How Kelp Social Uses Your Data
An Introduction
The Kelp Social Privacy Policy covers your use of our Kelp Social App and Kelp Social Website and includes how GDPR rules govern our use of your data if you are an EU or UK national and what you should expect us to do to comply with EU, UK and global law.
Kelp Social really care about your personal data and fully support your right to privacy and we value the trust that you place in us when you share it with us.
To Ensure that we comply with Data Protection Laws we are required to make information very clear to our members and users and set out how we use your personal information in this Privacy Notice.
If you have any questions regarding the Kelp Social privacy statement or our use of your personal data, you can contact our Data Protection Manager at our registered address or via email at: data@kelpsocial.co.uk.
All data regardless of your location is stored on secure servers within the USA.
This privacy notice is not applicable to internal Kelp Social team members who should refer to internal data policies.
1.0 Who Are Kelp Social?
1.1 Kelp Social Ltd (the “Company”, “We”, “Our”, “Us”) provide social sharing and blogging services that include allowing users to interact and share content with other users.
1.2 The Company is registered in the UK: The registration number is 13181054.
1.3 Our registered address is 71-75 Shelton Street Covent Garden London WC2H 9JQ.
2.0 What is Personal Data?
2.1 Personal Data is data that relates to a living individual which by itself, or with other data available to us, can be used to identify you. Our company needs to process personal data so that we can offer and provide our services to you and we act as a “Controller” of the personal data we hold.
3.0 What Type of Personal Data is Being Collected and Why?
3.1 Kelp Social will collect and use the following personal data.
3.2 Members: (‘member’ includes users who pay a monthly or annual subscription to enjoy member benefits provided by Kelp Social partners) to provide platform access on Kelp Social, we may collect your Personal Data including:
- Your name
- Home address / location
- Contact telephone number(s)
- Email address
- Date of Birth / age
- Nationality (certain countries require us to record your nationality by law)
We may also process other information you may provide to us, such as in surveys and when you contact us / make enquiries.
Special Categories of Data – this covers sensitive personal information about an individual including race; ethnic origin; politics; religion; trade union membership; genetics; biometrics (where used for ID purposes); health; sex life; sexual orientation. Normally we will not ask you for the vast majority of this information. We may also be required to perform criminal and other background checks. Before collecting this information, we will ask for your explicit consent.
3.3 Partners: We need to collect and use information about our partners, suppliers, and others in the course of providing our services e.g., communicate requirements, agree procurement specifications, contractual discussions, to notify you of content published by the Company which is likely to be relevant and useful to you. This includes processing the personal data of individual contacts who we deal with at your organisation such as: Name, Work address, Contact telephone numbers, and Email address. We may also need to collect personal banking details and/or payment information so that we can charge for our services (if this is part of the contractual arrangements between us).
3.4 Suppliers: This includes partnerships and companies (including sole traders), independent contractors and freelance workers, who provide services to us. We need certain information from our Suppliers such as contact details of relevant individuals at your organisation such as: Name, Work address, Contact telephone numbers, Email address and Banking details so that we can pay for the services you provide.
3.5 Website Users: If you contact us via our website, we will collect information that you provide to us; your name and contact details, email address and telephone number for registration and process your username when you register. In addition, we collect a limited amount of data which we use to help us to improve your experience when using our Kelp Social App and/or website and to help us manage the services we provide on the platform. This includes information on how you use our website and the location you view our website from (IP address).
4.0 How is My Personal Data Collected?
4.1 Kelp Social collect personal data about you through various ways, both directly and indirectly which includes:
Data Subject | Direct from you | Indirect / 3rd party source * |
Site Users |
|
|
Clients and suppliers |
|
|
Website users |
|
|
Other people |
|
|
* depending on applicable laws and circumstances.
5.0 What Happens if I Do not Provide my Data?
5.1 The information enables Kelp Social to provide you with our member and non-member services.
5.2 Where you are obliged to provide personal data, or where we require your personal data to progress the service we provide, the consequences of failure to provide the data may be that:
- we will not be able to supply you with the service that you have requested.
- we may not be able to fulfil our contractual requirements.
- we may not be able to continue with our relationship.
6.0 What is the Lawful Basis for Processing my Data?
We will process your personal data under the following lawful bases.
6.1 Contractual Requirement
As necessary, Kelp Social will process your personal data for the performance of a contract or in order to take steps at your request prior to entering into a contract for the relevant member or non-member service, including;
- to engage with you to send and agree initial terms
- to enter into a contract and manage that contract
- to update your records
- for the performance of a contract with a third-party client.
6.2 Legitimate Interest
As necessary, the company will process your personal data for our own legitimate interest, or those of other persons and organisations which includes;
- For good governance, accounting, managing, and auditing of our business operations
- To monitor emails, calls and other communications, and activities related to our service provision
- To facilitate creation and manage online accounts
- For our internal administrative activities, such as invoicing where relevant
- To process or share your data in connection with crime detection, tax collection or actual or anticipated litigation
- For market research, analysis and developing statistics
** certain eligibility checks fall under a statutory / legal requirement.
6.3 Statutory Requirement
As necessary, the Company will process your personal data:
- For compliance with legal obligations and disclosures
- When you exercise your rights under the data protection laws
6.4 Consent
As necessary, the company will process your personal data with your consent:
- In certain circumstances which require us to ask for your consent to process your personal data in a particular way
To provide consent we will normally require you to provide written confirmation (e.g., email or completed consent form, or a tick box / web form). You have the right to withdraw consent at any time.
7.0 When and How Will I Be Informed?
7.1 When we engage with you for the first time, when you approach us, or visit our App and/or website(s), we will provide you with this privacy notice. If significant changes are made – we will inform you.
7.2 Where we gather your personal data prior to contacting you, we will:
- Inform you that we hold your personal data (what we hold and from which source the personal data originated, and if applicable, whether it came from publicly accessible sources) and;
- Provide you (the Individual) with this Privacy Notice (transparency information) no later than one month after we have collected the data, or when we first communicate if that is before one month and;
- Ask you to register with us to continue the relationship and process this information on the basis that we will provide our services to you according to this privacy notice
8.0 How is my Personal Data Safeguarded?
8.1 Kelp Social promise to take all reasonable steps to protect your personal data from loss, misuse, or other unauthorised uses, and to remove your personal data when it is no longer required for its intended purposes.
8.2 Kelp Social follow the GDPR guidelines from Articles 44 to 50 which provides guidance on the storage of personal data when stored outside the EU. All personal data is stored in the US on secure servers.
8.2 We will protect personal data through the following principles;
- Not collecting or retaining excessive amounts of data
- Protecting personal data from loss, misuse, unauthorised access and disclosure
- Keeping personal data up to date
- Storing and destroying it securely
- Ensuring that appropriate administrative, technical, and physical safeguards are in place to protect personal data. These measures include measures to deal with any suspected data breach
- Regularly reviewing our information collection, storage and processing practices, including physical security measures
9.0 Who Will You Share my Personal Data With?
9.1 Where appropriate and in accordance with local laws and requirements, we may share your personal data for various reasons with certain categories of third parties such as:
- Kelp Social internal staff such as platform operators
- Business associates – we may share client / B2B contact details
- Group Companies and business partners
- Third parties who we have retained to provide services
- Sub-contractors and third-party service providers who perform functions on our behalf (including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems)
- Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place
- Technology platforms and suppliers; including Customer Relationship Management (CRM) software provider (s) and data forwarding agencies where we have an appropriate processing agreement (or similar protections) in place
- Marketing research organisations who help to improve our products or services
- Organisations who may audit our Company and such auditing may require the processing of an individual’s personal data
- Tax, audit, or other Government authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation)
- Debt collecting and tracing agencies (where we have legal recourse to use these)
- If Kelp Social merges with or is acquired by another business or company in the future, (or is in meaningful discussions about such a possibility) we may share your personal data with the (prospective) new owners of the business or company
- Anyone else where we have your consent or as required by law
9.2 Kelp Social do not disclose personal information we collect about you, except as described in this Privacy Policy or in separate notices provided in connection with particular activities.
9.3 Kelp Social will not sell or rent to any third party any of the personal information or data that you provide to us.
9.4 Where we share personal information with vendors who perform services on our behalf, based on our instructions (data processors), we ONLY authorise these vendors to use or disclose the information as necessary to perform services on our behalf or comply with legal requirements.
9.5 You can contact us at data@kelpsocial.co.uk to get an updated list of those third parties.
10.0 Where is my Personal Data Held?
10.1 Kelp Social needs you to be aware that your information may be securely stored in locations including:
- Local file servers and file structures in the UK and the EEA
- CRM and Database systems provided by 3rd party providers, based in the UK and the EEA
- Cloud-based systems (1st and 3rd party) whose servers are located within the UK and the EEA
11.0 Will my Personal Data be Transferred Overseas?
11.1 Kelp Social use a 3rd party provider, based outside of the EEA, in order to process certain personal data for the performance of contractual requirements (this includes contractor / temporary worker payments, credit control activities). This is governed by a Controller-Processor agreement and associated safeguards.
11.2 Where it is a requirement to transfer the information you provide to other countries outside the European Economic Area (‘EEA’) (i.e., the Member States of the European Union, together with Norway, Iceland and Liechtenstein), we will inform you and only transfer this data where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data.
11.3 We will obtain explicit consent from you, prior to sharing any sensitive personal information.
12.0 Am I Subject to Any Automated Decision-making?
12.1 We do not undertake any fully automated decision-making processes.
13.0 What Data is Collected By Automated Means?
13.1 Website Cookies and Third-Party Apps
When you visit our App and/or Website, we may collect certain information by automated means. Details of cookies used are in our “cookie policy”. It should be noted that your web browser is most likely set to automatically accept cookies, but you can consult your browser help file if you wish to change these settings.
The providers of third-party apps, tools, widgets and plug-ins on our App and/or Websites, such as social media sharing tools, also may use automated means to collect information regarding your interactions with these features. This information is collected directly by the providers of the features and is subject to the privacy policies or notices of these providers. Subject to applicable law, Kelp Social Ltd is not responsible for these providers’ information practices.
Kelp Social will ask for your consent for some aspects of these activities which are not covered by our legitimate interests, which include, the collection of data via cookies when you use our App/Website.
14.0 What Marketing Will I Receive?
14.1 Kelp Social may wish to use your data; phone numbers, email address and social media (e.g., Facebook, Google, LinkedIn, and message facilities in other platforms) to communicate with you, in accordance with our legitimate interests and your marketing preferences.
14.2 Under our Legitimate Interests
Kelp Social will inform you of industry events, provide you with questionnaires, newsletters and content relating to our service(s) or career opportunities that may fit the requirements you engaged us with and recommendations and relevant articles to help your job search.
14.3 Direct Marketing
Kelp Social may wish to inform you of other products, incentives, services or offers. We will ask you to set these preferences when we contact you. You have the right to opt-out of these activities. You can do so at any time.
14.4 Interest-Based Advertising
Kelp Social may collect information on our sites about your online activities to provide you with advertising about products and services tailored to your individual interests (also see cookie policy). We also may obtain information for this purpose from third-party websites on which our adverts are served. You may see certain adverts on other websites because we engage third-party advertising networks, through which we can target our messaging to users. To do this Kelp Social will explicitly ask for your consent as part of accepting our cookie policy.
15.0 How Long will You Hold my Personal Data?
15.1 The Company will retain your personal data only for as long as is absolutely necessary. We use the following criteria to determine retention periods for personal data:
- Retention in case of queries – data is retained as long as it takes to deal with queries
- Retention in case of claims – we will retain data for as long as a data subject or organisation might legally bring claims against us
- Retention in accordance with legal and regulatory requirements: data will be retained for a period after the service / contract term has been provided or has otherwise come to an end based on our legal and regulatory requirements
16.0 What Rights do I Have?
16.1 You should be aware that you have the following data protection rights:
- The right to be informed about the personal data the Company processes on you;
- The right to request access to the personal data the Company processes on you;
- The right to rectification of your personal data; (corrected if it is inaccurate or incomplete)
- The right to have your personal data erased (deleted);
- The right to restrict processing of your personal data;
- The right to data portability;
- The right to object to processing of your personal data that was based on a public or legitimate interest;
- The right not to be subjected to automated decision making and profiling;
- The right to withdraw consent at any time;
16.2 Where you wish to engage with us to exercise your rights, you can do this by contacting our Data Protection Manager at data@kelpsocial.co.uk. We will respond to your request as soon as possible but certainly within 30 days.
Please note that these rights do not apply in all circumstances.
16.3 If you are not satisfied with how Kelp Social responds or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.
17.0 Policy Updates
17.1 Kelp Social may update this Privacy Policy from time-to-time to include changes in our personal information practices. For significant changes, we will notify you by posting a prominent notice on our websites and contact you by email indicating when it was most recently updated.
Thank You for Reading