At Kindaba, we believe privacy is paramount. We developed Kindaba because we were concerned with how your data is used by other services. Privacy is extremely important to us as creators and users of Kindaba, and we are committed to protecting and respecting your privacy. Our aim is to deliver a platform which provides a private and safe space for families to connect.
Our vision for how Kindaba approaches privacy can be summarised by the following points:
- We offer a safe and private place where everyone is comfortable connecting with family.
- We do not share your data with any third party for marketing purposes.
- We always want to provide you with a clear understanding of how and why we use your data. This policy is intended to set out a detailed explanation so you can make informed choices, but please do contact us if you have any questions or concerns at email@example.com.
- We do our best to keep your content and account secure.
About this policy
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our website, or registering to use our service, you are consenting to the practices described in this policy.
Who we are
About our service
Information we may collect from you
Uses made of your information
Disclosure of your information
Where we store your information
How long we will store your information
How to contact us
We are Kindaba Limited, a company incorporated and registered in Scotland with company number SC556903. Our registered office is at 42 Charlotte Square, Edinburgh, United Kingdom, EH2 4HQ.
When we refer to “we”, “us” or “our” in this policy, we are referring to Kindaba Limited.
For the purposes of the Data Protection Bill 2017 and the European General Data Protection Regulation, we are the data controller.
When we discuss our service in this policy, we are referring to our online family networking platform, which we make available to you on the basis of our Terms and Conditions. Our service is currently available via a web browser or applications specific to your mobile device.
You may create a Kindaba account through our service, in which case we will refer to you as a “user” in this policy.
We may collect and process the following personal information about you, with your specific and informed consent:
Through the use of our service, you may provide information to us. We will refer to this information as “user data” in this policy. User data includes the following:
- Account creation information: this is information you provide at the time of registering to use our service and creating a profile. It may include your name, email address, telephone number, home address, date of birth, gender, personal description, photograph, username and password.
- Account content: All material that you upload, create, share or post on or through the service. This includes messages, images, videos, links and other media as well as information in or about the content you provide, such as the location of a photo or video if you choose to have location services enabled. Account content will also include information other users provide about you when using the service and all communications you have with them. Account content will only be visible to other users that you choose to connect with.
- Service usage: If you contact us, we may keep a record of that correspondence (which may be by email, direct message or phone). We may collect information about how you are accessing and using the service. We may also ask you for information when you report a problem with our service, which includes administrative and support communications.
- Surveys: We may ask you to complete surveys or provide feedback, although you do not have to respond to such requests.
- Geo-location information: Where you choose to enable location services, we will collect GPS location data from your mobile device or use information from your web browser (such as WIFI and internet protocol (“IP”) address data) to determine your approximate location. You may switch these services off at any time through your settings.
When using our service, we may automatically collect information. We will refer to this type of information as “technical data” in this policy.
What technical data we collect depends on the type of device you are using to access the service and its settings, but may include the following:
- Log data: this is information our servers automatically record, including information that your web browser or mobile device sends whenever you visit a website or use an application. This log data may include your IP address, your web browser type, version and settings, time zone settings and language preferences.
- Information about your visit: this is information about the web pages you visit before, during and after using the service, and the date and time of your visits.
- Device information: this is information about the device you are using the service on, including what type of device it is and what operating system you are using, as well as device settings, application IDs, unique device identifiers and crash data.
Cookies are small text files that are placed on your computer or mobile device when you browse websites to collect standard internet log information and visitor behaviour information.
Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them, or until they expire.
Our cookies are used to remember your account settings during and between visits and to compile statistical reports on website activity. Your cookie settings can be adjusted in your browser settings and can prevent your browser from accepting cookies. We have developed our service so that this will not substantially decrease the efficiency or functionality of our website, although in a few cases some of our website features may not function as a result.
Third party cookies
We use third party cookies (such as Google Analytics) to compile website statistics on visitors to our website. Such analysis includes information on how visitors access our website, the amount of time spent on the website, and what pages are visited. You may opt out of Google Analytics here.
We use personal information held about you in the following ways:
- to provide you with our service;
- to personalise your experience as part of our provision of the service;
- to communicate with you in respect of your use of the service;
- to administer our service, including data analysis, troubleshooting and testing.
We may share your information with the following:
- any of our officers, employees, or professional advisers in relation to the provision of the service.
- any of our suppliers or sub-contractors for the performance of any contract we enter into with them in relation to the provision of the service. This includes the following:
- Amazon Web Services Inc
- Apple Inc
- aTech Media Ltd
- Bugsnag Inc
- Crisp IM SARL
- Google LLC
- Heap Inc
- Mixpanel Inc
- The Rocket Science Group LLC (Mailchimp)
We will only disclose your information to third parties:
- if we need to in order to be able to enforce our Terms and Conditions;
- if we need to in order to otherwise protect the rights, property, or safety of Kindaba Limited, our employees and our customers;
- if we have to comply with a legal obligation;
- in the event that we sell Kindaba Limited or substantially all of its assets, in which case we may disclose it to the prospective buyer or the new owner. We will inform you of such an action.
- in the event that we buy any business or assets, in which case we may disclose it to the prospective seller. We will inform you of such an action.
We store your personal information on servers and infrastructure based in the European Union, maintained by other, very well established companies that have a strong track record with security, Amazon Web Services and Google Cloud Platform.
Where we transfer any of your personal information to our suppliers or sub-contractors other than Amazon Web Services Inc or Google Inc, we ensure that they are compliant with the GDPR and that where they don’t store your information in the European Economic Area, they are party to the EU-US Privacy Shield.
We maintain administrative, technical, and physical safeguards to help protect your personal information in an effort to prevent loss, misuse, unauthorised access, disclosure, alteration and destruction. This includes the use of encryption and pseudonymisation where appropriate.
The security of online communications sent by electronic means cannot be guaranteed. When you provide information to us via the internet, you do so at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, data, where the security of information is not within our control.
We encourage you:
- to protect your account with a strong password that you don’t use anywhere else to help prevent anyone from accessing or abusing your account; and
- to let us know immediately if you suspect any loss, misuse, unauthorised access, disclosure, alteration and destruction of your personal information.
We will only store your personal information for as long as is necessary. That means we will retain it for as long as you use our service, so that we can comply with our obligation to provide the service to you.
If you choose to stop using our service and cancel your account, we will remove all of your user and technical data from our servers as soon as we are able to (but no later than ninety (90) days after you have deleted your account).
If we have a legal or regulatory requirement to retain information, we will keep a record of such information but only to the extent, and for the period, required.
Under data protection legislation you have a number of rights in respect of information held about you. These rights are as follows, and can be exercised in accordance with the applicable legislation, by emailing us at firstname.lastname@example.org:
- Access to information: You have the right to request a copy of the personal information we hold about you.
- Ensuring accuracy of information: You have the right to ask us to correct or complete information that is inaccurate or incomplete.
- Right to erasure: You have the right to erasure, which is more commonly known as the ‘right to be forgotten’. This means that you can require us to delete the personal information we hold about you.
- Right to restrict processing: You have the right to require us to stop using your personal information in certain circumstances. For example, where you have notified us that the information we hold about you is incorrect and you would like us to stop using it until we have verified that it is accurate.
- Right to data portability: You have the right to receive personal data we hold about you in a format that enables you to transfer such information to another data controller (e.g. a provider offering an equivalent service).
- Right to withdraw consent: You have the right to withdraw your consent to us to make use of your personal data at any time.
- Right to complain to a supervisory body: You have the right to lodge a complaint with a supervisory body. The relevant authority in the UK is the Information Commissioner’s Office.
- Preventing direct marketing: We do not sell your data. From time to time, we do send emails containing information about new features and other news about Kindaba. This is considered direct marketing. You have the right to stop us from contacting you for these purposes.
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that they will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you do not agree with any changes you should cancel your account. Continued use of your account will be deemed to be acceptance of our changes.