Please read the following carefully to understand our views and practices, and if you have any questions please do not hesitate to contact our Data Protection Officer by one of the means listed under the Contact Information section at the end of this document.
Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Information that we collect
Most of the data we collect and hold about you is for the purpose of providing you with products and/or services, ensuring you have the best possible customer experience with Ikiji and to help us improve our service in the future.
Generally speaking, we gather and process personal information for one or more of the following reasons:
Provide you with services and products
Process payments/financial transactions
Carry out credit checks
Verify your identity
Comply with required legal obligations
Communicate with you regarding your services and/or products
To be able to deliver our products and provide services
Process financial transaction such as credit card or direct debit payments
Information you provide us at sign-up
Contact information: such as name, address, email address, telephone number and security information.
Financial information: such as debit/credit card or bank account details. Note, we do not store these on our servers but instead pass them on securely to our payment partners for processing.
Information captured while we provide you services
Customer service data: when you get in touch by phone, email or support ticket then we record and review the majority of these communications so we can provide the best possible service to you and all our members and so we can show evidence of transactions or events.
Processing your information
We have set out below, a table describing the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To register you as a new customer||
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
To manage our relationship with you which will include:
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||
|To make suggestions and recommendations to you about goods or services that may be of interest to you||
Sharing your information
When we share your information
We may share your information with third parties for the reasons outlined in 'Processing your information’ above.
These third parties include, but are not limited to: -
• Suppliers with whom we have carefully selected and entered into agreements with in order to support us in the delivery of the products and services we offer to our customers (e.g. Stripe, GoCardless, Kashflow)
• Our regulators (e.g. Ofcom, Nominet, ICANN) and the Information Commissioner’s Office for the UK (the ICO)
• Law enforcement and credit, risk & fraud agencies for the prevention and detection of criminal activities
• HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance
Whenever we share your personal information, we will do so in line with our principles and obligations outlined in this policy, all of which are designed to keep your information safe and secure. We will never sell your details to someone else.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
When you share your own information
Sometimes you may share your information publicly, such as by posting on our on social media sites. Remember, when you share information publicly it may become accessible through search engines.
Where your information is processed
The majority of your information is processed in the UK and European Economic Area (EEA). Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. the third party processing your information operates under the EU-US Privacy Shield agreement.
You’re in control of your information
It is important that the personal data we hold about you is accurate and current, and we therefore ask that if your personal data changes during your relationship with us, that you ensure it is updated. You can do this via the self-service portal at https://portal.ikiji.com, alternatively please contact us using the Contact Information details listed at the end of this document.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights are listed below:
Request access to your personal data.
Request correction of your personal data.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing your personal data.
Request transfer of your personal data.
Right to withdraw consent.
If you wish to exercise any of the rights set out above, you can contact us during normal business by one of the means listed in the Contact Information section later in this document.
You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under these circumstances.
Whilst we cannot ensure or guarantee that unauthorised access to or unauthorised alteration, disclosure or loss of information will never occur, we work hard to prevent it. In particular:
We use encryption to keep your data private while in transit (always check for the ‘s’ in the https:// in your browser address bar to show you are using a secure connection)
Your account information is protected for your privacy and security. Either this is through a password you have chosen, or a secure system generated one which has been provided to you. Ikiji personnel will never ask for your password.
To help keep your account and your personal information secure you should not disclose your password details to anyone. You should also make sure your Ikiji account password is different from any other system passwords you use. We recommend you change your passwords on a regular basis.
We review our practices for collecting, processing and storing personal information, including physical security measures, to guard against unauthorised access to systems and backups to prevent the loss of information. We will continue to enhance our security procedures as new technology becomes available.
We restrict access to personal information wherever possible to people who need to know that information to process it and who are subject to contractual confidentiality requirements.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so, and within the required legal timelines.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
Retention of information
We keep the personal information we collect for no longer than is necessary for the purposes for which we collected it.
The length of time depends on the purposes for which we use it, or otherwise to meet our legal obligations.
We will delete any information as soon as we no longer have a valid reason to hold it. If this is not possible (for example, because your personal information has been stored in backup archives or to comply with tax, accounting and financial reporting obligations), then we will securely store your personal information until deletion is possible.
Use by Minors
None of our products or services are directed to individuals under the age of thirteen (13), and we request that they not provide personal data by any means to Ikiji.
About this policy
For the purposes of this Policy, "we", "us", "our" and "Ikiji" means Ikiji Ltd. Unless otherwise stated, Ikiji is the Data Controller for your personal data.
This Policy applies to how we use your information in relation to our products and services generally.
This Policy doesn't apply to other companies' sites which may link to ourselves. Please be vigilant and make sure you've read their policy before putting your personal information into their site.
Changes to this policy
Last updated on: 25 May 2018
Below you can find the details on how to talk to Ikiji’s Data Protection Officer should you have any queries, issues or concerns in relation to your personal information which we control, and process as outlined in this policy.
Data Protection Officer
1b Ruthrie Terrace
Phone: 0345 0 95 00 50
Ikiji Ltd (SC237116) is registered with the Information Commissioner’s Office on the Data Protection Register, under ZA165831
We will always strive to resolve any complaint you may have in relation to how we handle your personal data quickly, professionally and in a timely manner.
However, if you feel we have failed along the way, and cannot proceed further with ourselves directly, then it is within your rights to file a complaint with the ICO. Their details can be found on their website.