Last Updated: October 12, 2021
A reference to “Knoetic,” “we,” “us” or the “Company” is a reference to Knoetic, Inc. and its relevant affiliates involved in the collection, use, sharing, or other processing of Personal Data.
For more information, please also see Section 10.5 below.
Our websites and services may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data to these websites.
The Personal Data we collect from you includes identifiers, professional or employment-related information, commercial information, visual information, internet activity information, and inferences drawn from any of these categories. We collect such information in the following situations:
We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our services, or interact with emails we have sent to you.
As is true of most websites, we gather certain information automatically when individual users visit our websites. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites.
This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites.
In addition, we gather certain information automatically as part of your use of our software products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system and system configuration information and date and time stamps associated with your usage. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Knoetic generally (in addition to the security of our products and services). Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.
Most modern browsers allow you to change your cookie settings. You can usually find these settings in the options or preferences menu of your browser. To understand these settings, the following links for commonly used browsers may be helpful:
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.
We collect and process your Personal Data for the following purposes:
If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.
We may share your Personal Data as follows:
We may also share anonymous or de-identified usage data with Knoetic’s service providers for the purpose of helping Knoetic in such analysis and improvements. Additionally, Knoetic may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.
For more information on the recipients of your Personal Data, please contact us by using the information in the “Contact us” section, below.
Any data that you provide to us may be accessed, shared or processed by our offices, located in the United States, and service providers located in the United States, if such data transfer is necessary for the specific purpose for which you submitted your data (such as the provision of goods or services under a written contract).
This may entail a transfer of your personal information across international borders. The data protections standards may differ and be lower than the standards enforced in your jurisdiction.
We maintain appropriate safeguards as required by applicable law for any personal information transferred internationally, including, where applicable, standard contractual clauses. For a copy of these clauses, please contact us as set forth in the “Contact Us” section below.
Our websites are not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us using the contact details provided in the “Contact Us” section below. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.
We may retain your Personal Data for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Data” section above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of or access to such data.
For more information on data retention periods, please contact us by using the information in the “Contact us” section, below.
You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:
We have listed the privacy rights for several U.S. state jurisdictions below, but we understand you may have additional rights in your jurisdiction. You may contact us directly at any time about exercising your data protection rights. We will consider your request in accordance with applicable laws.
Certain state laws require that we detail the categories of Personal Data that we disclose for certain “business purposes,” such as to service providers that assist us with securing our services or marketing our products.
We disclose the following categories of Personal Data for our business purposes:
Sensitive Categories of Personal Data:
Several jurisdictions grant state residents certain rights, including the right to access specific types of Personal Data, the right to learn how we process Personal Data, the right to know whether and how we disclose or sell Personal Data, the right to opt out of any sale of Personal Data, the right to request deletion of Personal Data in certain circumstances, and the right not to be denied goods or services for exercising these rights.
California law further permits you to request information regarding the disclosure of your personal information to third parties for the third parties’ direct marketing purposes.
We do not disclose your personal information to third parties for the third parties’ direct marketing purposes.
In the preceding twelve months we have not sold personal information. We do not sell personal information, but we recognize that some state privacy laws define “personal information” in such a way that some sharing of personal information necessary to provide you with personalized ads may be considered a “sale,” even if no money is exchanged.
For information on how to exercise your rights, please refer to Section 10.4 below.
If you are an authorized agent wishing to exercise rights on behalf of a state resident, please contact us using the information in the “Contact us” section below and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.
Our legal bases for collecting and using your Personal Data include:
In some countries, and in particular if you are located in the EEA, you may have the right to:
To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which privacy right(s) you wish to exercise. We may need to verify your identity in order to honor your request.
We may transfer information from or about you or your devices to countries other than the country where you are located (including the United States), which may not have the same data protection laws as your jurisdiction. For more information regarding our compliance with the Privacy Shield Frameworks to authorize these data transfers, please review the section “Privacy Shield Frameworks” below. In addition, we enter into Standard Contractual Clauses issued by the European Commission with our business partners where appropriate.
If you have any issues with our compliance, you have the right to lodge a complaint with an EEA supervisory authority. We would, however, appreciate the opportunity to first address your concerns and would welcome you directing an inquiry first to us per the “Contact us” section below. You may also contact our Data Protection Officer (“DPO”) at firstname.lastname@example.org.
To exercise your rights, please contact us by using the information in the “Contact us” section below. Your personal data may be processed in responding to these rights. We will respond to all legitimate requests in a timely manner and in accordance with applicable laws, and will contact you if we need additional information from you in order to honor your request or verify your identity.
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all of these communications from us by following the unsubscribe instructions provided in any email we send, or you can contact us using the contact details provided in the “Contact Us” section below. You will still continue to receive service-related messages concerning products and services you have purchased (unless we have indicated otherwise).
Please note that the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States.
For more information, please refer to the FTC's FAQs here: https://www.privacyshield.gov/article?id=EU-U-S-Privacy-Shield-Program-Update
Knoetic will continue to abide by its Privacy Shield commitments, as further outlined below. In addition, where required by applicable EU law, Knoetic will rely on alternative mechanisms for transferring personal data from the European Union to the United States. This includes your explicit consent, performance of our contract obligations, and standard contractual clauses.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Knoetic is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU, United Kingdom and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com . If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org .
In compliance with the Privacy Shield Principles, Knoetic commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK and Swiss individuals with Privacy Shield inquiries or complaints should first contact Knoetic by email at email@example.com .
Knoetic has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, JAMS Privacy Shield Dispute Resolution. Please visit https://www.jamsadr.com/eu-us-privacy-shield to file a claim. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction .
We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. For example, we adhere to SOC 2 compliance standards when protecting our customers’ information.
However, no website, application, or transmission can guarantee security. Thus, while we have established and maintain what we believe to be reasonable procedures to protect the confidentiality, security, and integrity of personal information obtained through the Sites, we cannot ensure or warrant the security of any information you transmit to us.