Kirkby Microwave Logo

Kirkby Microwave Privacy Notice

Introduction

The Guide to the General Data Protection Regulation (GDPR) forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018).

Most of this document is about personal privacy - i.e. that of an individual person, which is covered by the GDPR. Please also note we have a section about confidentiality for commercial, military and university customers too. This does not fall within the GDPR, but Kirkby Microwave takes confidentiality seriously.

Kirkby Microwave's privacy notice sets out the information summarised in the list below. For a more complete explanation of the key concepts, please consult the Information Commissioner's Office (ICO) website.

  1. Who we are
  2. What is personal data?
  3. Principles of our approach to processing personal data.
  4. The categories of personal data Kirkby Microwave collect
  5. How that personal data is collected
  6. Our legal basis for processing your personal data and how we use that personal data
  7. Who we may share your personal data with
  8. Transfer and processing of your personal data outside the European Economic Area
  9. How long we will hold your personal data for
  10. Your rights
  11. Our communications, the Website and cookies
  12. How to contact us if you require clarification, or have a complaint about our Privacy Notice
  13. Where to complain if you have a concern about the way Kirkby Microwave is handling your personal information, and have been unsatisfied by our response.
  14. Privacy to commercial, university and military customers - not personal information.
  15. Changes to this Privacy Notice

1. Who we are

Kirkby Microwave is a company based in the United Kingdom. We are registered in England and Wales as company number 08914892 Our registered office, which is also the address we should be contacted at, is:

Kirkby Microwave Ltd
Stokes Hall Lodge
Burnham Rd
Althorne
Chelmsford
Essex
CM3 6DT
United Kingdom

Kirkby Microwave is registered with the Information Commissioner's Office as a "data controller". Our Data Protection Registration Number is ZA444902 Being a "data controller" means we determine the purposes and means of processing "personal data". We do not use the services of a "data processor". A company of our size is not required to appoint a data protection officer, but we have done so, the details of which are given if you click the link to our registration number.

2. What is personal data?

The formal definition of personal data is information relating to people who can be identified or who are identifiable, directly from the information in question, or who can be indirectly identified from that information in combination with other information. For a more complete description of what is personal data, please consult the ICO website.

A name is personal data, as are an address, telephone number or email address. There are many less obvious pieces of personal data too, such as the IP address from which a browser connects to a web server.

3. Principles of Kirkby Microwave's approach to processing personal data

The following seven principles lie at the heart of our approach to processing personal data

  1. Lawfulness, fairness and transparency
  2. Purpose limitation
  3. Data minimisation
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality (security)
  7. Accountability

The categories of personal data Kirkby Microwave collect

Kirkby Microwave may collect the following categories of personal data about you. The type of personal data collected depends on our relationship with you.

4.1 If you only browse our website, and make no contact by email, telephone or post

Your IP address will be recorded, along with the date and time of your visit, the browser you use, your operating system, what pages you attempted to view.

4.2 If you contact us by email, telephone, by post or in person, we may additionally collect the following categories of personal information

Your name and contact information such as postal address, email address and telephone number(s).

4.3 If you are a customer

If you purchase a product from us, either from our website, via eBay or bank transfer, we will need to obtain at least some of the following information.

5. How that personal data is collected

We may collect your personal data or you may provide it to us through various means, including:

  1. You communicate to us by telephone, post, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
  2. Provided to us by eBay, PayPal or Amazon, if you have purchased via one of those services.
  3. Collected via closed-circuit television monitoring in our offices.
  4. Our website runs on a server running the Debian Linux operating system, using Apache as the web server software. Apache creates log files, collecting some information. A typical line from the web server log would be as below.

    192.168.1.10 - - [09/Aug/2018:23:49:23 +0000] "GET /hp8753/ HTTP/1.1" 301 890 "https://www.google.com/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"

    The above shows the date and time someone visited our website, their IP address (which we have anonymised), the browser they were using, the operating system they were using, in addition to some other information. For full details about the Apache Log Files then the Apache documentation should be consulted.
  5. We also sometimes obtain personal data from posting on internet forums, including, but not limited to We do not use any automated software to scrape email addresses from such forums.
  6. From publically available registers. A typical case we might use this is if someone posts to a forum giving some information, but not enough to contact you, we may attempt to obtain more contact information from any legal sources on the internet.

We never buy email addresses, telephone numbers of other contact information, and never sell such information.

6. Our legal basis for processing your personal data and how we use that personal data

We may process your personal data for the following purposes:

  1. To comply with our legal obligations.
  2. Providing professional services to you.
  3. Providing goods to you.
  4. For security purposes.
  5. For marketing purposes, which will be targeted to one individual, written by a human, and not processed by any computer.
  6. Dealing with any complaints or feedback you may have.
  7. Inspection of log files generated by web server is necessary to ensure the smooth running of the website and would be standard practice for any competent web server administrator. In particular, the log indicates "404 errors" if a page is not found. Kirkby Microwave never attempts to use the IP address to help identify an individual, despite that may be possible in some instances.

7. Who we may share your personal data with

  1. Our accountant.
  2. A courier to enable goods to be transported.

8. Transfer and processing of your personal data outside the European Economic Area

  1. We often use UPS and FedEx as couriers but retain the right to use any courier we see fit. Both UPS and FedEx are US companies.
  2. Approximately half of our customers are outside the European Economic Area. When dispatching goods we provide no more than is required to transport the goods but will include an invoice and calibration certificate.

9. How long we will hold your personal data for

The nature of the data determines the period the data is retained for.

  1. Logs from the Apache web server, which contain personal data, but not sensitive personal data, will be deleted within 90 days or less. This duration gives us sufficient time to perform statistical analysis but is not excessive.
  2. We keep financial records for 7 years.

10. Your rights

The GPDR provides the following rights for individuals.

  1. The right to be informed about the collection and use of personal data. This is a key transparency requirement under the GDPR.
  2. The right of access Individuals have the right to access their personal data.
  3. The right to rectification if personal data is inaccurate or incomplete.
  4. The right to erasure - often called the right to be forgotten.
  5. The right to restrict processing
  6. The right to data portability We will provide data as .csv files if needed.
  7. The right to object to the processing of their personal data in certain circumstances.
  8. Rights in relation to automated decision making and profiling. Kirkby Microwave does not process data in this way.

Please email contact details if you would like to action any of your rights above. You should note that these rights are not absolute, and we may be entitled (or required) to refuse requests where exceptions apply.

11. Our communications, the Website and cookies

  1. The Terms and Conditions of use of our website are given on another page. If you do not find those acceptable, please do not use our website.
  2. As stated in our cookie policy Kirkby Microwave do not currently use any cookies.
  3. We do not use any javascript, which can be a security risk, allowing private data to be taken.
  4. We use SSL to secure the connection, would make it very difficult for a third party to inject code that steals your personal information.
  5. We use an Extended Validation (EV) SSL certiciate, which is normally only used by banks, building societies and other financial institutions such as PayPal. You should see our company name in your browser, similar to that shown in this photograph, with a green padlock.
    Green padlock of an EV SSL certificate
    It should show Kirkby Microwave Ltd (GB) in green. This should give you the assurance you are on the Kirkby Microwave website, and not some imposter. (Due to the limitations of the screen size on devices like mobile phones, you will not see the text, but should still see the green padlock.) If you inspect our SSL certificate, which was issued by Comodo, you will see it says

    Owner: Kirkby Microwave Ltd

    whereas most SSL certificates indicate that no ownership information is provided.
  6. e-mail is inherently quite insecure, as the data is sent unencrypted across multiple computers. In the event you need to send us a secure email, we would be willing to use OpenPGP

12. How to contact us if you require clarification, or have a complaint about our Privacy Notice

If you have any queries, please contact page. We are confident that almost any problem can be resolved.

13. Where to complain if you have a concern about the way the Kirkby Microwave is handling your personal information, and have been unsatisfied by our response

We would like to think that we can resolve any privacy concerns you have with us, but if you are unsatisfied with our response, you can make a complaint about your personal information concerns to the Information Commissioner's Ofice

14. Confidentiality for commercial, military and university customers.

Kirkby Microwave's customers fall into 4 categories:

With only a couple of rare exceptions, which have the full consent, we do not provide any information about previous customers. Those two exceptions are:

Occasionally we get asked for previous customers that someone can contact for references. We do not provide such information. Whilst you will often find other companies listing their previous customers, we never do this. If you purchase anything from us, or we provide you consultancy services, we will not divulge that information to any other party.

15. Changes to this Privacy Notice

We may update this Privacy Notice at any time. It is your responsibility when using the website to make yourself aware of any changes. We will update the date of the privacy notice.

This privacy notice was last updated on 11th August 2018

Valid XHTML 1.0 Strict