Kapti Privacy Policy

Kapti Privacy Policy

Last updated November 11, 2020

Blanc Labs Inc. (“Blanc Labs” or “we”, “us” or “our” as the context dictates) is the owner and operator of Kapti. We are committed to protecting your privacy in your interaction with this website https://kapti.io (along with all subdomains, the “Website”) or the use of any of our platforms, applications, products, tools and related content (the “Services”). We affirm our privacy commitments to you in this privacy policy (the “Privacy Policy”) designed to help you understand how your information is collected, used, stored, distributed, and/or disclosed when you engage with us.

Please note that the definition of Website or Services does not include any third-party products/platforms not developed, controlled, or made available by the Blanc Labs.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

Consent. By confirming this privacy policy during our user registration process, you consent to the collection, use, storage, distribution, and/or disclosure of your Sensitive Information as described in this Privacy Policy. You can withdraw your consent to our processing of your Sensitive Information and request the erasure of such information at any time. However, withdrawing consent may result in your inability to access certain features of our Website and/or Services.

SECTION A: DEFINITIONS

Sensitive Information. Sensitive Information” is information of a confidential nature to your business, such as personally identifiable information of your clients, including your name, address, contact information, marital status, credit history, income level, and tax statements.

Non-Sensitive Information. Non-Sensitive Information” is information of an anonymous nature, such as your Internet Protocol Address (IP Address) used to access the Website or Services. Aggregative information, such as demographic statistics of our users, number of visitors, what pages users visit, and the average time spent on the Website or Services is Non-Sensitive Information. Business contact information, such as the name, title, business address, email address, or telephone number of a business or individual, that is publicly available is considered Non-Sensitive Information.

SECTION B: COLLECTION OF YOUR INFORMATION

Purpose. We collect both your Sensitive Information and Non-Sensitive Information in the course of your interaction with this Website and use of our Services in order to provide, improve, and develop our Services to address your needs and concerns.

Transparency. At the time of collection of Sensitive Information, we will communicate the specific kind(s) of information required and the purpose(s) for which we will use, store, distribute, and/or disclose your Sensitive Information in a formal legal contract.

Although the collection, use, and storage of Non-Sensitive Information is not restricted, we are committed to maximizing transparency in our communication with you. In the course of operating this Website, we may collect Non-Sensitive Information, such as information provided through your browser or stored in a cookie without prior notification to you. In providing our Services, we may also compile Non-Sensitive Information to produce statistics for predictive analytics.

Fulfillment of Requests. In general, we only actively collect your information to fulfill our user, customer, or client requests for:

  • Demo: If you request a demo of Kapti, you must provide certain information such as your full name, company name, company address, contact information, billing and payment information. We may collect passwords, password hints, and similar security information used for authentication and account access. You may choose to use Sensitive Information regarding your customers or clients, or mock data in the demo to experience features of Kapti; and

 

  • Services: We access, process, store, and transmit files that may contain Sensitive Information that you grant us access to in order to provide the Services to you. We will not disclose your Sensitive Information collected in the course of providing our Services to any unauthorized third-party unless with your prior written consent. However, we may collect metadata and derived data related to such files, such as the data, format, file type, and file size without prior written notice to you. We may also generate aggregate statistics based on the data derived from such files as well as from your general use of our Services for the purpose of improving and developing our Services. See Section C: Use of Your Information and Section D: Storage, Distribution, and Disclosure of Your Information for details.

If we plan to collect your information for purposes not described below or if we amend this Privacy Policy regarding the collection of information, we will inform you in accordance with Section G Amendment to Privacy Policy.

SECTION C: USE OF YOUR INFORMATION
We may use your Sensitive Information and Non-Sensitive Information collected through your use of our Demo or Services in a variety of ways to achieve the purpose behind the collection of information. Some examples of said use may include:

 Services. To provide you with the Services, we will access, process, store, and transmit files that you have granted us access to. We also use your information to facilitate the account creation and logon process. Additionally, we will collect metadata and derived data related to such files. We may generate anonymous aggregate statistics derived from the files you grant us access to as well as from your general use of our Services.

Transactional Notification. Despite your indicated e-mail preferences, we may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies. For example, we may send you notices of any updates to our Terms or Privacy Policy.

 Marketing Communication. If you would like to receive updates regarding our products and services, you can opt-in to receive marketing communications from us. If you decide to withdraw your consent to receiving such communications, you may do so at any time by following the opt-out instructions provided in each communication.

If you choose to unsubscribe from our marketing messages, we may still contact you for other purposes, such as to provide you with communications you have consented to receive, to supply information regarding the products or services we provide to you, or to respond to inquiries you have sent to us. We cannot guarantee that information that we send to or receive from you over the Internet will not be intercepted.

System Logs & Cookies. Cookies are used to track content usage and traffic on our Website and Services for the purpose of improving the Website and Services. In order to generate aggregate statistics about the usage of our Website, cookies can help track the number of users on the Website, the length of time users spend on the site, and which pages on the Website are viewed most often. By using our Website and Services, you consent to the placement of cookies, beacons, and other similar technology in your browser and on emails in accordance with this Policy. You may adjust your browser settings to notify you when you are sent a cookie. By doing so, you are able to grant permission or deny access to cookies that are sent to you. If you choose to disable cookies, you may not be able to fully utilize all features of our Website or Services.

Statistics. We generate statistics based on our collection of data for predictive analytics. We will compile Non-Sensitive Information without notice to you and keep aggregate statistics generated from such information. We may provide aggregate statistics of an anonymous nature to other members or a third party.

To protect our Services. We may use your information as part of our efforts to keep our Services or Website safe and secure (for example, for fraud monitoring and prevention).

To enforce our terms, conditions and policies for Business Purposes, Legal Reasons and Contractual.

To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

To manage user accounts. We may use your information for the purposes of managing our account and keeping it in working order.

SECTION D: STORAGE, DISTRIBUTION & DISCLOSURE OF YOUR INFORMATION

Security. The security of your Personal Information is important to us.  We use commercially reasonable efforts to store and maintain your Personal Information in a secure environment.  We take technical, contractual, administrative, and physical security steps designed to protect Personal Information that you provide to us.  We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.

In certain areas, such as when you provide credit card or other payment information to us, the Website works to help protect the security of your credit card and other payment information during transmission by using industry standard Secure Sockets Layer (SSL) encryption technology.

You are also responsible for helping to protect the security of your Personal Information.  For instance, never give out your email account information or your password for the Services to third parties.

Retention. We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law. All retained personal information will remain subject to the terms of this Privacy Policy.  If you request that your name be removed from our databases, it may not be possible to completely delete all your Personal Information due to technological and legal constraints.

We may retain some of the information for reasons including, but not limited to, compliance with applicable provincial, banking and lending regulations, resolving disputes, and enforcing our agreements. We may also continue to use any aggregated or de-identified information but not in a manner that would identify you personally.

Distribution.

The information you provide to the Blanc Labs may be transferred outside of Canada to provide you with the Services. These countries may not have similar data protection laws to Canada.

By submitting your personal data, you agree to this transfer, storing or processing. If we transfer your information outside of Canada in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Privacy Policy.

If you are in Europe or Switzerland, when we send your personal information to Canada it is protected under Canadian law, which the European Commission has found will adequately protect your information.

If you are located in Europe or Switzerland and believe we are not following the Privacy Shield Principles, please reach out to us at privacy@kapti.io. If you believe that we haven’t properly addressed your complaint

Finally, while we do what we can to protect your information, we may at times be legally required to disclose your personal information (for example, if we receive a valid court order).

We may process or share data based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of an Agreement: Where we have entered into an Agreement with you, we may process your personal information to fulfill the terms of our Agreement.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services or Website, which will enable them to collect data about how you interact with the Services or Website over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Third-Party Advertisers. We may use third-party advertising companies to serve ads when you visit the Services or Website. These companies may use information about your visits to our Website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you.
  • Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
  • Business Partners. We may share your information with our business partners to offer you certain products, services or promotions.

SECTION E – ACCESSING AND MODIFYING YOUR PERSONAL AND ACCOUNT INFORMATION

If you would at any time like to review or change the information in your account or terminate your account, you can do so by logging into your account settings and update your user account. We will not modify your personal or account information.

At any time, you may request access to your Sensitive Information by contacting privacy@kapti.io. We will respond to your request within a reasonable time period and process it as appropriate under applicable law. Your request may be subject to a processing fee as allowed under law.

SECTION F: LEGAL RIGHTS

In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.

If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you have questions or comments about your privacy rights, you may contact us at privacy@kapti.io.

CASL and PIPEDA

The Company will act in compliance with Canada’s Anti-Spam Legislation (CASL) and Personal Information Protection and Electronic Documents Act (PIPEDA), In order to ensure compliance, electronic messages (including email marketing) will be based on an “Opt-In” approach.

The Company will gain consent for external electronic messages purposes prior to sending commercial messages (including emails) unless there is a pre-existing business relationship as in these particular cases, consent is considered to be implied. Should the Company require personal information for a new purpose, we will contact you directly to seek consent for that new use/purpose.

DATA BREACH

A privacy breach occurs when there is unauthorized access to or collection, use, disclosure or disposal of personal information. You will be notified about data breaches when Blanc Labs believes you are likely to be at risk or serious harm. For example, a data breach may be likely to result in serious financial harm or harm to your mental or physical well-being. In the event that Blanc Labs becomes aware of a security breach which has resulted or may result in unauthorized access, use or disclosure of personal information Blanc Labs will promptly investigate the matter and notify the applicable Supervisory Authority not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

SECTION G: AMENDMENT TO PRIVACY POLICY

We reserve the right to amend this Privacy Policy at any time. We may change our policies and procedures concerning our practices for managing Non-Sensitive Information without prior notice to you. If we change our practices for handling Sensitive Information, we will inform you by email and obtain your prior written consent as required by our confidentiality agreement, service agreements, or any agreements concerning our engagement.

Amendments to this Privacy Policy will become effective on the date the change is posted. At the top of the modified Privacy Policy, we will include the date upon which it was last updated. Any changes that are made to this Privacy Policy will apply to both Sensitive Information that we hold prior to the effective date of the amended Privacy Policy and to any Sensitive Information collected on or after such effective date. Our successors and assigns may collect and use your Sensitive Information for substantially similar purposes as described in this Privacy Policy.

SECTION H: CONTACT US

If you have any questions or concerns about this Privacy Policy, or if you wish to submit a request to withdraw your consent or erase your information, please contact us at privacy@kapti.io.