Legal

Privacy Policy

Kohort Software Limited

1. Introduction

1.1 Important information and who we are

Welcome to Kohort Software Limited's Privacy and Data Protection Policy ("Privacy Policy").

At Kohort Software Limited ("we", "us", or "our") we are committed to protecting and respecting your privacy and Personal Data in compliance with the United Kingdom General Data Protection Regulation ("GDPR"), the Data Protection Act 2018 and all other mandatory laws and regulations of the United Kingdom.

This Privacy Policy explains how we collect, process and keep your data safe. The Privacy Policy will tell you about your privacy rights, how the law protects you, and inform our employees and staff members of all their obligations and protocols when processing data.

The individuals from which we may gather and use data can include:

  • Customers
  • Suppliers
  • Business contacts
  • Employees/Staff Members
  • Third parties connected to your customers

This Privacy Policy applies to all our employees and staff members and all Personal Data processed at any time by us.

1.2 Who is Your Data Controller and Data Protection Officer

Kohort Software Limited is your Data Controller and responsible for your Personal Data.

We have appointed a data protection officer ("DPO") who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights surrounding your Personal Data please contact the DPO using the details set out below:

  • Full name: Jan Pickard
  • Email address: jan@kohort.io
  • Postal address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

1.3 Processing Data on Behalf of a Controller

In discharging our responsibilities as a Data Controller we have employees who will deal with your data on our behalf (known as "Processors"). The Data Controller and our Processors are responsible to: ensure all processing of Personal Data is governed by a legal basis under GDPR; implement appropriate technical and organisational measures; assist the Controller in responding to data subject rights requests; notify the Controller of any Personal Data Breach without undue delay; and support the data protection officer in performing their tasks.

2. Legal Basis for Data Collection

2.1 Types of Data / Privacy Policy Scope

"Personal Data" means any information about an individual from which that person can be identified. We may collect:

  • Profile/Identity Data: first name, last name, gender, date of birth.
  • Contact Data: phone number, addresses, email addresses.
  • Marketing and Communications Data: your preferences in receiving marketing information.
  • Billing Data: name attached to payment details and billing address.
  • Financial Data: banking details e.g. account number and sort code.
  • Transactional Data: details and records of all payments you have made.

We do not collect any Special Categories of Personal Data about you.

2.2 The Legal Basis for Collecting That Data

  • Consent: when you opt in to a service or tick a box to receive communications.
  • Contractual Obligations: information required to fulfil our contractual obligations.
  • Legal Compliance: where we are required by law to collect and process certain types of data.
  • Legitimate Interest: where we need to collect certain information to meet our legitimate business interests.

3. How We Use Your Personal Data

We will only use your Personal Data when the law allows us to. You will receive marketing and new content communications from us unless you specifically request otherwise. We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

4. Your Rights and How You Are Protected by Us

You may delete your account at any time — this will remove your account page from our systems and all stored data. You can access information associated with your account by logging in.

Under GDPR you have the right to: request access to your personal data; request correction of inaccurate data; request erasure of your data; object to processing; request restriction of processing; request transfer of your data; and withdraw consent at any time.

To exercise any of these rights, contact our DPO at jan@kohort.io.

5. Your Data and Third Parties

We will never sell your personal data. We may share your data with trusted third parties who assist us in operating our website and conducting our business, provided they agree to keep such information confidential. We may also release information when required by law or to protect our rights.

6. How Long We Retain Your Data

We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

7. Data Security

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have procedures to deal with any suspected Personal Data Breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact our DPO:

  • Email: jan@kohort.io
  • Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom