Last Updated: May 2018
In this policy, “we”, “us” and “our” refer to Kong365 Ltd, Unit 21 Tollgate, Hampshire, SO53 3TG, UK.
We (Kong365 Ltd) are the data controller for the purposes of this policy, the Data Protection Act 1998 and the EU General Data Protection Regulation (the 'GDPR').
1.1. We are committed to protecting the personal data that we hold and use and to respecting your privacy.
1.2. This policy and other documents that we may refer to within this policy describes the data that we collect from you or about you, and the way we may use it from time to time.
1.3. This policy applies where we are acting as a data controller; in other words, where we are determining where and how we use the personal data you provide to us.
2. How we use your personal data:
In section 2 we describe:
- The types of data we may collect and/or process;
- The source of data we may collect;
- The purposes for which we may process that personal data and the legal basis of that processing.
2.1. The types of personal data we may collect:
- Technical data about your use our websites. This may include your IP address, geographical location, details of your browser type and version, your operating system, referral source. Also information about how you use our website such as pages you view and duration of your visit.
- Account data such as your email address and login password if you are registered on our websites.
- Profile data that you voluntarily provide to us, such as your name, address, telephone number and date of birth.
- Transaction data, including your and your customers' credit or debit card details for the purpose of completing a transaction to use the services available through our websites.
- Service data that you provide for the purpose of fulfilling the service that you purchase through our websites. Specifically, data about your products, customers and orders.
- Correspondence data, such as transcripts of any conversations you may have with us, for the purpose of providing you with assistance when using our websites or services.
2.2. The source of data we may collect:
Data we collect may be from one of the following sources:
- Directly from you: Information you voluntarily provide when using our websites (for example, when you register, buy a service, leave a review or contact our customer service team). This includes information you may provide about the recipient of the parcel such as their name, address, email and telephone number.
- From other sources: We work closely with third parties providing services to us, and we may receive information about you from them, for example:
- sub-contractors providing services facilitating payment; sub-contractors providing delivery services for your parcel(s);
- social networking platforms;
- analytics providers;
- search information providers;
- Through your browser or device, or through our servers:
- Your browser automatically discloses certain information to us when you use our websites (see Section 2.1.A for examples).
- Our servers may log your IP address and the pages you view on our websites.
2.3 The purposes for which we may process that personal data and the legal basis of that processing:
We may use your data for a variety of purposes related to the products and services we provide. The legal basis for such processing is set our below:
|Why we use your data||Lawful Basis|
|To perform our contract with you||To comply with legal obligations||To pursue legitimate interests|
|To provide you services under our terms and conditions||X|
|To verify your identity||X||X||X|
|To deal with enquiries or complaints you have||X||X|
|To detect and prevent fraud and other crimes||X|
|To make improvements to services we provide||X|
|To let you know about important changes to our policies||X|
|Management purposes such as accounting, or auditing||X||X|
|To review and improve your experience on our website||X|
|To ensure the information we hold about you is up to date||X||X|
|For advertising and marketing purposes||X|
3. How we share your data:
We will never sell, rent or swap your personal data or give it to anybody else for them to use for their own purposes without making that clear to you. There are however various ways in which we will share your data:
3.1. We may disclose your personal data to any member of our group of companies (including subsidiaries or our holding company) insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.2. We may disclose your personal data to suppliers and contractors insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.3. We may disclose your personal data to payment service providers in order to process payment for services or otherwise insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.4. We may disclose your personal data where necessary for compliance with our own legal or regulatory obligations.
3.5. International transfer of your data: We do not transfer any of your data outside the EEA.
4. Security & retention of your personal data:
4.1. We take data security very seriously. We have implemented various strategies, controls and measures to protect and keep secure your data and regularly review those measures. For example, all transfer of data between your browser and our websites are encrypted with SSL technology and payment card data is protected in accordance with the industry approved security controls, the Payment Card Industry (“PCI”) Data Security Standard.
4.2. We will only retain your data for as long as is necessary for the purposes outlined in this policy. The periods for which we retain data vary according to the type of data and the purpose for which we originally collected it. For example, certain transaction data may be retained for many years to comply with our legal obligations, and other data may be kept for a different period because it’s in our legitimate interests to do so in order to provide a good service.
Our internal data retention policy is regularly reviewed. Once a retention period has elapsed any data held is deleted securely.
5. Your Rights:
The law gives you a number of rights to your personal data and our use of it. You have the right:
5.2. To see what personal data we hold about you and find out how we process the data.
5.3. To ask us to update personal data we hold about you.
5.4. To ask us to delete your personal data (in some circumstances) without unnecessary delay. For example you may request erasure include when that is in relation to consent-based processes such as direct marketing, however we reserve the right to retain data where necessary for us to complete our regulatory or other legal compliance obligations.
5.5. To ask us to stop using your data if you don’t believe we have a right to use it.
You also have the right to complain about our use of your personal data. You may do so in the EU member state that you live, your place of work or the place of the alleged infringement.
6. How to contact us:
If you have any questions or concerns regarding your personal data you are welcome to contact us:
6.1. By post to Kong365 Ltd, Unit 21, Tollgate, Chandler’s Ford, Hampshire, SO53 3TG, United Kingdom.
6.2. By email at firstname.lastname@example.org.
7. Amendments to this policy:
7.1. We may update this policy from time to time, all new version will be published on our website.
7.2. We may email you to inform you of changes to this policy.
7.3. You should check our website occasionally to check for any updates or changes to this policy.