Last updated: October 10, 2020

KYOO PRIVACY POLICY

This Kyoo Privacy Policy ("Privacy Policy") accompanies the Kyoo Terms and Conditions, available at https://app.kyoo.ai/legal/terms or a successor URL (the "Agreement") entered into between the Customer and Kyoo. Capitalized terms used in this Privacy Policy that are not defined herein have the meanings given to them in the Agreement.

This privacy policy sets out how Kyoo handles and protects the information that you and your business may share with Kyoo.

If you are a Customer of an Kyoo Products with an active Subscription then except as expressly set forth below, this Privacy Policy applies to you.

If you are a recipient of communication, visitor to or user of a venue, website or other location or service (“Customer Properties”) that utilises any Kyoo Products, then any information you submit to such Customer Property (including via the Kyoo Products) is collected under the privacy policy of the owner of such Customer Property, and you should contact such owner with any related requests or inquiries.

At Kyoo, we respect the privacy rights and data protection rights of our users and recognise the importance of protecting the personal information we collect. Our Privacy Policy is designed to help you understand what information we collect and how we use and share that information. This Privacy Policy applies to our Websites and Products.

1. Data Collection and Storage

1.1. Kyoo enables its Customers to collect, import, upload and store a variety of data about the Persons using the Products in the Customer Properties.

1.2. The Customer Data may be collected and imported into the Products via the following ways:

i. Wireless and wired sensors and systems. Kyoo provides Customers with software solutions, integrations and APIs that enable the Customer to provide access control and authentication for Persons who wish to utilise wireless or wired connection that is provided by the Customer to access the Internet or other computer networks in Customer Properties and to collect usage, location, and other data from their Devices.

ii. Online Customer Properties. As part of the Products, Kyoo provides Customers with tools and technologies to collect information on Persons who are using their online resources (such as websites and smartphone apps) and upload this information into the Products.

iii. Order and Point of Sale systems. Kyoo API and supported Third-Party Platforms integrations may enable the Customer to upload Customer Data from third-party platforms into the Products. Such information may include items that Person has ordered, total sale values, shopping preferences and more.

iv. Other sources. Kyoo API and Customer Data import tools that are available to Customers as part of the Products enable importing and uploading Person’s data from any other electronic system or service.

v. Manual entry. Customers may also create and update Customer Data stored in the Products by manually creating and editing the entries via the Dashboard.

vi. Cookies and other Technologies. Kyoo enables its Customers to integrate third-party solutions into the Products. These solutions may use cookies, clear GIFs, pixel tags, and other technologies that help to better understand Person’s behaviour, personalize preferences, perform research and analytics, and improve the products and Products that our Customers provide. As part of the Products, Kyoo may use certain technologies embedded in email and SMS and push notifications that are sent to the Persons via the Products, to help track response rates, identify when messages are viewed, forwarded and how they relate to Person’s visits into the Customer Properties.

vii. Explicit Consent Requirement. The Products do not permit collection data on Persons unless the explicit consent is provided by this Person.

2. Data Ownership

2.1. The Customer retains all rights, title and interest (including any and all intellectual property rights) in and to the Customer Data as provided to Kyoo or collected by use of Kyoo Products. Subject to the terms of this Agreement, Customer hereby grants to Kyoo a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of and display the Customer Data solely to the extent necessary to provide the Products to the Customer.

3. Access to Customer Data

3.1. Kyoo may provide access to Customer Data as described below:

i. To our Affiliates, Agents and Contractors. We may share information with our approved third parties that help us operate our business and provide our Products, such as contractors that provide us with technology, Products, data or content.


ii. For Legal Reasons. We may share information when we are required to do so under the law; enforce or apply our agreements; or protect the rights, property, or safety of Kyoo, our Customers, our employees, or others. This may include exchanging information with other companies and organizations for fraud protection and credit risk reduction.

iii. Changes in the structure or ownership. We may transfer the information we hold in the event we sell or transfer all or a portion of our business or assets (such as in connection with a merger, acquisition, reorganization, dissolution or liquidation) or take steps in anticipation of such a transaction.

iv. At Customer's Request. At the request of a Customers, we may disclose of information we hold for that Customer.

v. Aggregated or De-identified Information. We may share aggregated or de-identified data without restriction but only when permitted by law.

vi. Opt-out and Data Ownership Rights. The law in certain countries (such EU’s GDPR) give Persons’ rights to access, correct, update or delete their personal information. The law may also give additional rights to object to the processing of such information or to withdraw Person’s consent to the processing of this information. Customers must provide the Persons whose information is stored in the Products a clear way to execute such rights.

vii. Kyoo Partners. Kyoo reseller Partners do not have access to Customer Data unless the Customer has explicitly permitted such access. We advise Customers to only permit such access on a case-by-case basis.

4. Protection of Underaged

4.1. Children's Privacy. If Customer believes that any child under 13 has provided the Customer with any personal information, the Customer must make all reasonable efforts to ask that the parent or guardian of that child contacts the Customer to ensure that such information is deleted from the Service. Customer must also honour similar requests from parents and guardians in jurisdictions where the age threshold provided by law is higher.

5. Data Processing

5.1. Our data processing rules as outlined in the Agreement clearly articulate our privacy commitment to the Customers. More recently, we have specifically updated these terms to reflect the GDPR to facilitate our customers’ compliance assessment and GDPR readiness when using Kyoo Products.

i. Processing According to Instructions. Any data that the Customer and its users put into our systems will only be processed in accordance with the Customer’s instructions, as described in the Agreement.

ii. Personnel Confidentiality Commitments. All Kyoo employees, contractors and agents are required to sign a confidentiality agreement and complete mandatory confidentiality and privacy training. Kyoo specifically addresses responsibilities and expected behaviour with respect to the protection of information.

iii. Use of Subprocessors. Kyoo directly conducts the majority of data processing activities required to provide the Products. However, we do engage some third-party vendors to assist in supporting these Products. Each vendor goes through a rigorous selection process to ensure it has the required technical expertise and can deliver the appropriate level of security and privacy.

iv. Data Return and Deletion. Dashboard Users with administrative privileges can export Customer Data, via the functionality of the Dashboard Products (consult Specifications for further information), at any time during the term of the Agreement. We have included data export commitments in our data processing terms for several years and updated them to reflect the GDPR. We are continuously working to enhance the robustness of the data export capabilities and make it even easier to download a copy of your business’ data securely from Kyoo. You can also delete Customer Data, by contacting Kyoo Support via the Dashboard, at any time. When Kyoo receives a complete deletion instruction from you, Kyoo will delete the relevant Customer Data from all its systems within a maximum period of 180 days unless retention obligations apply.

v. Updates to this Privacy Policy. We may modify this Privacy Policy from time to time as our business practices and legal requirements evolve. In the event this Privacy Policy is modified, we will provide notice of the change by posting the updated Privacy Policy on our website.

6. Restricting collection and storage of personal information

6.1. Laws in certain countries may require limiting or otherwise restricting the storage of information about the Persons (for example the Customer may only be able to store the phone numbers and corresponding smartphone identification but not the email addresses or names). Kyoo Products can be configured by the Customer not to store such information.

7. End-user Terms and Conditions

7.1. The Customer is responsible to provide Persons who are accessing the Products with End-User Terms outlining how their information will be stored and processed.

7.2. Kyoo provides the Customer with solutions to make these documents available to Persons who are accessing the Products and to record their acceptance of the End-User Terms. Kyoo also provides solutions to version the End-User Terms and to record the acceptance of changes by the Persons.

7.3. The End-User Terms shall not contradict with this Kyoo Privacy Policy, the Agreement and any applicable laws and regulations that are in force in the jurisdiction where Kyoo and/or the Customer operate and where the Products are available to the Persons.

8. Contacting Kyoo

If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer at dpo@kyoo.ai.