top of page

PRIVACY POLICY

Last updated: 20/01/2026

This privacy policy explains how Trust Kava collects, uses, stores, and shares personal data.

Trust Kava is operated by Prey Design Ltd, a company registered in England and Wales under company number [insert company number].

This policy applies when you use our website, submit an enquiry, contact us, or use our supplier due diligence and third-party risk services.

————————————

1. WHO WE ARE

Trust Kava provides supplier due diligence and third-party risk support for businesses working with Zimbabwe-linked suppliers, contractors, partners, and other third parties.

Trust Kava is operated by Prey Design Ltd.

Registered office: [insert registered office address]

Email: [insert email address]

Phone: [insert phone number, if applicable]

For the purposes of UK data protection law, Prey Design Ltd is the controller of personal data processed through this website and our services, unless we agree otherwise in writing.

————————————

2. THE PERSONAL DATA WE COLLECT

We may collect and use the following types of personal data.

Contact details:

• Name
• Work email address
• Phone number
• Company name
• Job title
• Business address

Enquiry and client information:

• Information submitted through website forms
• Details about your organisation
• Details about the supplier, contractor, partner, or third party you ask us to review
• Correspondence with you
• Service requests and project details
• Invoice and payment information

Supplier and third-party due diligence information:

• Names of directors, owners, officers, employees, representatives, or key contacts
• Job titles and business contact details
• Company registration details
• Ownership or control information
• Documents provided by clients or suppliers
• Public record information
• Sanctions and PEP screening results
• Adverse media findings
• Risk indicators and due diligence notes

Website and technical information:

• IP address
• Browser type
• Device information
• Pages visited
• Time and date of visit
• Cookie and analytics information, where used

————————————

3. WHERE WE GET PERSONAL DATA FROM

We may collect personal data from:

• You, when you contact us or submit an enquiry
• Your organisation
• Suppliers, contractors, partners, or third parties being reviewed
• Public records
• Company registries
• Sanctions and PEP screening tools
• Adverse media sources
• Search engines and public websites
• Third-party databases and service providers
• Professional advisers or referral partners

————————————

4. HOW WE USE PERSONAL DATA

We use personal data to:

• Respond to enquiries
• Provide information about our services
• Assess whether we can help with a request
• Deliver supplier due diligence services
• Run sanctions and PEP screening
• Review supplier documents and evidence
• Prepare risk summaries and reports
• Manage client relationships
• Send invoices and manage payments
• Keep records of work completed
• Improve our website and services
• Comply with legal and regulatory obligations
• Protect our business, systems, clients, and other people

————————————

5. OUR LAWFUL BASES FOR USING PERSONAL DATA

We rely on different lawful bases depending on how and why we use personal data.

Contract:

We may use personal data where it is necessary to take steps before entering into a contract or to deliver services under a contract.

Legitimate interests:

We may use personal data where it is necessary for our legitimate business interests, including responding to business enquiries, providing due diligence services, reviewing supplier risk, protecting our business, and improving our services.

Legal obligation:

We may use personal data where we need to comply with legal obligations.

Consent:

We may rely on consent in limited cases, such as for certain marketing communications or optional cookies, where required.

————————————

6. SPECIAL CATEGORY AND SENSITIVE INFORMATION

Our services may sometimes involve information that is sensitive, including information about political exposure, sanctions, allegations, adverse media, legal proceedings, or regulatory issues.

We do not usually ask for special category personal data unless it is necessary for a specific due diligence purpose.

If special category data or criminal offence-related information is processed, we will only process it where there is a lawful basis and a relevant condition under data protection law.

————————————

7. WHO WE SHARE PERSONAL DATA WITH

We may share personal data with:

• Clients who request due diligence reports
• Suppliers or third parties being reviewed, where needed to request evidence or confirm information
• Screening providers
• Technology and hosting providers
• Email and communication providers
• Payment and accounting providers
• Professional advisers
• Legal or regulatory authorities, where required
• Other service providers who help us operate our business

We only share personal data where necessary and appropriate for the purposes described in this policy.

————————————

8. INTERNATIONAL TRANSFERS

Some personal data may be processed outside the United Kingdom, including where suppliers, clients, service providers, or information sources are based in other countries.

Where required, we will take steps to protect personal data when it is transferred internationally, including using appropriate safeguards under data protection law.

————————————

9. HOW LONG WE KEEP PERSONAL DATA

We keep personal data only for as long as needed for the purposes described in this policy.

We may keep enquiry and contact information for up to 6 years after our last interaction, unless a shorter period is appropriate.

We may keep client records, reports, invoices, and related due diligence materials for up to 6 years after the end of the client relationship, unless a longer period is required by law or needed to manage a legal claim.

We may delete or anonymise information sooner where it is no longer needed.

————————————

10. HOW WE PROTECT PERSONAL DATA

We take reasonable steps to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These steps may include access controls, secure storage, password protection, supplier controls, and limiting access to people who need the information to perform their role.

No system is completely secure, so we cannot guarantee absolute security.

————————————

11. YOUR DATA PROTECTION RIGHTS

Depending on the circumstances, individuals may have the right to:

• Access their personal data
• Correct inaccurate personal data
• Request deletion of personal data
• Restrict how personal data is used
• Object to certain processing
• Request transfer of personal data
• Withdraw consent where processing is based on consent
• Complain to the Information Commissioner’s Office

To make a request, contact us at [insert email address].

We may need to verify your identity before responding.

————————————

12. MARKETING

We may use business contact details to send relevant updates about Trust Kava services.

You can opt out of marketing communications at any time by contacting us at [insert email address] or using any unsubscribe option provided.

We will not sell your personal data to advertisers.

————————————

13. COOKIES AND WEBSITE ANALYTICS

Our website may use cookies or similar technologies to make the website work, improve performance, understand how visitors use the site, and support basic analytics.

Where required, we will ask for your consent before using optional cookies.

You can usually manage cookies through your browser settings.

————————————

14. THIRD-PARTY LINKS

Our website may include links to third-party websites.

We are not responsible for the privacy practices, content, or security of third-party websites. You should review their privacy policies before providing personal data to them.

————————————

15. DATA BREACHES

If a personal data breach occurs, we will assess the risk and take appropriate action.

Where required by law, we will notify the Information Commissioner’s Office and affected individuals.

————————————

16. CHANGES TO THIS POLICY

We may update this privacy policy from time to time.

The latest version will be available on this website. The date at the top of the page shows when the policy was last updated.

————————————

17. CONTACT US

If you have any questions about this privacy policy or how we use personal data, contact us at:

Trust Kava
Prey Design Ltd

Belmont Suite, Paragon Business Park, Chorley New Road, Bolton, England,

BL6 6HG


Info@trustkava.com
 

You can also complain to the Information Commissioner’s Office if you are unhappy with how we use your personal data.

Information Commissioner’s Office
Website: ico.org.uk

bottom of page