Last modified: February 15, 2022

I. Introduction

Akanda Corp. (“Akanda”) is committed to keeping your personal data safe. This notice describes the personal data we collect, how it is used and shared, and your choices regarding this data.

We may occasionally update this notice. We encourage users to periodically review this notice for the latest information on our privacy practices.

If you have any questions or concerns about your privacy or anything in this notice, we encourage you to contact us at info@akandacorp.com.

II. Who does this notice apply to?

This notice applies to all users of our website. Some of the information collected from users may be personal data, and this notice provides information about your rights regarding your personal data.

III. What data do we collect?

The following data is collected by or on behalf of Akanda:

1- Data provided by users. This may include:

  • Name
  • Email address

2- Data created during use of our services. This may include:

  • Usage data, which tells us how users interact with our services. In some cases we collect this data through cookies, pixels, tags, and similar tracking technologies that create and maintain unique identifiers.
  • Device data, which provides us with information about the devices used to access our services, including IP addresses, referring URLs, operating systems used.

IV. How do we use the data we collect?

Akanda collects and uses data collected from Customers:

  • To send communications to users that have requested them
  • To provide and maintain our services
  • To enhance the safety and security of our users and services

V. What data do we share with others, and why?

Akanda may be required to share data with our affiliates and partners, at your request or to fulfil our contract with you. We may also share data with our affiliates and partners, for legal reasons or in connection with claims or disputes.

Akanda may share the data we collect:

1- With Akanda service providers and business partners

Akanda provides data to vendors, consultants, marketing partners, and other service providers or business partners. These include:

  • Email distribution platforms
  • Cloud storage providers

2- For legal reasons or in the event of a dispute

Akanda may share your personal data if we believe it is required by applicable law, regulation, operating license or agreement, legal process or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns.

This also includes sharing personal data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.

3- With consent

Akanda may share your personal data other than as described in this notice if we notify you and you consent to the sharing.

VI. How long do we keep your data for?

Akanda retains data for as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the category of user to whom the data relates, the type of data, and the purposes for which we collected the data.

Users may request deletion of their data any time by contacting info@akandacorp.com. We may retain data after a deletion request due to legal or regulatory requirements or for the reasons stated in this policy.

VII. What are our grounds for processing data?

We only collect and use personal data where we have lawful grounds to do so. These include processing user personal data for purposes of Akanda’s legitimate interests or those of other parties, to fulfil our legal obligations, or based on consent.

VIII. How do we secure your data?

Akanda is committed to the security and integrity and confidentiality of your information. We have implemented technical, administrative and physical security measures that are designed to protect your information from unauthorized access, disclosure, use and modification. We regularly review our security procedures to consider appropriate new technology and methods. However, unfortunately no method of storage on or transmission over the internet is 100% secure, and so we cannot guarantee the absolute security of your personal data.

IX. What about children’s data?

Akanda is not directed to children, and we do not knowingly collect personal data from children under the age of 18. If End Users are children and we are informed of this, we will take steps to delete that information. If you believe that a child under the age of 18 has given us personal data, please contact us at info@akandacorp.com.

X. What are my rights as a California resident?

The California Consumer Privacy Act (CCPA) allows consumers in California to opt out of certain sharing of their data.

It is important for you to know that Akanda does not sell your data. Please see above for further information on what data we collect and how we use it.

We do not track users over time and across apps or websites, and our website therefore does not respond to Do Not Track signals.

California residents may request that Akanda:

  • Disclose the sources, categories, and specific pieces of personal data we have collected about them, how that information is used including the purpose, and with whom Akanda shares it
  • Delete their personal data
  • Disclose, for any “sales” of personal data under the CCPA, the categories of personal data collected and sold and to what categories of third parties it was sold
  • Opt them out of sales of their personal data (if any)
  • Provide a copy of their personal data in a readily usable format that allows the information to be transmitted to others
  • California residents may not be discriminated against for exercising any of the rights described above.

California residents may exercise these rights by contacting Akanda at info@akandacorp.com.

XI. What are my rights as a European, Swiss or UK resident?

If you are a resident of the European Union, Switzerland or the United Kingdom you should be aware that Akanda is the controller of your personal data. Under the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) or the UK GDPR, you may have certain additional rights with respect to your personal data, including the following:

  • The right of access to your information
  • The right to rectify your information if it is incorrect or incomplete
  • The right to have your information erased (“right to be forgotten”) if certain grounds are met
  • The right to withdraw your consent to our processing of your information at any time, if our processing is based on consent
  • The right to object to our processing of your information, if our processing is based on legitimate interests
  • The right to object to our processing of your information for direct marketing purposes
  • The right to receive your information from us in a structured, commonly used and machine-readable format, and the right to transmit your information to another controller without hindrance from us (data portability)

You may contact us at info@akandacorp.com to exercise any of the above rights. We may request specific information from you to confirm your identity, and in some circumstances, we may charge a reasonable fee for access to your information.

You should be aware that personal data that you provide to us may be transferred out of the country in which you reside to servers in a country that may not guarantee the same level of protection as the one in which you reside. Nevertheless, we will take all steps reasonably necessary to ensure that your personal data is treated securely in accordance with this privacy policy, and no transfer of your personal data will take place to a third party unless there are adequate controls in place, such as the EU’s Standard Contractual Clauses, to protect your personal data.

If you believe that our processing of your information is inconsistent with your data protection rights under the GDPR or UK GDPR, and we have not adequately addressed your concerns, you have the right to lodge a complaint with the data protection supervisory authority of your country.