PRIVACY POLICY

PRIVACY POLICY FOR KIITA CONNECT MEMBERS

HOW WE USE YOUR PERSONAL INFORMATION

General

This policy explains what information we gather when you visit the Kiita website or Kiita Connect and use our services. We also explain how that information is used.

Kiita takes your privacy seriously, but it is important for you to appreciate that the site provides extensive links to other independent sites. This policy applies only to direct accesses to Kiita website- URLs starting www.kiitafoundation.com. You will need to consult the appropriate information on other sites for information on their policies. Any changes to this privacy policy will be posted to this page. It was last updated on 10 June 2024

Our use of your information

Logged information about page requests is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept indefinitely.

Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site or other computing equipment at Kiita.

Data may incidentally be included in information passed to contractors and computer maintenance organizations working for Kiita, in which case it will be covered by appropriate nondisclosure agreements.

Summary statistics are extracted from this data and some of these may be made publicly available, but those that are do not include information from which individuals could be identified.

Otherwise the logged information is not passed to any third party, except if required by law.

Your ability to make changes

You may request deletion of Your personal data at any time by emailing info@kiitafoundation.com.

Your personal data and Kiita

When You visit any of the websites within Kiita domain we hold certain information about You for service and security reasons. For more information on this, please contact info@kiitafoundation.com.

Using Kiita Connect

Kiita Connect is an online service provided free of charge for Kiita alumni and current students. All potential users will be verified with their email address during the registration process before being granted full access to the site. Kiita reserves the right to refuse access to anyone who misuses the site in any way.

This service is operated under contract by Aluminati Network Group Ltd. (Aluminati) acting under instruction as our Data Processor under the Data Protection Act 1998. Aluminati will process personal data strictly for the purposes of operating this service.

Aluminati is registered with the Information Commissioner under membership number Z8393842.

Acceptable Use Policy

  • Users are responsible for complying with Kiita Foundation policies when using Kiita Foundation or Kiita Connect information resources and/or on Kiita Foundation time. If requirements or responsibilities are unclear, please seek assistance at info@kiitafoundation.com.
  • Users must promptly report harmful events or policy violations involving Kiita Foundation assets. Events include, but are not limited to, the following:
    • Technology incident: any potentially harmful event that may cause a failure, interruption, or loss in availability to Kiita Foundation
    • Data incident: any potential loss, theft, or compromise of Kiita Foundation information.
    • Unauthorized access incident: any potential unauthorized access to a Kiita Foundation
    • Facility security incident: any damage or potentially unauthorized access to a Kiita Foundation owned, leased, or managed facility.
    • Policy violation: any potential violation to this or other Kiita Foundation policies, standards, or procedures.
  • Users should not purposely engage in activities that may
    • harass, threaten, impersonate, or abuse others;
    • degrade the performance of Kiita Foundation
    • deprive authorized Kiita Foundation Users access to a Kiita Foundation website
    • obtain additional resources beyond those allocated;
    • or circumvent Kiita Foundation computer security measures.
  • Users should not download, install, or run security programs or utilities that reveal or exploit weakness in the security of a system. For example, Kiita Foundation Users should not run password cracking programs, packet sniffers, port scanners, or any other non-approved programs on any Kiita Foundation assets
  • All inventions, intellectual property, and proprietary information, including reports, drawings, blueprints, software codes, computer programs, data, writings, and technical information, developed on Kiita Foundation time and/or using Kiita Foundation assets are the property of Kiita Foundation.
  • Use of encryption should be managed in a manner that allows designated Kiita Foundation Users to promptly access all data.
  • Kiita Foundation websites are provided to facilitate Kiita Foundation business and should not be used for personal financial gain.
  • Users are expected to cooperate with incident investigations, including any federal or state investigations.
  • Users are expected to respect and comply with all legal protections provided by patents, copyrights, trademarks, and intellectual property rights for any software and/or materials viewed, used, or obtained using Kiita Foundation websites
  • Users should not intentionally access, create, store or transmit material which Kiita Foundation may deem to be offensive, indecent, or obscene.


Kiita Connect Social Sign In: Privacy Notice

This privacy notice provides you with details of how we (Aluminati Network Group Ltd) collect, process and store your personal data when you access the Aluminate service (the ‘Service’) via this third-party application (‘App’).

LAWFUL BASIS AND PURPOSE OF PROCESSING

Aluminati processes your data in order to perform its contract, with the institution or organisation, to provide you with the Service. We will process your information for the following purposes;

  • To verify your details in order to provide you with access to the Service
  • To improve your onboarding experience onto the Service
  • To increase your accessibility to the Service

We will only use your personal data for the purposes listed above unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing. We may process your personal data without your knowledge or consent where this is required or permitted by law.

By accessing the Service through this App, you agree to the collection and use of information in accordance with this privacy policy.

If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (www.ico.org.uk) however we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Email: privacy@aluminati.net

Tel: 01638 676 232

WHAT PERSONAL DATA WE COLLECT

Personal data is any information capable of identifying an individual and does not include anonymised data. We may ask you to provide us with or automatically collect certain personally identifiable information that can be used to contact or identify you, including:

  • Identity & Contact Data may include your first name and last name
  • Contact Data may include your email address
  • Technical Data may include your cookie data, information such as your device's internet protocol address (e.g., IP address), browser type, browser version, the time and date of your visit, unique device identifiers and other diagnostic data

We do not collect any sensitive data about you including details about your race or ethnicity, religious beliefs, sexual orientation, political opinions, trade union membership, health, criminal convictions and offences.

YOUR RIGHTS

For data processed under the lawful basis of ‘performance of a contract’, you;

  • DO have the right to; be informed, request access, data portability, data rectification, restriction processing, erasure if there is no overriding ‘legitimate interest’ for continuing to process the data
  • DO NOT have the right to object

To exercise these rights please email privacy@aluminati.net. We will likely have to request information from you to confirm your identity in order to ensure we are following instructions from the actual data subject concerned. No fee is payable for the exercise of these rights unless the request is clearly unfounded, repetitive or excessive in which case we may also legally refuse your request.

For more information on individual rights under the GDPR, go to the following site: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr

You have the right to lodge a complaint to the supervisory authority (the Information Commissioners Office); if you believe we are processing your data unfairly.

DISCLOSURES OF YOUR PERSONAL DATA

We may have to share your personal data with third parties including:

  • Our service providers who provide IT, hosting and system administration services
  • Professional advisers including lawyers, bankers, auditors, insurers, financial advisers and corporate finance advisers who provide consultancy, banking, legal, insurance, accounting and financial services
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
  • Third parties to whom we sell, transfer, or merge parts of our business or our assets
  • We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

INTERNATIONAL TRANSFERS

We make active efforts to engage in service providers who are based within the European Economic Area (EEA). Where this is not possible, we may need to engage service providers resulting in your personal data being transferred outside the EEA. Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.

If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.

In addition to the above, your data may be temporarily transferred outside of the EEA during the course of our staff travelling abroad with personal data (for example meeting contact information and emails). There are appropriate safeguards in place to ensure the protection of your data - including encryption rendering the data unreadable in the case of loss or theft.

DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

DATA RETENTION

We will only retain personal data for as long as we need to fulfil the specified purposes we have collected it for as well as for satisfying legal, accounting, audit, or reporting requirements.

By law, for tax purposes, we have to keep certain data about our customers for six years after they cease being customers.

COOKIES & THIRD PARTY LINKS

We use cookies as described in the section above on how we use your data. If you choose to disable cookies in your browser certain parts of our service will cease to function.

Links from our website or other communications may link to third-party destinations over whom we have no control and do not take responsibility for their privacy statements or behaviours. Please read the privacy notice of these sites to understand their data policies.

Name and contact details of the data controller and data protection officer
Data Controller: Aluminati Network Group Ltd.
Address: Hyperion House, The Oaks, Newmarket, Suffolk, CB8 7XN
Data Protection Officer: Daniel Watts
Contact Details: privacy@aluminati.net