Privacy Policy

Kivera Inc. Privacy Policy

Kivera Corporation and its affiliates and subsidiaries (collectively “us”, “we”, or “our”) operates the www.kivera.io website and provides cloud security software (the “Service”).


Purpose of this Privacy Notice

The purpose of this privacy notice is to inform our customers and clients of how we collect, use, and disclose information that can be identified with a particular individual (“Personal Information”) and of our commitment to personal data protection, trust and compliance with privacy protection laws (including the GDPR and PIPEDA) (“Data Protection Laws”). As a global organization, we recognize that Data Protection Laws may be different and as a practice we have adopted those policies which reflect the most stringent protections for the collection, use, and handling of personal data. We strive to engage in “privacy by design.”


We are committed to providing our clients and customers (“you”, “your” or “them”) with exceptional service in securing cloud services. Providing you with exceptional service in securing cloud services may involve the collection, use and, at times, disclosure of your Personal Information (as set out below). Protecting your Personal Information is one of our highest priorities. We will inform you of why and how we collect, use and disclose Personal Information; obtain your consent, as required by law; and handle and use Personal Information according to applicable law. Our privacy commitment includes ensuring the accuracy, confidentiality, and security of your Personal Information and allowing you to request access to, correction, and if requested, removal of, your personal information.


Data Protection Principles

We will comply with the following data protection principles when processing Personal Information:

 

  1. we will process personal information lawfully, fairly and in a transparent manner;
  2. we will collect personal information for specified, explicit and legitimate purposes only, and will not process it in a way that is incompatible with those legitimate purposes;
  3. we will process the minimum necessary amount of personal information that is adequate, relevant and necessary for the relevant purposes;
  4. we will keep accurate and up-to-date personal information and take reasonable steps to ensure that inaccurate personal information is deleted or corrected without delay;
  5. we will keep personal information in digital form for no longer than is necessary for the purposes for which the information is processed; and
  6. we will take appropriate technical and organizational measures – taking into account the state of the art, the cost of implementation, and the nature, scope, context, and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing – to protect your Personal Information against unauthorized or unlawful processing, and against accidental loss, destruction or damage. Note that no method of transmission over the Internet, or method of electronic storage is 100% secure and that users are responsible for maintaining the security of their devices.

The Personal Information We Collect about You

As noted above, Personal Information means information relating to an identified or identifiable natural person. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of Personal Information about you may include but is not limited to your name and email address. In some instances, we may aggregate data and where we do so, we will ensure that your Personal Information cannot be determined from the aggregated data, and where it is it will be treated as Personal Information under this privacy policy.

As you interact with our website and the Services, we may automatically collect technical and usage data about you or your equipment, visits to pages of our website and preferences. We can collect this Personal Information about you through the use of cookies and other technical products. You may review our policy on cookie usage below.

When browsing on our website, we may also collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.


Collection of your Personal Information

We will only collect Personal Information that is necessary to fulfill the following legal purposes relating to the provision of Services to you or in relation to our contractual or legal obligations:


  • To verify identity;
  • To identify your preferences;
  • To open and manage an account;
  • To ensure you receive a high standard of service;
  • To meet regulatory requirements; or
  • Other legal reasons as apply to the goods and services requested.

Use of your Personal Information

The use of your Personal Information is generally required to fulfill contractual obligations to you, where it is related to legitimate interests about our Services or those of a third party where those interests do not infringe on your fundamental rights and where we are required to comply with a legal or regulatory requirement. Unless we intend on sending marketing material to you, we do not rely on consent in order to use and process your Personal Information that you have freely provided to us. You may withdraw your consent to any marketing activities at any time by contacting the Privacy Protection Officer below.

 

Disclosure of Personal Information to Third Parties

We may disclose Personal Information to the categories of third parties noted below:

Third Party Contractors – We may use third party contractors (“Service Providers”) to perform limited services on our behalf, such as hosting websites and providing email services.  Services Providers are required to obtain only the Personal Information they need to deliver the service they were hired to perform, to maintain the confidentiality of Personal Information, and not use Personal Information for any purpose other than the service they were hired to perform.

Business Transitions – We may disclose Personal Information to businesses that are legally part of the same group of Kivera, or that become part of that group. We reserve the right to – in the event of a business event such as a sale or merger or acquisition – to transfer Personal Information to a new business owner, on the condition that such Personal Information must be treated in accordance with this Policy.

Compliance with Law and Prevention of Harm – We may disclose Personal Information to law enforcement, security professionals, and similar entities in the event that we have a good-faith belief that such disclosure is reasonably helpful or necessary to: (i) comply with applicable law, regulation, legal process, or government request, (ii) enforce any applicable terms of service, including investigations of potential violations thereof, (iii) detect, prevent, or otherwise address fraud or security issues, or (iv) protect against harm to the rights, property, or safety of Kivera, our users, or the public. Kivera may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Personal Information Purposes

When you provide your Personal Information to us through a web form or to request information about a product or Service that we provide, you are providing identity and contract information to us, and in some cases may provide financial information to us. Our use of such Personal Information is directly related to mutual legitimate interests and/or related to a contractual relationship between you and us. In general, our use and processing of your Personal Information arises from contractual, legitimate interests, and/or our obligation to comply with laws.

What We Do NOT Do with your Personal Information

We will not sell your Personal Information to other parties. We will not alter your Personal Information or disclose it without your consent (unless required by law). We will not keep your Personal Information for longer than necessary for the purpose for which it was collected. We will retain your personal information until either: it is no longer reasonably necessary or legally required to maintain a record of such information, or until you request its destruction.

Corrections and Your Right to be Forgotten

You have the right to request a copy of the personal information retained about you by Kivera. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law. If you would like to obtain a copy of such records, please make your request in writing to our Privacy Officer at the contact information contained below. Please include sufficient detail to identify your personal information. We may contact you to verify the information provided and/or your identity, where applicable. In any case, we will respond to your request in writing as quickly as possible, and no later than 30 days after receiving your written request. We reserve the right to refuse such request where necessary and permitted or required by applicable laws.


We will make reasonable efforts to ensure that your Personal Information is accurate and complete. You may request correction to your Personal Information to ensure its accuracy and completeness. You may also request at any time that you be “forgotten”. This means we will erase all Personal Information about you in our possession (subject to applicable laws), except as necessary to comply with our legal obligations. A request must be in writing and provide sufficient detail to identify your Personal Information and the correction or deletion being sought.

Notice to Residents of the EU, UK, and Switzerland

“Personal information” as referenced in this Privacy Policy means “personal data” as that term is defined under the European Union (“EU”) General Data Protection Regulations (“GDPR”) and its United Kingdom (“UK”) GDPR counterpart. We are a data controller with respect to the personal information described above under “The Personal Information We Collect About You.”  Where we act as a data processor with respect to provision of the Services, we process data on behalf of data controllers in accordance with their processing instructions.

If you are an individual from the European Economic Area (the “EEA”), the UK or Switzerland, please note that our legal basis for collecting and using your personal information will depend on the personal information collected and the specific context in which we collect it. We normally will collect personal information from you only where: (a) we have your consent to do so, (b) where we need your personal information to perform a contract with you (e.g. to deliver services you have requested), or ❨c❩ where the processing is in our legitimate interests. Please note that in most cases, if you do not provide the requested information, we will not be able to provide the requested service to you.

In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person. Where we rely on your consent to process your personal data, you have the right to withdraw or decline consent at any time. Where we rely on our legitimate interests to process your personal data, you have the right to object by emailing us at privacyofficer@kivera.io.

If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at privacyofficer@kivera.io.

Cookies Policy

In addition to any information that you choose to submit to us, we or selected third parties may use a variety of technologies that store or access information already stored on your personal computer, lap top, tablet, personal data device, or other device that access the website (each a “device”) whenever you visit or interact with our website.  These technologies may include (1) cookies (which are text files placed on a device when a user visits a website, which may be temporary or permanent, and may be first party or third party), (2) flash cookies (which are data files placed on a device via the Adobe Flash plug-in that may be built-in to or downloaded by you or your device, (3) HTML5 cookies (which can be programmed through HTML5 local storage and do not require a plug-in), and (4) Etag or Entity Tags (which are opaque identifiers assigned by a web server to a specific version of a resource found at a URL that acts as a form of device identifier).

We use the following categories of cookies:

Cookies Used By Us

We use a variety of internal and third party cookies relating to your use and performance of our site and advertising to you, some of which collect Personal Information. The cookies we use are updated on a regular basis and are set out below and categorized by function.


Strictly Necessary Cookies

The following cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any Personal Information.

  • Cookie and provider: __stripe_mid, __stripe_sid (stripe.com)
       
    • Description: Stripe sets this cookie to process payments – note that we do not process payments or collect payment information ourselves, but rather utilize Stripe as a payment processor.  If you wish to see additional information regarding Stripe, we encourage you to review Stripe’s privacy policy.
  • Cookie and provider: cookiesAccepted (kivera.io)
       
    • Description: Tracks the consent option for users on kivera.io
  • Cookie and provider: wf_exp_uniqueId, wf_logout, wf_first_touch, wf_first_touch_v2 (webflow.com)
       
    • Description: Associated with Webflow and is used to track users
  • Cookie and provider: ps_mode (webflow.com)
       
    • Description: Associated with Webflow and registers which server-cluster is serving the visitor

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous and does not contain identifiable Personal Information. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.

  • Cookie and provider: _ga, _ga_S6T2JDB15Y (analytics.google.com)
       
    • Description: This cookie is associated with Google Analytics and is used to distinguish unique users.

Targeting Cookies

Targeting cookies are used to build a profile of your interests and show you relevant advertisements on other sites. The Personal Information that they use and store is based on uniquely identifying your browser, mobile network information, operating system, and the device that you use to access the site and browse the Internet. We do not utilize targeting cookies.

Third Party Collection of Information

We have provided you with information above about the types of third party information storage or gathering techniques on our website. This Privacy Policy does not apply to applications (apps), technologies or sites that are owned and/or operated by other parties (such as app developers, third party advertisers or third party ad servers), even if they use our technology to store or collect data. This includes third parties that embed our technology in their apps or advertisements to facilitate download tracking or advertisement serving. We do, however, work with third parties to ensure that you are provided with the necessary information and are provided with the opportunity to make your choice. The relevant third party’s terms of use, privacy policy, permissions, notices and choices should be reviewed by yourself regarding their collection, storage and sharing practices since they may be different from ours. Kivera is not a party to any agreement between you and any third party.

Your Consent and Your Right to Refuse the Use of Information Collection Technologies

We obtain your consent to our information collection technologies by providing you with transparent information in our Privacy Policy and providing you with the opportunity to make your choice. You have the right to object to the use of information collection technologies. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked in the future by selecting certain settings. Each browser you use will need to be set separately and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to Flash cookies or HTML5 cookies. For information on disabling Flash cookies, go to Adobe‘s website. Please be aware that if you disable or remove these technologies some parts of our website will not work and that when you revisit our website your ability to limit cookies is subject to your browser settings and limitations.

Right to Complaint or Review by Commissioner

You may have the right to file a complaint or request a review of decisions made regarding your personal information with the relevant Privacy Commissioner or other public body within your jurisdiction. If you require further information or have any questions or concerns, please contact our Privacy Officer at the contact information contained below.

Overseas Entities

Kivera operates in jurisdictions in various countries, including the United States, United Kingdom, Canada, and Australia. Please take notice that it is possible that personal information retained by Kivera may be transferred and/or accessible to these jurisdictions. Kivera stores data in Australia as well as in the United Kingdom. Transfers shall take place in accordance with applicable laws and regulations.  In the event of a transfer between jurisdictions within the European Union and a different jurisdiction, such transfers shall comply with Regulations (EU) 2016-679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal information and on the free movement of such data, known as the General Data Protection Regulation (“GDPR”).

Anonymity and Pseudonymity

Individuals have the right to interact with Kivera anonymously and pseudonymously. Please note that where you exercise such right to anonymity or pseudonymity, your full access and appreciation of Kivera’s services may be limited, where impracticable to do so. Some services may also require identification under applicable laws.

Communications

With your consent, we may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Links To Other Sites

Our website may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Questions about this Privacy Policy

If you have a question about this Privacy Policy or about Kivera’s handling of your information, you can send an email to the privacy officer for Kivera at privacyofficer@kivera.io. We are unable to provide you with any information or correct any inaccuracies, until we are able to verify your identity and to provide other details to help us to respond to your request. We will contact you within 30 days of your request. You may also mail a request to the attention of “Privacy Officer” at c/o Kivera, 1123 Broadway Ste 412, New York, NY 10010-2007, United States.