- On the Platform.
- In email, text, and other electronic messages between you and the Platform.
- Through mobile and desktop applications you download from the Platform, which provide dedicated non-browser-based interaction between you and the Platform.
It does not apply to information collected by:
- Us offline or through any other means, including on any other website operated by us or any third party.
- Any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Platform.
For the Platform to perform services you agree to the following extension permissions:
“background”: So that we can run the extension in the background.
“tabs”: To communicate between the background and content scripts, informing the user on the tool working in the background via logs.
“storage”: To store progress data.
“notifications”: To show notifications and to make sure only one login is allowed at a time.
“cookies”: To work in the background without any user feedback.
While using the Platform we may collect your name, email, address, telephone number, company name and address, organization information, and other personal identifying details. We may also collect payment information that you make available to us for your use of the Platform. Please be aware that this payment information shall be stored by third-party payment processors. To fully make use of the Platform we may collect personally identifiable information, including: your name, postal address, email address, username, password (not in human readable format), login information, and contact information. We may also collect your personal information that you make available to us from third parties for use of the Platform.
Whenever you use the Platform, we may collect non-identifying information from you, such as your IP address, interactions with the Platform, query information, location information, pricing data, research history, location and GPS information, referring URL, browser, application interaction, mobile provider information, operating system, data usage, data transferred, and Internet Service Provider.
Use of Information
This section explains how we plan on using your information. You agree that we may use your information, including your personally identifiable information:
- To present the Platform and its contents to you.
- To provide you with information, products, or services that you request from us.
- To enhance or improve your user experience.
- To improve the Platform.
- To email you newsletters and marketing.
- To understand how you communicate and use the Platform.
- To contact and correspond with you and to respond to your inquiries.
- To process your transactions.
- To ask for ratings and reviews of services or products.
- To have follow-up correspondence (live chat, email, voice, screen share) with you.
- To carry out our obligations and enforce our rights arising from any contracts or agreements entered into between you and us, including for billing and collection.
- To notify you about changes to the Platform or any products or services we offer or provide through it.
- In any other way we may describe when you provide the information.
- To fulfill any other purpose for which you provide it.
- For any other purpose with your consent.
Disclosure of Your Information
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
- To our subsidiaries and affiliates.
- To contractors, service providers, and other third parties we use to support our business.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about the Platform users is among the assets transferred.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information:
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- To enforce or apply our Terms of Service and other agreements, including for billing and collection purposes.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Kennected, our customers, or others.
Accessing, Editing, and Removing Your Information
If you have submitted information to the Platform you may be unable to edit that information. When using the Platform you may be able to access and edit your information via the Platform dashboard. However, you will be unable to opt out of any of our data collection practices via the Platform. If at any time, you have any questions or wish to review, change, or delete any of your information collected by us, please contact us at [email protected] Additionally, if you would like us to permanently remove any accessible copies of your information, please contact us at [email protected] After you have canceled your account please be aware that we may keep inaccessible copies of your information for a commercially reasonable period of time.
Cookies and Other Tracking
Third Party Access to Your Information
Commercial, Non-Commercial Communications and Do Not Track
If you decide to provide us with your contact information, you agree that we may send you communications via text and email. However, you may unsubscribe from certain communications by notifying Kennected that you no longer wish to receive these communications, and we will endeavor to promptly remove you from our notification listings once we have received that request. We currently do not offer website functionality for you to opt out of any “do not track” listings. If you wish to opt out of certain communications or information collection, please contact us at [email protected]
We make reasonable attempts to protect your information by using physical and electronic safeguards. However, because the Platform is hosted electronically we can make no guarantees as to the security or privacy of your information. For this reason, we recommend that you use anti-virus software, routine credit checks, firewalls, and other precautions to protect yourself from security and privacy threats.
We intend to fully comply with international laws respecting children’s privacy. No one under age 18 may provide any information to or on the Platform. We do not knowingly collect personal information from children under age 18. If you are under the age of 18 do not access or use the Platform or provide any information to the Platform. If we learn we have collected or received personal information from a child under age 18, we will delete that information. If you believe we might have any information from or about a child under age 18, please contact us at [email protected]
The EU General Data Protection Regulation (“GDPR”) (https://gdpr-info.eu/) is the most comprehensive change to EU data privacy law in decades. The Kennected team is working hard to ensure our full compliance GDPR.
What is GDPR?
GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. For EU residents, the regulation aims to increase residents’ control over their personal data. For businesses, GDPR becomes a unifying regulation across the EU. GDPR applies to any EU residents’ data, regardless of where the processor or controller is located.
How Kennected is Complying with GDPR
Even though GDPR only applies to data from EU residents, we took the decision to apply broadly the requirement of the regulation. This means we don’t restrict any privacy related feature based on the geographical location of a data subject. Here are some of the actions we’ve taken to ensure we’re compliant:
We’re taking the security of the data we manage very seriously. The Kennected servers are physically secure and may only be accessed by Kennected’s technical or support personnel whose jobs specifically relate to maintaining the integrity of the Kennected servers or supporting product-related functions. Such individuals are required to maintain the security of the servers and the confidentiality of the information contained in the servers. Kennected takes all reasonable and appropriate steps to protect your personal information, including encrypting such information, maintaining readily accessible steps to limit access, working to detect unauthorized access, and not storing such information any longer than we need to.
Our privacy team has analyzed the requirements of GDPR and is working to enhance our policies, procedures, contracts, and platform features to ensure we comply with GDPR and enable compliance for our customers.
Your data is protected between you and our systems. We take multiple steps to prevent eavesdropping between you and our systems, as well as within our infrastructure. All network traffic runs over SSL/HTTPS, the most common and trusted communications protocol on the Internet. Internal infrastructure is isolated using strict firewalls and network access lists. Each system is designated to a firewall security group by its function. By default, all access is denied and only explicitly allowed ports are exposed.
If we see something, we’ll react quickly and attempt to remedy the issue. We’re not resting on our laurels. We’re frequently looking for potential system interruptions. If we do find something out of place, we’ll endeavor to address the issue in a manner that it won’t be an issue in the future. We’ve invested in helping ensure we can detect and respond to security events and incidents that impact the Platform’s infrastructure.
We’re frequently updating our systems to protect your data. Our virtual systems are replaced on a regular basis with new, patched systems. System configuration and consistency are maintained using a combination of configuration management, up-to-date images and continuous deployment. Through continuous deployment, existing systems are decommissioned and replaced by up-to-date images at a regular interval. Only people who need access, get access. Production system access is limited to key members of the Kennected engineering team and passwords are expressly forbidden. At a minimum, authentication requires two factors including asymmetric RSA public/private keys and a time-based crypto token.
Don’t just take our word that our systems are secure. We don’t. Even though we’ve endeavored to design secure systems and procedures, we regularly perform security tests to identify and remediate potential vulnerabilities. We also conduct periodic penetration tests with expert third-party vendors to help keep our applications safe and secure. These tests cover network, server, database and in-depth testing for vulnerabilities inside Kennected applications.
We endeavor to prevent single points of failure. Even if there is an interruption to one system, the rest of our services stay up and secure. We physically separate the database instances from application servers and heartily believe in the mantra of single-function servers. All login pages pass data via SSL/TLS for public and private networks, and only support certificates signed by well-known Certificate Authorities. All email and CRM credential related data are encrypted while in transit as well as at rest using military-grade encryption to ensure the security of user IDs and passwords. Kennected application passwords are hashed and even our own staff can’t retrieve them. If lost, the password must be reset.
To improve, debug, or prevent fraud on the Platform, we keep a variety of logs. We make sure logs are destroyed at most 3 months after their collection date. We never use those logs for anything other than monitoring
GDPR gives the right to a user to download any data that user provides to a service. This allows for easier migration to other services. We think this is a great idea and Kennected has always made it possible for users to download their data.
Systematic Pseudonymization of Non-Public Data:
Our applications pseudonymize data to help ensure the privacy of data subjects. Any attribute that doesn’t need to remain in its original form is truncated to remove any possibility to be linked back to a specific data subject.
Right of Erasure:
Because we deal with publicly available web data, information removed from a website is also removed from our database. But if a data subject wishes to speed up the removal of any information in our index, we offer a simple and efficient way to claim email addresses. It is then possible to either update the data or entirely remove it.
If you are a resident of California, you have certain rights to personal information that we have collected. Under California law, the exercise of these rights is subject to certain exemptions to safeguard public interests (such as the prevention or detection of crime) and our interests (such as maintaining confidentially when legally required). California residents have the right to: (a) ask us for confirmation on whether we are processing your personal information and if you can access such personal information as permitted by law (this may include what personal information we collect, use, or disclose about you); (b) ask us to delete your personal information, as permitted by law; and (c) opt-out of certain data sharing practices with third parties who may use your personal information solely for their own purposes (your right to opt-out is limited to information we sell to these third parties, which means the disclosure of data, including technical device data that does not identify you directly, when a third party might use that data for its own purposes, such as for personalized advertising). We will not discriminate against you, in terms of price or the services that we offer, if you submit one of the rights requests listed in this section.
To exercise your rights to your personal information or for instructions on how to exercise your rights, please contact us at [email protected] We will comply with your request as soon as reasonably practicable. Requests to exercise your rights may be granted in whole, in part, or not at all, depending on the scope and nature of the request and applicable law. To prevent unauthorized access to your personal Information, we take steps to verify your right to the data. Following verification of your identity, we will notify you if we are unable to fulfill your request and outline the reasons we are unable to honor your request at that time.
California Civil Code Section 1798.83 permits California residents to request and obtain from us a list of what personal information (if any) we disclosed to third parties for that third party’s direct marketing in the preceding calendar year, as well as the names and addresses of those third parties. Requests may be made only once a year and are free of charge. You may opt-out of this disclosure at any time by submitting a request to [email protected]
Merger and Acquisition
In the event that the Kennected is involved in a bankruptcy, merger, acquisition, reorganization, or sale of assets, your information may be sold or transferred as part of that transaction. Please be aware that once the information is transferred, your privacy rights may change.