Privacy policy — summary

PRIVACY POLICY SUMMARY FOR CUSTOMERS

We care about your personal data and aim to keep it as safe as possible. This summary does not replace our terms, but is to help you understand our service. For the full terms, please click here.

 

WHAT PERSONAL DATA?

In order to provide you with our service, we have to ask for some of your personal data, but we try to  keep this to a minimum. Usually, we will only require your name, email address, and, Klevio account password.

For processing payment of your order, we will need your card details, billing address and name of the card holder.  

WHY DO YOU NEED MY PERSONAL DATA?

We need your personal data in order to register you as a user, authenticate who you are, authorize your access to our website or app, and help you with any issue you may have regarding our service.

WHO  DO YOU SHARE MY PERSONAL DATA WITH?

In order to provide you with our service, we may share some of your personal data with the following companies/services that might store some of your data outside EEA:

FOR HOW LONG DO YOU KEEP MY PERSONAL DATA?

We usually keep your personal data only for as long as we are providing  you with our service.

We may need to retain some of your personal data even after the end of your agreement with us, if reasonably necessary to comply with our legal obligations, resolve disputes, maintain security or prevent fraud and abuse.

In particular, in order to be able to defend ourselves against future claims, we may retain some of your personal data for up to six years from the performance of our service to you.

DATA STORAGE

We store personal data on servers provided by Amazon Web Services inside EEA with backups held on our own servers inside EEA.

NON-EEA TRANSFER

We do not transfer, store or process any of your personal data in countries outside the EEA, unless you have explicitly consented for us to do so.

Privacy policy

30 April 2018

  1. BACKGROUND

Klevio LTD (“KLEVIO”, “we”, “us”) provides a remote locking digital service for use in combination with hardware products. We are a company registered in England and Wales. Our company registration number is 09971722 and our registered office is at 38 Berkeley Square, London, England, W1J 5AE.

We care about privacy and data protection and we are committed to protecting your personal information. We also aim at transparency, we want you to know what data we collect about you and how it is used and shared. Please be aware that, whilst we make our best efforts to keep your personal information safe, no website can be completely secure.

The following privacy policy (“Privacy Policy”) relates to our use of any personal information regarding you that we collect and process via our website (“Site”) or any other personal information you provide us in person, via email, telephone, text message, or other means.

In this Privacy Policy, the terms processing, personal data, data controller, data processor, data subject shall have the same meaning as set out in the Data Protection Act 1998 (“DPA”) as amended, extended or re-enacted from time to time and including all subordinate legislation made from time to time under the DPA or as defined by the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”) once applicable and/or any corresponding or equivalent national laws or regulations once in force and applicable (“Applicable Data Protection Laws”).

To learn more about your rights to privacy and data protection, we recommend you visit the Information Commissioner’ Office (“ICO”) website at https://ico.org.uk/.

  1. KEY TERMS

To help you understand the content of our Privacy Policy we have summarised some key terms:

Data Controller means the individual or organisation that, alone or jointly with others, exercises overall control over how Personal Data is processed and the purposes of such treatment.

Data Processor means any person (other than an employee of the Data Controller) who processes the data on behalf of and under the instruction of the Data Controller.

Communication Methods means email, telephone, notices posted on our Site, or any other communication methods.

Personal Data means data which relates to a living individual who can be identified from such data, or from data and other information which is in the possession of, or is likely to come into the possession of, the Data Controller.

Processing means obtaining, recording or holding data or carrying out any operation in relation to Personal Data. 

Third-Party Websites means websites owned and operated by third parties.

  1. DATA CONTROLLER

For the purpose of the processing of your Personal Data in connection with your use of our Site or of our services, Klevio is a Data Controller.

We are based and operate within the United Kingdom.

If you have any query regarding our use of your personal data, please contact us at [email protected]

  1. PRIVACY POLICY IN RELATION TO WEBSITE USERS

The terms in this paragraph 4 apply only to users of the Site who are not otherwise using our services.

  1. LEGAL BASIS FOR PROCESSING

We process your Personal Data on the basis that you have consented to and we have a legitimate interest in such processing. Our legitimate interest includes our commercial interest in offering our services to the public.  

  1. INFORMATION WE COLLECT ABOUT YOU

We log your visits and your usage data when you visit our Site. In particular, we use internet protocol (“IP”) addresses, cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to identify you or your device. Please read our Cookies Policy to learn more about how we use cookies and similar tracking technologies and how to opt out.

We receive data from your devices and networks, including location data. When you visit or leave our Site, we receive the URL of both the site you came from and the one you go to next. We also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our Site from a mobile device, that device will send us data about your location. Most devices allow you to prevent location data from being sent to us and we respect your settings. 

  1. HOW WE USE YOUR PERSONAL DATA

We use your Personal Data to give you access to our Site and in particular to:

  1. provide you with information about our services;
  2. contact you through any Communication Method about our services, provided that you have previously consented to us contacting you;
  3. produce aggregate insights that do not identify you; and
  4. investigate, respond to and resolve complaints and service issues.
  1. RECIPIENTS OF YOUR DATA

In order to provide you with our service, we may share some of your personal data with:

  1. Stripe (a payment service provider, https://stripe.com );
  2. MailChimp (newsletter management, https://mailchimp.com/ );
  3. Celery (online shop provider, https://www.trycelery.com/ );
  4. Intercom (an online chat and Customer Relationship Management service provider, https://www.intercom.com/);
  5. Cloudflare (web hosting, https://www.cloudflare.com/)
  6. Google (a data analytics service provider, https://www.google.com/);
  7. Facebook (a data analytics service provider, https://www.facebook.com/).

We will only share your personal data with the companies described at number 3 and 4 provided that you have previously consented to such use of your personal data. As further detailed below at 6.6, you can always change your mind and withdraw your consent to the processing of your personal data.

ADDITIONALDISCLOSURES

To provide and develop our Site, we may share your Personal Data with:

our subsidiaries, as defined by section 1162 of the Company Act 2006 as amended, extended or re-enacted from time to time, provided that our subsidiaries will be subject to the same terms of this Privacy Policy; and

third parties for maintenance, analysis, audit, payments, marketing and development. Third parties will only have access to and use your Personal Data as reasonably necessary to perform these tasks on our behalf and they will be bound to non-disclosure obligations and to the terms of this Privacy Policy.

We may have to disclose your Personal Data if it is reasonably necessary to: (i) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (ii) investigate and defend ourselves against any third-party claims or allegations; and (iii) protect the security or integrity of our services.

We will attempt to notify you about legal demands for your Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

We may share your Personal Data as part of a sale, merger or change in control, or in preparation for any of these events.

Any other entity which buys Klevio or part of our business will have the right to continue to use your data, but only in the manner set out in this Privacy Policy.

  1. DATA RETENTION 

We will normally keep your Personal Data for as long as it is necessary to provide you with access to our Site or services and in any case for a maximum of 3 months from the first collection of your Personal Data.

  1. CROSS-BORDER DATA TRANSFERS  

We do not transfer, store or process your Personal Data at destinations outside the European Economic Area (“EEA”).

  1. PRIVACY POLICY IN RELATION TO USERS OF OUR SERVICES

The terms in this paragraph 5 apply only to users of our services.

  1. LEGAL BASIS FOR PROCESSING  

LEGITIMATE INTEREST

We process Personal Data of users of our services (“Clients”) on the basis that we have a legitimate interest in such processing that includes our commercial interest in providing you with our services.

CONSENT AND PERFORMANCE OF A CONTRACT

Furthermore, we may process Personal Data of Clients on the basis that: (i) they have consented to such processing; and/or (ii) it is necessary for the entry into, or performance of, a contract or in order to take steps at their request prior to the entry into a contract.

  1. INFORMATION WE HOLD  

UPON REGISTRATION

When you choose to use our services, we collect the following Personal Data: your name, your contact details, your email address, and your current address.  

PAYMENT

In order to process the payment of an invoice for our services, we may collect: the name of the card owner, the card details and the billing address.

ADDITIONAL INFORMATION 

Depending on your requirements and circumstances, we may need to collect Personal Data (such as name, address, date of birth) of your “Authorised Users” to allow them to use our services.

WEBSITE USE

We log your visits, use of our services and your usage data when you visit or otherwise use our services. We use log-ins, IP addresses, cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to log your use and identify you or your device. Please read our Cookies Policy to learn more about how we use cookies and similar tracking technologies and how to opt out.

When you visit or leave our Site, we receive the URL of both the site you came from and the one you go to next. We also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our Site from a mobile device, that device may send us data about your location. Most devices allow you to prevent location data from being sent to us and we respect your settings.

  1. HOW WE USE YOUR PERSONAL DATA

We use Personal Data of Clients to provide them with our services and in particular:

  1. for administrative purposes;
  2. to correspond with Clients about their matter(s) through any Communication Methods;
  3. to contact Clients via any Communication Methods about the availability of our services, security, other service-related issues, reminders, and suggestions;
  4. to produce aggregate insights that do not identify any individual Client; and
  5. to investigate, respond to and resolve complaints and service issues.

Please be aware that as long as you are using our services you cannot opt out of receiving essential service messages from us, including security and legal notices.

  1. RECIPIENTS OF YOUR DATA

In order to provide you with our service, we may share some of your personal data with:

  1. Intercom (an online chat and Customer Relationship Management service provider, https://www.intercom.com/);
  2. UrbanAirship (a company providing “in-app notifications” tools, https://www.urbanairship.com/);
  3. Sentry (an error tracking and reporting software provider, https://sentry.io/welcome/);
  4. Hubspot (a Business to Business CRM service provider, https://www.hubspot.com/);
  5. Atlassian (a user reported issues tracking software provider, https://www.atlassian.com/); and
  6. Amazon Web Services (a cloud computing services provider)

ADDITIONAL DISCLOSURES

To provide our services, we may also share your Personal Data with:

  1. our subsidiaries, as defined by section 1162 of the Company Act 2006 as amended, extended or re-enacted from time to time, provided that our subsidiaries will be subject to the same terms of this Privacy Policy; and
  2. third parties (e.g. for maintenance, analysis, audit, payments, marketing and development). Third parties will only have access to and use your information as reasonably necessary to perform these tasks on our behalf and they will be bound to non-disclosure obligations and to the terms of this Privacy Policy.

We may have to disclose your Personal Data if it is reasonably necessary to: (i) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (ii) enforce our agreements with you; (iii) investigate and defend ourselves against any third-party claims or allegations; (vi) protect the security or integrity of our services.

We will attempt to notify you about legal demands for your Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not undertake or warrant to challenge every demand.

We may also share your Personal Data as part of a sale, merger or change in control, or in preparation for any of these events. Any other entity which buys KLEVIO or part of our business will have the right to continue to use your data, but only in the manner set out in this Privacy Policy.

  1. DATA RETENTION

Unless you have agreed for us to retain your Personal Data for a longer period, we will keep your Personal Data only for as long as it is necessary to provide you with our services.

We may need to retain part of your Personal Data even after termination of this agreement with you, if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse or enforce our agreements with you.

  1. CROSS-BORDER DATA TRANSFERS  

We do not transfer, store or process your Personal Data at destinations outside the EEA.

Even if it is necessary to perform our obligations to you, we will always ask for your consent before transferring your Personal Data outside the EEA.

  1. GENERAL
  1. CHANGE TO THIS PRIVACY POLICY

As we are committed to constantly improving our services, we may change the selection of data and the way we process it. We reserve the right to change or adapt this Privacy Policy from time to time. In case of any material change to our Privacy Policy, we will update the version available on our Site as soon as reasonably possible.

  1. LINKING TO OTHER WEBSITES

For your information and convenience only, the Site may contain hyperlinks to Third-Party Websites. KLEVIO has no control over and does not endorse any content or services displayed, contained or related to those Third-Party Websites. We make no warranties or representations, express or implied, about Third-Party Websites or any content, products, material or services contained, displayed or related to them. If you decide to access any Third-Party Websites and make use of the information contained on them or to enter into any contract for the supply of goods or services from such third party, you do so entirely at your own risk. We accept no liability for damage or loss, however caused in the connection with the use of or reliance on any information, material, products or services contained on or accessed through any such Third-Parties Websites.

  1. THIRD-PARTY ADVERTISERS

We do not share your Personal Data with any third-party advertisers or ad networks without your consent.

  1. MARKETING

We do not send you marketing communications unless you have opted-in to receiving marketing communications.  

To change your marketing references, you may also email us at [email protected]

  1. SECURITY

We implement a number of security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

  1. YOUR RIGHTS

RIGHT OF ACCESS 

We offer you access to the Personal Data we hold about you. Please be aware that the purpose of an access request is to give you the opportunity to confirm the accuracy of Personal Data we are holding about you, the lawfulness of our processing and to allow you to exercise your rights under Applicable Data Protection Laws if necessary.

We reserve the right to reject manifestly unfounded (e.g. made for other, non-data protection purposes) or excessive requests.

To have access to the Personal Data we store about you, please contact us at [email protected]

RIGHT TO WITHDRAW CONSENT

Please be aware that, if you have given us consent to process your Personal Data for the purposes detailed in this Privacy Policy, you can always change your mind and withdraw your consent by contacting us at [email protected]

In order to process your requests, we may ask you to send us a copy of two forms of identification (such as passport, driving licence, birth certificate, bank statement, utility bills).

FURTHER RIGHTS

You also have the right to lodge a complaint about our processing of your Personal Data and/or our handling of your complaints to ICO or the appropriate data protection authority if you reside outside the United Kingdom.

To learn more about your rights please visit ICO’s website at https://ico.org.uk/.  

Your privacy settings

We use some third party tools to improve your experience. Some of them are necessary to enable you to chat to us, others are used to improve the performance of the website and for tailored advertising. For more information, visit our Privacy Policy.

How do you want to communicate with our customer success specialists?