Privacy & Cookie Policy

Knowsis Limited ("we", "us", "our", or the "Company"), a private limited company incorporated in England and Wales with registered number 07910980 and registered office at Windsor House Station Court, Station Road, Great Shelford, Cambridge, United Kingdom, CB22 5NE, operates Knowsis (the "Platform"). This Privacy Policy explains how we collect, use, share, and protect your personal data in compliance with the UK Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and other applicable laws.

By using the Platform, you consent to the practices described in this Privacy Policy and our [Terms of Use]. If you do not agree, please do not use the Platform.

We are the data controller responsible for your personal data, except where specified (e.g., when processing on behalf of third-party providers). For questions or to exercise your data protection rights, contact us via email at knowsis@know.is

We collect and process the following personal data:

● Account Information: Name, job title, employer, email, phone number, and other details provided during registration or eligibility verification (e.g., proof of professional/accredited investor status).

● User Content Data: Information you share on the Platform, such as comments, annotations, or report highlights, which may include personal data (e.g., your opinions or identifiers in comments).

● Usage Data: IP address, device details, browser type, login times, and interactions with the Platform (e.g., pages viewed, posts made).

● Payment Data: Billing details (e.g., company bank details or credit card information) if you subscribe to paid features, processed via secure third-party payment providers.

● Correspondence Data: Information from communications with us (e.g., support tickets, emails).

We collect this data directly from you, automatically via cookies and analytics tools, or from third parties (e.g., employers verifying your status).

We process personal data under the following UK GDPR lawful bases:

● Contract: To provide and manage your access to the Platform (e.g., account setup, user authentication) as per our Terms of Use.

● Legitimate Interests: To operate and improve the Platform, ensure security, prevent fraud, and analyse usage trends, provided this does not override your rights.

● Consent: For optional features like marketing emails or certain cookies (you may withdraw consent at any time).

● Legal Obligation: To comply with applicable laws (e.g., UK GDPR).

We use your personal data to:

● Verify eligibility (e.g., confirm professional/accredited investor status).

● Facilitate Platform functionality (e.g., sharing User Content, enabling community discussions).

● Ensure security (e.g., detect unauthorized access).

● Process payments (via third-party providers).

● Communicate with you (e.g., support, updates, or mandatory notices).

● Improve the Platform through analytics (e.g., usage patterns).

● Comply with legal obligations (e.g., record-keeping).

We do not use your data for automated decision-making or profiling that produces significant legal effects.

We may share your personal data with:

● Service Providers: Third-party vendors (e.g., cloud hosting) acting as data processors under strict contracts compliant with UK GDPR.

● Other Users: Your User Content (e.g., comments, report highlights) is visible to other verified Platform users, but only within the secure Platform environment.

● Regulators/Authorities: Where required by law (e.g., FCA, HMRC, law enforcement).

● Business Transfers: In case of a merger, acquisition, or asset sale, subject to confidentiality safeguards.

We do not sell your personal data or share it with third parties for their marketing purposes.

We retain personal data only as long as necessary:

● Account Data: For the duration of your account, plus up to 7 years post-termination for legal purposes.

● User Content: As long as it remains on the Platform, unless you request deletion (subject to legal obligations).

● Usage Data: Up to 2 years for analytics/security, unless anonymised.

● Payment Data: As required by payment providers or regulatory authorities (typically 7 years).

We securely delete or anonymise data when retention periods expire.

Under UK GDPR, you have the following rights:

● Access: Request a copy of your personal data.

● Rectification: Correct inaccurate or incomplete data.

● Erasure: Request deletion of your data (subject to legal obligations).

● Restriction: Limit how we process your data in certain cases.

● Objection: Object to processing based on legitimate interests (e.g., analytics).

● Data Portability: Receive your data in a structured, machine-readable format.

● Withdraw Consent: For processing based on consent (e.g., marketing).

To exercise these rights, contact knowsis@know.is. We will respond within one month (extendable by two months for complex requests). You may also lodge a complaint with the Information Commissioner’s Office (ICO) (www.ico.org.uk, helpline: 0303 123 1113).

We use cookies and similar technologies to enhance functionality, security, and analytics. Categories include:

● Essential Cookies: For core Platform operations (e.g., login, security).

● Analytics Cookies: To understand usage (e.g., Google Analytics, anonymized where possible).

● Marketing Cookies: For optional features (with your consent).

You can manage preferences via our cookie banner or browser settings. See our [Cookies] for details.

We implement technical and organizational measures to protect your data, including:

- Encryption (e.g., TLS for data in transit, AES-256 for data at rest).

- Access controls (e.g., multi-factor authentication, role-based permissions).

- Regular security audits and penetration testing.

However, no system is 100% secure. You are responsible for securing your account credentials.

The Platform may contain links to third-party websites. We are not responsible for their privacy practices. Review their policies before engaging.

The Platform is not intended for individuals under 18. We do not knowingly collect their data. Contact us if you believe we have such data.

We may update this Policy to reflect legal or operational changes. We will notify you via email or Platform notice. Continued use after changes constitutes acceptance.