Privacy Notice: Clients/End-Users

June 22, 2018


Introduction

Kipsu, Inc. (“Kipsu”, “we”, “our”, or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s website (“visitors”), individuals or businesses who have signed a service agreement with the Company (“clients”) to use our on-demand real time online engagement platform (“services”) and the guests of our clients who elect to use our service to communicate with our clients (“end users”). These client-end user communications may be in the form of SMS (short messaging service)/text messaging, web chat, social messaging, over-the-top messaging or other forms of communication.

Below is a description of what data we gather from clients and end users of our services. Also, included below is a description of why we collect client and end user data, how we use the data we collect, and information on your choices regarding use, access and correction of personal information. Sensitive personal information as defined in the European Union’s General Data Protection Regulation is not collected by Kipsu. If you are interested in learning more about our practices regarding data that we collect as a visitor to Kipsu’s publicly-accessible website, click here.

What data we collect, how we collect it and why

Data given to us directly. When our clients contract to use our service, we ask for personal contact information such as the name, mobile phone number, passwords and e-mail addresses of client staff authorized to use the services. If a client’s guest or patron elects to use our messaging service, our client will also collect the end user’s personal contact information such as their name and mobile phone number and enter that information into our services.

Kipsu’s clients may also interface our services to other systems to bring in additional end user data to enhance their communications with their guests. When clients interface our services with other systems, the additional data collected is dependent upon and specific to that client. For example, clients may interface Kipsu with their property management system or service ticketing system.

Kipsu collects and stores this client and end user data as well as the message content along with the meta data, such as the date time stamps, linked to these communications.

Client testimonials, comments and reviews. From time to time, we post client testimonials on the Kipsu websites or in materials used for training our clients, which may contain personal information. We obtain the client’s consent to post their names along with their content.

Data we collect from you automatically. When clients use our web application or our mobile application, we automatically collect data using tracking technologies including, but not limited to, log files and cookies. Similarly, when end users engage with our clients using our live web chat, we also automatically collect data using tracking technologies including, but not limited to, cookies.

Log files. Data collected from log files may include internet protocol addresses as well as browser, internet service provider, referring/exit pages, operating system, date/time stamp and click stream data.

Cookies. A cookie is a small software file stored or placed on a computer’s hard drive. The main purpose of a cookie is to allow a web server to identify the computer and web browser and tailor web pages and/or login information to their preferences. Cookies help us promptly display the information needed to use the service. By gathering and remembering information about website preferences through cookies, we can provide a better web experience. Cookies do not give us access to the client or end user’s computers.

By agreeing to accept our use of cookies, you are giving us and third-party partners permission to place, store, and access some of the cookies described below on your computer.  Most web browsers may be set to disable cookies. However, if you disable all cookies, you may not be able to access parts of our website.

When you use our services, we utilize essential cookies necessary for proper functioning of the services such as session cookies and persistent cookies.

Session cookies. These cookies allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes, such as remembering user preferences. Session cookies disappear from your computer when the web browser is closed or computer is turned off.

Persistent cookies. These cookies are stored on a user’s device in between browser sessions, which allows the user’s preferences or actions across a website to be remembered. Persistent cookies may be used for a variety of purposes, including remembering a user's choices and preferences when using a website. Persistent cookies remain on your computer after the web browser is closed or the computer is turned off. When end users use our live chat service we utilize browser-based web storage to allow a web server to identify an end user’s computer.

Google Analytics. We use Google Analytics as a third-party tracking service, but we don’t use it to track you individually or collect your personal information. We use Google Analytics to collect information about how our website performs and how visitors to our website, in general, navigate through and use the site. This helps us evaluate our clients’ use of the site; compile statistical reports on activity; and improve our content and website performance.

Google Analytics gathers certain information over time, such as your IP address, browser type, internet service provider, time stamp, and similar data about your use of our website.

Kipsu will not, nor will we allow any third party to, use the Google Analytics tool to track our users individually; collect any personal information other than IP address; or correlate your IP address with your identity. Google provides further information about its own privacy practices and offers a browser add-on to opt out of Google Analytics tracking, click here.

What we use your data for

We collect information about you to provide you with services and information that is necessary for our system and site to work properly. We use personal information for a variety of purposes related to our business, including the following:

Data you give us directly. Kipsu uses the data provided by clients and end users to operate the service, tailor the service to our clients’ needs, client identification and authentication, client billing, to contact and communicate with our clients regarding the service, to allow our clients to communicate with their end-users, and to generally improve the content and functionality of the service.

Data we collect automatically. For data that we collect from you automatically through tracking technologies, we use this data to understand how clients are using our services and which pages and features are most popular. This helps us understand how we can improve our services. In addition, tracking technologies are used to help improve the navigation experience when using our services.

International Operations and Transfers Out of the European Union

Please note that when you use our services, your data will be sent to the United States. We store our data on servers located in the United States.

Kipsu employs appropriate mechanisms for cross-border transfers of personal data, as required by applicable local law. Kipsu complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Kipsu has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. You can access our Privacy Shield Statement here.

In compliance with the Privacy Shield Principles, Kipsu commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Kipsu at privacy@kipsu.com. Kipsu will respond within 45 days. Kipsu has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit JAMS at https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you. If neither Kipsu nor our dispute resolution provider resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

Who we may share your data with

Unless you give us your permission, we don’t share data we collect from you with third parties, except as described below:

Third parties who may receive personal data. Kipsu uses a limited number of third-party service providers (such as our hosting service providers and service providers that assist with the transmission of data) to assist us in providing our services to our clients. We do not permit our third-party service providers to use the personal information we share with them for their marketing purposes. Kipsu may also share this information with the owners, subsidiaries, licensees, affiliates, successors, or other related entities of our clients for the purposes of managing the service offering at client sites. Kipsu maintains contracts with these parties restricting their access, use and disclosure of personal data in compliance.

Compliance with Laws. We may disclose your data to a third party if (i) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or government request (including to meet national security or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of the Kipsu website or our services, (iv) to protect ourselves, our other clients, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury. If Kipsu is required by law to disclose any of your data that directly identifies you, then we will use reasonable efforts to provide you with notice of that disclosure requirement, unless we are prohibited from doing so by statute, subpoena or court or administrative order. Further, we may object to requests that we do not believe were issued properly.

Business transfers. If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you through our services may be part of the assets transferred or shared in connection with due diligence for any such transaction. Any acquirer or successor of Kipsu may continue to use the data we collect from you through our services as described in this notice.

Aggregated or de-identified data. We might also share data collected from you from the services with a third party if that data has been de-identified or aggregated in a way that does not directly identify you.

International Operations and Transfers Out of the European Union

Please note that when you use our services, your data will be sent to the United States. We store our data on servers located in the United States.

Information from Children

We do not knowingly collect any personal information directly from children under the age of 16. If we discover we have received any personal information from a child under the age of 16 in violation of this notice, we will take reasonable steps to delete that information as quickly as possible. If you believe we have any information from or about anyone under the age of 16, please contact us at privacy@kipsu.com.

How we secure your data

We utilize robust precautions to protect the confidentiality and security of the personal information and data within our service by employing technology, physical, and administrative security safeguards, such as firewalls, advanced security measures and carefully-developed security procedures. These technologies, procedures and other measures are used in an effort to ensure that your data is secure and only available to you and to those you authorized to access your data. However, no internet, e-mail or other electronic transmission is ever fully secure or error free, so you should take care in deciding what information is sent through our services.

How we tell you about changes to our privacy practices

Kipsu reserves the right to change this Privacy Notice and will mark new versions with a corresponding effective date. Kipsu will provide notification of the material changes to this Privacy Notice through the Company’s website and we recommend that you visit the website to review any changes in our practices. Your continued use of the website constitutes your agreement to our then-current Privacy Policy. We will comply with applicable law with respect to any changes we make to this notice.

How to delete, access or change your data or opt-out of communications

Deletion, access, and changes to your data. To request deletion of, access to, or to make changes to data, email us at privacy@kipsu.com. Please note that even if you request that we delete data we’ve collected from you, we may still retain data collected from you in an aggregated or anonymized form that does not identify you. We also will not delete your data if we are legally required to maintain it.

If you are an end user and would like to opt-out of getting further communications from our service please simply reply with the word “stop” to the message received from our service, follow the unsubscribe instructions included in the message, or contact us at privacy@kipsu.com.

Retention of Your Personal Information

Unless a request for deletion has been received and authorized, we keep personal information for so long as necessary to fulfill the purposes for which it was collected, to provide our services, resolve disputes, establish legal defenses, pursue legitimate business interests, as necessary to enforce our contracts, and to comply with all applicable laws.

How to resolve disputes relating to our privacy practices

If you have a dispute with us relating to our privacy practices, please contact our customer support or email us at privacy@kipsu.com. Most disputes can be resolved that way.

How you contact us

You may contact via email at privacy@kipsu.com. Or, you may write to us at the address listed below.

Kipsu, Inc.
Attn: Privacy Officer
100 S 1st Street #583491
Minneapolis, MN 55458