of your personal data.

  • Right to withdraw consent.

If you wish to exercise any of the rights set out above, you can contact us during normal business by one of the means listed in the Contact Information section later in this document.

You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under these circumstances.

Information security

Whilst we cannot ensure or guarantee that unauthorised access to or unauthorised alteration, disclosure or loss of information will never occur, we work hard to prevent it. In particular:

  • We use encryption to keep your data private while in transit (always check for the ‘s’ in the https:// in your browser address bar to show you are using a secure connection)

  • Your account information is protected for your privacy and security. Either this is through a password you have chosen, or a secure system generated one which has been provided to you. Ikiji personnel will never ask for your password.

  • To help keep your account and your personal information secure you should not disclose your password details to anyone. You should also make sure your Ikiji account password is different from any other system passwords you use. We recommend you change your passwords on a regular basis.

  • We review our practices for collecting, processing and storing personal information, including physical security measures, to guard against unauthorised access to systems and backups to prevent the loss of information. We will continue to enhance our security procedures as new technology becomes available.

  • We restrict access to personal information wherever possible to people who need to know that information to process it and who are subject to contractual confidentiality requirements.

  • We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so, and within the required legal timelines.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.

Retention of information

We keep the personal information we collect for no longer than is necessary for the purposes for which we collected it.

The length of time depends on the purposes for which we use it, or otherwise to meet our legal obligations.

We will delete any information as soon as we no longer have a valid reason to hold it. If this is not possible (for example, because your personal information has been stored in backup archives or to comply with tax, accounting and financial reporting obligations), then we will securely store your personal information until deletion is possible.

Use by Minors

None of our products or services are directed to individuals under the age of thirteen (13), and we request that they not provide personal data by any means to Ikiji.

About this policy

For the purposes of this Policy, "we", "us", "our" and "Ikiji" means Ikiji Ltd. Unless otherwise stated, Ikiji is the Data Controller for your personal data.

This Policy applies to how we use your information in relation to our products and services generally.

This Policy doesn't apply to other companies' sites which may link to ourselves. Please be vigilant and make sure you've read their policy before putting your personal information into their site.

Changes to this policy

The most up to date version of Ikiji Ltd’s Privacy Policy can always be found on this website. We reserve the right to update this Policy at any time. Any copies downloaded, printed or taken offline in any other format are uncontrolled and may not be current.

Last updated on: 25 May 2018

Contact information

Below you can find the details on how to talk to Ikiji’s Data Protection Officer should you have any queries, issues or concerns in relation to your personal information which we control, and process as outlined in this policy.

Email: dpo@ikiji.com
Mail:
Data Protection Officer
Ikiji Ltd
1b Ruthrie Terrace
Aberdeen,
AB10 7JY
Phone: 0345 0 95 00 50

Ikiji Ltd (SC237116) is registered with the Information Commissioner’s Office on the Data Protection Register, under ZA165831

Complaints

We will always strive to resolve any complaint you may have in relation to how we handle your personal data quickly, professionally and in a timely manner.

However, if you feel we have failed along the way, and cannot proceed further with ourselves directly, then it is within your rights to file a complaint with the ICO. Their details can be found on their website.