Privacy Policy

The Kite Factory is committed to protecting your personal information and this Privacy Policy tells you how we collect your personal data, how we store it, how we use it, and how we keep it safe. As a business, we are committed to respecting and protecting the privacy of all individuals with whom we interact. We will always process your personal information in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR). This policy was reviewed and updated in November 2023.

Security

The Kite Factory Limited are committed to ensuring your personal information is kept secure and confidential and not kept for longer than is necessary for each specific purpose. From time to time we may ask other third-party service providers to help us manage our information technology systems. We will only transfer your information to a third-party service provider where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy and data protection laws.

Using web analytics software, we store data about to this site such as IP address, browser type, referring page and time of visit.  Most of this data cannot be used to identify visitors individually, however as your IP address is now classed as personal data, you have the opportunity to opt out by contacting us.

We are ISO 27001 Certified and will take appropriate organisational and technical measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

Any changes to our Privacy Policy will be placed here and will supersede this version of our Policy. We will take reasonable steps to draw the attention of visitors to any changes in our Policy. We suggest that you read this document each time you use the website to ensure that our use meets with your approval. If you have any questions about our Privacy Policy, or if you want to know what information we have collected about you, please contact us. You can also correct any factual errors in that information or require us to remove your details from any list under our control.

What we collect about you

We process the personal data of clients, prospects, enquirers, suppliers and workers.  We may collect, store and use the following personal information about you. Please let us know if the personal data we hold about you needs to be corrected or updated.

  • Information that you provide to us when entering into a contract with us
  • Information that you provide to us when requesting information from us
  • Information that you provide to us when attending an event (or any other PR/Marketing related activity)
  • Any other information you choose to provide to us, including business cards
  • Information you choose to give us when making an application to work for us

The data you provide to use includes:

  • Name
  • Address
  • Postcode
  • Country
  • Email address
  • Fax number
  • Telephone number
  • How you heard about us
  • Suppliers, clients, charities, company name, trading address, registered address, registration number, website, VAT number, trade reference
  • Work experience and interview notes when you apply to work for us
  • Any other personal information that you choose to send us
  • You may only pass us another individual’s personal data if you have that person’s consent to do so on the understanding that their personal data will be processed as described in this policy.

We may also collect information about you from other sources, including demographic information such as postcode, preferences and interests.

We collect information from your computer and about your visits to and use of this website.  This includes collecting unique online identifies such as IP addresses, which are numbers that uniquely identify a specific computer or other device on the internet. Please see our Cookies section for more details.

What we do with your information

We shall use your personal data for the following purposes:

  • To provide our services to you
  • To provide you with information about our services, and to deal with enquiries and requests about them
  • To improve our products and services
  • To send you marketing communications relating to our business which we believe to be of interest to you
  • To send you email notifications and newsletters
  • To maintain your contact preferences
  • For marketing research purposes, surveys and responding to your website visits
  • To fulfil a contract with you if you are a customer, supplier or worker
  • To administer our website, personalise it to you and keep it secure
  • To prevent fraud
  • To verify compliance with the terms and conditions governing the use of our website
  • For internal accounting processes

Our legal basis for processing your personal information

We promise that we shall only use your data in the way you wish, and we shall always respect your privacy.  We process your data under the following legal grounds:

  • The processing is necessary to meet contractual obligations into which you have entered as a client, charity, worker or supplier.
  • We have a legitimate interest in responding to queries from you about our services.
  • The lawful justification for sending you marketing communications about our business, services and news is because we have a legitimate business interest for your data to be used for this specific purpose. You are in complete control of your data and can choose not to receive these messages, either when you first provide your data, or in every communication we send you afterwards.  These marketing communications include:
  • Email notifications and letters where you have provided us with your email address
  • Postal / telephone marketing, though we shall always check telephone numbers against the Telephone and Corporate Telephone Preference Services and will only make telephone calls to you where your number is listed if you have told us that we may do so.

Disclosing your personal data

We may share your personal data with:

  • Workers who deliver our services
  • Third parties who provide a service to us:1) Virtual IT who provides us with IT technical support2) HubSpot, who distributes our emails and hosts our client database3) Mustard who administers our finance applications
  • When it is our legal duty, for example to disclose your details to government bodies such as HMRC or law enforcements agencies

We shall keep your personal data within The Kite Factory and our trusted third parties except where disclosure is required by law, for example to government bodies and law enforcement agencies.

How long we keep your personal information

All your personal data will be held in accordance with our company retention and deletion policy. We only keep your personal information for a long as it is needed for each of the purposes described in this privacy policy. Where your information is no longer required or is no longer relevant, we will ensure it is disposed of securely. We will also keep your data for as long as is required to meet our legal or regulatory obligations.

Cookie Policy

This website is operated by The Kite Factory Limited.  The website uses cookies to distinguish you from other users.  This helps us to provide you with a better customer experience when you browse our website and also helps us to improve our website and make it more relevant for you.

We will ask for your permission to place cookies on your device, except where they are strictly necessary to provide you with a service you have requested, for example to ensure we can process and fulfil your orders, or in order for our websites to work properly. For example, where you give permission for optional cookies, we keep track of the domains from which people visit and we also measure visitor activity on the websites. We use the information that we collect to measure the number of visitors to the different areas of our websites to improve website functionality.

If you wish to remove cookies placed on your device by our websites or stop our websites placing further cookies on your device, you can do this at any time. Learn how to do this below, in the “Managing Cookies” section.

What is a cookie?

A cookie is a small text file which is downloaded and stored on your computer or mobile device by websites that you visit. Where cookie technology is not available, an anonymous identifier may be used. An anonymous identifier is a random string of characters used for the same purposes as a cookie. When we refer to “cookies” in this policy (or our Privacy Policy) we are referring to both cookies and similar technologies.

Your browser accesses the cookie file only when you visit the website that generated it. This helps to ease your navigation by automatically logging you in and remembering your preferences and what’s in your shopping basket. Cookies allow websites like ours to deliver you a personalised shopping experience.

The information stored within any given cookie can only be accessed by the website that created it and cookies are limited to communicating only the information that you have disclosed to the website.

With the exception of strictly necessary cookies, cookies are optional, and we ask for your permission before placing cookies on your device. 

Managing Cookies

We will ask for your permission to place cookies on your device, except where they are strictly necessary. You can provide your consent to the use of optional cookies by clicking the “Accept All Cookies” button on our cookies information notice, or by accessing the privacy preference centre which is also in the cookies information notice that appears on the website when you visit our site for the first time. It can also be accessed by clicking the “Cookies Settings” option at the bottom of the website at any time.

Within our privacy preference centre you can provide consent to certain categories of optional cookies by ticking the box on the right-hand-side of each category and clicking the “Allow Selection” button.

You can withdraw any consent at any time to the use of cookies through the same functionality (i.e. clicking on the ticked box, which will then un-tick the box) and clicking the “Change your Consent” button. It may be necessary to refresh the website page for the updated settings to take effect.

If you wish to remove cookies previously placed on your device by our websites, or to stop our websites placing further cookies on your device, you can do this at any time. You can also set your browser to delete cookies, to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you delete, disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

If cookies aren’t enabled on your computer, it will mean that your shopping experience on our website will be limited to browsing and researching; you won’t be able to add products to your basket or buy them. To enable and manage cookies, you can use your browser to do this. Each browser is different, so check the ‘Help’ menu of your particular browser (or your mobile phone’s handset manual) to learn how to change your cookie preferences.

We use the following types of cookie:

  • Strictly necessary cookies: These cookies are necessary for the website to function or to provide a service you have requested and cannot be switched off in our systems. We do not require your consent to set these cookies. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the website will not then work. These cookies do not store any personally identifiable information.
  • Preferences: These functional cookies enable the website to provide enhanced functionality and personalisation, like your preferred language or the region that you are in. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
  • Statistics: These performance cookies allow us to count our visitors and identify traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how our visitors move around the website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor its performance.
  • Marketing cookies: These tracking cookies may be set through our site by our third party advertising partners. They may be used to build a profile of your interests based on your browsing history, and will show you relevant adverts when you visit other websites. Tracking cookies are based on identifying your browser and internet device. If you do not allow these cookies, you will still receive advertising on the websites you visit, but the ads will be general rather than targeted to you.

You can find out more information about the individual cookies we use and the purposes for which we use them in the tables below:


Necessary (7)

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name Provider Purpose Expiry Type
__cf_bm vimeo.com This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. 1 day HTTP Cookie
CONSENT [x2] play.google.com
youtube.com
Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. 2 years HTTP Cookie
CookieConsent cookiebot.com Stores the user’s cookie consent state for the current domain 1 year HTTP Cookie
cookietest thekitefactorymedia.com This cookie is used to determine if the visitor has accepted the cookie consent box. Session HTTP Cookie
JSESSIONID bam.nr-data.net Preserves users states across page requests. Session HTTP Cookie
wordpress_test_cookie thekitefactorymedia.com Used to check if the user’s browser supports cookies. Session HTTP Cookie

Preferences (2)

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Name Provider Purpose Expiry Type
player vimeo.com Saves the user’s preferences when playing embedded videos from Vimeo. 1 year HTTP Cookie
sync_active player.vimeo.com Contains data on visitor’s video-content preferences – This allows the website to remember parameters such as preferred volume or video quality. The service is provided by Vimeo.com. Persistent HTML Local Storage

Statistics (7)

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Name Provider Purpose Expiry Type
_ga www.googletagmanager.com Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 399 days HTTP Cookie
_ga_# www.googletagmanager.com Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit. 399 days HTTP Cookie
_gat www.google-analytics.com Used by Google Analytics to throttle request rate 1 day HTTP Cookie
_gid www.google-analytics.com Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 1 day HTTP Cookie
events/1/# bam.nr-data.net Used to monitor website performance for statistical purposes. Session Pixel Tracker
jserrors/1/# bam.nr-data.net Unclassified Session Pixel Tracker
vuid vimeo.com Collects data on the user’s visits to the website, such as which pages have been read. 399 days HTTP Cookie

Marketing (13)

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Name Provider Purpose Expiry Type
ads/ga-audiences www.google.com Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites. Session Pixel Tracker
VISITOR_INFO1_LIVE youtube.com Tries to estimate the users’ bandwidth on pages with integrated YouTube videos. 179 days HTTP Cookie
YSC youtube.com Registers a unique ID to keep statistics of what videos from YouTube the user has seen. Session HTTP Cookie
yt.innertube::nextId youtube.com Registers a unique ID to keep statistics of what videos from YouTube the user has seen. Persistent HTML Local Storage
yt.innertube::requests youtube.com Registers a unique ID to keep statistics of what videos from YouTube the user has seen. Persistent HTML Local Storage
ytidb::LAST_RESULT_ENTRY_KEY youtube.com Stores the user’s video player preferences using embedded YouTube video Persistent HTML Local Storage
yt-remote-cast-available youtube.com Stores the user’s video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-cast-installed youtube.com Stores the user’s video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-connected-devices youtube.com Stores the user’s video player preferences using embedded YouTube video Persistent HTML Local Storage
yt-remote-device-id youtube.com Stores the user’s video player preferences using embedded YouTube video Persistent HTML Local Storage
yt-remote-fast-check-period youtube.com Stores the user’s video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-session-app youtube.com Stores the user’s video player preferences using embedded YouTube video Session HTML Local Storage
yt-remote-session-name youtube.com Stores the user’s video player preferences using embedded YouTube video Session HTML Local Storage

Third party cookies

You should note that certain third party service providers (such as advertising companies, social networks and retargeting and behavioural analysis services) can also use cookies on our websites if you permit them to do so. The purpose of these cookies includes analysing performance and displaying customised advertising content on your web browser. We have no control over these cookies. Our key partners are listed below with information about the services they provide to us. This list is not exhaustive but it includes all partners with whom we have an established relationship and whose cookie technologies are most frequently deployed through the websites. For further information about cookies set by third parties, please visit the relevant third party’s website for details on how to manage them.

Sharing with Social Networks

If you use the buttons that allow you to share products and content with your friends via social networks like Twitter and Facebook, these companies may set a cookie on your computer memory. Find out more about these here:

Changes to this cookie policy

Any changes to this cookie policy will be posted on this page, and will also be available to view through our cookie banner / pop-up.  Please check back regularly to see any updates or changes.

If you have any further questions or comments on our cookie policy, please contact us on marketing@thekitefactorymedia.com

This policy was reviewed and updated on: 22/11/2023

Data Transfers

Your personal data may be stored, processed, and transferred outside the UK or EEA, so that we can use your personal data as described in this policy.

We will make sure that any transfers of your personal information from one country to another comply with those data protection and privacy laws which apply to us. UK and European data protection laws include specific rules on transferring personal information outside the EEA.

When transferring personal information outside the UK or EEA, we will:

  • Include standard data protection clauses approved by the ICO for transferring personal information outside the UK, EEA into our contracts with those third parties as required under the General Data Protection Regulation (UK GDPR)); or
  • Ensure that the country in which your personal information will be handled has been deemed “adequate” by the ICO

Your Rights and Control over your Personal Data

Under the General Data Protection Regulation, you have the following rights: 

  • The right to be informed – you have the right to know what we are collecting and how we are collecting it.
  • Right of access– you have the right to know whether we are processing your personal data, and what we are processing.
  • Right to rectification – you have the right to have any incorrect personal data corrected or completed if it is incomplete.
  • Right to erasure – this right, often referred to as the right to be forgotten, allows you to ask us to erase personal data where there is no valid reason for us to keep it. However, we will retain just enough of your personal data to ensure that we hold about you that the restriction is respected in the future.
  • Right to restrict processing – you have the right to ask us to restrict processing of your data
  • Right to object – you have the right to object to our processing of your personal data based on:
    legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling);
    – direct marketing (including profiling); and- for purposes of scientific/historical research and statistics.

The right to make a compliant to the data protection regulator

To exercise any of these rights, please contact philippa.morgan@thekitefactorymedia.com or our Data Protection Officer at kitefactorydpo@datacompliant.co.uk.

If you wish to lodge a complaint or seek advice from a supervisory authority, please contact the Information Commissioner’s Office.  The ICO is the UK’s independent body set up to uphold your rights to data privacy.  The ICO can be contacted at The Office of the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.  Tel: +44 (0) 01625 545 745  Website: https://ico.org.uk

The Kite Factory Ltd is registered with the ICO as a data controller, reg no: Z9562303.
Our registered address is: 55 New Oxford Street, London WC1A 1BS

Brand Safety Process

We have put in place strict exclusions when running activity in the DSP we use. In line with industry best practice, we approach this in two ways using 2 different vendors:

  • Bottom-up – Pre-bid filtering to exclude any impressions from our programmatic campaigns using content category filtering tools
  • Top-down – 3rd party measurement and analytics tools for post-delivery insights into the quality of inventory which allow us to remove any sites or placements that may be seen as harmful to the brand

Pre-bid Content Filtering

Four types of pre-bid filters are being applied:

  • DSP content category exclusions, 3rd party content category exclusions (IAS or Adloox), URL keyword & blocked sites

IAS and Adloox are an MRC accredited 3rd party specialist technology that is integrated into the DSP and bought on a cost per thousand impressions basis. The IAS and Adloox category exclusions are set to exclude anything that is of ‘moderate and high risk’, which is the highest level it can be set at. These categories include:

  • Adult, Alcohol, Illegal Downloads, Drugs, hate Speech, Offensive Language, Violence, Unrateable & Suspicious

3rd Party Verification – Post-Delivery Insight

We also use Adloox to monitor the quality of online advertising. We use the measurement to track viewability and engagement. These insights allow us to improve the quality and effectiveness of advertising through block listing at an agency or client level.  We have determined benchmarks for each of the core metrics and will be filtering out domains that fall below this benchmark.

  • Human and Viewable % – below 20%
  • Invalid Traffic % (IVT – otherwise known as non-human) – over 5%
  • Brand Safety % – above 10% (with exceptions)
    • Grapeshot is an independent context analysis engine which is fully integrated with MOAT. It goes beyond URLs, analysing the actual content on the page to determine its context.
  • In View Time – below 5”

The site list process is similar to the blocklist process, but reversed. We analyse Adloox data, looking at ‘Human & Viewable Rate’, ‘In-View Time’, ‘Invalid Traffic Rate’, and ‘Brand Safety’ by site. If these metrics are seen as worse than the Adloox benchmark for a site, then we will not look to include it in a site list. We then also use general principles to confirm whether a site is legitimate or not. These include: checking the connection is secure, ensuring the URL contains ‘https’ at the start, checking /ads.txt on the site and also whether the ads render correctly/click through correctly on site. Also, simply, whether the publisher is well known.

Takedown Policy

If The Kite Factory discovers or is made aware that an online advertisement for a client has appeared on a site that contains or links to inappropriate content, we shall use reasonable endeavours to remove the online advertisement from the site as soon as possible and within a maximum of 2 business days of discovery or notification.