Privacy Policy

The data controller is: KAINET WAVE LTD

A private company limited by shares, incorporated in England and Wales.

Company number: 17180527

Registered office: Flat 30, Kew Court, Richmond Road, Kingston upon Thames, England, KT2 5BF, United Kingdom

Website: https://farvia.online

Support email: support@farvia.online

Complaints email: complaints@farvia.online

Legal notices and privacy contact: legal@farvia.online

Customer support phone: Pending / being set up

WhatsApp support: Pending / being set up

Complaints web form: https://farvia.online/complaints

In this Policy, “Kainet”, “Kainet Wave”, “we”, “us” and “our” mean KAINET WAVE LTD.

KAINET™ is used as a trade mark of KAINET WAVE LTD. A UK trade mark application for the word mark KAINET has been filed. Until registration is completed, the mark should be treated as a pending trade mark application and not as a registered trade mark.

KAINET™ is a prepaid app-based international calling service for consumers. Customers purchase calling credit directly from KAINET WAVE LTD and use the Kainet app to place ordinary person-to-person international voice calls to saved contacts in supported destinations. The service is designed as a saved-contact click-to-call international calling service.

Kainet does not currently provide VPN access services, internet access services, broadband services, general connectivity services, inbound customer telephone numbers, UK telephone numbers for customers, number porting, a replacement mobile phone service, a replacement landline service, or a public emergency calling service.

We may collect and use the following categories of personal data where relevant to the service.

Account and identity data

name;

account email address;

account username or account ID;

password or authentication credentials in protected form;

age confirmation or confirmation that you are at least 18;

account status;

customer reference numbers;

verification status; and

information you provide when contacting us.

Contact data

email address;

telephone number;

WhatsApp number, if provided;

billing country;

billing address, if required;

contact preferences; and

communication records.

Payment and billing data

order records;

payment status;

payment references;

transaction amount;

transaction date and time;

invoice or receipt information;

refund records;

chargeback or payment dispute information;

billing country;

tax-related information where required; and

limited payment method information received from our payment processor, such as card brand, last four digits, expiry month/year, country of issue, and payment status.

Kainet does not intentionally collect or store full card numbers, card security codes, or full payment credentials. Payment processing is handled by our payment processor.

Service usage and calling data

calling credit balance;

product or allowance purchased;

usage records;

saved destination contacts or destination numbers;

destination country;

call date and time;

call duration;

call status;

call charge or rating information;

route or supplier status information;

call detail records;

failed call records;

technical call metadata; and

account activity records.

Kainet does not record call content as part of the standard consumer service unless a separate feature or legal requirement makes this clear and lawful. We may process call metadata and technical records needed to provide, bill, troubleshoot, protect, and evidence the service.

Device, technical, and security data

IP address;

device type;

operating system;

app version;

browser type;

approximate location derived from IP address or service use;

login records;

authentication records;

error logs;

diagnostic data;

security logs;

fraud-prevention signals;

sanctions-screening signals;

traffic metadata; and

cookie or similar technology data, as explained in our Cookie Policy.

Support and complaints data

support messages;

complaint details;

evidence you provide;

screenshots;

call or issue details;

complaint reference numbers;

support tickets;

internal review notes;

escalation records;

ADR-related records; and

outcomes, refunds, corrections, or credits.

Accessibility and vulnerability information

If you tell us about accessibility needs, vulnerability, communication preferences, disability, illness, bereavement, financial difficulty, or other circumstances affecting your use of the service, we may process that information to provide appropriate support.

Please only provide information that is necessary for us to help you.

Sanctions, risk, and compliance data

We may process information needed to assess legal, sanctions, fraud, payment, banking, card network, supplier, or regulatory risk. This may include account country, billing country, IP country, payment method country, risk flags, blocked jurisdiction indicators, customer confirmations, and transaction or destination review information.

Kainet does not need to collect citizenship information as part of standard customer registration unless a legal, regulatory, payment, risk, sanctions, or compliance requirement makes additional checks necessary.

For standard customer registration, Kainet does not normally need to collect:

• citizenship;
• passport details;
• national identity documents;
• full payment card numbers;
• card security codes;
• political opinions;
• religious beliefs;
• trade union membership;
• health information;
• biometric data; or
• other unnecessary sensitive information.

If additional information is needed for fraud prevention, sanctions compliance, payment review, legal compliance, accessibility support, dispute handling, or regulatory reasons, we will ask only for information that is reasonably necessary for that purpose.

We may collect personal data when:

• you visit our website;
• you create an account;
• you use the Kainet app;
• you save a contact or destination number;
• you purchase calling credit;
• you make or attempt a call;
• you contact support;
• you submit a complaint;
• you request a refund;
• you respond to verification or compliance checks;
• you interact with our emails, website, or customer interface;

our payment processor, telecom suppliers, hosting providers, app platforms, fraud-prevention tools, or technical service providers send us relevant service information; or

we need to create operational, security, billing, or compliance records.

We use personal data only where we have a lawful basis under applicable data protection law.

To create and manage your account

We use account, contact, authentication, and service data to create your account, authenticate access, manage your profile, and provide account functions.

Lawful basis: contract performance; legitimate interests in operating and securing the service.

To provide the calling service

We use account data, saved destination data, call metadata, route information, usage records, and technical data to provide the app-based international calling service.

Lawful basis: contract performance; legitimate interests in service operation, troubleshooting, and service protection.

To process payments and billing

We use payment references, order records, billing details, tax information, refund records, and payment status information to process orders, issue confirmations, manage refunds, handle chargebacks, and keep accounting records.

Lawful basis: contract performance; legal obligation; legitimate interests in payment integrity, accounting, and dispute handling.

To provide customer support and complaint handling

We use support messages, account information, technical records, payment records, call metadata, complaint details, and evidence you provide to respond to support requests and complaints.

Lawful basis: contract performance; legitimate interests in resolving customer issues; legal obligation where complaint handling or regulatory records are required.

To prevent fraud, abuse, and misuse

We use account data, technical data, IP data, payment data, usage patterns, risk signals, and operational logs to detect and prevent fraud, abuse, artificial traffic, chargeback abuse, unauthorised access, security threats, and misuse of the service.

Lawful basis: legitimate interests; legal obligation where applicable.

To comply with sanctions, legal, regulatory, banking, payment, and supplier requirements

We may use account country, billing country, IP country, payment method country, destination information, transaction data, account status, customer confirmations, and risk review data to comply with legal obligations and the requirements of banks, payment processors, card networks, telecom suppliers, app platforms, and regulators.

Lawful basis: legal obligation; legitimate interests in compliance, risk control, and protecting Kainet and its suppliers.

To maintain security and service reliability

We use device data, logs, authentication records, diagnostic data, and technical records to maintain security, monitor service performance, investigate incidents, and protect the service.

Lawful basis: legitimate interests; legal obligation where applicable.

To send service communications

We may send service messages about orders, payments, account status, activation, security, complaints, refunds, changes to terms, service restrictions, and operational updates.

Lawful basis: contract performance; legitimate interests; legal obligation where applicable.

To send marketing communications

We may send marketing communications only where permitted by law. Where consent is required, we will ask for consent. You can opt out of marketing communications.

Lawful basis: consent where required; legitimate interests where permitted by law.

To improve the service

We may use technical data, aggregated usage data, support trends, complaint trends, and service performance information to improve reliability, support, pricing presentation, fraud controls, and customer experience.

Lawful basis: legitimate interests in improving and operating the service.

Where we rely on legitimate interests, those interests may include:

• providing and improving the service;
• protecting customers and the service from fraud and abuse;
• ensuring payment integrity;
• handling disputes and chargebacks;
• maintaining network and routing reliability;
• investigating technical issues;
• complying with supplier, bank, payment processor, card network, and app platform requirements;
• enforcing our Terms and Conditions;
• protecting legal rights;
• preventing misuse, artificial traffic, and unauthorised access; and
• keeping appropriate business, accounting, and operational records.
• We balance these interests against your rights and freedoms.

We may share personal data where necessary with the following categories of recipients.

Payment processors, banks, and card networks

We share payment-related data with payment processors, banks, card networks, fraud-prevention tools, and payment service providers to process payments, refunds, disputes, chargebacks, and risk checks.

Telecom, routing, and communications suppliers

We may share necessary call metadata, destination information, routing information, account or service identifiers, and technical information with telecom, VoIP, SIP, routing, and cloud communications suppliers to provide, route, troubleshoot, rate, and evidence the calling service. We do not provide full customer databases to telecom suppliers unless necessary and lawful.

Hosting, infrastructure, and technical providers

We may use hosting, server, cloud, database, logging, monitoring, security, email, domain, and technical service providers to operate the website, app, customer interface, support systems, and service infrastructure.

Support and complaint handling providers

We may share information with support tools, ticketing systems, complaint-handling systems, staff, contractors, or service providers who help us respond to support requests and complaints.

Fraud, sanctions, and security providers

We may share information with fraud-prevention, sanctions-screening, risk, security, authentication, and compliance tools where necessary to protect the service and comply with legal, payment, supplier, or regulatory requirements.

App stores and platform providers

If you access the app through an app store or platform, the app store or platform may process information under its own terms and privacy policy. We may receive limited technical, purchase, or account information from app platforms where relevant.

Professional advisers, regulators, ADR bodies, and legal authorities

We may share information with accountants, lawyers, auditors, insurers, regulators, approved ADR schemes, courts, law-enforcement bodies, government authorities, or other parties where necessary for legal, accounting, dispute, regulatory, or compliance purposes.

Business transfers

If Kainet is involved in a merger, reorganisation, investment, sale, transfer of assets, restructuring, or similar transaction, personal data may be shared as part of due diligence or transferred as part of the transaction, subject to appropriate confidentiality and legal safeguards.

Kainet’s primary service infrastructure may be hosted in the United Kingdom and/or the European Economic Area. At the date of this version, the service infrastructure may include hosting in Germany. Domain, email hosting, support, payment, communications, and operational tools may be provided from the United Kingdom, the European Economic Area, and other permitted locations.

Kainet may use support staff, contractors, or service providers located in the United Kingdom, the European Economic Area, including the Netherlands, and other permitted locations to provide customer support, technical support, complaint handling, and service operations. Where a provider outside the United Kingdom or European Economic Area can access personal data, we use appropriate contractual, security, and transfer safeguards required by applicable data protection law. These may include adequacy regulations, data processing agreements, approved contractual terms, access controls, encryption, minimisation, and other appropriate measures. If a technical contractor works only on source code, development systems, test environments, or staging environments without access to live customer personal data, this is not treated as customer data hosting or customer data support access.

We aim to collect and use only the personal data that is adequate, relevant, and limited to what is necessary for the relevant purpose. We do not ask for citizenship information, identity documents, or sensitive personal information as part of standard account registration unless a specific legal, payment, compliance, fraud, sanctions, accessibility, or dispute-handling reason makes it necessary.

Kainet may process call metadata and call detail records needed to provide, bill, troubleshoot, protect, and evidence the service. Call metadata may include call time, duration, destination country, destination number, routing status, charge, rating information, and technical status.

Kainet does not record call content as part of the standard consumer service unless a separate feature or legal requirement makes this clear and lawful. Support calls to Kainet may be logged and may be recorded only where this is clearly notified or legally permitted.

We may use cookies, pixels, SDKs, local storage, or similar technologies for website operation, security, authentication, analytics, preferences, fraud prevention, and service improvement.

More information will be provided in the Kainet Cookie Policy. Where consent is required for non-essential cookies or similar technologies, we will request consent as required by applicable law.

We may send service-related communications without marketing consent where they are necessary for account, payment, support, security, legal, or operational purposes. We may send marketing communications where permitted by law. Where consent is required, we will ask for consent. You can opt out of marketing communications by using the unsubscribe link or by contacting support@farvia.online. Opting out of marketing does not stop essential service, account, payment, security, complaint, or legal communications.

We keep personal data only for as long as reasonably necessary for the purposes described in this Policy, unless a longer period is required or permitted by law.

Retention periods may depend on:

• account status;
• service usage;
• billing and accounting requirements;
• tax requirements;
• complaint and dispute history;
• chargeback and payment dispute periods;
• fraud-prevention needs;
• sanctions and compliance requirements;
• legal limitation periods;
• supplier and payment processor requirements;
• regulatory requirements; and
• the need to protect legal rights.
• Examples of retention may include:
• account data retained while the account is active and for a reasonable period after closure;
• payment and accounting records retained for tax, accounting, audit, and legal purposes;
• call detail records retained for billing, dispute, technical, fraud-prevention, and compliance purposes;
• complaint records retained for complaint handling, ADR, legal, regulatory, and audit purposes;
• security logs retained for security, fraud prevention, and abuse prevention; and
• marketing preferences retained to respect opt-outs.
• Where data is no longer required, we may delete, anonymise, aggregate, or securely archive it.

We use appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction.

Measures may include access controls, role-based access, authentication, encryption where appropriate, logging, monitoring, staff or contractor confidentiality obligations, supplier due diligence, secure hosting, backups, and incident response procedures. No service can guarantee absolute security. You must keep your account credentials, devices, authentication codes, and account access secure.

Depending on the circumstances and applicable law, you may have rights to:

• be informed about how your personal data is used;
• access your personal data;
• correct inaccurate personal data;
• request deletion of personal data;
• restrict processing;
• object to processing;
• request data portability;
• withdraw consent where processing is based on consent; and
• complain to a data protection authority.

Some rights are not absolute and may depend on the lawful basis, legal obligations, fraud prevention, dispute handling, accounting records, regulatory requirements, or other circumstances.

To make a privacy request, contact legal@farvia.online.

We may need to verify your identity before responding to a privacy request.

If you are unhappy with how we handle your personal data, you can contact us first at legal@farvia.online. You also have the right to complain to the Information Commissioner’s Office, the UK data protection regulator.

ICO website: https://ico.org.uk

The Kainet service is not intended for children. You must be at least 18 years old to create an account, buy calling credit, or use the service. We do not knowingly provide the service to children.

The Kainet website, app, or communications may contain links to third-party websites, app stores, payment providers, or services. Those third parties may process personal data under their own privacy policies and terms. Kainet is not responsible for the privacy practices of third-party services that are not controlled by Kainet.

We may update this Privacy Policy from time to time. Updates may be made to reflect changes in law, regulation, service features, suppliers, payment processors, hosting, support arrangements, data practices, or operational needs.

The version and date at the top of this Policy show when it was last updated. Where a material change affects how we use personal data, we will provide notice where required by applicable law. Before paid public service availability begins, this Policy should be reviewed to ensure that the customer support phone number, WhatsApp support number, CISAS membership details, Terms and Conditions, Complaints Code, Cancellation and Refund Policy, Cookie Policy, checkout wording, and public website information are consistent and up to date.