Kettle.ai Privacy Policy

 

Effective: December 27, 2019

 

This privacy policy applies to www.kettle.ai, hello.kettle.ai, data.kettle.ai, (the “Site”), a website operated by Dark Matter Research Inc. d/b/a Kettle.ai (the “Company,” “us,””we” or “our”) our Kettle product (“App” and services accompanying use of the App (“Services”).

 

The Site and app provides the “Service” as defined in the Terms of Use.

 

We respect and protect the privacy of our users. This Privacy Policy explains how we collect and use your information and is part of our Terms of Use when you use our Site or Service.

 

Who Do We Collect Data From?

We collect data from three sources:

 

Visitors to our Site who want to know more about the company or the Services we provide (“Visitors”).

 

Employees authorized by business entities to purchase our Service and manage the use of the Services for such entities  (“Customer”). The Services are intended for use by businesses and their contractors and employees.

 

Employees or other users of the Site and Services purchased by Customer employer (“End User”).

 

What Data Do We Collect?

 

Personal Data

“Personal Data’ means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, or identified with an identified or identifiable natural person.  

 

For Customers,  We collect the names, e-mail addresses, name of the entity they represent and phone numbers.  We may also collect credit card or other billing payment information from the account owner for a Customer account.

 

For End Users we will collect Personal Data such as the names, e-mail addresses, name of the entity they represent and phone numbers and IP Address you access the Site or Service from.  We also collect the use of the app, whether it is on or off (“app Activation History”).   

 

Tracking Data

We and our third-party service providers may collect certain tracking information about your use of our Site and Service. For example, we collect;

  • Log information (including your IP address, browser type, Internet service provider, referring and exit pages, operating system, dates/time of access, and related data)
  • Information collected by cookies and tracking pixels (as discussed below)
  • Web beacons (also called “Internet tags” or “clear gifs”; used to count visitors to our Site and which pages were viewed and links clicked)
  • Embedded scripts (code temporarily downloaded onto your app to collect information about your interactions with the Service and thereafter deleted or deactivated).
  • Whether training content has been viewed by link tracking – when training started and when (and if) it was completed.

App Tracking Data

  • Whether the app is on or off, what dates and times the app was on and for how long.
  • Which websites the app is active on
  • Interactions on the app which buttons, fields, or items are clicked.

 

Cookie Policy

When you visit our Site we use cookies, or similar technologies like single-pixel gifs and web beacons, to record log data. We use both session-based and persistent cookies. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire. They are unique and allow us to do site analytics and customization, among other similar things. If you access our Site through your browser, you can manage your cookie settings.  For more information, please refer to our Cookie Policy 

 

Privacy Notice for End Users

We collect the name and email of app users, but while we share this information with Customers who use the app and Services under the business account of Customers and Company has a legitimate business interest in such data in the performance of Company contracts with Customers, we do not combine this information with app use data except in cases of your use of training modules. We will share you use and completion of training modules with Customer.  Except for that, we only share app use data (time app was on or off) with Customers in aggregated, de-identified form.  

 

How Do We Use Your Data

 

Analytics: Company utilizes Tracking Information to access anonymous data to help us understand how our Services are used. We use Tracking Information to customize content for you and improve our Services. 

 

Providing the Services. We use your Personal Data to provide the Services, provide customer service/support and communicate with you regarding the Services and new features.  If you are a Customer, it enables us to track your use for customer service purposes.  

 

If you are an End User, we use your Personal Data only to validate your use of the Services and app and track use of training modules.

 

Validating Access to the Service   For Customers and End Users, we use your Personal Data to validate your right to use our Services. These are essential components of our Services. 

 

Direct Marketing.  We use Customer Personal Data to communicate with you regarding the provision of the Services, but also to let you know about additional features and services we provide that may be of interest to you. If you do not wish to receive marketing communications, you may opt out at any time by [Need instructions]

 

How Do We Share Your Data

We will not sell, rent, or share Personal Data with third parties outside of our company without your consent, except in the following ways:

 

Customers. Our service involves providing a Service and app to aid Customer’s End Users (employees or contractors) in blocking out notices of communications.  We share aggregated non-identifiable app use history on all apps under a Customer account, but we do not share any End User Personal Data with the Customer . 

 

We will also share whether End Users have completed commence and completed Customer training modules

 

Charging for Services. When a Customer enters credit card information, we transmit that  information to [Vendor[ for processing, but Company does not store any credit card data associated with any purchases processed on the Site. Company utilizes our payment provider APIs to process payments. You should review (payment processor) privacy policy [Link] for more detail about how your information is collected, stored and maintained by these third party payment processors.

 

Law Enforcement and Internal Operations

Personal Data may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary (i) to respond to claims asserted against Company or to comply with the legal process (for example, discovery requests, subpoenas or warrants); (ii) to enforce or administer our policies and agreements with users; (iii) for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes; or (iv) to protect the rights, property or safety of Company, its users or members of the general public. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for data unless otherwise prohibited by law. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to any third party request to compel disclosure of your information.

 

Business Transfer 

Company may sell, transfer or otherwise share some or all of its assets, including your Personal Data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.  Under such circumstances, Company will use commercially reasonable efforts to notify its users if their personal information is to be disclosed or transferred and/or becomes subject to a different privacy policy.

 

Third Parties

We sometimes contract with other companies and individuals to perform functions or services on our behalf. Our categories of service providers includes software maintenance, data hosting, sending email messages, project management and customer service. We necessarily have to share your Personal Data with such third parties as may be required to perform their functions.  We take steps to ensure that these parties take protecting your privacy as seriously as we do, including entering into Data Processing Addendum, EU Model Clauses and/or ensuring they have EU-U.S. and Swiss-US Privacy Shield certification.

 

Third Party Service Providers

Third Parties that collect and share Personal Data with us regarding End Users or Customers

 

Company uses Salesforce.com to collect personal information related to sales (name, contact information, employer) in order to follow up on inquiries and sales to our customers or potential customers who have contacted us. Salesforce is self-certified under the US-EU Privacy Shield and the Swiss-U.S. Privacy Shield framework to process data in the United States and its data is only shared subject to a Data Protection Addendum as well as Binding Corporate Rules. For more information about SalesForce’s privacy practices follow this link to https://www.salesforce.com/company/privacy/full_privacy.jsp.

 

Company uses Typeform to collect Personal Data from our Customers who sign up with us, which includes the email contact information of people providing feedback. Data is processed in Spain. For more information regarding Typeform’s privacy and security practices. Please refer to their Privacy Policy and Terms.

 

How is My Data Protected?

We have implemented reasonable administrative, technical and physical security measures to protect your personal information against unauthorized access, destruction or alteration. For example:

  • SSL encryption (https) everywhere where we deal with personal data.
  • Password protection on your account.
  • Data is kept on secure, encrypted servers, located in the US.
  • Restricting staff access to Personal Data protected by password logs.
  • Regular staff privacy and security training
  • Payment services are tokenized

 

However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we store, process or transmit.

 

Payments Encryption: Company utilizes only PCI-DSS compliant third party payment processors to ensure the security of your personal information. 

 

Your Choices

Right to Review and Rectify Your Personal Data. 

You can update most of your Account Information by logging on to your account. However, if additional assistance is required to change or delete inaccuracies within other Personal Data or would like to know what other information about you was collected, please contact us at [email] 

 

Right to Remove or Withdraw Consent.

You have the right to withdraw consent where such consent is required to share or use data and you may request that we delete your Personal Data. 

 

If you receive newsletter or marketing communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings. You can delete your Account Information by logging into your account and canceling your account.  However, since your Account Information and Account History is required for us to provide the Services to you, deleting it will also terminate your access to the services. Deleting your Personal Data does not mean that all of it will be removed. We take steps to delete Personal Data is no longer necessary in relation to provide the Services by deleting it within 120 days of your terminating your account or if the account remains unused for more than one year.  We may be required by law, to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it.

 

Data Portability

If you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data. 

 

Right to Redress

If you are a subject of the European Union or European Economic Area and Switzerland and you believe we have violated any data protection laws that apply to you, you have a right to file a complaint with your, Attorney General, Information Commissioner or Data Protection Agency.

 

Processing End User Data for Customers

Our Services may involve the processing of Personal Data on behalf of our customers. At the moment, we do not process End User Personal Data for our Customers. However, in the event we do and when we do so, will be acting as processors for the controllers of such data.  As such, we take steps to ensure that Personal Data subject to GDPR is processed in accordance with controller instructions and GDPR such as entering into a Data Processing Addendum incorporating EU Standard Contractual Clauses governing the processing, transmission and use of such End User Personal Data.  If you wish to exercise your data subject rights to review, rectify, delete or port your End User Personal Data please contact the controller to make such request. If you make the request to us, we will work with the controller to process and evaluate such request to confirm whether deletion is required by GDPR.

 

Transnational Transfer of Data

If you are providing your Personal Data to us directly to use our Site, app or Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.  

 

Your California Privacy Rights

California residents who have an established business relationship with Company may make a written request to Company about whether Company has disclosed any Personal Information to any third parties for the third parties’ direct marketing purposes during the prior calendar year.  To make such a request, please send an email at [email protected] or write us:

 

Third Party Websites

We may link to other websites. When you click on one of these links, you are ‘clicking’ to another website. Company does not control the data collection or privacy practices of such third party sites. We encourage you to read the privacy policies of any third party sites, as their collection, use and storage practices and policies may differ from ours. 

 

Minors Under 16 Years of Age

Company does not knowingly collect or store any personal information from or about children under the age of 16.

 

If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at [email protected] to request that their children’s information be deleted from our records.

 

Do Not Track

Do Not Track” or DNT is a feature enabled on some browsers that sends a signal to request that a web application disable its tracking or cross-site user tracking. At present, our Site does not respond to or alter its practices when a DNT signal is received.

 

Changes to Privacy Policy

Company reserves the right to amend this Privacy Policy at any time. If Company makes material changes to its Privacy Policy, we will notify you by (1) changing the Effective Date on our Privacy Policy and provide additional notification either (1) via email or other means as we may deem commercially reasonable.

 

Questions? 

If you ever have any questions about our online Privacy Policy, please contact us. We respect your rights and privacy, and will be happy to answer any questions or concerns you might have. You may direct any such questions to us a [email protected] or by phone at (877) 661-8220.