As a business, we are committed to respecting and protecting the privacy of all individuals with whom we interact. We will always process your personal information in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR).
This policy was last reviewed in July 2022.
The Kite Factory Limited are committed to ensuring your personal information is kept secure and confidential and not kept for longer than is necessary for each specific purpose.
From time to time we may ask other third-party service providers to help us manage our information technology systems. We will only transfer your information to a third-party service provider where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy and data protection laws.
Using web analytics software, we store data about to this site such as IP address, browser type, referring page and time of visit. Most of this data cannot be used to identify visitors individually, however as your IP address is now classed as personal data, you have the opportunity to opt out by contacting us.
We are ISO 27001 Certified and will take appropriate organisational and technical measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
What we collect about you
We process the personal data of clients, prospects, enquirers, suppliers and workers. We may collect, store and use the following personal information about you:
- Information that you provide to us when entering into a contract with us
- Information that you provide to us when requesting information from us
- Information that you provide to us when attending an event (or any other PR/Marketing related activity)
- Any other information you choose to provide to us, including business cards
- Information you choose to give us when making an application to work for us
Please let us know if the personal data we hold about you needs to be corrected or updated.
The data you provide to use includes:
- Email address
- Fax number
- Telephone number
- How you heard about us
- Suppliers, clients, charities, Company name, trading address, registered address, registration number, website, VAT number, trade reference
- Work experience and interview notes when you apply to work for us
- Any other personal information that you choose to send us
- You may only pass us another individual’s personal data if you have that person’s consent to do so on the understanding that their personal data will be processed as described in this policy.
We may also collect information about you from other sources, including demographic information such as postcode, preferences and interests.
We collect information from your computer and about your visits to and use of this website. This includes collecting unique online identifies such as IP addresses, which are numbers that uniquely identify a specific computer or other device on the internet. Please see our Cookies section for more details.
What we do with your information
We shall use your personal data for the following purposes:
- To provide our services to you
- To provide you with information about our services, and to deal with enquiries and requests about them
- To improve our products and services
- To send you marketing communications relating to our business which we believe to be of interest to you
- To send you email notifications and newsletters
- To maintain your contact preferences
- For marketing research purposes, surveys and responding to your website visits
- To fulfil a contract with you if you are a customer, supplier or worker
- To administer our website, personalise it to you and keep it secure
- To prevent fraud
- To verify compliance with the terms and conditions governing the use of our website
- For internal accounting processes
Our legal basis for processing your personal information
We promise that we shall only use your data in the way you wish, and we shall always respect your privacy. We process your data under the following legal grounds:
- The processing is necessary to meet contractual obligations into which you have entered as a client, charity, worker or supplier.
- We have a legitimate interest in responding to queries from you about our services.
- The lawful justification for sending you marketing communications about our business, services and news is because we have a legitimate business interest for your data to be used for this specific purpose. You are in complete control of your data and can choose not to receive these messages, either when you first provide your data, or in every communication we send you afterwards. These marketing communications include:
- Email notifications and letters where you have provided us with your email address
- Postal / telephone marketing, though we shall always check telephone numbers against the Telephone and Corporate Telephone Preference Services and will only make telephone calls to you where your number is listed if you have told us that we may do so.
Disclosing your personal data
We may share your personal data with:
- Workers who deliver our services
- Third parties who provide a service to us:1) Virtual IT who provides us with IT technical support2) MailChimp, who distributes our emails and hosts our client database3) Mustard who administers our finance applications
- When it is our legal duty, for example to disclose your details to government bodies such as HMRC or law enforcements agencies
We shall keep your personal data within The Kite Factory and our trusted third parties except where disclosure is required by law, for example to government bodies and law enforcement agencies.
How long we keep your personal information
We will ask for your permission to place cookies on your device, except where they are strictly necessary to provide you with a service you have requested, for example to ensure we can process and fulfil your orders, or in order for our websites to work properly. For example, where you give permission for optional cookies, we keep track of the domains from which people visit and we also measure visitor activity on the websites. We use the information that we collect to measure the number of visitors to the different areas of our websites to improve website functionality.
If you wish to remove cookies placed on your device by our websites or stop our websites placing further cookies on your device, you can do this at any time. Learn how to do this below, in the “Managing Cookies” section.
What is a cookie?
Your browser accesses the cookie file only when you visit the website that generated it. This helps to ease your navigation by automatically logging you in and remembering your preferences and what’s in your shopping basket. Cookies allow websites like ours to deliver you a personalised shopping experience.
The information stored within any given cookie can only be accessed by the website that created it and cookies are limited to communicating only the information that you have disclosed to the website.
With the exception of strictly necessary cookies, cookies are optional, and we ask for your permission before placing cookies on your device.
Types of Cookie
We will ask for your permission to place cookies on your device, except where they are strictly necessary. You can provide your consent to the use of optional cookies by clicking the “Accept All Cookies” button on our cookies information notice, or by accessing the privacy preference centre which is also in the cookies information notice that appears on the website when you visit our site for the first time. It can also be accessed by clicking the “Cookies Settings” option at the bottom of the website at any time.
Within our privacy preference centre you can provide consent to certain categories of optional cookies by ticking the box on the right-hand-side of each category and clicking the “Allow Selection” button.
If cookies aren’t enabled on your computer, it will mean that your shopping experience on our website will be limited to browsing and researching; you won’t be able to add products to your basket or buy them. To enable and manage cookies, you can use your browser to do this. Each browser is different, so check the ‘Help’ menu of your particular browser (or your mobile phone’s handset manual) to learn how to change your cookie preferences.
We use the following types of cookie:
- Strictly necessary cookies: These cookies are necessary for the website to function or to provide a service you have requested and cannot be switched off in our systems. We do not require your consent to set these cookies. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the website will not then work. These cookies do not store any personally identifiable information.
- Preferences: These functional cookies enable the website to provide enhanced functionality and personalisation, like your preferred language or the region that you are in. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
- Statistics: These performance cookies allow us to count our visitors and identify traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how our visitors move around the website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor its performance.
- Marketing cookies: These tracking cookies may be set through our site by our third party advertising partners. They may be used to build a profile of your interests based on your browsing history, and will show you relevant adverts when you visit other websites. Tracking cookies are based on identifying your browser and internet device. If you do not allow these cookies, you will still receive advertising on the websites you visit, but the ads will be general rather than targeted to you.
You can find out more information about the individual cookies we use and the purposes for which we use them in the tables below:
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
|__cf_bm||vimeo.com||This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.||1 day||HTTP Cookie|
|Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website.||2 years||HTTP Cookie|
|CookieConsent||cookiebot.com||Stores the user’s cookie consent state for the current domain||1 year||HTTP Cookie|
|cookietest||thekitefactorymedia.com||This cookie is used to determine if the visitor has accepted the cookie consent box.||Session||HTTP Cookie|
|JSESSIONID||bam.nr-data.net||Preserves users states across page requests.||Session||HTTP Cookie|
|wordpress_test_cookie||thekitefactorymedia.com||Used to check if the user’s browser supports cookies.||Session||HTTP Cookie|
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
|player||vimeo.com||Saves the user’s preferences when playing embedded videos from Vimeo.||1 year||HTTP Cookie|
|sync_active||player.vimeo.com||Contains data on visitor’s video-content preferences – This allows the website to remember parameters such as preferred volume or video quality. The service is provided by Vimeo.com.||Persistent||HTML Local Storage|
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
|_ga||www.googletagmanager.com||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||399 days||HTTP Cookie|
|_ga_#||www.googletagmanager.com||Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit.||399 days||HTTP Cookie|
|_gat||www.google-analytics.com||Used by Google Analytics to throttle request rate||1 day||HTTP Cookie|
|_gid||www.google-analytics.com||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||1 day||HTTP Cookie|
|events/1/#||bam.nr-data.net||Used to monitor website performance for statistical purposes.||Session||Pixel Tracker|
|vuid||vimeo.com||Collects data on the user’s visits to the website, such as which pages have been read.||399 days||HTTP Cookie|
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
|ads/ga-audiences||www.google.com||Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites.||Session||Pixel Tracker|
|VISITOR_INFO1_LIVE||youtube.com||Tries to estimate the users’ bandwidth on pages with integrated YouTube videos.||179 days||HTTP Cookie|
|YSC||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen.||Session||HTTP Cookie|
|yt.innertube::nextId||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen.||Persistent||HTML Local Storage|
|yt.innertube::requests||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen.||Persistent||HTML Local Storage|
|ytidb::LAST_RESULT_ENTRY_KEY||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Persistent||HTML Local Storage|
|yt-remote-cast-available||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Session||HTML Local Storage|
|yt-remote-cast-installed||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Session||HTML Local Storage|
|yt-remote-connected-devices||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Persistent||HTML Local Storage|
|yt-remote-device-id||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Persistent||HTML Local Storage|
|yt-remote-fast-check-period||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Session||HTML Local Storage|
|yt-remote-session-app||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Session||HTML Local Storage|
|yt-remote-session-name||youtube.com||Stores the user’s video player preferences using embedded YouTube video||Session||HTML Local Storage|
Third party cookies
Sharing with Social Networks
If you use the buttons that allow you to share products and content with your friends via social networks like Twitter and Facebook, these companies may set a cookie on your computer memory. Find out more about these here:
This policy was reviewed and updated on: 30/11/2022
Your personal data may be stored, processed, and transferred outside the UK or EEA, so that we can use your personal data as described in this policy.
We will make sure that any transfers of your personal information from one country to another comply with those data protection and privacy laws which apply to us. UK and European data protection laws include specific rules on transferring personal information outside the EEA.
When transferring personal information outside the UK or EEA, we will:
- Include standard data protection clauses approved by the ICO for transferring personal information outside the UK, EEA into our contracts with those third parties as required under the General Data Protection Regulation (UK GDPR)); or
- Ensure that the country in which your personal information will be handled has been deemed “adequate” by the ICO
Your Rights and Control over your Personal Data
Under the General Data Protection Regulation, you have the following rights:
- The right to be informed – you have the right to know what we are collecting and how we are collecting it.
- Right of access– you have the right to know whether we are processing your personal data, and what we are processing.
- Right to rectification – you have the right to have any incorrect personal data corrected or completed if it is incomplete.
- Right to erasure – this right, often referred to as the right to be forgotten, allows you to ask us to erase personal data where there is no valid reason for us to keep it. However, we will retain just enough of your personal data to ensure that we hold about you that the restriction is respected in the future.
- Right to restrict processing – you have the right to ask us to restrict processing of your data
- Right to object – you have the right to object to our processing of your personal data based on:
– legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling);
– direct marketing (including profiling); and- for purposes of scientific/historical research and statistics.
The right to make a compliant to the data protection regulator
To exercise any of these rights, please contact firstname.lastname@example.org or our Data Protection Officer email@example.com
If you wish to lodge a complaint or seek advice from a supervisory authority, please contact the Information Commissioner’s Office. The ICO is the UK’s independent body set up to uphold your rights to data privacy. The ICO can be contacted at The Office of the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: +44 (0) 01625 545 745 Website: https://ico.org.uk
The Kite Factory Ltd is registered with the ICO as a data controller, reg no: Z9562303.
Our registered address is: 55 New Oxford Street, London WC1A 1BS
Brand Safety Process
We have put in place strict exclusions when running activity in the DSP we use. In line with industry best practice, we approach this in two ways using 2 different vendors:
- Bottom-up – Pre-bid filtering to exclude any impressions from our programmatic campaigns using content category filtering tools
- Top-down – 3rd party measurement and analytics tools for post-delivery insights into the quality of inventory which allow us to remove any sites or placements that may be seen as harmful to the brand
Pre-bid Content Filtering
Four types of pre-bid filters are being applied:
- DSP content category exclusions, 3rd party content category exclusions (IAS or Adloox), URL keyword & blocked sites
IAS and Adloox are an MRC accredited 3rd party specialist technology that is integrated into the DSP and bought on a cost per thousand impressions basis. The IAS and Adloox category exclusions are set to exclude anything that is of ‘moderate and high risk’, which is the highest level it can be set at. These categories include:
- Adult, Alcohol, Illegal Downloads, Drugs, hate Speech, Offensive Language, Violence, Unrateable & Suspicious
3rd Party Verification – Post-Delivery Insight
We also use Adloox to monitor the quality of online advertising. We use the measurement to track viewability and engagement. These insights allow us to improve the quality and effectiveness of advertising through block listing at an agency or client level. We have determined benchmarks for each of the core metrics and will be filtering out domains that fall below this benchmark.
- Human and Viewable % – below 20%
- Invalid Traffic % (IVT – otherwise known as non-human) – over 5%
- Brand Safety % – above 10% (with exceptions)
- Grapeshot is an independent context analysis engine which is fully integrated with MOAT. It goes beyond URLs, analysing the actual content on the page to determine its context.
- In View Time – below 5”
The site list process is similar to the blocklist process, but reversed. We analyse Adloox data, looking at ‘Human & Viewable Rate’, ‘In-View Time’, ‘Invalid Traffic Rate’, and ‘Brand Safety’ by site. If these metrics are seen as worse than the Adloox benchmark for a site, then we will not look to include it in a site list. We then also use general principles to confirm whether a site is legitimate or not. These include: checking the connection is secure, ensuring the URL contains ‘https’ at the start, checking /ads.txt on the site and also whether the ads render correctly/click through correctly on site. Also, simply, whether the publisher is well known.
If The Kite Factory discovers or is made aware that an online advertisement for a client has appeared on a site that contains or links to inappropriate content, we shall use reasonable endeavours to remove the online advertisement from the site as soon as possible and within a maximum of 2 business days of discovery or notification.