Kirke Management Consulting Inc., (also referred to as “Kirke”, “us”, “we”) recognizes the importance of transparent and responsible use of your personal data. This Privacy Notice (“Notice”) outlines how we collect, use, process, disclose, retain and safeguard your personal data.
Who does this Notice apply to?
This Notice applies to:
- Visitors to our website
- Customers and prospective customers of our services
- Prospective job candidates
- Individuals who communicate with us – whether over the phone, in person, or through email.
What is Personal Data?
For the purposes of the services that Kirke provides and the regulations we need to comply with, personal data refers to any information relating to an identified or identifiable individual, such as a name, email address, phone number, or IP address.
What privacy regulations do we comply with?
We provide services globally and comply with different privacy laws worldwide including the European Union (‘’EU’’) General Data Protection Regulation (“GDPR”), the Data Protection Act of 2018 (“UK DPA”) in the United Kingdom (“UK”), the Personal Information Protection and Electronic Documents Act (“PIPEDA”) in Canada, and U.S. state privacy laws including the California Consumer Privacy Act (“CCPA”), among others.
We respect your privacy rights and take reasonable steps to protect your personal data according to the expectations of the laws of where you are located.
Personal data collection and purpose of processing
Personal data we collect directly from you
We collect personal data directly from you through:
Contact request
We collect personal data directly from you when you contact us through our website contact forms, email, or phone. We collect your name, email address, company name, and the reason for your inquiry. We use the personal data you provide to respond to your inquiries and fulfill your requests.
Job application
For job applications submitted to Kirke, we collect your name, email address, resume, message, and any other information you choose to provide. We use this information to assess your qualifications, communicate with you about your application and manage the recruitment process.
Professional interaction
We collect your personal data when you engage with us professionally, as a current, and prospective customer or business partner. We collect your name, company’s name, job title, email address and other business contact information. We document our interactions with you to manage and enhance our business relationship and improve our services.
Personal data we collect automatically (cookies)
We automatically log information about you, your computer or mobile device, and your activity when you use our website. This includes details of your visit such as your IP address and the location from which you access the website.
We use cookies to gain insights into how you, as a visitor, navigate the website in order to provide you with a better web experience and understand what areas of our website or the services described in our website you are most interested in. Cookies are small text files stored on your device to remember information about you. We use this information to gain insights about you and to enhance your browsing experience.
Legal basis for processing
To comply with privacy laws worldwide, specifically with GDPR in the EU and the UK DPA, we are required to provide a legal basis for the processing of your personal data.
Kirke will not process your personal data unless we have a legal justification to do so. We will only process your personal data if:
- We have obtained your explicit consent prior to processing your personal data.
- If we need your personal data to perform a contractual obligation.
- If we need your personal data to fulfill our legal and regulatory obligations.
- If we have a legitimate interest that will not put your rights and freedoms at risk.
Personal data disclosure
We will not disclose your personal data to any party not authorized to process it. We will only disclose your personal data to the following parties under specific circumstances:
- Kirke’s employees, if required, to fulfill your requests.
- Contracted service providers supporting our business operations.
- In response to lawful requests by regulators, government authorities, public authorities (e.g., tax authority), courts, or law enforcement.
Personal data from minors
We do not knowingly collect personal data from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us using the details in the “How to contact us” section of this Notice.
If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.
Personal data security
Kirke is committed to protecting the personal data we collect, process, and disclose about you. We maintain appropriate safeguards and take reasonable steps to protect your personal data, ensure that we limit its use and that we disclose it only to the parties that have a legitimate reason to have access to it.
We ensure that all the parties that we disclose your personal data to, internally and externally, have contractual obligations to protect the security and the confidentiality of your personal data.
Personal data transfer
The personal data that we collect from you for the purpose of our business operations is stored on servers in the US and Canada. We take appropriate steps to ensure that transfers of personal data across borders are in accordance with applicable law, and we only transfer personal data to partners and other third-party organizations where we are satisfied that adequate levels of protection are in place to protect your data.
For personal data transferred out of the EU, Switzerland or the UK into countries that are not considered to have an adequate level of personal data protection, we obtain contractual commitments from third party organizations to protect your personal data. These contractual commitments include the use of standard contractual clauses approved by the EU Commission to ensure that we have a valid data transfer mechanism in place.
Personal data retention
We are expected to retain your personal data for an established period of time for regulatory, legal, tax, or business requirements.
We retain your personal data for the period established in our retention policy to fulfill the purposes of which we collected it for or to comply with the law, to prevent fraud, to facilitate an investigation, to defend against legal claims, or to exercise our legal rights.
Personal data rights
Subject to legal exceptions, you have the right to request access to, update, or delete your personal data. You may also request restrictions on, or object to the processing of your personal data, and you have the right to request the transfer of your data to another organization in a commonly used format.
For each request, we will inform you of the outcome of your request and any applicable legal or contractual exemptions.
To submit any request about your Personal Data, you may contact our Privacy Officer at abrown@kirke-consulting.com.
Canadian residents – right to lodge a complaint with a privacy authority
If you are in Canada, we ensure our practices align with the Fair Information Principles stated in Canadian privacy laws.
For any complaints, questions, or inquiries regarding these principles or our practices, please refer to the contact information at the end of this Notice. You may also file a complaint with the Office of the Privacy Commissioner of Canada here: https://www.priv.gc.ca/en/contact-the-opc/
U.S. residents – right to lodge a complaint with a privacy authority
If you reside in the U.S. and have complaints regarding how your personal data is managed by us, you may contact the Attorney General of your state. The Attorney General’s office can guide you on your rights and help you file a complaint if you believe your personal data has been mismanaged.
EU, UK and Switzerland residents – right to lodge a complaint with a supervisory authority
If you live in the EU, or the UK, and wish to file a complaint with a supervisory authority, you may do so in the country where you reside, work, or where the issue with your personal data occurred.
For a list of all supervisory authorities in the EU, please visit the following site: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
If you reside in the UK, you can contact the Information Commissioner’s Office (ICO) here: https://ico.org.uk/make-a-complaint
If you have a complaint about how we process your personal data, we kindly ask that you allow us the chance to address it internally before reaching out to a privacy or supervisory authority.
How to contact us
If you have any further questions regarding the Personal Data that Kirke collects and processes or if you have feedback regarding this Notice, you may contact our Privacy Officer via email at abrown@kirke-consulting.com
Updates to this Notice
We may change this Notice at any time. We will make a reasonable effort to notify you of any significant changes and indicate the date of the latest revision using the “Last Updated” legend at the bottom of the Notice.
Last updated: March 24, 2025