Privacy Policy

Last revised 7 February 2024

PRIVACY POLICY

This Policy and any other policies referred to in it sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.

By visiting https://www.korukids.co.uk/ or our app (the “Platform”) you are accepting and consenting to the practices described in this Policy.

1. WHO WE ARE AND HOW TO CONTACT US

https://www.korukids.co.uk/ is a Platform operated by KORU KIDS LTD, a company incorporated and registered in England and Wales with company number 10047637, with a registered address at 128 City Road, London, EC1V 2NX, England, and any subsidiaries (Rua Kids Ltd, a company incorporated and registered in England and Wales with company number 12959060 with a registered address at 128 City Road, London, EC1V 2NX, England, is a subsidiary of Koru Kids Ltd) (“we“, “us” or “our“).

2. CONTROLLER

We are the controller and responsible for controlling your personal information as set out in this Policy.

3. CONTACT

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please email support@korukids.co.uk.

You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

4. INFORMATION WE MAY COLLECT ABOUT YOU

We may collect and process your personal information. For the purpose of the Data Protection Legislation, personal information includes any information about an individual from which that person can be identified. It does not include data where the identity has been removed.

We may collect, and process (within the meaning of the Data Protection Legislation) different kinds of personal information about you which we have grouped together as follows:

Identity Data	includes first name, last name, username or similar identifier, title, date of birth and gender, job title, and company name, emergency contact name and right to work in the UK
Contact Data	includes address, home address, e-mail address and telephone numbers, emergency contact information
Financial Data	includes bank account and payment card details; payroll with HMRC, national insurance number
Technical Data	includes internet protocol address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Platform
Profile Data	includes your username and password, your interests, preferences, feedback and survey responses (if applicable)
Security Data	includes contact details, student status, work availability, right to work details, experience information, references’ information, skills like languages, personal features like age and gender, interview notes, training assessment data, preferences for matches, consents, medical information where provided, DBS/first aid status, and visa information where relevant, proof of ID and proof of address Security Data may include some Sensitive Data, which is described in paragraph 5 below
Usage Data	includes information about how you use our Platform, such as the type of content or services that you view; the features that you use; the actions you take; frequency and duration of your activities; content that you share with other users through our messaging tools
Marketing and Communications Data	includes your preferences in receiving marketing from us and our third parties and your communication preferences
Aggregated Data	Includes: behavioural data like how you move through our Platform, as well as information that you give us regarding what you are looking for in terms of a match via the Platform; nannies’ shifts data and families approving rejecting shifts; and information about the nannies’ parental status which may be displayed on their profile Other aggregated Data may be derived from your personal information but is not considered personal information in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Platform feature. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this Policy

5. SENSITIVE AND SECURITY DATA

As part of our services, we will collect and process your sensitive personal data which may include, but shall not be limited to (including activities in relation to children’s data) race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data (the “Sensitive Data”). We understand that sensitive personal data requires more protection than other personal data. Collection and processing of such data is necessary in accordance with our legal obligations in connection with: (i) employment, in relation to the nannies; and (ii) our services, in relation to our customers and childminders and assistants. We undertake to handle personal sensitive information with care and only for as long as necessary.

In relation to the nannies, childminders and assistants, as part of the recruitment process, we have the right to conduct a criminal record check which is processed by the Disclosure and Barring Service (DBS). Such checks will also include information held on the DBS’s children’s and adult’s barred lists, information held by the local police that contains data relevant for the job with the Company. We conduct DBS checks because we are under a legal obligation under the relevant legislation. DBS checks assist us in making the recruitment process safer.

In relation to the nannies, where appropriate, we will seek your consent from the outset to carry out a DBS check, however since you will be working with children, we may carry out DBS checks by relying on the conditions set out in Schedule 1 to the Data Protection Act 2018, pursuant to which the processing of criminal convictions data is necessary for the purpose of performing or exercising obligations or rights which are imposed or conferred by law on us in connection with employment for the purposes of carrying our business. It is a condition to processing of the criminal convictions data that we have an appropriate policy document in place. Therefore, you must read this policy in detail and contact us if you have any questions or concerns.

In relation to our customers, we collect personal information relating to children in order to ensure that our nannies, childminders and assistants provide the best possible care and the support required. This entails processing personal sensitive information to such extent as may be necessary in connection with the services. Information about the types of special categories of customers’ data which we may process, purposes of processing and other relevant information is contained in the consent form which we will provide to you prior to providing the services. You may also find a list of sensitive personal information which we process in the table below. Children over the age of 13 are capable of consenting to processing of their personal sensitive data. Accordingly, we have ensured that the relevant consent form is in a child-friendly format. You are required to read the relevant consent form carefully and, if there is anything you do not understand, you may contact us at the address provided in paragraph 19 below.

In relation to the Security Data, when we are required to process Security Data, we will ask you to upload such data through a secure platform, then we store these documents securely while we process them. We usually process these documents within three days, but we are permitted to hold such documents for as long as necessary in accordance with the legislation.

In the event that we need to collect personal information by law and you fail to provide that data if and when requested, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

We may process Aggregated Data in order to improve the quality of the matches that we make (in terms of nanny and family satisfaction, and duration of the match) and also to improve the efficiency of our match making.

6. HOW IS YOUR PERSONAL INFORMATION COLLECTED?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, e-mail or otherwise. This includes personal information you provide when you:
Automated technologies or interactions. As you interact with our Platform, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal information by using cookies, server logs and other similar technologies.
Third parties or publicly available sources. We do not control, supervise or respond for how long third parties providing your information process your personal information, and any information request regarding the disclosure of your personal information to us should be directed to such thirds parties. We may receive personal information about you from various third parties and public sources as set out below:
We may also match personal information that you provide to us directly with other information about you obtained from or held by third party sources (such as social media platforms). This may include your contact details, demographic data, your social media interactions, preferences, shopping habits, interests, geographic location and age or age range. We may use this personal information to tailor and show advertisements more relevant to you either on our website/app or on third party websites (including social media platforms)

7. INFORMATION WE RECEIVE FROM OTHER SOURCES
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out below (depending on the types of information we receive).

8. LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION

Generally, we do not rely on consent as a legal basis for processing your personal information other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

ACTIVITY	TYPE OF DATA	PURPOSE
To manage our relationship with you which will include: (a) notifying you about changes to our terms or privacy policy; or (b) providing you with our latest factsheets and newsletters.	(a) Identity (b) Contact	Necessary for our legitimate business interests and your interests and fundamental rights do not override those interests Necessary to comply with a legal or regulatory obligation
To prevent unlawful activities; to enforce our Terms of Use; or our Terms and Conditions	(a) Identity (b) Contact (c) Usage	Necessary to comply with our legal or regulatory obligation and to protect against fraudulent or suspicious activities (e.g. spam, viruses, phishing or other illegal activities)
To recruit nannies childminders and assistants to provide the services	(a) Identity (b) Contact (c) Security Data (d) Sensitive Data	Necessary for the purpose of providing our services Necessary to comply with our legal or regulatory obligation
To communicate with the families with a view of finding a suitable nanny or childminder	(a) Identity (b) Contact (c) Financial (d) Usage	Necessary for the purpose of providing our services
To deliver relevant website content and advertisements (if you opted in) to you and measure or understand the effectiveness of marketing we serve to you	(a) Identity (b) Contact (c) Usage (d) Marketing and Communications	Necessary in the interest of our business to enable us to give you the best service and the best and most secure experience
Personal data processed by Typeform for the following purposes: Feedback from users Nanny training Matching between nannies and families Nanny recruitment Scheduling	(a) Identity (b) Contact (c) Security Data	For the purposes of testing our software Necessary for our legitimate interests and your interests and fundamental rights do not override those interests
To share data between nannies or childminders and families	(a) Identity (b) Contact	Necessary to match nannies with families for the purpose of providing the services
To facilitate a more accurate nanny-family match or childminder-family	About the family: (a) limited personal information: location, number of kids, kids age, kids’ schools. (b) childcare requirements (e.g. days, times, language preferences, cooking preferences. optional: descriptive information about the family, a photo. (c) Identity (d) Contact (e) Usage About the nanny or childminder or assistant : (a) experience, interests, hobbies, other pastimes, student status, availability for interview, availability to work, travel preferences. Information regarding background, photos. (b) Identity (c) Sensitive Data (d) Aggregate Data (e) Usage	This sharing goes both ways – meaning you will likely receive such information on other users. This method of sharing limited personal data is essential for the operation of our business. However, we consider each data transfer separately, to ensure that the fundamental rights are not infringed You are not permitted to disclose any personal data other than on our specific written instructions from us.
investigating and resolving any potential complaints	(a) Identity (b) Contact (e) Usage
To administer an employment contract, direct debit and payment to nannies	(a) Identity (b) Contact (c) Financial
To administer a contractor’s contract and payment to childminders and assistants	(a) Identity (b) Contact (c) Financial
To progress a candidate childminder’s application to become a childminder	(a) Identity (b) Contact (c) Security Data	Necessary to progress and receive necessary approvals for a candidate childminder’s application to become a childminder

We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at support@korukids.co.uk.

We will also use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

to deliver our services;
to develop, test and improve our services;
to test and troubleshoot out Platform;
to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our services and promote safety and security for the users accessing our Platform;
to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;
from time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail. We may use the information to customise the Platform according to your interests;
to notify you about changes to our services of the terms governing the provision of our services; and
to ensure that content from our Platform is presented in the most effective manner for you and for your computer.
if you contact us by phone, we may take notes during the call and transfer them into our systems. All such data will be handled in accordance with this Policy.

9. CHANGE OF PURPOSE

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

10. DISCLOSURES OF YOUR PERSONAL INFORMATION

We may have to share your personal information with the following parties:

HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances in connection with the services that we provide;
Government organisations such as Ofsted, Local Authority Councils and third parties in order to facilitate registration of candidates as childminders.
law enforcement agencies in connection with any investigation to help prevent unlawful activity;
any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
Our business partners in accordance with the Marketing section;
third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this Policy;
business partners, suppliers, insurance companies and subcontractors for the performance of any contract we enter into with you;
advertisers and advertising networks that require the data to select and serve relevant adverts to you and others; or
analytics and search engine providers that assist us in the improvement and optimisation of our Platform.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

If you are supplying us with an emergency contact’s details, you confirm that you have that person’s permission to provide us with their details. Any emergency contact information will thereafter be treated as an extension of your personal data (as Contact and Identity Data).

For the purpose of providing our services, we use subcontractors which include, but are not limited to, Verifile, PAYEforNannies, Smart Pension, Payroll Services UK, GoCardless and Telleroo. We only share limited personal data with these third parties on the basis of our legitimate business interests for the purposes of providing our services.

Sharing for the purposes of matching and emergency childcare

In order to make a match for you, we need to share information about you with potential nannies, childminders, assistants and families. We share the minimum information necessary for a nanny, childminder, assistants or a family to make a good decision about whether they would like to proceed to an introduction with you.

For childminders only: In order to make sure you have an emergency back-up system in place, we might pair you with another Koru Kids childminder. We might need to share information about you with this person and the families of the children this person is looking after so they can contact you, and you can contact them if needed.

This minimum information might include the following data you have given us:

Nannies	includes contact details, student status, work availability, experience information, quotes from references, skills like languages, personal features like age and gender, our impressions, preferences for matches, medical information (only if a valid consent is given), and DBS/first aid status.
Childminders	includes contact details, work availability, experience information, skills like languages, personal features like age and gender, our impressions, preferences for matches, medical information (only if a valid consent is given), DBS record and first aid status.
Assistants	includes contact details, work availability, experience information, skills like languages, personal features like age and gender, our impressions, preferences for matches, medical information (only if a valid consent is given), DBS check and first aid status.
Families	includes contact details, postcode, days and times required, match preferences (including nanny experience, personality, skills such as languages /driving /cooking), lifestyle information, children’s ages, genders, allergies or other relevant medical information, special or additional needs, schools. We ask for your child’s full date of birth to ensure our records are always accurate, as this allows us to provide a tailored service to your family, and ensure the best possible matches between you and any nannies you hire with us.

MARKETING

Please note that if you register on our Platform, we will, as part of the service, send you periodic newsletters by email, which are not marketing and advertising, but an integral part of our service.

We comply with the direct marketing requirements of the Privacy and Electronic Communications Regulations. When considering marketing directed to children, we take into account their reduced ability to recognise and critically assess the purposes behind processing and the potential consequences of providing their personal information.

If you receive marketing emails and don’t want to in future, please use the unsubscribe link within the email and we will remove you from future campaigns.

COOKIES

To learn more about Cookies we use, please visit https://www.korukids.co.uk/cookie-policy.

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular platform. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

Overall, cookies help us provide you with a better Platform, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can set your browser to refuse all or some browser cookies, or to alert you when platforms set or access cookies. If you disable or refuse cookies, please note that some parts of this Platform may become inaccessible or not function properly.

All Cookies used by and on the Platform are used in accordance with the Data Protection Legislation. We may use some or all of the following types of Cookies:

Strictly Necessary Cookies

A Cookie falls into this category if it is essential to the operation of the Platform, supporting functions such as logging in and payment transactions.

Analytics and Customisation Cookies

It is important for us to understand how you use the Platform, for example, how efficiently you are able to navigate around it, and what features you use. Analytics Cookies enable us to gather this information, helping us to improve the Platform and your experience of it.

Functionality Cookies

Functionality Cookies enable us to provide additional functions to you on the Platform such as personalisation and remembering your saved preferences. Some functionality Cookies may also be strictly necessary Cookies, but not all necessarily fall into that category.

Targeting Cookies

It is important for us to know when and how often you visit the Platform, and which parts of it you have used (including which pages you have visited and which links you have visited). As with analytics Cookies, this information helps us to better understand you and, in turn, to make the Platform and advertising more relevant to your interests.

Third Party Cookies

Third party Cookies are not placed by us; instead, they are placed by third parties that provide services to us and/or to you. Third party Cookies may be used by advertising services to serve up tailored advertising to you on the Platform, or by third parties providing analytics services to us (these Cookies will work in the same way as analytics Cookies described above).

Persistent Cookies

Any of the above types of Cookie may be a persistent Cookie. Persistent Cookies are those which remain on your computer or device for a predetermined period and are activated each time you visit the Platform.

Session Cookies

Any of the above types of Cookie may be a session Cookie. Session Cookies are temporary and only remain on your computer or device from the point at which you visit the Platform until you close your browser. Session Cookies are deleted when you close your browser.

WHERE WE STORE YOUR PERSONAL INFORMATION AND INFORMATION TRANSFERS

Our primary database is Heroku. Please visit Heroku’s privacy policy at https://www.heroku.com/policy/security to learn how Heroku processes personal data.

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

Typeform https://www.typeform.com/ collects and processes personal data on our behalf in accordance with its privacy policy which is available at https://admin.typeform.com/to/dwk6gt/ and for the purposes set out in the table above. Once the data is collected by Typeform, it is immediately transferred to our internal systems (Google Drive) and erased from the third Typeform’s servers within 24 hours.

We also use other third party service providers:

Advertising, direct marketing and lead generation	Google AdSense, Customer.io, Viral Loops, Airtable
Allow users to connect to their third party accounts	Facebook, Google
Communicate and chat with users	Intercom, Yay.com, Front App, Twilio, Front, Calendly, Whatsapp, Acuity, MixMax, Postmark, Airtable, Send Grid
Signing digital contracts	Dropbox Sign
Content optimisation	YouTube video embed
Functionality and infrastructure optimisation	Zapier, Coupler
Invoice and billing	Stripe, GoCardless, Telleroo
Retargeting platforms	Google Ads Remarketing
Social Media sharing and advertising	Facebook Advertising
Web and Mobile analytics	Hotjar, Google Analytics, Bing Analytics, Amplitude
Website testing	Optimizely
Referral tracking	Viral Loops
Mobile product analytics	Amplitude
User research	Lookback, Airtable
Training	Thinkific, NoodleNow , Tiger Lily
Invoicing and billing users via direct debit for services	GoCardless, Xero, Directli
Administrating payment	Staffology, Telleroo
DBS checks	Verifile
Credit checks	Mud Hut
HR management	CharlieHR, Deputy, Rippling

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access and will ensure that any third party receiving your personal data adopts such appropriate measures necessary to safeguard your personal data.

Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it. We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission.

INFORMATION SECURITY

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

DATA RETENTION

How long will you use my personal information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transactional Data) for 6 years after they cease being customers for tax purposes.

In some circumstances we may anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

YOUR LEGAL RIGHTS

Some feedback information you may provide to us relating to an individual may, in some cases, be shared with that individual upon their request. For example, if you’re a parent and you provide us with feedback on your nanny’s performance, such information will generally be considered as personal data relating to that individual. We will generally keep such information confidential by default. However, we may be required by law to share this information with the nanny down the line should they choose to exercise their data subject access rights. The same would also apply in reverse. We recognise that the party which provided the feedback/appraisal/reference information has their own right to privacy. Where possible, we will seek to balance both parties’ rights by anonymising such data prior to sharing it.

Under certain circumstances, you have rights under the relevant data protection laws in relation to your personal information. Please see the information below to learn more about your legal rights:

Right to rectification
if your personal information is incorrect or incomplete any way, you may notify a person dealing with your matter and where inaccurate or incomplete, we will correct it without delay.

Right of access
you may request a confirmation from us that we are processing your personal information;
access your personal information held by us and request a copy (unless providing a copy adversely affects the rights and freedoms of others);
obtain certain information about how we process your personal information, categories of personal information processed, recipients or categories of recipients who receive personal information from us; and
how long we store your personal information for and the criteria we use to determine retention periods.

Right to be informed
how your personal information is being process;
how long it will be stored for;
the legal basis for processing;
recipients (or categories of recipients) of your personal information; and
whether personal information must be provided under statute or for another reason and the consequences of not providing the personal information to ensure the fair and transparent processing of your personal information.

Right to restrict processing under certain circumstances
if you contest the accuracy of your personal information, we may restrict its processing, until we can verify its accuracy;
if the processing is unlawful;
if we no longer need to process your personal information, unless we still need your personal information for the establishment, exercise, or defence of legal claims; and
if you object to processing that relies on public interest or our (or third party’s) legitimate interest as the lawful processing ground.

Right to data portability
right to receive from us a copy of your personal information in commonly used and machine-readable format and store it for further use on a private devise; and
right to transmit personal information to another third party; or have your personal information transmitted directly from one third party to another where technically possible.

Right not to be subject of automated processing
right not to be subject to automated decision-making, including profiling, which has legal or other significant effects on you. This does not apply when the automated decision is necessary for entering into or performing a contract with you; or it is authorised by EU or member state law applicable to us if the law requires suitable measures to safeguard your rights and freedoms and legitimate interests; or based on your explicit consent.

Right to object to processing
you may object to direct marketing, including profiling related to direct marketing. We will stop processing your personal information once notified by you, except if we can demonstrate a compelling legitimate ground for processing the personal information that overrides your request; or processing is necessary to exercise or defend legal claims.

If we hold information about you, you can request to be provided with a copy of this and to have any inaccuracies corrected where necessary. A copy of this can be requested in writing, or in person at our trading address, which is 12-16 Westland Place, Hoxton, London N1 7LP, or over the telephone on 020 8050 5678.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

DATA RETENTION, ACCOUNT DEACTIVATION AND DELETION

We will not store your personal information for longer than necessary. We will consistently update our records and delete any personal information which:

is outdated;
incorrect; or
whether the grounds for processing have ceased to apply.

This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.

To delete your account please contact support@korukids.co.uk.

THIRD PARTY LINKS

Our Platform may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

HOW TO OPT-OUT FROM OUR COMMUNICATIONS

When creating an account on our platform, you agree to receiving SMS, and email notifications. In certain situations, you also agree to Koru Kids contacting you via WhatsApp.

You can opt-out of SMS and WhatsApp at any time by replying STOP.
You can unsubscribe from our email communications by clicking the ‘Unsubscribe’ link at the bottom of our emails.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to this Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to this Policy.

If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO), Alan Hopley, by email at compliance@korukids.co.uk, or by post to:
Koru Kids Ltd, FAO Alan Hopley, 128 City Road, London EC1V 2NX

By visiting https://www.korukids.co.uk/ or our app (the “Platform”) you are accepting and consenting to the practices described in this Policy.

Policy last reviewed: 17 October 2023

Version 4.3