Privacy Notice
Last updated: 15 May 2026
This privacy notice explains how Kiplot Ltd collects and uses personal data when you visit or interact with our website.
Kiplot Ltd is a company registered in England and Wales under company number 09750018. In this notice, “Kiplot”, “we”, “us” and “our” refer to Kiplot Ltd.
Kiplot Ltd — registered office: Rivington House, 82 Great Eastern Street, London EC2A 3DT, United Kingdom.
For privacy enquiries, contact us at privacy@kiplot.com.
1. Scope of this notice
This privacy notice applies only to your use of the Kiplot marketing website at kiplot.com and, where applicable, www.kiplot.com. This includes when you browse the website, submit an enquiry, request a demo, download content, subscribe to communications, or otherwise interact with us through the website.
This notice does not apply to the Kiplot software platform, including customer-specific Kiplot environments hosted on Kiplot subdomains, such as [customer].kiplot.com.
Processing of personal data within the Kiplot platform is governed by the relevant customer agreement, data processing agreement, and applicable product documentation.
2. Who is responsible for your personal data
For personal data collected through this website, Kiplot Ltd is the controller.
Kiplot has assigned executive responsibility for data protection and privacy governance to a senior member of its management team. This role is responsible for oversight of Kiplot’s privacy programme but is not a formally appointed Data Protection Officer.
3. Personal data we collect
We may collect the following categories of personal data.
Information you provide to us
This may include:
- name;
- work email address;
- telephone number;
- company name;
- job title;
- country or region;
- information included in enquiry forms, demo requests, emails, or other communications with us;
- marketing preferences.
Information collected automatically
When you visit our website, we may collect limited technical and usage information, including:
- IP address;
- browser type and version;
- device type;
- operating system;
- approximate location derived from IP address;
- pages visited;
- time and date of visits;
- referring website or source;
- cookie identifiers and similar technologies.
Information from third parties
We may receive business contact information from third-party sources, such as professional databases, event partners, referral partners, or publicly available sources, where permitted by law.
Sensitive personal data
We do not knowingly collect special category data (such as health, racial or ethnic origin, religious beliefs, or political opinions) through this website. Please do not submit special category data through our forms or enquiry channels.
4. How we use personal data
We use personal data for the following purposes:
| Purpose | Examples | Lawful basis |
|---|---|---|
| Operating and securing the website | Website functionality, security logs, fraud prevention | Legitimate interests |
| Responding to enquiries | Replying to contact forms, demo requests, emails | Legitimate interests; steps prior to entering into a contract |
| Managing business relationships | Prospect management, CRM records, sales follow-up | Legitimate interests |
| Sending marketing communications | Product updates, events, newsletters, relevant commercial communications | Consent where required; otherwise legitimate interests for appropriate B2B communications |
| Measuring website performance | Analytics, traffic measurement, content performance | Consent where required for cookies; legitimate interests for related analysis |
| Improving our website and services | Understanding user needs and improving content | Legitimate interests |
| Complying with legal obligations | Accounting, regulatory, legal or compliance requirements | Legal obligation |
| Protecting our rights | Managing disputes, enforcing terms, protecting Kiplot’s business | Legitimate interests |
Where we rely on legitimate interests, our interests include operating a secure website, communicating with business contacts, developing customer relationships, improving our services, and protecting our business. We only rely on legitimate interests where we consider that these interests are not overridden by your rights and freedoms.
Automated decision-making
We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects. Where we use tools such as marketing analytics or lead scoring, these inform business decisions taken by Kiplot employees rather than replace them.
5. Marketing communications
We may send marketing communications to business contacts where permitted by law.
You can opt out of marketing communications at any time by:
- using the unsubscribe link in our emails; or
- contacting us at privacy@kiplot.com.
We may retain limited information after you opt out to ensure we respect your marketing preferences.
6. Cookies and similar technologies
We use cookies and similar technologies on our website.
Cookies help us:
- operate the website;
- remember preferences;
- understand how visitors use our website;
- improve website performance;
- support marketing and analytics activities.
Some cookies are necessary for the website to work. Others, such as analytics or marketing cookies, may require your consent.
Where required, we will ask for your consent before setting non-essential cookies. You can manage your cookie preferences through our cookie banner or settings tool, where available.
You can also manage cookies through your browser settings, although this may affect how the website works.
We may use third-party analytics tools, such as Google Analytics or similar services, to understand website usage.
7. Sharing personal data
We may share personal data with:
- hosting and website service providers;
- analytics and marketing technology providers;
- CRM and email communication providers;
- professional advisers, such as lawyers, accountants, and auditors;
- event partners or referral partners, where relevant and lawful;
- regulators, courts, law enforcement, or public authorities where required by law;
- potential buyers, investors, or advisers in connection with a corporate transaction.
We require service providers to protect personal data and use it only for the purposes for which we engage them.
8. International transfers
Some of our service providers may process personal data outside the United Kingdom or European Economic Area.
Where personal data is transferred internationally, we use appropriate safeguards where required. These may include:
- adequacy regulations or adequacy decisions;
- the UK International Data Transfer Agreement;
- the UK Addendum to the EU Standard Contractual Clauses;
- EU Standard Contractual Clauses;
- other lawful transfer mechanisms available under applicable data protection law.
9. How long we keep personal data
We keep personal data only for as long as reasonably necessary for the purposes described in this notice.
Typical retention periods are:
| Data type | Typical retention |
|---|---|
| Website analytics data | In accordance with the relevant analytics tool settings |
| Contact form and enquiry data | Up to 24 months after the last meaningful interaction, unless a business relationship develops |
| Sales and CRM records | For as long as there is an active or reasonably prospective business relationship |
| Marketing subscription data | Until you unsubscribe or the data is no longer relevant |
| Marketing suppression records | As long as needed to ensure we respect opt-out requests |
| Contract, accounting, and legal records | Up to 7 years where required for legal, tax, accounting, or dispute purposes |
| Security logs | As long as reasonably necessary for security, investigation, and compliance purposes |
We may retain data for longer where required by law, litigation, regulatory request, or legitimate business need.
10. Your rights
Depending on your location and the applicable law, you may have rights to:
- access your personal data;
- correct inaccurate personal data;
- request deletion of your personal data;
- restrict how we use your personal data;
- object to certain processing;
- receive a copy of your personal data in a portable format;
- withdraw consent where processing is based on consent;
- object to direct marketing at any time.
To exercise your rights, contact privacy@kiplot.com.
We may need to verify your identity before responding to a request.
11. Complaints
You may contact us at privacy@kiplot.com if you have concerns about how we handle your personal data.
You also have the right to complain to the UK Information Commissioner’s Office.
ICO website: ico.org.uk
12. Security
We use technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
No website or internet transmission is completely secure. We therefore cannot guarantee absolute security, but we take reasonable steps to protect personal data.
13. Children
Our website is intended for business users and is not directed at children. We do not knowingly collect personal data from children through the website.
14. External links
Our website may contain links to third-party websites. We are not responsible for the privacy practices, content, or security of those websites.
15. Changes to this notice
We may update this notice from time to time. The latest version will be published on this page with the date of the most recent update.