Privacy Notice

1. Introduction
   1. This privacy notice sets out how Kaseum Technology Limited (“Kaseum”, “us”, “we”, or “our”) uses and protects your personal data. Kaseum is a public limited company incorporated in Scotland under company number SC556978.
   2. This privacy notice gives you information on how we collect and process your personal data through your use of the Kaseum customer support portal at https://portal.kaseum.com/ (the “Kaseum Customer Portal”), including any data you may provide to us through the Kaseum Customer Portal when you sign up to the Kaseum Customer Portal or raise a ticket.
   3. It is important that you read this privacy notice, together with any other privacy policy that we may provide you on specific occasions when we are collecting personal data about you so that you are fully aware of how and why we are using your data.
2. Important information and who we are
   1. We are the data controller and are therefore responsible for your personal data.
   2. If you have any questions about this privacy notice or our data protection practices, please contact us by email at portal@kaseum.com.
3. How we collect information from you and what information we collect
   1. We may collect personal information when you use the Kaseum Customer Portal and personal information that you give us by completing the sign-up process to access the Kaseum Customer Portal.
   2. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
      1. Identity Data includes first name, last name, username or similar identifier, company name and job title.
      2. Contact Data includes business email address and telephone number.
      3. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Kaseum Customer Portal.
      4. Profile Data includes your username, email address, and password.
      5. Usage Data includes information about how you use the Kaseum Customer Portal, products and services.
      6. Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
   3. We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
   4. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4. How we use your personal data
   1. We will only use your personal data for the purposes for which we collected it which include the following:
      1. to register you as a user of the Kaseum Customer Portal;
      2. to manage our relationship with you which will include notifying you about changes to our Terms of Use or this Privacy Notice;
      3. to administer and protect our business and the Kaseum Customer Portal (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
      4. to use data analytics to improve the Kaseum Customer Portal, products/services, marketing, customer relationships and experiences; and
      5. to provide communications to you in respect of our products and services including, but not limited to notification of new software updates (where applicable).
5. How we share your personal data
   1. We may also share your personal data with the parties set out below for the purpose set out in paragraph 4 above. The following categories of organisation may use your personal data:
      1. our authorised resellers who have sold you a product or operate in your jurisdiction, for the limited purpose of supporting our own customers; and
      2. internet and cloud hosting services providers supporting the Kaseum Customer Portal.
6. Direct marketing
   1. When you register as a customer of the Kaseum Customer Portal, you will be asked to indicate your preferences for receiving direct marketing and communications from us via email or telephone.
   2. We may also analyse your Identity, Contact, Technical, Usage and Profile Data to form a view which product, services and offers may be of interest to you so what we can send you the relevant marketing communications.
7. Third-party marketing
   We will get your express consent before we share your personal data with any third party for their own direct marketing purposes.
8. Opting out of marketing
   1. You can ask to stop sending you marketing communications at any time by (a) logging into the Kaseum Customer Portal and checking or unchecking relevant boxes to adjust your marketing preferences; (b) following the opt-out links within any marketing communication sent to you or (c) contacting us at portal@kaseum.com.
   2. If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to, updates to our Terms and Conditions and checking that your contact details are correct.
9. Cookies
   For more information about the cookies, we use and how to change your cookie preferences, please see Cookie Policy.
10. International transfers
    1. Our partners are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK, as may the hosting arrangements for the Kaseum Customer Portal from time to time.
    2. Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
       1. we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.; and
       2. where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK, together with data privacy impact assessments.
11. Data security
    We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
12. Data rentention
    1. We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
    2. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
13. Your legal rights
    1. You have the right at any time to:
       1. request access to your personal information (commonly known as a “subject access request”). This enables you to receive a copy of the personal information we hold about you and to check we are lawfully processing it;
       2. request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
       3. request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
       4. object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;
       5. request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
       6. request the transfer of your personal information to another party; and
       7. withdraw your consent to the processing of your personal information at any time.
    2. If you would like to exercise any of your rights above, you will be able to do so through the Kaseum Customer Portal, or alternatively please contact us at portal@kaseum.com.
    3. You also have the right to complain to the Information Commissioner’s Office in relation to our use of your information (Information Commissioner's Office (ICO).