Kikmoov complies with the UK and EU General Data Protection Regulation (GDPR); The UK and EU General Data Protection Regulation (GDPR) superseded the UK Data Protection Act 1998 on 25 May 2018. It expands the rights of individuals to control how their personal data is collected and processed and replaces a range of new obligations on organisations to be more accountable for data protection. The Data Protection Act 2018 enshrines the GDPR into UK law, and supplements the GDPR by filling in the sections of the Regulation that are left to individual member states to interrupt and implement. As an act of UK law, the Data Protection Act’s requirements will continue to apply after the UK’s departure from the European Union. Kikmoov has certified that it adheres to GDPR and UK law and privacy principles of notice, choice, onward transfer, security, data integrity, access and enforcement. To learn more about GDRP, please visit https://www.gov.uk/government/publications/guide-to-the-general-data-protection-regulation
Legal Basis The legal basis we rely on to process personal data where you are an account holder with us or have signed up any of our Services (for instance information relating to any bookings, profile information and registration information) is the contract in place between you and us.
In all other cases (for instance cookie information, information relating to your device, marketing information) we rely on our legitimate interest in operating and promoting our business.
Your privacy rights With respect to your personal data, you have the right to:
- request that your personal data will not be processed;
- ask for a copy of any personal data that we have about you;
- request a correction of any errors in or update of the personal data that we have about you;
- request that your personal data will not be used to contact you for direct marketing purposes;
- request that your personal data will not be used for profiling purposes;
- request that your personal data will not be used to contact you at all;
- request that your personal data be transferred or exported to another organisation, or deleted from our records; or
- at any time, withdraw any permission you have given us to process your personal data All requests or notifications in respect of your above rights may be sent to us in writing at the contact details listed at the end of this policy. We will endeavour to comply with such requests as soon as possible but in any event we will comply within one month of receipt (unless a longer period of time to respond is reasonable by virtue of the complexity or number of your requests). If personal data we hold about you is subject to a breach or unauthorised disclosure or access, we will report this to the Information Commissioner’s Office (ICO) and/or our data protection manager.
If a breach is likely to result in a risk to your data rights and freedoms, we will notify you as soon as possible.
Minors Kikmoov does not knowingly collect or solicit information from anyone under the age of 18 or knowingly allow such persons to register. If you are under 18, please do not attempt to register for Kikmoov or send any information about you to us, including your name, address, telephone number, or email address. No one under age 18 may provide any information to or on Kikmoov. If you believe that we might have any information from or about a minor under 18, please contact us at firstname.lastname@example.org.
Use of Information Obtained by Kikmoov We use the information we collect from our services to enable your access to our products, enhance our products, protect the site and our customers, and to offer tailored content, like more relevant search results and ads. Once you register with Kikmoov, you may create your Profile. Your Profile and contact information are displayed to other Users, including providers at spaces at which you make or request bookings and viewings. We may also send you service-related announcements and marketing communications on the site, across other websites, and through email. Examples include promotions, new product/service messages, ads for the service and partner offers. You will be given an opportunity to opt out of receiving marketing communications when we collect your email address. Generally, you may opt out of such emails by following the unsubscribe option included in each email; however, Kikmoov reserves the right to send you account-related notices such as reservation confirmation emails even if you opt out of all marketing-related emails. Kikmoov provides push notifications for upcoming reservations. To turn off push notifications, please edit your personal settings on your device. Profile information and your reservation activity is used by Kikmoov primarily to be presented back to and edited by you when you access the Service and to be presented to other Users. The amount of such information presented to other Users will depend on your relationship with those Users (e.g., whether they are following you, or you are following them, as permitted by the Service, or whether you were referred to the Service by them). If you register for the Service via a referral from a Professional, Kikmoov will inform the Professional when you register for the Service and begin browsing listings on the Service and will provide the Professional with information regarding reservations that you book. In some cases, other Users may be able to supplement your Profile or contribute information about your Space (if you are a Host), including by submitting comments and reviews. You consent to Kikmoov making such information available to other Users and the public. You may change the privacy settings of your profile through your account portal. Information from your Profile may be available to our third party service provider for search engines. This is primarily so that potential users may be able to find you. Kikmoov may use non-identifiable aggregate data (based partly on IP addresses) collected through the Service to analyze Service usage and system performance. Such data may be used by Kikmoov and shared with third parties in any manner.
Single Sign-on (sign up) You can log in to our site using sign-in services such as an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form. Services like Linked In Open ID provider give you the option to post information about your activities on this web site to your profile page to share with others within your network.
Security Kikmoov takes reasonable precautions to protect Users’ Non-Public Information. Your account information is located on a secured server behind a firewall. When you enter sensitive information, such as a credit card number on our order forms or transmit location data, we encrypt the transmission of that information using secure socket layer technology (SSL). However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee absolute security. If you have any questions about security, please contact us.
Data Transmission The data Protection Directive 95/46/EC and the UK DPA permit data transmission within the EU/EEA: under the UK Data Protection Act, the rules may be applied only in such a way that the free movement of personal data between the member states of the European Union is not impaired of prohibited. Data transmission laws will differ in non – EU countries, including the country in which you reside. By providing Kikmoov with your personal information, you consent to the collection, transfer and processing of your personal information to and from the United Kingdom and agree that your personal information may be subject to access requests from governments, courts or law enforcement in the United Kingdom according to the laws of the United Kingdom.
If we transfer your information outside of the EEA, and the third country or international organisation in question has not been deemed by the EU Commission to have adequate data protection laws, we will provide appropriate safeguards and we will be responsible for ensuring your privacy rights continue to be protected as outlined in this notice.
We may disclose information to third parties in the following circumstances:
- As part of our services we may provide information to our third party service providers;
- We may disclose information to our group companies;
- In order to manage bookings you have made through the Site;
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime);
- in order to enforce any terms and conditions or agreements for our services that may apply;
- we may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation, but we will take steps with the aim of ensuring that your privacy rights continue to be protected;
- to protect our rights, property and safety, or the rights, property and safety of our users or any other third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. If we do supply your personal information to a third party we will take steps to ensure that your privacy rights are protected and that third party complies with the terms of this notice.
Data Retention Our current data retention policy is to delete or destroy (to the extent we are able to) personal data after the following periods:
- Records relating to a your account with us - 7 years from either the end of the contract or the date you last used our services or placed an order with us, being the length of time following a breach of contract in which a contract party is entitled to make a legal claim.
- Records relating to the hire of space or property – 12 years from the date on which the hire agreement was entered into.
- Marketing records - 3 years from the last date on which you have interacted with us.
For any category of personal data not specifically defined in this notice, and unless otherwise specified by applicable law, the required retention period for any personal data will be deemed to be 7 years from the date of receipt by us of that data. The retention periods stated in this notice can be prolonged or shortened as may be required (for example, in the event that legal proceedings apply to the data or if there is an on-going investigation into the data).
Gregoire Feld-Davidovici: Data Protection Manager