top of page

GDPR Policy

The following outlines the General Data Protection Regulation Policy for which is a brand name of Kuci Design Limited – Company Number : 09733380

– Overview
– Data storage
– Data Rights

- Google Services
– Additional Contact information



  • All data collected and/or stored by is done so for the sole purposes of’s business. This will include, but is not limited to, membership communication, internal marketing of events, notification of publications, CPD. Individual’s personal data will not be shared with a third party outside of or Kuci Design Limited without prior written consent.

  • No member of staff or shareholder will share any personal data with a third party without the prior consent of the individual. This includes, but is not limited to name, address, email address and phone details.

  • All’s staff will sign to consent form for their business email address, phone number and associated business contact details to be circulated for the sole purposes of’s business.

Data Storage

  • From May 2018 will not retain any paper files of personal data, except for order processing of financial transactional data.

  • will carry out a full IT security audit each year

    • Where financial transactional data is retained onsite it will be stored in a locked cabinet inside a locked building where access is restricted to the Directors and the financial administrator. The data is treated as confidential and is only shared with authorized personal.  Authorised personnel include,’s treasurer, the finance committee members, financial administrator and accountant.

    • Financial transactional data from previous financial years will be held in a secure locked building for 7 years within a secured locked cabinet which only Kuci Design staff have access to.

    • After their expiry any paper records will be destroyed by a registered company authorized to dispose of confidential waste at least once per quarter.

    • Financial information for online payments are not held by’s and are all managed by Stripe, Evo Payments International Europe or Paypal UK (depending on payment method).’s hold none of this payment information.

    • When processing financial information by telephone, staff taking the call must not write down or record any of the information given to them except in the designated boxes in the WorldPay payment terminal. They must not repeat back any card details and if they require clarification they will ask the caller to repeat the details.  The transaction should not be processed on speaker phone

      • No PC or workstation shall be left unmanned without a suitable password protected screen saver. All PCs and workstations should be closed or shutdown and password protected overnight.

      • All staff should use only their own login to access PCs and must not share their login details with others.

  • From May 2018 the directors and the membership administrator will meet quarterly to conduct a GDPR audit to ensure full compliance

  • All staff have signed as part of their contract of employment a confidentiality clause.

Data Rights

  • The data held by Kuci Design Limited can only be as accurate as the information supplied to’s. It is the responsibility of the individual to ensure their data is accurate.

  • Once an individual’s relationship with Kuci Design Limited has become inactive their personal data will be retained electronically for 6 years before deletion.

  • An individual may at any time request the removal of their personal data by contacting It should be noted that the removal of all personal data (including email contact details) will result in & Kuci Design Limited no longer being able to carry out the processing of the companies user details.

  • An individual may at any time raise a concern by contacting

Google Services

  • Kuci Design Limited and use google services for personalisation of ads and analytic purposes. By using this site you are giving your consent for your data to be used for these purposes. Google has it's own data privacy policy which can be access via the following link. - Google’s Privacy and Terms site 

Additional contact information
If you have any further concerns or queries please use the below information to contact us regarding your concern.

bottom of page