This policy regulates the practices of Kabru management of personal information collected from our website.
The purpose of this policy is to outline the transparency and practices we apply under the General Data Protection Regulation (GDPR) and any subsequent UK legislation covering data protection.
Please be aware for the purposes of the Data Protection Legislation we are the data controller.
Collection and Use of Personal Information through our Website
Kabru generally collects and uses personal information from or about its website users as follows:
- Information provided by users. In many cases, Kabru collects personal information directly from users when they visit or use the website. For instance, Kabru may collect the following types of information:
- Inquiries and Build-My-Benchmark. Kabru may collect users’ name, contact information, e-mail address and any other information provided when users make an inquiry or contact Kabru through the website, when users sign up to receive Kabru newsletter and when users partake in the Build-My-Benchmark. Kabru will only use this information to process and answer users’ request or to manage everyday business needs through Kabru or our Delivery Partners based on Users geographical location.
- Personalisation of Website. When users visit the website, they may, from time to time, be invited to provide information such as user’s title to help Kabru personalise or customise the users experience when using the website.
- Registration to events. When users register for an Kabru event, they will provide contact details, email, company name, job title, address and payment details. Kabru does not retain this information as it is processed through a 3rd party (Eventbrite).
- Shop. When users makes a purchase for the kabru shop, they will provide contact details, email, company name, job title, address and payment details. Kabru does not retain this information as it is processed through a 3rd party. (Stripe).
- Personal Information from other Sources. Kabru may obtain from third parties additional personal information about a website user if such user gave permission to those third parties to share its information.
When users visit the website, Kabru may collect, using electronic means such as cookies, technical information. This information may include information about visits to the website, including the IP address of the users’ computer and which browser was used to view the website, the users’ operating system, resolution of screen, location, language settings in browsers, the site the user came from, keywords searched (if arriving from a search engine), the number of page views, information entered, advertisements seen, etc. This data is used to measure and improve the effectiveness of the website or enhance the experience for users. While most of the time this information is depersonalised, if this information relates to an identifiable individual, Kabru will treat this information as personal information. Kabru may also, without limitations, collect and use the following type of information when users visit and/or interact with Kabru on the website:
- Google Analytics: Kabru uses Google Analytics which allows it to see information on user website activities including, but not limited to, page views, source and time spent on our website. This information is depersonalized and is displayed as numbers, meaning that it cannot be tracked back to individuals. Users may opt-out of Kabru’s use of Google Analytics by visiting the Google Analytics opt-out page.
- Google AdWords: Kabru uses Google AdWords Remarketing to advertise Kabru across the Internet and to advertise on third party websites (including Google) to previous visitors to the website. AdWords remarketing will display ads to users based on what parts of the Kabru website they have viewed by placing a cookie on the users’ web browser. It could mean that Kabru advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the user or give access to the users’ computer or mobile device. The cookie is only used to indicate to other websites that the user has visited a particular page on the website, so that they may show the user ads relating to that page. If users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager
- Ontraport We use a Customer Relationship Management service called “Click Dimensions”. This system sets cookies in your browser to enable us to understand user behaviour, improve our service and provide users with more relevant information. For more information about Click Dimensions please visit their website.
- Privacy Policies of other Websites. This Policy only addresses the use and disclosure of information by Kabru. Other websites that may be accessible through the website have their own privacy policies and data collection, use and disclosure practices.
Sharing of Personal Information
Kabru will not sell, rent or trade personal information to any third party. However, Kabru may share personal information when authorised and/or required by law or as follows:
- Service providers (Delivery Partners). Kabru may grant access to personal information to third party service providers (Delivery Partners) in connection with the delivery of our website data, Kabru will ensure that the third party maintains reasonable data management practices for maintaining the confidentiality and security of personal information and preventing unauthorised access.
- As permitted or required by law. Kabru may disclose personal information as required by applicable law or by proper legal or governmental authority. Kabru may also disclose information to its accountants, auditors, agents and lawyers in connection with the enforcement or protection of its legal rights. Kabru may also release certain personal information if we are under any legal obligation to do so.
Security of Personal Information
- Kabru will store and process the personal information in a manner consistent with industry security standards. kabru has implemented technical, organisational and administrative systems, policies, and procedures to help ensure the security, integrity and confidentiality of personal information and to mitigate the risk of unauthorised access to or use of personal information, including
- appropriate administrative, technical and physical safeguards and other security measures designed to ensure the security and confidentiality of the personal information it manages;
- a security design intended to prevent any compromise of its own information systems, computer networks or data files by unauthorised users, viruses or malicious computer programs;
- appropriate internal practices including, but not limited to, encryption of data in transit; using appropriate firewall and antivirus software; maintaining these countermeasures, operating systems and other applications with up-to-date virus definitions and security patches so as to avoid any adverse impact to the personal information that it manages; appropriate logging and alerts to monitor access controls and to assure data integrity and confidentiality; permitting only authorised users access to systems and applications; and
- all persons with authorised access to personal information must have a genuine business need-to-know prior to access (“Security Program”).
Training and Supervision
Kabru maintains adequate training programs to ensure that its employees and any others acting on its behalf are aware of and adhere to its Security Program. Kabru shall exercise necessary and appropriate supervision over its relevant employees to maintain appropriate confidentiality and security of the personal information it manages.
How to Contact Us
Any questions or complaints regarding this Policy or Kabru handling of personal information can be addressed by sending an email firstname.lastname@example.org.
Kabru will review and update its policies and procedures as required to keep current with rules and regulations, new technologies, standards and customer concerns. This Policy may therefore change from time to time.
This Policy was last updated on 1 September 2018.