1. Your personal data – what is it?
Personal data is information that can be used directly or indirectly to identify a living person, for example name, address, email and telephone number.
Processing of personal data is governed by the General Data Protection Regulation (GDPR), regulated in the UK by the Information Commissioner’s Office (ICO).
2. Who are we?
KR5 Consulting provides business to business services and is a trading name of KanRevi5 IT Consultancy Ltd, a UK registered company. KanRevi5 IT Consultancy Ltd is the Data Controller and is responsible for ensuring that personal information is processed fairly and transparently.
3. How do we process your personal data?
KanRevi5 IT Consultancy Ltd complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use personal data for the following purposes:
- Direct marketing to businesses that we believe might benefit from our services
- Manage our commercial relationships with customers and suppliers
- Inform you of relevant news, events and activities
- Maintain our own accounts and records to fulfill employment, tax or legislative requirements.
4. What is the legal basis for processing your personal data?
The legal basis for processing is:
- Legitimate Interest for direct marketing and maintaining a network of business connections.
- Contract for managing customer and supplier relationships, including customer contacts required for the delivery of products and services.
- Explicit consent to keep you informed about news, events, and activities.
- Necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement;
5. Sharing your personal data
Your personal data will be treated as strictly confidential and will only be used by KanRevi5 IT Consultancy Ltd. We will only share your data with a third party with your consent.
6. How long do we keep your personal data?
We use the following retention policies:
- 6 Years for employee records, supplier records, and customer records
- 3 Years for personally identifiable information after last contact.
7. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for us to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, (where applicable).
- The right to lodge a complaint with the Information Commissioners Office.
8. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
9. Contact Details
To exercise all relevant rights, queries of complaints please in the first instance contact firstname.lastname@example.org.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.