Privacy Notice

We respect your right to privacy in relation to your interactions with Kainos, including this website, and are committed to protecting it. We provide this Privacy Notice to tell you how we use your personal data that we gather from your use of our website and any applicable third parties.
 
Any personal data which is provided by you or applicable third parties will be treated in accordance with the terms of the General Data Protection Regulations as amended, adapted or extended by, or under, any subsequent enactment (“GDPR”) and any other applicable data privacy and protection laws.
 
We are fully aware of our responsibilities under GDPR and will at all times and in all respects comply with our statutory responsibilities relating to the processing of your personal data.
 

What does this Privacy Notice cover?

When we refer to Kainos, we mean Kainos Software Limited or any other Kainos entity as listed on our Corporate Information page ("Kainos").
 
For the purposes of this Privacy Notice, under GDPR, Kainos is a Controller. Terminology will vary across different countries, but generally a Controller is the entity or person which decides how and why to process personal data. In contrast, a Processor only processes personal data in line with a Controller’s instructions and does not make any decisions.
 
This Privacy Notice applies to kainos.com (collectively and individually, 'our website'). It does not address where Kainos is acting as a Processor for our customers. In that instance, if you have any questions or concerns about your personal data, we recommend that you reach out directly to the relevant customer/Controller.
 
Our website may include links to websites run by other organisations. Kainos is not responsible for the privacy practices of these other websites, so you should read their privacy policies carefully.

Kinds of Information We Collect & How We May Use It

We may collect and process the following data about you:

Data Purpose Legal Basis

Name, address, e-mail address, company name, phone number

To carry out our obligation arising from any contracts entered into between you (or your employer) and us and to provide you with the information, products and services that you (or your employer) request from us.

Performance of contract; legitimate interest in providing our products and services to you

 

To provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about.

Legitimate interest to develop our products and services and grow our business

 

To make suggestions and recommendations to you about goods or services that may be of interest to you.

Legitimate interest to develop our products and grow our business

 

To process job applications, or applications for Kainos Academy or Tech Outreach initiatives e.g. Kainos CodeCamp, Kainos Earn as you Learn, Kainos A.I.Camp. To identify, select and communicate with you on potential employment opportunities through our talent engagement platform.

Consent; performance of a contract.

 

Legitimate interest: Effective recruitment of employees, attracting high calibre candidates, interests of applicants and prospective employees

Technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet; browser type and version, time zone setting, browser plug-in types and versions, operating system and platform

As part of our efforts to keep our sites safe and secure.

Legitimate interest: necessary for the purpose of protecting our systems and for detecting and preventing fraud.

Statistical and other analytical information including IP address, information about the number of visitors to this website, the number of returners to the website, the pages they visit, where they were before they came to this website and the page in the website at which they exited

To monitor traffic on our website, to manage the site's capacity and efficiency and to help us understand which parts of this website are most popular, generally to assess user behaviour and characteristics in order to measure interest in and use of the various areas of the website and provided targeted messaging to those visitors who provide their email address.

Legitimate interest in providing our products and services to you.

Education, employment history and any other information that may reasonably expected to be included in CV/resume.

To process job applications, or applications for Kainos Academy or Tech Outreach initiatives e.g. Kainos CodeCamp, Kainos Earn as you Learn, Kainos A.I.Camp. To identify, select and communicate with you on potential employment opportunities through our talent engagement platform.

Consent; performance of a contract.

Legitimate interest: Effective recruitment of employees, attracting high calibre candidates, interests of applicants and prospective employees

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Direct email communications with Kainos will not result in your email address being added to a mailing list.

 

How we collect information 

Information may be collected from various sources. Examples include, (butare not limited to) conference attendence (e.g., QR code scan at a Kainos booth), through consented social media interaction, through your direct contact to Kainos, through expression of interest in Kainos and/or our products and services, or through an application that you may submit to us. 

Use of Cookies and Similar Technology

Cookies are small text files placed on your computer when you browse a website. In common with many other websites, we use cookies in a general way to help us to understand how to make our website more effective. We do not use data from which you can be individually identified.
 
We use web beacons or transparent GIF files, that may be included on our websites and messages, that are typically used in conjunction with cookies, to help us manage our online advertising and measure its effectiveness as well as to analyse traffic. Web beacons may also assist us with understanding which content is most effective by notifying us if web pages, emails, or ads have been viewed or clicked. The information that we collect by means of these technologies is anonymous.

The table below sets out what cookies we use and why:

Cookie Type Duration   Description
Cookie Header Persistent  1 year In the header of each web page on this site you will see a message alerting you of our privacy and cookie policy. If you’ve seen this message once, you probably won’t want to see it again. We use a cookie to remember this setting. User data is all anonymous.
Google Analytics   1 year These cookies are used to measure visitor behaviour and usage patterns, such as the time spent on site, number of visits or what pages were viewed during a visit. All information is anonymous and reports always show aggregate, not individual data. Click here for an overview of privacy at Google.
YouTube Persistent   240 days These cookies are used to measure visitor behaviour and usage patterns, such as the number of visits or what videos were viewed during a visit. All information is anonymous and reports always show aggregate, not individual data.
       

If you do not want to receive cookies, you may choose to opt-out by changing your browser settings. Most browsers allow you to turn off cookies. To do this look at the “help” menu on your browser. Switching off cookies may restrict your use of the site and/or delay or adversely affect the way in which it operates.

Recruitment & Marketing

From time to time, we may send you information regarding services or products (including potential employment opportunities) that we think may be of interest to you or your business. You may receive this information by letter, telephone, or email. If at any time you prefer not to receive further communications from us in any or all forms (except in connection with information, products, or services that you specifically request) you will have the ability to opt-out from such communications by means of a link provided in e-mails that are sent to you by us.

International Data Transfers

Kainos is a global business which means that personal data may be transferred to, stored in, or processed at, a destination outside the United Kingdom (‘UK’) and/or the European Economic Area (‘EEA’). Whenever we transfer personal data to countries outside of the UK or EEA, we comply with all applicable legal requirements and ensure all necessary safeguards are in place to protect your personal data, including your rights and the ability to exercise those rights.
 
For personal data transfers from the UK or EEA to another country without an Adequacy Decision, we ensure that:
  1. an appropriate data processing agreement (including the relevant Standard Contractual Clauses) is in place, and
  2. we have implemented appropriate technical and organizational measures.
With regards to data transfers to the United States of America, Kainos is certified under the EU-US Data Privacy Framework. You can find more information on this below.
 
By submitting your personal data, you agree to this transfer, storing or processing.

How long do we keep your information?

The personal data that we collect from you will be stored only for so long as is necessary to fulfil the purpose for which the data was collected, or to comply with applicable legal, tax or regulatory requirements.

Disclosure of Information

We may share your information with any Kainos entity as listed in the Corporate Information as strictly necessary for purposes such as fulfilling a request for customer support, marketing, technical operations, or account management etc.

We may collect your information from and share it with selected third parties including:

  • Website developers;
  • As required by law, such as to comply with a legal process or regulatory obligation;
  • When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
  • Where we have your prior consent to do so;
  • In the event that any party acquires Kainos or substantially all of its assets, in which case personal data held by it about its customers will be one of the transferred assets: and
  • With any third-party service providers to whom we outsource certain functions such as information and document management, office support, marketing, technology and IT services. We have appropriate contracts, including data processing agreements, in place with these providers to protect the confidentiality and security of the information/personal data we collect from and/or share with them.

Data Subject Rights

Under GDPR, you have a number of rights in respect of your personal data, including the right to:
  • Access your personal data;
  • Request that inaccurate personal data be rectified;
  • Request that your personal data be erased;
  • Restrict the processing of your personal data;
  • Transfer your personal data between controllers;
  • Object to processing of personal data; and
  • Withdraw your consent to the collection or processing of your personal data at any time.
You also have the right to opt out of the sale or sharing of your personal data for targeted advertising. Although this is a right for controllers in certain countries, Kainos does not sell your personal data.

Should you wish to exercise any of your rights please contact the Kainos Data Protection Officer at: dpo@kainos.com

If your personal data has been shared with us by or on behalf of a Kainos customer and you wish to exercise any applicable data protection rights, please contact the applicable customer/Controller directly.
 
Lodging a complaint
 
If you wish to lodge a complaint with Kainos regarding data protection, please contact the Kainos Data Protection Officer at: dpo@kainos.com
 
You may also lodge a complaint with a data protection authority such as the supervisory authority of your usual place of residence. A full list of EEA data protection authorities is available here. You can also lodge a complaint with the Information Commissioner’s Office which is the UK supervisory authority for Kainos Software Limited.
 
EU-US Data Privacy Framework
 
Kainos complies with the Principles of the EU-U.S. Data Privacy Framework (the “Framework”) (including the UK extension to the Framework) as set forth by the U.S. Department of Commerce. Kainos relies on the Framework as a legal basis for personal data transfers. Kainos will also rely on the UK Extension to the Framework as a legal basis for personal data transfers from the UK once it is effective on 12th October 2023. In the meantime, Kainos continues to rely on the applicable Standard Contractual Clauses for the purposes of UK and EU GDPR.
 
Kainos WorkSmart Inc has certified to the U.S. Department of Commerce that it adheres to the Framework Principles regarding the processing of personal data received from the EEA and UK. If there is any conflict between the Kainos Privacy Notice and the Framework Principles, then the Principles shall govern. To learn more about the EU-US Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/
 
Kainos is responsible for the processing of personal data it receives, under the Framework, and subsequently transfers to a third party acting as an agent on its behalf. Kainos complies with the Framework Principles for all onward transfers of personal data from the EU and UK, including the onward transfer liability provisions.
 
The Federal Trade Commission has jurisdiction over Kainos’ compliance with the Framework (including the UK Extension to the Framework). In certain situations, Kainos may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
 
In compliance with the Framework (and the UK Extension to the Framework), Kainos commits to refer unresolved complaints concerning our handling of Non-HR personal data received in reliance on the Framework (and the UK Extension to the Framework), to ICDR-AAA, an alternative dispute resolution provider based in the United States. If you do not receive timely
acknowledgment of your Framework Principles-related complaint from us, or if we have not addressed your Framework Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you.
 
Kainos commits to cooperate and comply with the panel established by the EU data protection authorities (DPAs) the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), with regard to unresolved complaints concerning our handing of personal data received in reliance on the Framework (and the UK Extension to the Framework).
 
For complaints regarding Framework compliance not resolved by any of the other Framework mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official Framework website here.
 

Changes to our Privacy Notice

Please note that this Privacy Notice will be reviewed and may be changed from time to time. Any changes we may make to our Privacy Notice in the future will be posted on this page.