Effective date: June 28th, 2018
What Information does Kustomer Collect?
Information You Provide to Us:
We may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers on behalf of other businesses, or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make our communications with you more interesting and improve our services. If you do not want to receive communications from us, please indicate your preference with your account settings.
Information Collected Automatically:
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make the Services interesting to as many users as possible.
Information Collected From Other Websites and Do Not Track Policy:
To Whom Do We Share Your Information?
We neither rent nor sell your Personal Information in personally identifiable form to anyone. However, we may share your Personal Information with third parties as described in this section: Information that’s no longer personally identifiable. We may also provide aggregate usage information to our partners, who may use such information to understand how often and in what ways people use our Services, so that they, too, can provide you with an optimal online experience. However, we never disclose aggregate usage information to a partner in a manner that would identify you personally, as an individual.
Affiliated Businesses: In certain situations, businesses or third party websites we’re affiliated with may sell or provide products or services to you through or in connection with the Services (either alone or jointly with us). We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all such business’ or websites’ policies.
Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you; for example, we may use a payment processing service to receive and process your credit card transactions for us. They are authorized to use your personal information only as necessary to provide these services to us. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.
Business Transfers: We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that would be transferred. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.
Legal Notice: We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
Is Personal Information about me secure?
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. Your account is protected by a password for your privacy and security. If you access your account via a third party site or service, you may have additional or different sign-on protections via that third party site or service. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password and/or other sign-on mechanism appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org
What Personal Information can I access?
Through your account settings, you may access, and, in some cases, edit or delete the following information you’ve provided to us:
- name and password
- email address
- user profile information, including Content uploaded to the Services
Upon request, Kustomer will provide you with information about whether we hold any of your personal information. The information you can view, update, and delete may change as the Services change. If you have any questions about viewing or updating information we have on file about you, please contact us at email@example.com. We will respond to your request within a reasonable timeframe.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: Kustomer Inc. 530 Seventh Ave, Suite 2007, New York, NY 10018.
What choices do I have?
You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.
You may be able to add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account by firstname.lastname@example.org. Some information may remain in our records after your deletion of such information from your account. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.
We will retain your information for as long as your account is active or as needed to provide you the Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Kustomer, Inc. as Data Processor
In certain cases, the use of information collected through our Services shall be limited to the purpose of providing the Services for which a client of Kustomer (“Client”) has engaged Kustomer.
With respect to cases in which Kustomer collects information under and pursuant to the direction of Clients, Kustomer is acting as a data processor and Kustomer has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our Services, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our Clients.
Kustomer acknowledges that you have the right to access your personal information. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Kustomer’s Client (the data controller). If requested to remove data by the Client, we will respond within a reasonable timeframe.
We will retain personal data we process on behalf of our Clients for as long as needed to provide Services to our Client. Kustomer will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
European Union Residents
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
For this Section 8, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Kustomer will be the controller of your Personal Data processed in connection with the Services.
|Category of data||Source of data||Purpose of processing||Grounds for processing||Specific legitimate interest (if applicable)||Retention period or criteria|
|Client Account Data||The Kustomer Application||To provide Services||Contractual||N/A||7 years or as legally required|
|End User Support Data||The Kustomer Application||To provide Services||Contractual||N/A||7 years or until no longer applicable, whichever occurs first|
|Prospecting Data (Recruiting)||From online sources, events, and referrals||Finding and hiring talent||Legitimate interest||Hiring||7 years or until no longer applicable, whichever occurs first|
|Prospecting Data (Marketing and Sales)||From online sources, events, and referrals||Closing new business||Legitimate interest||Closing new business||7 years or until no longer applicable, whichever occurs first|
|Marketing Data||Data subject volunteering information||Provide marketing materials to prospects||Legitimate interest||Closing new business||7 years or until no longer applicable, whichever occurs first|
How and with whom do we share your data?
- Payment processors
- Fraud prevention service providers
- Ad networks
- Analytics service providers
- Staff augmentation and contract personnel
- Hosting service providers
- Co-location service providers
- Telecommunications service providers
We also share Personal Data when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
- Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services)
- Third party business partners who you access through the Services
- Other parties authorized by you
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
- Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
- Maintain the security of our products and services
We also share information with third parties when you give us consent to do so.
Last, we share Personal Data with our affiliates or other members of our corporate family.
How long do we retain your Personal Data?
We retain Personal Data about you for so long as Kustomer’s contractual obligations remain with our Clients. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
What security measures do we use?
We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. For example, access to all Personal Data is limited to individuals with a need to know and Personal Data is stored in an encrypted form.
Personal data of children
We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at email@example.com.
What rights do you have regarding your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email firstname.lastname@example.org. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
- Right to File Complaint: You have the right to lodge a complaint about Company’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
The Services are hosted and operated in the United States (“U.S.”) through Company and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Company in the U.S. and will be hosted on U.S. servers, and you authorize Company to transfer, store and process your information to and in the U.S., and possibly other countries. You hereby consent to the transfer of your data to the U.S. pursuant to EU-U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection and use of Personal Data transferred from the EU to the U.S. These are of (1) notice, (2) consent, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access and (7) recourse, enforcement and liability with respect to all Personal Data received from within the EU and Switzerland in reliance on the Privacy Shield. The Privacy Shield Principles require that we remain potentially liable if any third party processing Personal Data on our behalf fails to comply with these Privacy Shield Principles (except to the extent we are not responsible for the event giving rise to any alleged damage). Company’s compliance with the Privacy Shield is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. For more information about the Privacy Shield Program, and to view the Company’s certification, please visit www.privacyshield.gov.
Please contact us at email@example.com with any questions or concerns relating to our Privacy Shield Certification. If you do not receive timely acknowledgment of your Privacy Shield-related complaint from us, or if we have not resolved your complaint, you may also resolve a Privacy Shield-related complaint through JAMS, an alternative dispute resolution provider located in the United States. You can visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim for more information or to file a complaint, at no cost to you. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means.
What if I have questions about this policy or my Personal Data?
If you have any questions or concerns regarding our privacy policies, please send us a detailed message to firstname.lastname@example.org, and we will try to resolve your concerns.
530 7th Ave, Ste 2007, New York NY 10018