Who We Are

At Kasha Services UK Limited (Kasha), we are passionate about helping businesses thrive. Our all-in-one platform simplifies your business operations, saving you time and cutting costs. From company registration and banking to client management, invoicing, and expense tracking, our integrated solutions make it easy to manage every aspect of your business in one place. 

Our Commitment to Your Privacy

Your data is our top priority. We store and protect your personal data with the utmost care, prioritising security, and confidentiality. As a registered entity with the Information Commissioner's Office (ICO), registration number ZB869482, we are committed to upholding the highest standards of data protection.

Data We Collect - (What Information We Collect and Use)

In accordance with the UK General Data Protection Regulation (GDPR), and the Data Protection Act 2018 we collect the following personal data from our users:

1. 1. Name

2. 2. Email address

3. 3. Business information

4. 4. LinkedIn profile information

5. 5. Landline phone number

6. 6. Mobile phone number

7. 7. Postal address

8. 8. Date of birth 

9. 9. ID documents

10. 10. Financial details

11. 11. Immigration status

12. 12. Usage Data: Information about how you use our services, such as login history, feature usage, and performance metrics.

13. 13. Communication Data: Messages, emails, or other communications we exchange with you.
    
    
    

Purpose of Collection (Why We Collect and Use Information)

We collect this data for the following purposes:

1. 1. To provide and manage our services: To deliver, maintain, and improve our software and services.

2. 2.To communicate with you regarding our products, services, or updates: To send important information about your account, our products, or services.

3. 3.To fulfil contractual obligations: To meet the terms of a contract between us, such as providing a product or service.

4. 4.To verify your identity (where necessary): To ensure that you are who you claim to be and to prevent unauthorised access to your account.

5. 5.To comply with legal and regulatory requirements: To meet our obligations under relevant laws and regulations, such as anti-money laundering (AML) and know-your-customer (KYC) requirements.

6. 6.To improve user experience and customer service: To better understand how customers use our software and services, identify areas for improvement, and optimise performance.
   

When we collect the data

• - Signing up for our service 

• - Joining our waiting list

• - Using and interacting with our website and social media channels

• - Engaging in all forms of contact – emails, in-app chat, direct messages, surveys

• - Contacting us via phone
  
  
  

Legal Basis for Processing

Under the GDPR, the legal basis for processing your personal data may include one or more of the following:

1. 1. Consent: You have given explicit consent to process your personal data.

2. 2. Contractual necessity: The processing is necessary for the performance of a contract with you, such as account creation or service delivery.

3. 3. Legal obligation: We may be required to process your data to comply with legal or regulatory obligations. Which may include the following but not limited to these:

• - Verify your identity when registering or contacting us

• - Review your information with immigration and fraud prevention agencies

• - Prevent illegal activities such as money laundering and fraud

• - Assess your credit history and inquire about your reasons for applying and your financial situation

• - Retain records of the information we hold about you, in compliance with legal and regulatory obligations

• - Comply with laws and regulations, which may require us to share information with regulators, tax authorities, law enforcement, or other third parties

1. 4. Legitimate interests: We process your data based on legitimate business interests, such as improving services and customer communication, unless your rights and freedoms outweigh those interests.

2. 5. Marketing and product development: We process your data:

• - To create targeted advertisements and promotional content based on customer preferences, behaviour, and demographics.

• - To categorise customers into different groups for more tailored marketing efforts, improving customer engagement and conversion rates.

• - To understand how customers interact with the product and identify areas for improvement or new feature development.

• - To gather insights on customer satisfaction and pain points to enhance products or services.

• - To identify trends and patterns in user behaviour that help improve user journeys and make the product more intuitive.
  
  
  

Whose Personal Information We Collect

We collect personal data from:

1. 1. Business Owners or Decision-Makers: Individuals who own or manage a business that uses our software or services.

2. 2. Employees or Representatives: Individuals who work for businesses using our software or services, or who represent those businesses in their dealings with us.
   
   
   

Where We Get Your Information From

We collect personal information from the following sources:

1. 1. Directly from You: Most of the personal data we collect comes directly from you. This includes information you provide when you:

   1. Register for an account or use our services.

   2. Contact us via email, phone, or other communication channels.

   3. Complete forms, surveys, or feedback requests.

   4. Interact with us through social media or our website.

2. 2. From Third-Party Services: In some cases, we may collect your information from third-party sources, including:

   1. Social media platforms: We may collect information and data for professional purposes. 

   2. Business Partners and Affiliates: We may receive your business-related information (such as business name, contact details, etc.) from trusted partners or affiliates with whom you have engaged.

   3. Publicly Available Sources: We may collect publicly available information from sources like professional directories or public databases, in compliance with applicable laws.

   4. Apps and platforms: We may collect information from apps and platforms you give us permission to access such as Google and Microsoft in order to provide services you have requested

3. 3. From your mobile phone: We collect this information for the following reasons: 

1. We collect information about your mobile network and operating system to analyse app performance and resolve any issues.

2. We gather your IP address and device ID to link your mobile number with your device and use your mobile advertising ID for online advertising (with options to reset or limit tracking in your phone's settings).

With your authorisation, we collect your location data to help protect you from fraud.

Who We Share Your Data With (Which organisations we share information with, and why)

We share limited information and only what is necessary with the following parties:

• - Our employees, contractors, and agents

• - Card processing partners, card networks, account and payment providers, AML/KYC providers, cybersecurity service providers for identity verification and fraud prevention

• - Cloud computing, storage, and software providers

• - Business intelligence and analytics platform providers

• - Marketing partners (we will not share identifiable personal data for direct marketing without your permission, and you can opt out at any time)

• - Companies that offer benefits, rewards, or cashback through special programs you sign up for in the app
  
  
  

How We Protect Your Data

We take steps to protect your personal data from unauthorised access, disclosure, modification, or destruction. These steps include:

1. 1. Implementing robust security measures on our website and mobile app: To prevent unauthorised access to your account.

2. 2. Limiting access to your data: To authorised personnel only.
   
   
   

International Data Transfers (If we share personal information overseas)

At Kasha, we understand the importance of international data transfers and compliance with UK law. We may store the data we collect from you outside the UK or transfer it to organisations located outside the UK. When this happens, we ensure that your data is protected by one of the following measures:

• The UK Government has determined that the country or organisation offers an adequate level of protection for personal data; or

• We have entered specific contracts approved for use in the UK, ensuring your personal data is protected to the same standard as it would be within the UK.
  
  

General International Data Transfer Policy

We will typically transfer your personal data internationally:

1. 1. For cloud-based services: We may transfer your personal data to cloud-based services that are hosted outside the United Kingdom.

2. 2. To fulfil contractual obligations: If we have a contract with you (e.g., providing a product, service, or account management) and need to transfer data to another country.
   
   
   

Recipient Countries

We may transfer your personal data to countries including:

1. 1. European Economic Area (EEA): Such as Germany, France, or the Netherlands.

2. 2. Other non-EEA countries: Such as the United States or Canada.

Data Transfer Mechanisms

We will use a range of data transfer mechanisms to ensure the secure transfer of your personal data internationally, including:

1. Standard Contractual Clauses (SCCs): To contractually bind our third-party service providers to protect your personal data.

2. Binding Corporate Rules (BCRs): We may enter BCR agreements with our group companies or other entities that require them to provide an adequate level of protection for personal data.
   
   
   

Data Retention (How long we keep people's information for)

At Kasha, we understand the importance of data retention and compliance with UK law. We only retain your personal data for as long as necessary to achieve the purposes for which it was collected.

General Data Retention Policy

 We will retain account and transactional data for a minimum period of 6 years from the date of the last transaction or activity on your account. To work out how long we keep different categories of, we consider its purpose, sensitivity, any legal retention requirements, and the associated risks. 

Exceptional Circumstances

In exceptional circumstances, we may need to retain your personal data for longer than the periods outlined above. For example:

1. 1. If you are involved in a dispute or complaint regarding our services: We may retain your personal data until the dispute has been resolved.

2. 2. If we are required to retain your personal data by law or regulatory requirement: We will do so for as long as necessary.
   
   
   

Your Rights

You have various rights regarding your personal data, including:

1. 1. The right to request a copy of your personal data: Subject to certain limitations.

2. 2. The right to request deletion or erasure of your personal data: Where this is necessary for compliance with our obligations under UK law.

3. 3. The right to withdraw consent for our use of your personal data: If you have previously given consent and wish to withdraw it.

If you would like to exercise any of these rights or have questions about our data retention policy, please do not hesitate to contact us.

Contact Us

If you have any questions about this privacy notice or would like more information, please do not hesitate to contact us at:

Kasha Services UK Limited Marine House, 151 Western Road, Haywards Heath, RH16 3LH United Kingdom. Email – DPO@kasha.io 

Our Registration Details

Company number: 15831561 Registered offices: Marine House, 151 Western Road, Haywards Heath, RH16 3LH United Kingdom.