Privacy Policy

AKA the things we are legally required to have written on our website somewhere

Privacy Policy

AKA the things we are legally required to have written on our website somewhere

For the purposes of this notice “the Company”, “we”, “us” “our” etc. refers to Kensa Creative Ltd. Kensa Creative Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, you can be assured that it will only be used in accordance with this privacy notice.

Kensa Creative may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 14/05/2024.

Relevant Legislation
We commit to comply with the following national and international legislation in relation to data protection and user privacy:

UK Data Protection Act 2018 (DPA)
EU General Data Protection Regulation 2016 (GDPR)
Australian Privacy Act 1988 (APA)

This privacy policy sets out how Kensa Creative uses and protects personal data including:

  1. the type of personal data we collect
  2. how we obtain personal data
  3. how we use personal data
  4. The legal basis for processing personal data.
  5. Keeping your data safe
  6. The length of time that we will retain the data.
  7. Sharing your data
  8. Your rights to limiting the use and disclosure of your personal data
  1. The type of personal data we collect

Personal data means any information capable of identifying an individual. It does not include anonymised data. We may process the following categories of personal data about you:

Category of Data Type of Data
Contact Data includes information such as: name, address, phone number, email, social media handle etc
Communication Data Any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other channel
Customer Data Data relating to any quote/purchase/payment for our services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details.
User/Technical Data Data about how you use our website such as your IP address, browser details, length of visit to pages on our website, page views and navigation paths. This data is gathered from analytics
Marketing Data Data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to tailor our communications and advertisements to you, to deliver relevant website content and advertisements and measure or understand the effectiveness of this advertising.
We may collect aggregated data. Aggregated Data may be derived from personal data but is not considered personal data as it does not directly or indirectly reveal your identity. E.g. we may aggregate user data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data meaning that it can directly or indirectly identify you, this would then be personal data used in accordance with this privacy notice.
  1. How we obtain personal data

The information obtained is dependent on the services we provide or the nature of our engagement. Most of the personal information we process is provided to us directly by you. Information will be collected at any time that it is provided to us, including when you register with us or agree to use our services, from records of our correspondence or phone calls, or when you voluntarily complete forms or customer surveys, provide feedback etc.

  1. How we use personal data

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping via our secure Customer Relationship Management platform Accelo, who are a third party data processor. As a chosen third party data processor, we have ensured they comply with EU legislation and are EU-U.S Privacy Shield compliant
  • To improve our services
  • If you have chosen to opt-in, we will periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
  • We may forward your supplied email address to our MailChimp account, who provide us with email marketing services. As a chosen third party data processor, we have ensured they comply with EU legislation and are EU-U.S Privacy Shield compliant
  • We may forward your supplied email address to our Quotient, who provide us with quoting services. Quotient stores your data securely within Amazon Web Services (AWS), located in the US. They have a Data Processing Agreement with AWS that commits to the Model Contract Clauses, as set out in the GDPR.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail
  • We may use the information to customise our website according to your interests

We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. We will only process personal data without your consent where this is required or permitted by law.

  1. Legal basis for processing your personal data

The legal basis under which we process personal data is dependent on the nature of the data in question and the context in which it is being processed. In many cases however, personal information is processed on the basis of one, or more of the following:

* With consent

** To meet our contract obligations in providing a service to you

*** In accordance with our legitimate interests (provided your interests and fundamental rights do not override those interests) – namely to grow or improve our business and services.

**** To comply with our legal obligations

Purpose Type of data Basis
Registering a new customer/setting up an account with us Contact Data, Communication Data, Customer Data and Marketing Data

*

**

***
To manage our relationship with you, including: providing you with information and services that you request from us; notifying you about changes to our services, terms and conditions or privacy notice; asking you to leave a review or take a survey. Contact Data, Communication Data, Customer Data, User/Technical Data, Marketing Data

*

**

***
To deliver relevant website content, online advertisements and information for you; and measure the effectiveness of the advertising provided. Marketing Data, User/Technical Data, Customer Data ***
To use data analytics to: improve our website, services, marketing, customer relationships and experiences; and for market research, statistical and survey purposes Communication Data, User/Technical Data, Marketing Data ***
To recommend services, discounts and offers that may be of interest to you, including to send you such information by email, post or SMS. Contact Data, Communication Data, Customer Data, User/Technical Data, Marketing Data

*

**

***
Administering the contract we have entered into with you. Contact Data, Communication Data, Customer Data, Marketing Data

*

**

***

****
To communicate with you following your enquiry via ‘get in touch’ on our website Contact Data, Communication Data, Marketing Data

*

***
To sign you up to the Kensa newsletter following your request Contact Data, Communication Data, Marketing Data

*

***
When you register for one of our free downloadable guides via our website Contact Data, Communication Data, Marketing Data

*

***
When you contact us direct on our dedicated hello@kensa-creative.com email address Contact Data, Communication Data

*

***
When you get in touch via telephone Contact Data, Communication Data

*

**

***

When you share one of your business cards with us

 

 Contact Data, Communication Data

*

***

When you apply for a job vacancy with us

 

 Contact Data, Communication Data, Marketing Data

*

***

When you connect with one of the team on social media channels e.g. Linkedin

 

 Contact Data, Communication Data, Marketing Data

*

***

To administer, protect and improve our business and our website/app, including: troubleshooting, data analysis, testing, system maintenance, support, data analysis, reporting and hosting of data; setting default options for you, such as language and currency

 

 Contact Data, Communication Data, Customer Data, User/Technical Data, Marketing Data

***

****
  1. Keeping your data safe

We have appropriate organisational safeguards and security measures in place to protect your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. The communication between browsers and our website uses a secure encrypted connection wherever your personal data is involved. We require any third party who is contracted to process your personal data on our behalf to have security measures in place to protect your data and to treat such data in accordance with the law. In the unfortunate event of a personal data breach, we will notify you and all relevant persons and authorities within 72 hours of the breach when we are legally required to do so.

Our website is hosted by WP Engine who are a trusted WordPress host. They offer high speed, reliability and peace of mind.

  1. The length of time we retain your data

We will keep your personal data for no longer than is necessary for the purpose(s) it was provided for and in line with our legal obligations. Further details of the periods for which we retain data are documented in our Data Retention Policy and are available upon request.

  1. Sharing your data

where you have consented for us to do so e.g. you have consented to receive marketing materials from third parties, or in respect of third parties products and services, we may pass your data on to the relevant third parties such as business partners, suppliers, sub-contractors and other third parties that we use in connection with the running of our business including:

  • third party service providers that we engage to provide IT systems and software, and to host our website;
  • third party payment processing services
  • third party service providers that we engage to deliver products/services you have ordered/requested
  • third party service providers that we engage to send emails and postal mail on our behalf including in relation to incomplete orders or abandoned requests, or marketing communications, to provide data cleansing services and to provide marketing and advertising services
  • analytics and search engine providers that assist us in the improvement and optimisation of our website
  • affiliate networks through whom you have accessed our website
  • to any third party to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
  • to protect our customers and website from fraud and theft, we may share personal data that is required to make identity checks and personal data that we obtain from making identity checks
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation
  • to our professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.

Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, please be aware that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should refer to the privacy statement applicable to the website in question.

  1. Your rights to limiting the use and disclosure of your personal data

Under data protection laws you have rights in relation to your personal data. You may have a right to request:

  • a copy of the information that we hold about you (‘subject access request’ (SAR))
  • that anything inaccurate in your personal data is corrected (‘rectification’)
  • that we remove your personal data (‘right to erasure’)
  • that we use your personal data only in specific circumstances (‘restriction’)
  • that we stop processing your personal data (‘object’)
  • to get your personal data so you can reuse it across different services (‘data portability’)

You may also have rights in relation to automated decision-making and profiling.

You can find more information on your rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out above, please contact us using the Contact Details below.

If you are not happy with any aspect of how we collect and use your data, we would ask you to contact us so that we can try to resolve the issue for you. However, should you be unhappy with how we deal with your request, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details can be found at: www.ico.org.uk

Contact Details

Data Protection Officer – Rich Hughes

Address:
Kensa Creative Ltd,
The Idea Factory,
Hortonwood West,
Queensway,
Telford,
TF1 6AH

Email: hello@kensa-creative.com

Telephone: 01952980721

Last Updated: 28 / 05 / 2024