Privacy policy

Kin & little is committed to protecting and respecting your privacy.

This Policy explains what information that we may collect from you as user of kin & little. A user is someone who uses the website and/or contacts kin & little via email or the contact form.

Any questions regarding this Policy and our privacy practices should be sent by email to becca@kinandlittle.com 

What information do we collect from you or may have access to?

  • Email address IP address

  • Location

  • Content viewed on the kin & little website

  • Address

  • Information you give kin & little on the contact form or via email

Sensitive Data

In some cases, the work that kin & little does may involve collecting data that is classified as sensitive. We will always obtain your explicit consent before collecting any sensitive data.

Cookies

kin & little’s website uses cookies to enhance your user experience. Cookies are small text files that are placed on your device to collect standard internet log information and visitor behaviour information. You can disable cookies through your browser settings if you wish to do so. Please note that disabling cookies may affect the functionality of our website.


Children’s Data

kin & little may need collect and use personal data from children under 13 years of age in order to fulfil a contract that has been entered into. kin & little will obtain consent from the person that has parental responsibility before collecting any data. Children aged 13 and over will need to be involved in giving consent.

Purpose of Data Processing

Your personal data will be used for the following purposes:

  • Service Delivery: To deliver any services that kin & little are contractually committed to provide.

  • Communication: To respond to any inquiries, you make to kin & little regarding our services.

Data Security

At kin & little, we take the security of your personal data very seriously. We have implemented appropriate technical and organisational measures to protect your data from unauthorized access, loss, misuse, or alteration.

Data Retention

At kin & little, we retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. We are committed to ensuring that your data is stored securely and is only kept for the duration necessary to provide our services.

Retention Period

We will retain your personal data until the contract has been fulfilled, and the data is no longer needed, or until you request that we no longer provide services to you. Once the data is no longer required, it will be securely deleted or anonymised.

Sensitive Data

Any notes or sensitive data collected during your time with kin & little will be returned to you via secure email, with the password sent separately, once the contract has been fulfilled.

Security Measures

Encryption: Sensitive data is transmitted via encrypted email, and the password is sent separately to ensure security.

Secure Storage: Personal information is stored on a password-protected site with restricted access to authorized personnel only
Regular Security Reviews: We conduct regular reviews of our security practices to ensure that your data is protected against evolving threats.

Transmission of Data

While we strive to protect your personal information, please be aware that the transmission of data over the internet can never be guaranteed to be 100% secure. As a result, any information you transmit to us is done at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

User Responsibility

You are responsible for keeping your password and other login details confidential. We ask you not to share your password with anyone.

Review of Security Practices

We keep our security practices under regular review to ensure that your data remains secure. This policy was last updated in July 2025.

Third-Party Sharing

At kin & little, we are committed to protecting your personal data and ensuring that it is only shared with third parties when necessary and in accordance with the law.

Third-Party Service Providers

We may share your personal data with third-party service providers who work on our behalf to deliver our services. These third parties are carefully selected and are required to adhere to strict data protection standards. We disclose only the personal information that is necessary for the third party to perform their specific tasks, and we ensure that they do not use your data for their own purposes.

Contracts with Third Parties

When we engage third-party service providers, we have contracts in place that require them to keep your information secure and to use it only for the purposes specified by kin & little. These contracts also ensure that third parties do not use your data for their own direct marketing purposes.

Legal Obligations

We may disclose your personal data to third parties if we are required to do so by law. This includes situations where we need to comply with a court order, legal process, or other legal obligations, or to protect the rights, property, or safety of kin & little, our users, or others.

No Marketing Purposes

kin & little will not sell or rent your personal data to third parties for marketing purposes. We will not share your information with third parties for their own marketing purposes unless you have explicitly requested us to do so.

Your Choices

You can choose to opt out of receiving marketing communications from kin & little. If you wish to do so, please contact us at becca@kinandlittle.com.com. You can also change your marketing preferences at any time by contacting us.

kin & little will only contact you for marketing purposes if you have provided prior consent. You can update your marketing preferences at any time by reaching out to kin & little.

Your Rights as a User

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data. At kin & little, we are committed to respecting and upholding these rights.

Right to be Informed

You have the right to be informed about the collection and use of your personal data. This includes information about the purposes for processing your data, the retention periods, and who it will be shared with.

  • Right of Access

You have the right to access your personal data and obtain a copy of the information we hold about you. This allows you to verify the lawfulness of the processing.

  • Right to Rectification

If your personal data is inaccurate or incomplete, you have the right to have it corrected or completed without undue delay.

  • Right to Erasure

You have the right to request the deletion or removal of your personal data where there is no compelling reason for its continued processing. This is also known as the "right to be forgotten."

  • Right to Restrict Processing

You are entitled to request the restriction or suppression of your personal data. When processing is restricted, we are allowed to store your personal data but not utilise it.

  • Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes across different services. This allows you to move, copy, or transfer your data easily from one IT environment to another in a safe and secure way.

  • Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.

Exercising Your Rights

To exercise any of these rights, please contact us at [becca@kinandlittle.com]). We will respond to your request within one month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

Review of this Policy:

kin & little keep this Policy under regular review. This Policy was last updated in July 2025.

Data Controller

Under the terms of the GDPR, Rebecca Slough is the data controller. The UK data protection regime is set out in the Data Protection Act 2018, along with the UK GDPR.

Regulatory Authority

The Information Commissioner's Office (ICO) regulates data protection in the UK. The ICO offers advice and guidance, promotes good practice, carries out audits, considers complaints, monitors compliance, and takes enforcement action where appropriate.