2. Data Collected
Data storage location
We are a London based company and operate web servers hosted in the US. Our hosting provider Amazon Web Services (AWS) adheres to the EU/US “Privacy Shield”, ensuring that your data is securely stored and GDPR compliant. For more information on AWS privacy, please review their policy here: https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/
If you register on our website, we store your chosen username and your email address and any additional personal information added to your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit this information.
To receive product support, you must have purchased at least one product directly from our website (excluding secondary sales platforms). This sales data is stored with your user data. This is required for us to provide you customer services.
When you leave comments on the website we collect the data shown in the comments form, and also the IP address and browser user agent string to help spam detection.
Information submitted through the contact form on our site is sent to our company email, hosted by Google. Google adheres to the EU/US “Privacy Shield” policy and you can find more information about this here: https://policies.google.com/privacy/frameworks?hl=en-US
These submissions are only kept for customer service purposes they are never used for marketing purposes or shared with third parties.
We use Google Analytics on our site for anonymous reporting of site usage. So, no personalized data is stored. If you would like to opt-out of Google Analytics monitoring your behavior on our website please use this link: Google Analytics Opt-out.
CASES FOR USING THE PERSONAL DATA
We use your personal information in the following cases:
- Verification/identification of the user during website usage;
- Providing Technical Assistance;
- Sending updates to our users with important information to inform about news/changes;
- Checking the accounts’ activity in order to prevent fraudulent transactions and ensure the security
- over our customers’ personal information;
- Customise the website to make your experience more personal and engaging;
- Guarantee overall performance and administrative functions run smoothly.
3. Embedded Content
Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website.
Cookies Necessary for the Functioning of the Store:
|_ab||Used in connection with access to admin.|
|_secure_session_id||Used in connection with navigation through a storefront.|
|Cart||Used in connection with shopping cart.|
|cart_sig||Used in connection with checkout.|
|cart_ts||Used in connection with checkout.|
|checkout_token||Used in connection with checkout.|
|Secret||Used in connection with checkout.|
|Secure_customer_sig||Used in connection with customer login.|
|storefront_digest||Used in connection with customer login.|
|_shopify_u||Used to facilitate updating customer account information.|
Reporting and Analytics
|_landing_page||Track landing pages.|
|_orig_referrer||Track landing pages.|
|_shopify_sa_p||Shopify analytics relating to marketing & referrals.|
|_shopify_sa_t||Shopify analytics relating to marketing & referrals.|
|tracked_start_checkout||Shopify analytics relating to checkout.|
5. Who Has Access To Your Data
If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.
If you are a client with a registered account, your personal information can be accessed by:
- Our system administrators.
- Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. Third party access to your data
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:
7. How long we retain your data
When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.
If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.
8. Security measures
We use the SSL protocol throughout our site. This encrypts our user communications with the servers so that personal identifiable information is not captured/hijacked by third parties without authorisation.
In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.
9. Your data rights
If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.
You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).
If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.
Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. Kanya Technologies permits residents of the European Union to use its Service. Therefore, it is the intent of Kanya Technologies to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.
10. Third party websites
Kanya Technologies may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by Kanya Technologies, and you release us from any liability for the conduct of these third party websites.
All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties unless you explicitly click on them.
11. Release of your data for legal purposes
At times it may become necessary or desirable to Kanya Technologies, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.
Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.