Kaizen Compliance Solutions is an independent company that provides compliance solutions and training. As part of our business, we collect information about people and companies. The privacy and protection of your data is crucial to us. This privacy statement applies to Kaizencs.com. Kaizen Compliance Solutions provides this statement to describe and explain our information practices and the measures we take to protect your privacy and comply with applicable laws and obligations. This privacy statement does not cover information that has been acquired through downloadable software. This statement of data privacy covers only data and information downloaded through this website, namely kaizencs.com. This statement of data privacy is in compliance with all the relevant Data protection and Privacy Laws of the United Kingdom of Great Britain and Northern Ireland, as well as all relevant data protection laws of the European Union.
General principles and policies
This statement covers all types of external data that Kaizen Compliance Solutions may be in possession of, including information about:
– Kaizen Compliance Solutions clients and their employees;
– Any potential future clients and their employees;
– Any partners of clients who are involved with our clients’ compliance programmes and their employees;
– Individuals and companies identified via a publicly issued list or media reports that may be of interest to Kaizen Compliance Solutions clients.
Where possible and practicable, we notify individuals about the purposes for which we collect and use information about them. This includes information about how individuals can contact us with any inquiries or complaints, the types of third parties to which we disclose the information and the choices and means we offer for limiting its use and disclosure.
Where we hold data as a controller, where practicable we give individuals the opportunity to choose whether certain technologies are used (i.e. cookies) and whether their personal information will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected (or subsequently authorised by the individual). Where we hold data as a processor on behalf of a client, we ensure that the data is secure and processed in accordance with our instructions. We also advise our clients of their obligations.
3. Onward Transfer (Transfers to Third Parties):
Other than onward transfer to clients (as discussed in this statement), and with the exception of disclosures as described in this Policy, Kaizen Compliance Solutions specifically does not share, sell, rent, or trade personally identifiable information with third parties in any way. We may share the personal data you provide with business partners for services such as a hosting or conducting due diligence investigations. These service providers only use the data on behalf of us. We will not sell, rent, or lease to others your personal data. We may also disclose Personal Data as required or permitted by law, or when we believe in our sole discretion that disclosure is necessary or appropriate to protect our rights or to comply with a judicial proceeding, court order, law- enforcement request, or other legal process.
We provide the ability for subjects to correct, amend, or delete information held about them where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. You may correct, amend or delete your information by contacting us at firstname.lastname@example.org. We will respond to your request to access within 30 days at the charge of £10 as permitted by the Data Protection Act 1998. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We take significant technical, administrative and physical steps to protect against unauthorised access to and disclosure of personally identifiable information, including:
– Security policies. We design and support our products and services according to documented security policies and international standards. Each year, we assess our policy compliance and make necessary improvements to our policies and practices.
– Employee training and responsibilities. We take certain steps to reduce the risks of human error, theft, fraud, and misuse of our facilities. We train our personnel on our privacy and security policies. We also require our employees to sign confidentiality agreements.
– Access control. We limit access to information to only those individuals who have an authorized purpose for accessing that information. We terminate those access privileges following job change or termination.
– Data encryption. All electronic transfers of information are done through encrypted connections via SSL encryption. All data is stored on encrypted servers. I don’t know how we are going to do this, so this might need revision.
– Review of Vendors. We have internal due diligence procedures to review the vendors we select and use.
1. Data integrity:
We take reasonable steps to ensure that data we collect is reliable for its intended use, accurate, complete, and current. We do not process personally identifiable information in any way that is incompatible or inconsistent with the purpose for which such information was collected.
We have implemented a strict internal enforcement system that ensures the investigation and resolution of any possible arising conflict.
Specific types of Information collected by Kaizen Compliance Solutions
A. Information collected for Sales and Marketing Purposes
Kaizen Compliance Solutions collects information from our website for the purpose of sales and marketing.
The data we collect may be used to
– Send you newsletters as part of a regular service;
– Respond to your questions and concerns when you use our ‘contact us’ link
– Improve the contents of our website and marketing efforts;
– Conduct research and analysis;
– Display content based upon your interests;
– Allow you to subscribe to our announcements, events or magazines.
We also use the information collected to maintain and upgrade the system. Our technical staff may require periodic access to services data to monitor system performance, test systems, and develop and implement upgrades to systems. Any temporary copies of services data created as a necessary part of this process are only maintained for time periods relevant to those purposes. You may receive information about the data collected on you personally by contacting email@example.com If the data is incorrect you have the right to ask that it is updated.
Due Diligence Reports and information contents
As part of our business to help clients select ethical and trustworthy partners, we are often requested to investigate and compile data about people and companies which our clients consider working with. It is the responsibility of the client company to request your consent to the information being gathered and stored and to inform you of their intentions to use the data and your rights. In certain situations there are reasons of confidentiality or ethics which will mean that consent will not be sought prior to an investigation. Depending on the circumstances, our integrity Due Diligence reports may contain some or all of the following types of information about subject people and companies:
– Addresses of subjects, including at time photographs;
– Corporate Registry information detailing ownership and directorship of companies;
– Media reports including translations and summaries;
– Social media reviews including translations and summaries;
– Transcripts of interviews discussing the reputation of subject companies and people.
In addition some reports may contain information of a sensitive nature such as:
– Criminal and bankruptcy records where this information is available from a government agency;
– Media reports of criminal or other court proceedings;
– Identifying numbers such as passport, driving license or other ID which is used to confirm the identity of subjects.
Our reports may also contain our opinion and analysis the reputation of the subject company. The information collected is used to aid clients when making decisions about the reputation and ethical standards of a partner who they currently or potentially may do business with the information by itself does not form part of an automated review, but is typically used in conjunction with other business related criteria to form a decision. Kaizen Compliance Solutions is bound by strict confidentiality obligations towards our clients. This prevents us from providing said reports or other information regarding these reports to third parties.
Personal Information (possibilities of disclosure)
For the Purposes of Sales and Marketing For the purposes of improving the quality of our services Kaizen Compliance Solutions may or may share collected information with industry organisations. In such cases Kaizen Compliance Solutions will only provide information directly related to the services we provide. These organisations and their employees are prohibited from using that personal information for any other purpose. Kaizen Compliance Solutions will only disclose relevant information if the said industry organisation operates in accordance with the relevant regulations regarding data privacy and the safeguarding of privacy.
Disclosure for other reasons
We may disclose personal information if required to do so by law or in case such action is necessary to comply with legal requirements or with legal process served on us, to protect and defend our rights or property, or in urgent circumstances to protect the personal safety of any individual.
Modifications of this statement
For questions regarding this statement please contact us at: firstname.lastname@example.org
Or via postal mail at the following address:
Kaizen Compliance Solutions
45 King William Street
London, United Kingdom
If we decide to change our privacy statement, we will post those changes to this privacy statement and other places we deem suitable so that you are aware of what information we collect at all times, how we use it, and under what circumstances, if any, we disclose it.
We reserve the right to modify this statement at any time. When we make only minor modifications, we may do so without notifying you. When we make significant modifications, we will notify you in this statement prior to the change becoming effective.
Last Updated: 16 December 2014