Updated on 10 February 2023
This Privacy Notice applies to all Kalibrate applications, including any associated mobile-based solutions (“Mobile Solutions”), web-based solutions (“Hosted Solutions”) and desktop applications (“On-premises Solutions”) (collectively, the “Platform”), and other interactions (e.g., Client service support, inquiries, etc.) you may have with Kalibrate.
A separate agreement between Kalibrate and the organisation, e.g., your employer or another entity or person (“Client”) governs delivery, access and use of the Platform and related Services (the “Client Agreement”), including the processing of Personal Data that you submit or upload through the
Platform (“Client Data”). In case of On-Premises Solutions, the Client controls their instance of the Services and any associated Client Data. If you have any questions about specific Platform’s settings and privacy practices, please contact the Client whose Platform you use.
By using the Platform, you agree to the collection and use of Client Data as described in this Privacy Notice.
• Client Data:
o Clients or individuals granted access to the Platform by a Client (“Authorised Users”) may submit Personal Data to Platform when using the Platform.
o Applicable to Hosted Solutions:
▪ Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when Authorised User access or use our Hosted Solutions and record it in log files. This log data may include the Internet Protocol (IP) address, browser type and settings, the date and time the Hosted Solutions were used, information about browser configuration, plugins, and language preferences.
o Applicable to Mobile Solutions:
▪ Device information. Kalibrate collects information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this information often depends on the type of device used and its settings.
▪ Location information. When you use the Mobile Solutions, we use GPS technology (or other similar technology) to determine your current location and to display a location map. If you do not want us to collect and use your location data, you should turn off the location services for the app located in your account settings, in your mobile device's settings, or within the app. However, please note that you will not be able to use some functionality of the Platform if you do not allow us to collect and use your location data.
▪ Some functions of the Mobile Solutions may require the use of your mobile device’s camera facility and photos.
• Other Information:
o Client Account information. To create or update a Platform, you or your organisation (e.g. your employer) supply Kalibrate with an e-mail address, phone number, billing information and/or similar account details (“Other Information”).
o Feedback, and comments. We receive Other Information when you participate in a focus group, contest, activity, request support, provide comments or feedback, or otherwise communicate with Kalibrate.
Client Data will be used by Kalibrate in accordance with Client’s instructions, including any applicable terms in the Client Agreement and Client’s use of the Platform functionality, and as required by applicable law. Kalibrate is a processor of Client Data and Client is the controller.
Kalibrate uses Other Information in furtherance of our legitimate interests in operating our Platform, and business. More specifically, Kalibrate uses Other Information:
• To provide, update, maintain and protect our Platform, websites and business. This includes use of Other Information to support delivery of the Platform under a Client Agreement, prevent or address service errors, security or technical issues, analyse and monitor usage, trends and other activities or at an Authorised User’s request.
• As required by applicable law, legal process or regulation.
• To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Other Information to respond.
• To develop and provide search, learning and productivity tools and additional features. Kalibrate tries to make the Platform as useful as possible for specific Client Accounts and Authorised Users.
• To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Platform, our services offerings, and important services-related notices, such as security and fraud notices. These communications are considered part of the services and you may not opt out of them. In addition, we sometimes send e-mails about new product features, promotional communications or other news about Kalibrate. These are marketing messages so you can control whether you receive them.
• For billing, account management and other administrative matters. Kalibrate may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
• To investigate and help prevent security issues and abuse.
If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, Kalibrate may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Notice as “Personal Data.”
Kalibrate will retain Client Data in accordance with a Client’s instructions, including any applicable terms in the Client Agreement and Client’s use of Services functionality, and as required by applicable law. Kalibrate may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Notice. This may include keeping your Other Information after you have deactivated your account for the period of time needed for Kalibrate to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.
This section describes how Kalibrate may share and disclose Information. Clients determine their own policies and practices for the sharing and disclosure of Information, and Kalibrate does not control how they or any other third parties choose to share or disclose Information.
• Client’s Instructions. Kalibrate will share and disclose Client Data in accordance with a Client’s instructions, including any applicable terms in the Client Agreement and Client’s use of the Platform’s functionality, and in compliance with applicable law and legal process.
• Third party service providers. We may engage third party companies or individuals as service providers or business partners to process information and support our business. These third parties may, for example, provide virtual computing and storage services.
• Affiliates. Kalibrate may share information with its corporate affiliates, parents and/or subsidiaries.
• Mergers and acquisitions. Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this Privacy Notice.
We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
We share your personal data within the Kalibrate Group. This may involve transferring your data outside the United Kingdom (UK) and/or the European Economic Area (EEA).
Many of our external third parties are based outside the UK or EEA, so their processing of your personal data will involve a transfer of data outside the UK or EEA.
Whenever we transfer your personal data out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK.
Where we use certain service providers, we may use specific contracts approved for use by the UK which give personal data the same protection it has in the UK.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Although we maintain physical, electronic, and administrative safeguards to protect your Personal Data from unauthorised or inappropriate access, the transmission of information electronically is not completely secure, and we cannot guarantee the security of your Personal Data to us or provided through the Platform.
Kalibrate is the processor of the Client Data and the controller of Other Information.
Kalibrate Technologies Ltd is made up of different legal entities. This Privacy Notice is issued on behalf of Kalibrate Group so when we mention “Kalibrate”, “we”, “us” or “our” in this Privacy Notice, we are referring to the relevant company in Kalibrate Group responsible for processing your data and legal entity that is part of the Client Agreement.
If you have any questions or concerns about the processing of Client Data, you should contact our Client (the data Controller) directly or read their privacy notice/policy. Because the Client Data is under the client’s control, the Client is responsible for providing appropriate notice and choice to its end users regarding our processing of Client Data on its behalf. If a Client’s end-user has any questions or concerns related to our handling of Client Data, the end-user may contact Kalibrate and we will work with the Client to address the concern.
Similarly, an individual who seeks to access Client Data, or to correct, amend, object, or delete Client Data that is inaccurate, should direct their query to the Client. In case of Hosted Solutions, if the client asks us to retrieve, amend or remove the Client Data, we will do so in accordance with our Client Agreement with them.
Under certain circumstances, you have rights under data protection laws in relation to your Other Information data which includes:
• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.
If you wish to exercise any of the rights set out above, please Contact us.
Our full details are:
Kalibrate Technologies Ltd
Data Privacy Manager
Email address: compliance@kalibrate.com
Postal address: 2 Circle Square, Manchester M1 7FS, UK Tel: +44 161 609 4000 https://kalibrate.com/contact/
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
This version was last updated on date stated above.
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.
Our Platform may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Services, we encourage you to read the privacy notice of every website/application you visit.
When we post videos or other media on our solutions, third parties may use local shared objects, also known as flash cookies, to store your preferences for volume control, or to personalize certain features.
Our Platform is not intended for use by children under the age of 16. If a parent or guardian becomes aware that their child has provided us with personal information without their consent, please contact us to have this information deleted.