1. Introduction

THE KAIZEN LTD ("Company", "we", "our", or "us") respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, products, services, SMS services, and associated platforms ("Services").

This policy is designed to comply with the General Data Protection Regulation (GDPR), UK Data Protection Act, Privacy and Electronic Communications Regulations (PECR), and requirements for A2P messaging platforms.

2. Information We Collect

We may collect and process the following categories of personal data:

a. Personal Identifiable Information (PII)

Full nameEmail addressPhone number (mobile and/or landline)Company name (if applicable)Billing address (if applicable)IP address

b. SMS and Communication Data

Mobile numbers submitted for verificationMessage delivery statusesOpt-in/opt-out recordsTimestamps and logs related to user consent and communicationContent of communications sent via our platform (e.g., OTPs)

c. Technical Information

Browser type and versionDevice identifiersOperating systemWebsite usage data via cookies or analytics

3. How We Use Your Information

We use your personal data for the following purposes, based on lawful grounds:

PurposeLawful BasisTo deliver OTPs, alerts, and A2P communicationsConsent / ContractTo manage user accounts and client relationshipsContractTo process payments and issue invoicesLegal obligation / ContractTo monitor and improve the performance of our platformLegitimate interestTo comply with regulatory, anti-spam, and telecom obligationsLegal obligationTo detect, prevent, and address fraud or abuseLegitimate interest

You may withdraw consent at any time where applicable.

4. How We Obtain Consent

We only send SMS messages or other communications where:

The recipient has explicitly opted in (e.g., via web form, keyword opt-in, checkbox).Consent is logged and timestamped, with the purpose clearly stated.Opt-out options (e.g., "Reply STOP to unsubscribe") are included as required.

We retain consent logs for auditing and compliance verification.

5. Sharing and Disclosure of Information

We do not sell your personal data. We may share your information with:

Trusted third-party service providers (e.g., SMS gateways, hosting providers) under strict confidentiality and only for the purpose of delivering our Services.Regulatory or legal authorities, if required by law or to enforce our terms or investigate fraud.Internal staff and technical support teams with limited, role-based access.

All third parties are contractually obligated to comply with data protection laws.

6. International Data Transfers

Your data may be stored or processed outside of the United Kingdom. In such cases, we ensure that:

Data transfers are protected under Standard Contractual Clauses or adequacy decisions as per UK and EU regulations.Third parties meet GDPR-equivalent standards of protection.

7. Data Retention

We retain personal data only as long as necessary:

User contact information and opt-in records: Up to 7 years (for compliance)SMS message logs and delivery records: Up to 2 yearsInactive account data: Deleted after 12 months of inactivity

You can request deletion at any time (see Section 10).

8. Your Rights (GDPR/UK GDPR)

You have the following rights over your personal data:

Right to access – Request a copy of the data we hold about you.Right to rectification – Correct any inaccurate or incomplete data.Right to erasure – Request deletion of your data ("right to be forgotten").Right to restrict processing – Limit how we use your data.Right to data portability – Request transfer of your data to another provider.Right to object – Object to data processing (e.g., for marketing).Right to withdraw consent – At any time, where applicable.

To exercise any of these rights, please contact us at:

[email protected]

9. Security of Your Information

We use industry-standard technical and organizational security measures to protect your data:

Encrypted data transmission (SSL/TLS)Role-based access controlRegular vulnerability scanningSMS message logs stored on secure serversData pseudonymization and anonymization where possible

10. Opt-Out Mechanism

Recipients may opt out of receiving SMS or emails at any time by:

Replying "STOP" to any SMSClicking unsubscribe in email footersContacting us at [email protected]

Opt-out requests are honored immediately, and confirmation is logged.