Kwistr Privacy StatementLast Updated: April 2, 2019
I. SCOPE OF THIS PRIVACY STATEMENT
Our processing of personal data, such as the name, address, e-mail address, or telephone number, shall be undertaken consistent with the requirements of the General Data Protection Regulation (“GDPR”). The purpose of this Privacy Statement is to provide to users and potential users of our website information about the nature, scope, and purpose of the personal data we collect, use and process and to advise data subjects of their rights. Whether as the data controller or processor, Kwistr has implemented numerous technical and organizational measures to protect of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed.
II. PERSONAL INFORMATION WE COLLECT
A. Information You Give Us
Except for physical location information and tracking technologies (as described below), you do not have to give us any personal information to browse this Site. However, you may be asked to provide personal information to submit or request information from us, or to use the Services offered through this Site. Once you provide us with your personal information, you are no longer anonymous to us. This information may include information such as your name, username, password, and email address, or other information that you may submit from time to time.
B. Location Information.
In order to access and use certain areas or features of the Site, you consent to our collection and use of your physical location information if you use the Site on a location-enabled device (including GPS, cellular, and Wi-Fi networks) or from your browser.
C. Automated Information Collection.
You consent to our collection and use of certain information about your use of the Site through the use of tracking technologies or by other passive means. This “passively collected” information includes, but is not limited to, the domain name of the website that allowed you to navigate to the Site, search engines used, the internet protocol (IP) address used, the length of time spent on the Site, the pages you looked at on the Site, other websites you visited before and after visiting the Site, the type of internet browser you have, the frequency of your visits to the Site, and other relevant statistics, including the following:
- Log Information. When you access the Site, you also consent to our servers automatically recording information that your browser sends whenever you visit a website. These server logs may include information such as your web request, IP address, browser type, browser language, the date and time of your request, your computer operating system, mobile device and mobile operating system, name of your internet service provider or your mobile carrier, and one or more cookies (small text files containing a string of characters) that may uniquely identify your browser. Our servers also automatically record what you click on while visiting the site.
- Location Information. You consent to our receipt of location data passed to us from location-enabled devices or that you have enabled, from your browser, or from third-party services.
- Links. The Site may include links in a format that enables us to keep track of whether these links have been followed by IP addresses. You consent to our collection and use of this information to improve the quality of our products and design.
- URLs. When you visit or access the Site, you consent to our receipt of the URL of the site from which you came and links you click on to leave the site.
- Web Beacons. Web beacons (also known as “pixel tags” or “clear GIFs”) are 1x1 single-pixel graphics that allow us to count the number of users who have visited or accessed the Site and to recognize users by accessing our cookies. You consent to our use of web beacons to facilitate Site administration and navigation, to track the actions of users of the Site, to compile aggregate statistics about Site usage and response rates, and to provide an enhanced online experience for visitors to the Site. We may also include web beacons in HTML-formatted e-mail messages that we send to determine which e-mail messages were opened.
- Aggregate Information. We may compile certain personal information and other information collected through the Site on an aggregate basis. This information may include, without limitation, the number of people who have visited the Site and other user demographics. Such aggregate information does not identify you individually.
III. HOW WE USE PERSONAL INFORMATION
Kwistr complies with its obligations under GDPR by: keeping personal data up to date where needed based on the purposes for which the personal data is being processed; by not collecting or retaining excessive amounts of data; by ensuring that appropriate technical measures are in place that are designed to protect personal data from loss, alteration, misuse, unauthorized access and disclosure as it is transmitted, stored, or otherwise processed, and by using appropriate measures to securely destroy personal data when it is no longer needed by Kwistr.
Personal information collected through the Site may be used by us and our affiliates for purposes of:
- Responding to your questions and feedback;
- Providing the Services you select through this Site;
- Contacting you, whether by email, postal mail, or telephone with information about this Site, our products, or our services;
- For such purposes as you may authorize at the time you submit the information;
- Auditing, research, and analysis to maintain, protect, and improve this Site and our Services;
- Ensuring the technical functions of our network;
- Improving and customizing the content and layout of the Site;
- Developing new products and Services; or
- Compiling personal information and other information collected through the Site on an aggregate basis.
IV. PERSONAL INFORMATION WE SHARE
We do not sell, rent, trade, or otherwise share personal information collected through the Site, except as described below:
- In Connection with our Offerings. The Site may involve the sharing of certain personal information collected through the Site with (i) other users of the Site, and (ii) as you otherwise provide your consent.
- Subsidiaries and Affiliates. We may share personal information with our subsidiaries and affiliates for the purposes for which you provided the information or as reasonably necessary for our internal administrative and business purposes.
- Service Providers. We may work with third parties that provide Services on our behalf. Such Services may include website hosting, marketing, and website usage analytics. We may share personal information and non-personal information with these third parties for the purpose of enabling them to provide these Services. We take care to use only service providers who have agreed to comply with all applicable laws, and who we believe are reputable and able to maintain the security of personal information and confidential information.
- Consent. We may share personal information in accordance with any consent you provide.
- Required by Law. We may disclose personal information or any information collected through this Site if we are required to do so by law or pursuant to legal process, in response to a request from government officials or law enforcement authorities, or as necessary or appropriate in connection with an investigation of illegal activity.
- Certain Transactions. We may disclose or transfer personal information or any information collected through this Site to third parties who acquire all or a portion of our business, whether such acquisition is by way of merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us.
V. AGGREGATE INFORMATION
We may compile de-identified personal information and other information collected through the Site on an aggregate basis. This information may include, without limitation, the number of users who have registered for the Site and demographic information about users of the Site. Such aggregate information does not identify you individually. We may use aggregate information and share aggregate information with third parties for any of the purposes specified in this Privacy Statement, and for any other lawful purpose.
VI. YOUR CHOICES
A. Information You Provide
You can always choose whether or not to provide information on the Site. However, if you choose not to disclose certain information, you may not be able to register as a user of the Site, which may limit your access to certain portions of the Site.
B. Communications From Us
If at any time you decide that you no longer wish to receive notices from us regarding the Site, you may indicate this preference by contacting us at email@example.com.
C. Do Not Track
As described in more detail below, you can configure your browser not to accept cookies or to notify you when a cookie is being sent.
D. Your Rights and Your Personal Data
Unless subject to an exemption under the GDPR, if your personal data is subject to the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which Kwistr holds about you;
- The right to request that Kwistr correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for Kwistr to retain such data;
- The right to withdraw your consent to the processing at any time of personal data to which you provided consent for processing;
- The right to request that Kwistr provide the you with your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction be placed on further processing;
- The right to object to the processing of personal data (where applicable); and
- The right to lodge a complaint with a data supervisory authority.
E. Transfer of Data Abroad
If your personal data is subject to the GDPR, Kwistr will transfer personal data from the European Economic Area (EEA) to a location outside the EEA only when there has been a documented adequacy determination, or where Kwistr has confirmed adequate privacy protections. If Kwistr transfers personal data to a third party acting as an agent of Kwistr, we will also require the third party to have adequate privacy protections in place.
Kwistr may transfer personal data to and on behalf of clients and third parties with whom Kwistr has an existing service agreement or as part of our legal obligations, each of which shall be subject to Kwistr policies, and only to the extent necessary for purposes of legitimate interests pursued by the data controller (or by a third party).
F. Automated Decision Making
Under GDPR, data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent. We do not engage in automated decision making directed toward you in this manner.
G. Further processing
If we wish to use your personal data for a new purpose, not covered by this Privacy Statement, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
VII. INFORMATION STORAGE AND SECURITY
We employ reasonable security precautions to help protect against the loss, misuse, and alteration of personal information provided on or through the Site. However, no method of transmitting or storing data is completely secure. As a result, although we strive to protect personal information about you, we cannot guarantee the security of any information you transmit to us through or in connection with the Site. If you have reason to believe that personal information is no longer secure, please notify us immediately by contacting us in accordance with the last section below.
VIII. A SPECIAL NOTE ABOUT CHILDREN
Children are not eligible to use the Site, and we ask that minors (children under the age of 16) not submit any personal information to us. If you are a minor, you can use the Site only in conjunction with your parents or guardians.
IX. EXTERNAL LINKS
X. SPECIAL ADMONITIONS FOR INTERNATIONAL USE
The Site is hosted in the United States. All matters relating to the Site are governed exclusively by the laws of the State of North Carolina in the United States of America and not the jurisdiction in which you are located. If you are located outside of the United States of America and you contact us, please be advised that any information you provide to us will be transferred to the United States of America and that by submitting information, you explicitly authorize such transfer.
XI. UPDATES TO THIS PRIVACY STATEMENT
We may change or update the Site or any of our policies and procedures without prior notice, except that if any changes are likely to have an adverse impact on your rights under data protection law, we will use reasonable efforts to notify you of the changes in advance in writing or by post mail, and, where required, obtain your consent to our activities. We will post a notice on this Site to advise you of any significant changes to this Privacy Statement and indicate via the “Last Updated” legend at the bottom of this Privacy Statement when it was most recently updated. Except to the extent that your express consent to any change or update is required under data protection law, your continued use of the Site signifies your continued assent to the terms of this Privacy Statement, as updated or amended at that time.
XII. QUESTIONS REGARDING THIS PRIVACY STATEMENT
If you have any questions or comments regarding this Privacy Statement, please send us an email at firstname.lastname@example.org.
In certain circumstances, the data controller for the purposes of GDPR or other data protection laws applicable in Member states of the European Union and other provisions related to data protection this is: Kwistr, LLC - email@example.com
Any data subject may, at any time, contact us directly with any questions and suggestions concerning data protection. We encourage interested persons to raise any concerns about the collection, use, or processing of personal data using the contact information provided. In the event of a privacy related issue or complaint, we will investigate and attempt to promptly resolve any complaints and disputes regarding use and disclosure of personal data. For complaints that cannot be resolved, if your personal data is subject to the GDPR, we commit to cooperating with the panel established by the EU data protection authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC), as applicable, and comply with the advice given by the panel or Commissioner about personal data transferred from the EU or Switzerland. In order to facilitate the handling of complaints, individuals in the EU can choose to contact their national DPA or use the form located at this link: http://ec.europa.eu/newsroom/document.cfm?doc_id=42962 Individuals in Switzerland can contact the Swiss Information Commissioner by visiting: https://www.edoeb.admin.ch/edoeb/de/home.html This independent dispute resolution process is provided at no cost to the individual.