Skip to content

Legal

Privacy Policy

Last updated: 3 May 2026

This Privacy Policy describes how K2 (“we”, “us”, or “our”) collects, uses, stores, and protects personal information when you visit our website, use our contact or enquiry forms, or otherwise interact with us online in connection with our software development and related professional services (collectively, the “Services”).

By using our website or submitting information to us, you acknowledge that you have read this Privacy Policy. If you do not agree, please do not use our Services.

1. Who we are

K2 operates this website and related communications in connection with software engineering, consulting, and delivery services. For data protection purposes, we act as the controller of personal information described in this policy when we determine how and why it is processed.

2. Information we collect

We may collect the following categories of information, depending on how you interact with us:

  • Information you provide directly — for example, name, email address, phone number, company name, and the content of messages you send through contact forms, email, or similar channels.
  • Technical and usage data — such as IP address, browser type, device type, general location derived from IP, pages viewed, and timestamps. This is typically collected automatically through server logs, analytics tools (if enabled), and similar technologies.
  • Cookies and similar technologies — our website may use cookies or local storage that are strictly necessary for security, session management, or basic functionality (for example, remembering preferences). Where we use non-essential cookies, we will seek your consent where required by law.

3. How we use your information

We use personal information for purposes such as:

  • responding to enquiries and providing information about our Services;
  • operating, securing, and improving our website and infrastructure;
  • sending operational communications related to your enquiry or our relationship (where appropriate);
  • complying with legal obligations and defending our legal rights;
  • detecting, preventing, and addressing fraud, abuse, or security incidents.

We do not sell your personal information. We do not use your information for automated decision-making that produces legal or similarly significant effects.

4. Legal bases (where applicable)

If the EU or UK General Data Protection Regulation (GDPR) or similar laws apply, we rely on one or more of the following legal bases: our legitimate interests in operating and promoting our business (balanced against your rights); performance of a contract or steps prior to entering a contract; compliance with legal obligations; and, where required, your consent (for example, certain cookies or marketing communications).

5. Disclosure of information

We may share personal information with:

  • Service providers who assist us with hosting, email delivery, analytics, security, or IT operations, subject to appropriate contractual safeguards where required.
  • Professional advisers (such as lawyers or accountants) where necessary.
  • Authorities when required by law, regulation, court order, or governmental request, or to protect the rights, property, or safety of K2, our clients, or others.

If K2 is involved in a merger, acquisition, or asset sale, personal information may be transferred as part of that transaction, subject to equivalent protections where required by law.

6. International transfers

Your information may be processed in countries other than your country of residence. Where we transfer personal data from the UK, EEA, or Switzerland to countries not regarded as providing adequate protection, we implement appropriate safeguards (such as standard contractual clauses) where required by applicable law.

7. Retention

We retain personal information only for as long as necessary for the purposes described in this Policy, unless a longer period is required or permitted by law (for example, tax, accounting, or dispute resolution). Retention periods depend on the nature of the data and our relationship with you.

8. Security

We implement technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure, or destruction. No method of transmission over the Internet or electronic storage is completely secure; we cannot guarantee absolute security.

9. Your rights

Depending on where you live, you may have rights to access, rectify, erase, restrict, or object to certain processing of your personal information, or to request data portability. You may also have the right to lodge a complaint with a supervisory authority.

To exercise applicable rights, please contact us using the details on our Contact page. We may need to verify your identity before responding.

10. Children

Our Services are not directed at individuals under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us and we will take appropriate steps to delete it.

11. Third-party websites

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal information.

12. Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top will be revised when changes are made. Material changes may be communicated through the website or other reasonable means where appropriate. Continued use of our Services after changes constitutes acceptance of the updated Policy, to the extent permitted by law.

13. Contact

For privacy-related questions or requests, please contact us via our Contact page.