This policy was updated on 21 March 2018.
The Kildrummy Corporation Limited of Scotland operates worldwide through wholly-owned incorporated entities such as Kildrummy Inc. of Texas, USA. These companies together form the Kildrummy Group (“Kildrummy”).
This policy, and management intention to be wholly compliant with the provisions of the EU General Data Protection Regulation (“GDPR”), applies to every part of Kildrummy.Kildrummy’s Chairman serves as the Data Protection Officer for Kildrummy. He may be contacted at email@example.com or by post at the company’s Registered Office.
Section ONE: The GDPR requires us to make known to those individuals with whom we do business how we handle personal details we have collected and expect to collect in future. A detailed exposition forms the first section below.
Section TWO: The second section sets out the practices we follow to preserve the privacy of all visitors to this website kildrummy.com.
1 Section ONE
The registered office of The Kildrummy Corporation Limited is 26 North Road, Lerwick, Shetland ZE1 0DE, UK.
Kildrummy’s Data Protection Officer may be contacted at firstname.lastname@example.org or by post at the company’s Registered Office.
1.1 Your Rights
The GDPR provides the following rights to individuals:
- The right to be informed who is collecting your personal details and how they will be used;
- The right to inspect the personal details we hold on you;
- The right to correct the personal details we hold on you;
- The right to have the personal details we hold on you erased;
- The right to restrict the use we make of your personal details;
- The right to data portability (i.e. to obtain copies of your personal details in machine-readable form);
- The right to object to the use of your personal details, including where you have previously given consent to their use;
- Rights in relation to automated decision making and profiling; and
- The right to lodge a complaint with the Information Commissioner’s Office.
Unless we have specifically agreed otherwise with you, or are obliged by law in the jurisdiction in which you reside, we shall not collect what the GDPR calls “special category data” – things like ethnic origin, sexual orientation, political beliefs, religious affiliation, mental and physical health and so on. We shall only collect basic personal details like your name, job title, work address, work email address and work telephone number.
If at any point you believe the information we hold on you is incorrect you may request to see this information and you may have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal details, you should contact our Data Protection Officer (email@example.com) who will investigate the matter expeditiously.
If you are not satisfied with our response or if you believe that we are processing your personal details unfairly or unlawfully, you may complain to the Information Commissioner’s Office.
You can contact the UK Information Commissioner’s Office:
- by email or through its website https://ico.org.uk/global/contact-us/;
- by telephoning its helpline at 0303 123 1113 or 01625 545 745; or
- by post or in person at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
There are regional offices for Scotland, Wales and Northern Ireland. You can find their details at https://ico.org.uk/global/contact-us/postal-addresses/.
All EU member states have similar offices, and residents of those states should contact their local Regulator.
Residents of other countries will have local equivalents who should be able to help. It is Kildrummy’s intention to abide by the privacy and data protection laws of every country with which or within which we do business.
1.2 Collecting your Personal Details
We need to know basic personal details in order to provide you with our goods and services, and to claim our right to be paid in return for our services. If you do not provide this information then we will be unable to provide the goods and services you have requested. We will not collect any personal details from you that we do not need in order to provide the goods and services which we have agreed to provide to you.
We also need to know basic personal details in order to evaluate the goods and service you wish to provide to us, and if we choose, to purchase and use them. If you do not provide this information then we will be unable to evaluate and purchase the goods and services you are offering to us. We will not collect any personal details from you that we do not need in order to evaluate and purchase the goods and services which you are offering to us.
1.3 Processing (use of) your Personal Details
All the personal details we hold about you will be processed by our staff in the United Kingdom and no third parties will have access to your personal details unless there is a legal obligation for us to provide them with some or all of those personal details.
We set out below the lawful bases for Kildrummy to process your personal details.
- Some of our processing is necessary for compliance with a legal obligation. For example, we are legally obliged to retain and provide data on sellers and buyers to HMRC should it be demanded. Similarly we have obligations under the Health & Safety at Work Act 1974, the Bribery Act 2010, the Corporate Manslaughter and Corporate Homicide Act 2007 and sundry other enactments which may result in our having to keep and potentially provide your personal details to courts and government agencies.
- We may process data if it is necessary for the performance of a contract with you, or to take steps to enter into such a contract. For example, we provide ongoing support for the users of our software products, and to do that we must have sufficient personal details to enable us to contact you or to verify that you are a bona fide user.
- If you have bought one of our products or used one of our services we may provide you with details of other goods and services we can offer you, and update you about our activities.
- Where your information is processed other than in accordance with one of these uses, we will first obtain your consent to that use.
We take all reasonable steps to ensure that your personal details are processed securely and more information on this can be found on our website.
1.4 How Long will we Keep your Personal Details?
We will normally keep your personal details for a minimum of 6 years, after which the record of your personal details will be erased if we no longer require it for the lawful purpose or purposes for which it was collected.
If you consent to receive marketing or informational materials, any information we use for this purpose will be kept by us until you notify us that you no longer wish to receive marketing or informational materials from us.
1.5 Sharing your Personal Details
Your personal details will only be shared with third parties including other data controllers where it is necessary for the performance of the data controllers’ tasks or where you first give us your prior consent.
It is possible that we will need to share your data with:
- Other members of the Kildrummy Group. Each is a separate legal entity and will be responsible to you as a data controller. We will do this if, for example, you are a U.S. customer receiving customer support from Kildrummy Inc. of Houston, Texas.
- Our agents, suppliers and contractors. For example, we might employ a contractor local to you to deliver implementation or support services to you. In such a case the contractor needs to know with whom to liaise. Another example is where we use a third party event organiser local to you to provide facilities and issue invitations for User Groups and Training Events.
- Our customers. For example, if you are a contractor tasked to deliver a Kildrummy service to one of our customers, the customer needs to know who you are, what your skills are and how to make contact with you.
Any personal details transferred to countries or territories outside the European Economic Area will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.
2 Section TWO
2.1 Data Collection
We collect personally identifiable information that is voluntarily provided by visitors to this Site (“User Data”).
The User Data that Kildrummy may be given by Site visitors includes company name and address, job title, name, email address, telephone, and any other information voluntarily provided by visitors in email messages or attachments thereto.
Typically, User Data is collected in order to assist visitors to:
• register to access certain areas of the Site;
• request a phone call or a software demonstration;
• register to receive periodic newsletters;
• register to obtain product or service information;
• register to obtain training materials;
• submit resumes (curriculum vitae); or
• register for events, courses and conferences.
It is Kildrummy’s policy to limit the personal details collected to the minimum information required to fulfil a Site visitor’s request.
Kildrummy’s intention is not to seek any “special category data” (sensitive personal details) through our Site unless we are legally required to do so. Sensitive personal details include data relating to ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual orientation, or criminal record.
2.2 Use of User Data
Kildrummy makes every practical effort to avoid excessive or irrelevant collection of personal details. If a visitor believes the Site has collected excessive information, we encourage the visitor to contact us at firstname.lastname@example.org to raise any concerns.
Unless Site visitors explicitly choose to receive specific Kildrummy marketing or other informational materials, Kildrummy will not use personal details collected from the Site to distribute marketing or informational materials.
Kildrummy will not sell or otherwise permit your personal details to be used by third parties to distribute their own marketing or informational materials without your express prior agreement.
Kildrummy will never bombard you with spam.
2.3 Third Parties
It is Kildrummy’s policy only to disclose User Data to third parties under the following circumstances:
• when explicitly requested to do so by the visitor;
• when it is required in order to deliver publications or reference materials requested by the visitor;
• when it is required in order to facilitate conferences or events organised by or hosted by a third party;
• when it is required in order to handle any other request made by a visitor; or
• when it is required in order to comply with the law.
Categories of third parties with whom Kildrummy may share personally identifiable information include national, federal, state, and local government entities and other members of the Kildrummy Group.
This Site does not collect or compile personally identifying information for dissemination or sale to outside parties for marketing purposes, and we do not host mailings on behalf of third parties.
A cookie is a message sent to a web browser by a web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server.
Cookies enable our web server to recognise a computer on connection to the Site, which in turn enables the server to make the downloading of pages faster than on the first visit.
The data collected by our servers through cookies that may be placed on your computer will not be kept for longer than is necessary to fulfil the purposes mentioned above. In any event, such information will not be kept for longer than one year.
Navigation data about visitors to the Site is automatically collected by our servers. If you do not wish to have this navigation data collected, we recommend that you do not use the Site.
Visitors can set their browser to block the recording of cookies on their computer to minimise the amount of data that may be collected about their navigation. The browser can also be set to notify the visitor when a cookie is being recorded on the computer. Most browsers can also be set to prevent cookies being recorded on the computer. For optimal use of the Site, though, we recommend that visitors do not block the recording of cookies on their computers.
To find out more about cookies, including how to see what cookies have been set and how to manage them and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
2.5 Transfer of User Data outside the User Jurisdiction
In order to operate the Site we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the Site (the “User Jurisdiction”) and process User Data outside the User Jurisdiction.
If the User Jurisdiction is within the European Economic Area (the “EEA”) please note that such transfers and processing of personal details may occur in locations outside the EEA. Any data sent or uploaded by visitors may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA.
User Data may be controlled and processed by any of Kildrummy’s offices, some of which are outside the EEA. The location of our offices may change from time to time and Kildrummy may acquire offices in any number of countries or territories at any time, any one or more of which may act as controllers of and/or process personal information of visitors.
2.6 Third-party Links
As a policy, visitors are not required to register to gain access to this Site. Personally identifiable information provided to Kildrummy through this Site is provided voluntarily by visitors.
Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate web page or in communications to our visitors; or a visitor may contact Kildrummy at email@example.com.
Every visitor has the right of access to personal details they have submitted through this Site.
You may update the personal details we hold on you via the My Data area of kildrummy.com here.
Enquiries about the accuracy of personal details previously submitted and requests to have information erased should be directed to firstname.lastname@example.org.
All Kildrummy entities and all Kildrummy employees are instructed to follow a Kildrummy-wide security policy. Only authorised personnel are provided access to a visitor’s personal details and these employees are required to agree to ensure confidentiality of this information.
Please do not provide us with your personal details if you do not want those personal details to be used by us in this manner.
All documents, programmes, publications, designs, products, processes, software, technology, information, and ideas provided by or described in this Site are the property of Kildrummy and are protected by U.K. and international copyright laws and other intellectual property laws, unless stated otherwise.