Data Protection Policy

Click & Kind Co. Ltd is committed to protecting personal data and complying with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Our role

Click & Kind Co. Ltd provides technical services including website migration, development, and support.

In most cases, Click & Kind Co. Ltd acts as a data processor, accessing data only on behalf of and under the instruction of the client.

The client remains the data controller.

Lawful processing

We only access and process personal data where necessary to deliver contracted services and in accordance with client instructions.

We do not use client data for marketing or any unrelated purposes.

Data minimisation

We access only the minimum data necessary to perform our services.

Where possible, data remains within client-managed systems.

Security

We protect personal data through:

• password-protected and encrypted devices

• secure authentication

• access controls

• secure communication methods

• up-to-date software and security patches

Data retention

We do not retain client personal data longer than necessary.

At the end of a contract:

• access credentials are returned or deleted

• any locally stored data is securely deleted

Third parties

We do not share client personal data with third parties unless required to deliver services and authorised by the client.

Data subject rights

Requests relating to personal data should normally be directed to the client organisation acting as data controller.

ICO registration

Click & Kind Co. Ltd is registered with the UK Information Commissioner’s Office.

Contact

For data protection enquiries:

hello@clickandkind.co.uk