Last Updated: August 2, 2023
INFORMATION WE COLLECT AND HOW WE COLLECT IT
Information collected automatically
When you use the Services, we may collect but do not store certain information about your computer or mobile device and your activities. This may include information that could be used to personally identify you (“Personal Information,”) but most often is aggregated, de-personalized information that would not be able to identify you personally (“Non-PII”) We may collect such information via:
Information you choose to provide: When you register with us, you must provide certain Personal Information, including your name, email address, phone number, address and zip code.
Registration and Ordering. Before using certain parts of the Services or ordering services, you must complete an online registration form. During registration, you will be prompted to provide to us certain Personal Information, including but not limited to your name, shipping and billing address(es), phone number, email address, and credit card number. In addition, we may also ask you for your country of residence and/or your organization’s country of operation, so we can comply with applicable laws and regulations. These kinds of Personal Information are used for our legitimate business purposes in fulfilling our contract with you, including billing, to fulfill your orders, to communicate with you about your services and our site, and for internal marketing purposes. If we encounter a problem when processing your order, we may use the personal information to contact you.
Emails: We require an email address from you when you register with us. We use your email for both “administrative” (e.g., confirming your registration) and “promotional” (e.g., newsletters, new product offerings, special discounts, event notifications, special third-party offers) purposes. Email messages we send you may contain code that enables our database to track your usage of the e-mails, including whether the e-mail was opened and what links (if any) were clicked. You may opt-out of receiving promotional emails and other promotional communications from us at any time via the opt-out links provided in such communications, or by e-mailing [email protected] with your specific request. However, we reserve the right to send you certain communications relating to the Services such as service announcements, security alerts, update notices, or other administrative messages) without affording you the opportunity to opt out of receiving such communications. If we do use your contact information for marketing purposes, it will be in our legitimate business interests to do so and we will do so in a way that minimizes any burden on you.
Online Survey Data: We may periodically conduct voluntary member surveys. We encourage our members to participate in such surveys because they provide us with important information regarding potential improvements to the Services. We do not link the survey responses to your name or email address, and all responses are anonymous and Non-PII.
Type of Information
- Mailing Address
- Phone Number
- Job Title
Legal Basis of Collecting
- Performance of the contract with you. We will store just enough information to honor your opt-out preference.
- Performance of contract with you
- Our legitimate interests, if related to marketing.
Reason for Collecting
- You know our name, we require yours for the contractual relationship between the parties.
- We require your email information to log you into the system and to provide you with the Service.
- If we do use your email to contact you for marketing purposes, it will be in Our legitimate interests to do so, but you will always have a chance to opt out of such marketing communications for similar products and/or services prior to first (and any subsequent) communication. You may opt out at any time by emailing [email protected]
How We Use Your Information
- To fulfill our obligations pursuant to our contract(s) with you;
- For our legitimate business interests, in ways that minimize the burden on you;
- To respond to your comments and questions and provide customer service;
- To communicate with you about the Services and related offers, promotions, news, upcoming events, and other information we think will be of interest to you;
- To monitor and analyze trends, usage and activities;
- To investigate and prevent fraud and other illegal activities; and
- To provide, maintain, and improve the Services and our overall business;
- To process your order and provide you with customer service. We may internally use your Personal Information to improve our Website’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services and products to you);
- To assist you in buying services and provide customer service to you by providing your credit card number to financial-services corporations such as credit-card processors and issuers.
Sharing Your Information
The information we collect is used to improve the content and the quality of the Services. We do not share your Personal Information without your consent except as necessary to fulfill our contracts with you, with your consent, or under the following circumstances:
Service Providers. We may share your information with our third-party service providers (including data processors and subprocessors) that support various aspects of our business operations (e.g., analytics providers, security and technology providers, and payment processors).
Legal Disclosures and Business Transfers. We may disclose any information without notice or consent from you: (a) in response to a legal request, such as a subpoena, court order, or government demand; (b) to investigate or report illegal activity; or (c) to enforce our rights or defend claims. We may also transfer your information to another company in connection with a merger, corporate restructuring, sale of any or all of our assets, or in the event of bankruptcy.
Aggregate Data. We may combine Non-PII we collect with additional Non-PII collected from other sources for marketing. We also may share aggregated, Non-PII with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis.
- If at any time you are uncomfortable with our use of your Personal Information for internal marketing purposes and for the purpose of creating aggregate reports, you may opt-out by email as described in “Opting-Out or Updating Your Personal Information and Privacy Preferences.” Note that if you opt not to provide us with certain mandatory information, then our Products and services may be unavailable to you.
- You may similarly opt out of receiving communications from us, although we may find it necessary to continue to communicate with you regarding your use of the Services.
THIRD PARTY SITES
The Website and the Services may contain links to other websites. If you choose to click on a third party link, you will be directed to that third party's website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other websites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
We do not target or allow persons under the minimum age of eligibility (the “Minimum Age”) to use the Services, and we do not knowingly collect information from persons under the Minimum Age. Minimum Age means: (a) 18 years old for the People's Republic of China; (b) 16 years old for the Netherlands; (c) 14 years old for the United States, Canada, Germany, Spain, Australia and South Korea; (d) 13 years old for all other countries; or (e) the minimum legal age to enter into a contract or use our Services in your jurisdiction. The Services are not for use by anyone under the Minimum Age. By registering to the Services, you represent and warrant that you are at least our Minimum Age.
SECURING YOUR PERSONAL INFORMATION
We store Personal Information only while the owner account is active. We will delete Personal Information from our system following closure of an account or upon request as detailed below, storing and maintaining the information no longer than it takes to engage in our lawful business activities.
Regardless of the type of information, we take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage, and processing practices, and introducing security measures, including physical security measures, to guard against unauthorized access to systems where we store personal data.
We restrict access to Personal Information to Kromatic employees, service providers and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to protect your Personal Information, we cannot guarantee its absolute security. IN NO EVENT WILL KROMATIC OR ITS SUBSIDIARIES, AFFILIATES OR ANY PARTY INVOLVED IN CREATING, PRODUCING OR DELIVERING THE SITE BE LIABLE IN ANY MANNER WHATSOEVER FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES ARISING OUT OF YOUR ACCESS, USE OR INABILITY TO USE THE SITES, OR IN CONNECTION WITH ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS OR LINE OR SYSTEM FAILURE (INCLUDING LOSS PROFITS, LOSS OF BUSINESS OR DATA, BUSINESS INTERRUPTION, AND DAMAGES THAT RESULT FROM INACCURACY OF THE INFORMATION OR INCONVENIENCE, DELAY, OR LOSS OF THE USE OF THE SITES). THE FOREGOING LIMITATIONS APPLY WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE STRICT LIABILITY OR ANY OTHER BASIS, EVEN IF KROMATIC OR ITS AFFILIATES OR ANY OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
ADDITIONAL PRIVACY RIGHTS
The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et. seq.) and similar statutes afford consumers residing in the applicable states certain rights with respect to their Personal Information (the state privacy statute that applies to you, if any, is referred to herein as the “State Privacy Law”). The rights below apply to all United States residents; provided, however, that your State Privacy Law will apply to the extent it affords you rights greater than those provided herein.
In the preceding 12 months, we have collected the following categories of Personal Information: identifiers, commercial information, internet or other electronic network activity information, and inferences. For details about the precise data points we collect and the categories of sources of such collection, please see the “Information We Collect and How We Collect It” section above. We collect Personal Information for the business and commercial purposes described in the How We Use Your Information and “Sharing Your Information” sections above. In the preceding 12 months, we have disclosed the following categories of Personal Information for business purposes to the following categories of recipients:
Category of Personal Information
Categories of Recipients
Customer Service Providers
Fraud Prevention and Security Providers
Internet or Other Electronic Network Activity Information
Recipients we currently share Personal Information with include, but are not limited to, Klavio (a marketing provider) and Google Analytics (an analytics provider).
We do not sell your Personal Information.
Subject to certain limitations, you have the right to (1) request to know more about the categories and specific pieces of Personal Information we collect, use, and disclose about you, (2) request deletion of your Personal Information, (3) opt out of any sales of your Personal Information, if we engage in that activity in the future, and (4) not be discriminated against for exercising these rights. You may make these requests by emailing us at: [email protected]. We will verify a webform request by asking you to provide identifying information. We will not discriminate against you if you exercise your rights under a State Privacy Law.
If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. This may include requiring you to verify your identity. If you are an authorized agent seeking to make a request, please email us at: [email protected]. We do not knowingly collect Personal Information from persons under the age of 18. Data will not be shared with any third parties for their own marketing purposes.
USING KROMATIC FROM OUTSIDE THE UNITED STATES
European Union Citizens
As a citizen of the European Union, you are entitled to the full spectrum of the rights under the General Data Protection Regulation that entered into effect on May 25, 2018 and all data privacy regulations that preceded it to the extent that they were not preempted by the GDPR. While we do not intentionally make ourselves subject to the GDPR by operating in the European Union, we will do our best to accommodate any valid request within a reasonable amount of time, and in all cases in the statutorily required amount of time.
As required by the GDPR, we require that all processors and subprocessors of the data we collect have privacy practices no less restrictive than our own and are bound to agreements that require strict confidentiality as it relates to your Personal Information. We take your privacy rights very seriously and will always act in good faith to balance your legitimate privacy rights with our contractual, lawful, and ethical obligations as a business.
HOW TO CONTACT US