Privacy Policy

Last Updated: August 2, 2023

This privacy policy (“Privacy Policy”) describes the information collected by Trikro LLC d/b/a Kromatic (“Kromatic,” “we,” “us,” or “our”), how that information may be used, with whom it may be shared, and your choices about such uses and disclosures. By using our website, located at http://www.Kromatic.com (“Website”), and/or other services we provide (“Services”) you are accepting the practices set forth in this Privacy Policy. If you do not agree with this policy, then you must not access or use the Services.

INFORMATION WE COLLECT AND HOW WE COLLECT IT

Information collected automatically

When you use the Services, we may collect but do not store certain information about your computer or mobile device and your activities. This may include information that could be used to personally identify you (“Personal Information,”) but most often is aggregated, de-personalized information that would not be able to identify you personally (“Non-PII”) We may collect such information via:

Cookies. We use “cookies” to keep track of some types of information while you are visiting the Website or using our Services. Cookies are very small files placed on your computer, and they allow us to count the number of visitors to our Website and distinguish repeat visitors from new visitors. They also allow us to save user preferences and track user trends. We rely on cookies for the proper operation of the Services; if your browser is set to reject all cookies, The Services may not function properly. Users who refuse cookies assume all responsibility for any resulting loss of functionality with respect to the Services.

Offline Collection. We may collect information offline, where we also try to protect the privacy of your personal information. One example involves someone calling us to receive free advice during our office hours. When someone calls, we will ask only for the personal information we need in order to give advice. When we need to store information (such as order information), we will enter it into our database through SSL encryption. There are other ways we could learn of personal information offline and this Privacy Policy doesn't discuss or try to predict all of those methods or uses.

Information you choose to provide: When you register with us, you must provide certain Personal Information, including your name, email address, phone number, address and zip code.

Registration and Ordering. Before using certain parts of the Services or ordering services, you must complete an online registration form. During registration, you will be prompted to provide to us certain Personal Information, including but not limited to your name, shipping and billing address(es), phone number, email address, and credit card number. In addition, we may also ask you for your country of residence and/or your organization’s country of operation, so we can comply with applicable laws and regulations. These kinds of Personal Information are used for our legitimate business purposes in fulfilling our contract with you, including billing, to fulfill your orders, to communicate with you about your services and our site, and for internal marketing purposes. If we encounter a problem when processing your order, we may use the personal information to contact you.

Emails: We require an email address from you when you register with us. We use your email for both “administrative” (e.g., confirming your registration) and “promotional” (e.g., newsletters, new product offerings, special discounts, event notifications, special third-party offers) purposes. Email messages we send you may contain code that enables our database to track your usage of the e-mails, including whether the e-mail was opened and what links (if any) were clicked. You may opt-out of receiving promotional emails and other promotional communications from us at any time via the opt-out links provided in such communications, or by e-mailing [email protected] with your specific request. However, we reserve the right to send you certain communications relating to the Services such as service announcements, security alerts, update notices, or other administrative messages) without affording you the opportunity to opt out of receiving such communications. If we do use your contact information for marketing purposes, it will be in our legitimate business interests to do so and we will do so in a way that minimizes any burden on you.

Online Survey Data: We may periodically conduct voluntary member surveys. We encourage our members to participate in such surveys because they provide us with important information regarding potential improvements to the Services. We do not link the survey responses to your name or email address, and all responses are anonymous and Non-PII.

Type of Information

Personal Information:

  • Name
  • Mailing Address
  • Phone Number
  • Email
  • Job Title

Legal Basis of Collecting

  1. Performance of the contract with you. We will store just enough information to honor your opt-out preference.
  2. Performance of contract with you
  3. Our legitimate interests, if related to marketing.

Reason for Collecting

  1. You know our name, we require yours for the contractual relationship between the parties.
  2. We require your email information to log you into the system and to provide you with the Service.
  3. If we do use your email to contact you for marketing purposes, it will be in Our legitimate interests to do so, but you will always have a chance to opt out of such marketing communications for similar products and/or services prior to first (and any subsequent) communication. You may opt out at any time by emailing [email protected]

How We Use Your Information

Pursuant to the terms of this Privacy Policy, we may use the Personal Information we collect from you for the following purposes:

  1. To fulfill our obligations pursuant to our contract(s) with you;
  2. For our legitimate business interests, in ways that minimize the burden on you;
  3. To respond to your comments and questions and provide customer service;
  4. To communicate with you about the Services and related offers, promotions, news, upcoming events, and other information we think will be of interest to you;
  5. To monitor and analyze trends, usage and activities;
  6. To investigate and prevent fraud and other illegal activities; and
  7. To provide, maintain, and improve the Services and our overall business;
  8. To process your order and provide you with customer service. We may internally use your Personal Information to improve our Website’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services and products to you);
  9. To assist you in buying services and provide customer service to you by providing your credit card number to financial-services corporations such as credit-card processors and issuers.

 

Sharing Your Information

The information we collect is used to improve the content and the quality of the Services. We do not share your Personal Information without your consent except as necessary to fulfill our contracts with you, with your consent, or under the following circumstances:

Service Providers. We may share your information with our third-party service providers (including data processors and subprocessors) that support various aspects of our business operations (e.g., analytics providers, security and technology providers, and payment processors).

Legal Disclosures and Business Transfers. We may disclose any information without notice or consent from you: (a) in response to a legal request, such as a subpoena, court order, or government demand; (b) to investigate or report illegal activity; or (c) to enforce our rights or defend claims. We may also transfer your information to another company in connection with a merger, corporate restructuring, sale of any or all of our assets, or in the event of bankruptcy.

Aggregate Data. We may combine Non-PII we collect with additional Non-PII collected from other sources for marketing. We also may share aggregated, Non-PII with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis.

YOUR CHOICES

  • If at any time you are uncomfortable with our use of your Personal Information for internal marketing purposes and for the purpose of creating aggregate reports, you may opt-out by email as described in “Opting-Out or Updating Your Personal Information and Privacy Preferences.” Note that if you opt not to provide us with certain mandatory information, then our Products and services may be unavailable to you.
  • You may similarly opt out of receiving communications from us, although we may find it necessary to continue to communicate with you regarding your use of the Services.
  • For our websites, you may set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this Site may then be inaccessible or not function properly.

THIRD PARTY SITES

The Website and the Services may contain links to other websites. If you choose to click on a third party link, you will be directed to that third party's website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other websites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

AGE RESTRICTION

We do not target or allow persons under the minimum age of eligibility (the “Minimum Age”) to use the Services, and we do not knowingly collect information from persons under the Minimum Age. Minimum Age means: (a) 18 years old for the People's Republic of China; (b) 16 years old for the Netherlands; (c) 14 years old for the United States, Canada, Germany, Spain, Australia and South Korea; (d) 13 years old for all other countries; or (e) the minimum legal age to enter into a contract or use our Services in your jurisdiction. The Services are not for use by anyone under the Minimum Age. By registering to the Services, you represent and warrant that you are at least our Minimum Age. 

We do not knowingly collect any Personal Information from anyone under the Minimum Age. If you are under the Minimum Age, please do not provide any Personal Information about yourself to us. If you are a parent or legal guardian who discovers that a person under the Minimum Age over whom you have lawful authority has provided us with information in violation of this Privacy Policy, you may contact us at [email protected], and we will promptly delete such information from our files.

SECURING YOUR PERSONAL INFORMATION

We collect and uses Personal Information only for the purposes for which it was collected and in accordance with this Privacy Policy. We review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Information needed to provide or improve our services. We take reasonable steps to ensure that the Personal Information we process is accurate, complete, and current, but we depend on our users to update or correct their Personal Information whenever necessary.

We store Personal Information only while the owner account is active. We will delete Personal Information from our system following closure of an account or upon request as detailed below, storing and maintaining the information no longer than it takes to engage in our lawful business activities. 

Regardless of the type of information, we take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage, and processing practices, and introducing security measures, including physical security measures, to guard against unauthorized access to systems where we store personal data.

We restrict access to Personal Information to Kromatic employees, service providers and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to protect your Personal Information, we cannot guarantee its absolute security. IN NO EVENT WILL KROMATIC OR ITS SUBSIDIARIES, AFFILIATES OR ANY PARTY INVOLVED IN CREATING, PRODUCING OR DELIVERING THE SITE BE LIABLE IN ANY MANNER WHATSOEVER FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES ARISING OUT OF YOUR ACCESS, USE OR INABILITY TO USE THE SITES, OR IN CONNECTION WITH ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS OR LINE OR SYSTEM FAILURE (INCLUDING LOSS PROFITS, LOSS OF BUSINESS OR DATA, BUSINESS INTERRUPTION, AND DAMAGES THAT RESULT FROM INACCURACY OF THE INFORMATION OR INCONVENIENCE, DELAY, OR LOSS OF THE USE OF THE SITES). THE FOREGOING LIMITATIONS APPLY WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE STRICT LIABILITY OR ANY OTHER BASIS, EVEN IF KROMATIC OR ITS AFFILIATES OR ANY OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

INFRASTRUCTURE SECURITY

We use a protective DNS service to analyze DNS queries and take actions to mitigate threats to our technology infrastructure, including the Website and Services. All communications and data on the Website and Services are subject to monitoring and disclosure to third parties, including governmental agencies, solely for the purposes of the protective DNS service. This paragraph takes precedence over any other provisions of this Privacy Policy.

ADDITIONAL PRIVACY RIGHTS

The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et. seq.) and similar statutes afford consumers residing in the applicable states certain rights with respect to their Personal Information (the state privacy statute that applies to you, if any, is referred to herein as the “State Privacy Law”). The rights below apply to all United States residents; provided, however, that your State Privacy Law will apply to the extent it affords you rights greater than those provided herein. 

In the preceding 12 months, we have collected the following categories of Personal Information: identifiers, commercial information, internet or other electronic network activity information, and inferences. For details about the precise data points we collect and the categories of sources of such collection, please see the “Information We Collect and How We Collect It” section above.  We collect Personal Information for the business and commercial purposes described in the How We Use Your Information and “Sharing Your Information” sections above.  In the preceding 12 months, we have disclosed the following categories of Personal Information for business purposes to the following categories of recipients:

Category of Personal Information

Categories of Recipients

Identifiers

Analytics Providers

Communication Providers

Customer Service Providers

Fraud Prevention and Security Providers

Infrastructure Providers

Marketing Providers

Payment Processors

Commercial Information

Analytics Providers

Infrastructure Providers

Payment Processors

Internet or Other Electronic Network Activity Information

Analytics Providers

Infrastructure Providers

Inferences

Analytics Providers

Infrastructure Providers

Recipients we currently share Personal Information with include, but are not limited to, Klavio (a marketing provider) and Google Analytics (an analytics provider).

We do not sell your Personal Information.

Subject to certain limitations, you have the right to (1) request to know more about the categories and specific pieces of Personal Information we collect, use, and disclose about you, (2) request deletion of your Personal Information, (3) opt out of any sales of your Personal Information, if we engage in that activity in the future, and (4) not be discriminated against for exercising these rights. You may make these requests by emailing us at: [email protected]. We will verify a webform request by asking you to provide identifying information. We will not discriminate against you if you exercise your rights under a State Privacy Law.

If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. This may include requiring you to verify your identity. If you are an authorized agent seeking to make a request, please email us at: [email protected]. We do not knowingly collect Personal Information from persons under the age of 18. Data will not be shared with any third parties for their own marketing purposes.

USING KROMATIC FROM OUTSIDE THE UNITED STATES

Our Services are intended only for users within the United States. Accordingly, this Privacy Policy is intended to cover the collection of information by our Website and mobile devices from residents of the United States. As a result, United States federal and state governments, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your information through laws applicable in the United States. If you are using the Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated, where it may be subject to the jurisdiction of the law enforcement agencies of the United States and the relevant States. By using the Services, you understand and agree that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

European Union Citizens

As a citizen of the European Union, you are entitled to the full spectrum of the rights under the General Data Protection Regulation that entered into effect on May 25, 2018 and all data privacy regulations that preceded it to the extent that they were not preempted by the GDPR. While we do not intentionally make ourselves subject to the GDPR by operating in the European Union, we will do our best to accommodate any valid request within a reasonable amount of time, and in all cases in the statutorily required amount of time.

In particular, EU citizens have the right to access, alter, and have deleted Personal Information with the understanding that without such information we may not be able to provide you with the Services. You are also entitled to impose restrictions or limitations on the collection of your information or its processing. If you wish to exercise your rights, you may contact us via the addresses listed in the Contact section of this Privacy Policy. 

As required by the GDPR, we require that all processors and subprocessors of the data we collect have privacy practices no less restrictive than our own and are bound to agreements that require strict confidentiality as it relates to your Personal Information. We take your privacy rights very seriously and will always act in good faith to balance your legitimate privacy rights with our contractual, lawful, and ethical obligations as a business.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time at our sole discretion. When we post changes to this Privacy Policy, we will revise the "last updated" date at the top of this Privacy Policy. We recommend that you check our Website from time to time to inform yourself of any changes in this Privacy Policy or any of our other policies. We will alert you to major substantive changes to this Privacy Policy in our sole discretion.

HOW TO CONTACT US

If you have any questions about this Privacy Policy, please contact us by email at [email protected].