Kirkby Microwave Privacy Notice
The Guide to the General Data Protection Regulation (GDPR) forms part of
the data protection regime in the UK, together with the new
Data Protection Act 2018 (DPA 2018).
Most of this document is about personal privacy - i.e. that of an individual person, which is covered by the
GDPR. Please also note we have a section about confidentiality for commercial, military and university customers too. This does not fall within the GDPR, but Kirkby Microwave takes confidentiality seriously.
Kirkby Microwave's privacy notice sets out the information summarised in the list below.
For a more complete explanation of the key concepts, please consult the
Information Commissioner's Office (ICO) website.
- Who we are
- What is personal data?
- Principles of our approach to processing personal data.
- The categories of personal data Kirkby Microwave collect
- How that personal data is collected
- Our legal basis for processing your personal data and how we use that personal data
- Who we may share your personal data with
- Transfer and processing of your personal data outside the European Economic Area
- How long we will hold your personal data for
- Your rights
- Our communications, the Website and cookies
- How to contact us if you require clarification, or have a complaint about our Privacy Notice
- Where to complain if you have a concern about the way Kirkby Microwave is handling your personal information, and have been unsatisfied by our response.
- Privacy to commerical, university and military customers - not personal information.
- Changes to this Privacy Notice
1. Who we are
Kirkby Microwave is a company based in the United Kingdom. We are registered in England and Wales as company number 08914892 Our registered office, which is also the address
we should be contacted at, is:
Kirkby Microwave Ltd
Stokes Hall Lodge
Kirkby Microwave is registered with the Information Commissioner's Office as a "data controller". Our Data
Protection Registration Number is ZA444902
Being a "data controller" means we determine the purposes
and means of processing "personal data". We do not use the services of a "data processor".
A company of our size is not required to appoint a data protection officer, but we have done so, the details of which
are given if you click the link to our registration number.
2. What is personal data?
The formal definition of personal data is information relating
to people who can be identified or who are identifiable, directly from the information in question, or
who can be indirectly identified from that information in combination with other information.
For a more complete description of what is personal data, please consult the ICO website.
A name is personal data, as are an address, telephone number or email address. There are many less obvious pieces
of personal data too, such as the IP address from which a
browser connects to a web server.
3. Principles of Kirkby Microwave's approach to processing personal data
The following seven principles lie at the heart of our approach to processing personal data
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality (security)
The categories of personal data Kirkby Microwave collect
Kirkby Microwave may collect the following categories of personal data about you. The type of personal data collected
depends on our relationship with you.
4.1 If you only browse our website, and make no contact by email, telephone or post
Your IP address will be recorded, along with the date and time of your visit,
the browser you use, your operating system, what pages you attempted to view.
4.2 If you contact us by email, telephone, by post or in person, we may additionally collect the
following categories of personal information
Your name and contact information such as postal address, email address and telephone number(s).
4.3 If you are a customer
If you purchase a product from us, either from our website, via eBay or bank transfer, we will need to obtain
at least some of the
- The email address associated with your PayPal account, which is sometimes not the same as the email address used.
- Your eBay user id.
- Your bank account details, if you pay via bank transfer, or if you need us to make payment via bank transfer.
5. How that personal data is collected
We may collect your personal data or you may provide it to us through various means, including:
- You communicate to us by telephone, post, email or other forms of electronic communication.
In this respect, we may monitor, record and store any such communication;
- Provided to us by eBay, PayPal or Amazon, if you have purchased via one of those services.
- Collected via closed-circuit television monitoring in our offices.
- Our website runs on a server running the Debian Linux operating system,
using Apache as the web server software.
Apache creates log files, collecting some information. A typical line from the web server log would be as below.
192.168.1.10 - - [09/Aug/2018:23:49:23 +0000] "GET /hp8753/ HTTP/1.1" 301 890 "https://www.google.com/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
The above shows the date and time someone visited our website, their IP address (which we have anonymised), the browser they were using, the operating system they were
using, in addition to some other information. For full details about the Apache Log Files then the Apache documentation should be consulted.
- We also sometimes obtain personal data from posting on internet forums, including, but not limited to
We do not use any automated software to scrape email addresses from such forums.
- The HP/Agilent Yahoo group.
- The Keysight forums
- If your details were provided to use by someone who believed our products or services would be
of use to you.
- From publically available registers. A typical case we might use this is if someone posts to a forum giving
some information, but not enough to contact you, we may attempt to obtain more contact information from any legal
sources on the internet.
We never buy email addresses, telephone numbers of other contact information, and never sell such information.
6. Our legal basis for processing your personal data and how we use that personal data
We may process your personal data for the following purposes:
- To comply with our legal obligations.
- Providing professional services to you.
- Providing goods to you.
- For security purposes.
- For marketing purposes, which will be targeted to one individual, written by a human, and not processed
by any computer.
- Dealing with any complaints or feedback you may have.
- Inspection of log files generated by web server is necessary to ensure the smooth
running of the website and would be standard practice for any competent web server
administrator. In particular, the log indicates
"404 errors" if a page is not found. Kirkby Microwave never
attempts to use the IP address to help identify an individual, despite that may be possible in some instances.
7. Who we may share your personal data with
- Our accountant.
- A courier to enable goods to be transported.
8. Transfer and processing of your personal data outside the European Economic Area
- We often use UPS and FedEx as couriers but retain the right to use any courier we see fit. Both UPS and FedEx
are US companies.
- Approximately half of our customers are outside the European Economic Area. When dispatching goods
we provide no more than is required to transport the goods but will include an invoice and calibration certificate.
9. How long we will hold your personal data for
The nature of the data determines the period the data is retained for.
- Logs from the Apache web server, which contain personal data, but not sensitive personal data,
will be deleted within 90 days or less. This duration gives us
sufficient time to perform statistical analysis but is not excessive.
- We keep financial records for 7 years.
10. Your rights
The GPDR provides the following rights for individuals.
- The right to be informed about the collection and use of personal data. This is a key transparency requirement under the GDPR.
- The right of access Individuals have the right to access their personal data.
- The right to rectification if personal data is inaccurate or incomplete.
- The right to erasure - often called the right to be forgotten.
- The right to restrict processing
- The right to data portability We will provide data as .csv files if needed.
- The right to object to the processing of their personal data in certain circumstances.
- Rights in relation to automated decision making and profiling. Kirkby Microwave does not process data in this way.
Please email contact details
if you would like to action any of your rights above.
You should note that these rights are not absolute, and we may be entitled (or required) to refuse requests
where exceptions apply.
11. Our communications, the Website and cookies
- The Terms and Conditions of use of
our website are given on another page. If you do not find those acceptable, please do not use
- We use SSL to secure the connection, would make it very difficult for a third party to
inject code that steals your personal information.
- We use an Extended Validation (EV) SSL certiciate, which is normally only used by banks, building
societies and other
financial institutions such as PayPal. You should see our company name in your browser, similar to that shown in this photograph, with a green padlock.
It should show Kirkby Microwave Ltd (GB) in green. This should give you the assurance you are on the
Kirkby Microwave website, and not some imposter. (Due to the limitations of the screen size on devices like
mobile phones, you will not see the text, but should still see the green padlock.) If you inspect our SSL certificate,
which was issued by Comodo, you will see it says
Owner: Kirkby Microwave Ltd
whereas most SSL certificates indicate that no ownership information is provided.
- e-mail is inherently quite insecure, as the data is sent unencrypted across multiple computers.
In the event you need to send us a secure email, we would be willing to use OpenPGP
If you have any queries, please contact page. We are confident that almost any problem
can be resolved.
13. Where to complain if you have a concern about the way the Kirkby Microwave is handling your personal information, and have been unsatisfied by our response
We would like to think that we can resolve any privacy concerns you have with us, but
if you are unsatisfied with our response, you can make a complaint about your personal information concerns to the Information Commissioner's Ofice
14. Confidentiality for commercial, military and university customers.
Kirkby Microwave's customers fall into 4 categories:
- Commerical companies - some of which are calibration laboratories.
- Military customers.
- Universities and other institutions of education.
- Individuals - primarily advanced radio amateurs.
With only a couple of rare exceptions, which have the full consent, we do not provide any information about
previous customers. Those two exceptions are:
- University of Bath
- The French radio amateur Pierre-francois (F5BQP)
Occasionally we get asked for previous customers that someone can contact for references. We do not provide
such information. Whilst you will often find other companies listing their previous customers, we never do this.
If you purchase anything from us, or we provide you consultancy services, we will not divulge that information
to any other party.
15. Changes to this Privacy Notice
We may update this Privacy Notice at any time. It is your responsibility when using the
website to make yourself aware of any changes. We will update the date of the privacy notice.
This privacy notice was last updated on 11th August 2018