This Privacy Policy governs the website kinabase.com, all related software and services linking to this Privacy Policy (collectively, “Kinabase”), and all related communications such as email and phone calls. It explains how we collect, use, store, share, and protect personal data and, where applicable, Google user data or data provided by other external providers.
We are committed to compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018.
We are registered with the UK Information Commissioner’s Office (ICO) under registration number ZB254642.
By using Kinabase, you acknowledge that you have read and understand this Privacy Policy. During sign-up, you may be asked to give specific consents (e.g., to store certain data, to sync with a particular Provider), which you can withdraw at any time as described below.
For the purposes of this Policy, we may integrate or work with various External Providers (“Providers”). These Providers could include, but are not limited to:
We only integrate with these Providers to enhance user-facing functionality within Kinabase, in accordance with applicable data protection laws and the Providers’ own Terms of Service and Privacy Policies.
Any references to “Providers” in this Privacy Policy apply equally to Google, Microsoft, OpenAI, and other similar external providers we may use.
Account Registration: When creating a Kinabase account, we collect information such as your name and email address.
Contact & Profile Data: If you input additional profile information, such as a phone number or physical address, we store that data to provide our services.
Data Uploaded to Kinabase: This might include lists of users, files, or other data (collectively, “User Content”) that you choose to store.
If you choose to connect your Kinabase account with any Providers (e.g., syncing with Google Drive or Microsoft SharePoint), we may collect and store data from or about your account with those Providers for the purposes of providing you functionality.
We only request the minimum permissions necessary to provide or improve Kinabase’s user-facing features and do not use such data for other purposes.
We use a third-party payment processor (Stripe) to handle transactions. Payment details are encrypted and sent directly to the processor. We do not store full card details on our servers.
We may use cookies and similar technologies to enhance user experience, manage sessions, and analyse site traffic, with information stored in the UK. Where required by UK data protection and ePrivacy regulations, we obtain consent for non-essential cookies.
We use analytics tools to improve our service, which do not use cookies.
We use personal data, including any data from Providers, for the following purposes:
Creating and managing user accounts. Processing and synchronizing data (e.g., syncing external contacts). Facilitating user requests, such as search, retrieval, or organization of your data.
Sending account-related messages (e.g., service updates, billing notices). Sending newsletters or promotional messages, where you have consented. You can unsubscribe at any time.
Protecting our rights, privacy, safety, or property, and that of our users. Detecting, preventing, or addressing fraud, security, or technical issues.
Where you explicitly authorize us to share or integrate your data with Providers’ services, we do so solely to provide functionality you have requested.
Complying with applicable laws, regulations, and legal processes (e.g., responding to lawful requests by public authorities).
We do not sell data to third parties - this includes any Provider data (such as Google).
We engage carefully selected third-party service providers (such as hosting, payment processing) that process data on our behalf. These entities are contractually obligated to maintain confidentiality and security over the data.
Where you integrate a Provider into your Kinabase experience, certain data may be shared with that Provider to facilitate the requested functionality (e.g., document syncing). This sharing is limited to what is necessary for that integration.
If Kinabase undergoes a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction, subject to appropriate confidentiality obligations.
We may disclose user data if required by law or if we believe in good faith that such disclosure is necessary to protect our rights, ensure the safety of others, or investigate fraud or legal violations.
We retain personal data, including any data obtained from Providers, only for as long as needed to fulfill the purposes described in this Policy unless a longer retention period is required by law.
You can request deletion of your personal data at any time. Upon receiving a verified request, we will delete or anonymize your data promptly, unless we are required to keep it for legal or compliance purposes.
Some data may remain in backup or archival storage for a limited period, subject to our backup policies, but will be securely protected and eventually deleted or anonymized in line with this Policy.
All communication between your browser and Kinabase is protected by SSL encryption (HTTPS).
We do not store full payment details on our systems; they are handled by PCI DSS-compliant third-party providers such as Stripe.
Our servers are located within the United Kingdom. If data is transferred outside the UK, we use appropriate safeguards to ensure your rights and freedoms remain protected.
We apply strict access controls, limiting data access to authorized personnel who need it for operational purposes.
Under the UK GDPR and the Data Protection Act 2018, you have:
To exercise your rights or make requests, please email info@cambridgekinetics.com with the subject line “GDPR Request.”
We reserve the right to modify or update this Privacy Policy at any time to reflect changes in our practices or services. Any significant changes will be posted on this page with an updated Effective Date, and we will provide email notification to registered users at least 30 days prior to the changes taking effect.
If you have questions or comments about this Privacy Policy, or wish to exercise any of your rights, please contact us at:
Version: KIN-0004-GD-B
Last updated: 16 Jan 2025