Last Updated: March 04, 2022
This Policy sets out the basis on which personal data will be processed by us. This Policy applies to personal data we may collect from you, or that you provide to us, through or in connection with your use of our software services (the “SaaS Service”), our app (the “App”). This Policy also applies for our websites where we make this Policy available, including: https://kaizan.ai/ (the "Website"). The SaaS Service, our App and Website are together the “Services”. Please read the Policy carefully to understand our views and practices regarding your personal data.
We will only collect and process information about you in accordance with this Policy and we will only use information collected about you in accordance with applicable data protection laws.
You have the right to object to the processing of your personal data, including where your personal data is being processed for direct marketing purposes. Further information on this right, and your other rights, is set out below.
If you have any concerns over privacy, or this Policy, contact us at firstname.lastname@example.org.
how we collect and use your personal data
The table below explains what data we collect, how we use it, and which recipients it might be shared with.
Except as set out below, we do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
How we use it
Third Party Recipients
Your contact details (collected when you sign up to use our Services as a customer:
For the performance of our contractual obligation to provide the licence of the SaaS Service to you, and in accordance with our legitimate interest with operating our business.
Your email and call data, including
To show you various statistics (like, but not limited to, last contact, time spent per contact) and analyse content to provide health indicators (like, but not limited to, sentiment, pending actions).
To deliver some product features we may call third party foundational model API's. All Kaizan commercial agreements, and integrations, prohibit the use of any data passed to be used in training their models.
Your financial information (when you sign up to our Services which require payment):
Our legitimate interests in taking payment from you in exchange for your use of our Services, and for complying with our legal obligation for tax, fraud and credit purposes.
We may provide your financial information to our banking providers, to any credit reference agency we use, to authorities and fraud prevention services, and to any third party accounting service we use.
Website support / enquiry information (information we receive when you get in touch with us via our App or Website):
In line with the legitimate interest we have in promoting our business, we will process your enquiries to provide you with information about the services we offer.
This might include replying to your enquiry. We may also process enquiries to take steps you ask of us with a view to entering into an agreement to provide you with our services.
You are under no obligation to provide us with any details, but if you don’t provide all relevant information, we may not be able to help.
Website analytics and usage information (collected automatically when you visit the Website):
When you visit our Website, we collect log and analytical information, such as your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use.
We process this information on the basis of our legitimate interests to understand how visitors use our Website and to compile statistical reports regarding that activity (for example, your IP address is used to approximate the country from which you access our Website, and we aggregate this information together so we know that, for example, most of the visitors to our Website are in England). In many cases the data would be aggregated and/or anonymised so that it would not identify you and as such would not be considered personal data.
We may share data about you with third party analytics services providers (based outside of the UK and EEA).
App analytics and usage information (collected automatically when you play the App, or which may be available to us from app platforms / stores):
(“App Technical & Usage Data”).
We may collect this data so that we can understand usage of our App, analyse and improve our App and develop new services or new parts thereof. In some cases it may also help us to identify problems (e.g. bugs or problems preventing progression).
In many cases the data would be aggregated and/or anonymised so that it would not identify you.
We may share data about you with third party analytics services providers (based outside of the UK and EEA).
Email newsletters (if we operate them) (this information is collected when you sign up for the Services and when you notify us of your marketing preferences):
We may process your data to make suggestions and recommendations to you and other users of our Services about: (i) news and updates relating to us, our partners, products, services and content; (ii) content, goods and services that may interest you; and (iii) other promotional activity and events we think may be of interest.
If required by law, we rely upon your consent in order for us to undertake this data processing activity. You can revoke your consent at any time by letting us know, including by emailing us. Otherwise we rely on the basis we are pursuing our legitimate interest of marketing our business.
We may share you data about you with third party providers of marketing automation platforms and email marketing services (based outside of the UK and EEA).
For the purposes of our advertising attribution activities, we may process the following personal data:
App Technical & Usage Data.
We may process information about you (the App Technical & Usage Data), so that we can understand which of our partners, or our marketing campaigns or adverts, directed you to us (such as to install our App).
Attribution information enables us to promote the success of our company by better understanding the comparative successes of our marketing and our partners’ efforts, so that we can be more efficient with our marketing and our arrangements with partners.
We process this information on the basis of our legitimate interests, being our interests to promote the success of our company.
We may share data about you with third party providers of attribution services (based outside of the UK and EEA).
For the purposes of acquiring new users, we may process your hashed email, your mobile device’s unique device ID (Device ID) and device name, and your user preferences.
We may share data about you with third party operators of social networks (based outside of the UK and EEA).
Your Rights In Relation To Your Personal Data
You have certain rights under existing data protection laws, including the right to (upon written request) access a copy of your personal data that we are processing. In accordance with the Data Protection Act 2018 and the GDPR:
You will have the following rights:
right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs); and
right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete; and
in certain circumstances, you will also have the following rights:
right to erasure/“right to be forgotten”: the right to withdraw your consent to our processing of the data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);
right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it; and
right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.
If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. Please see further information on their website: www.ico.org.uk.
To make a request in relation to any of the aforementioned rights, please send your request to email@example.com.
You may request deletion of your personal data by sending an e-mail to firstname.lastname@example.org. Please note that some information may remain in our private records after deletion. We may use any aggregated data derived from or incorporating your personal data but not in any manner that would identify you personally.
Disclosure Of Your Personal Data
We will share your personal data with third parties only in the ways that are described in this Policy.
Group, suppliers, subcontractors, service providers. We keep your personal data confidential, but may disclose it to any member of our corporate group, our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Policy.
Our own professional advisers and auditors. We may provide your personal data to our advisors to our professional advisers for accounting or legal purposes, or for the purpose of seeking professional advice or to meet our audit responsibilities.
Government authorities. In addition, we may disclose your personal data to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
Potential acquirers or investors. If we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the personal data we hold may be included as part of that sale, in which case you will be notified via email, your account and/or a prominent notice on the website of any changes in ownership or use of your personal data, as well as any choices you may have.
Enforcement. We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of us, our personnel or customers, or others.
Stores. We may also disclose your personal data, to the extent necessary, to app stores or platforms (such as the Apple App Store and Google Play Store) if that is required or in order to investigate or prevent fraud. Such platforms and stores may also process your information in order to provide you with cross-device access to the App.
We only permit our suppliers and subcontractors to process your personal data for specified purposes and in accordance with our instructions. All our third-party service providers are required to take appropriate security measures to protect your personal data.
We will only hold data about you for as long as necessary, bearing in mind the purpose for which that data was collected, or as otherwise described in this Policy.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you have:
signed up to receive marketing communications (or you have opened an account with us); or
purchased services or products from us in the past and we think you may like to hear about similar products or offers;
we, or our marketing affiliates, may from time to time send you marketing communications.
You can opt-out of receiving further marketing communications at any time by emailing email@example.com or by following the unsubscribe option included in each marketing email.
We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Services taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Service visitors and customers.
In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal data transmitted, stored or otherwise processed by us.
International Data Transfers
We will not transfer your personal data to any third party based in any country which is outside the UK unless:
the country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45;
appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the approved Standard Model Clauses for transfers of personal data outside the UK); or
one of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):
the transfer is necessary to perform, or to form, a contract to which we are a party:
with you; or
with a third party where the contract is in your interests;
the transfer is necessary for the establishment, exercise or defence of legal claims;
you have provided your explicit consent to the transfer; or
the transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.
If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at firstname.lastname@example.org.
We do not use the Services to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at: email@example.com. We will delete such information within a reasonable time.
Automatic Decision Making
We do not make decisions based solely on automated data processing, including profiling.
If you follow a link from the Service to any third party websites, you should be aware that those websites may have their own privacy policies. We do not accept any responsibility or liability for those websites. Please check the policies of any third party websites before submitting any personal data to those websites.
We may make changes to this Policy in the future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes. Where appropriate we may notify you of changes by email.
All questions, comments or enquiries should be directed to us. We will try to respond to you within 48 hours or otherwise within a reasonable time.