Last Updated: August 30, 2022
“GPS” means global positioning system.
“GPS Location” means the combined GPS location data of your mobile device, and your KYCS devices.
“Identifiable Individual” a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a name, universally unique identification number, MAC ID, GPS location information, an IP address or the unique identifier allocated to each KYCS device.
“MAC ID” means a media access control address.
“Personal Information” means information about an identifiable individual, whether a natural person, a legal person, an institution or an association.
“Personal Identifiable Information” or “Personal Information” means information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. For the purposes of this policy, this information includes usernames, passwords, or other login information is included in the definition of Personal Information.
“KYCS App” or “Mobile Product” means a mobile application that allows Users to identify items or individuals through the use of a KYCS device.
“KYCS device” means a Bluetooth enabled location device that can be located by using a Mobile Product.
Protecting User Personal Information
KGI takes the protection of Personal Information very seriously. KGI processes User Personal Information in a proper manner and shall take appropriate security measures to prevent unauthorized access, misuse, theft, disclosure, modification, loss or unauthorized destruction of such information. Information we gather is stored within KGI controlled databases (or databases hosted on our behalf) on servers maintained in protected environments. However, KGI cannot absolutely guarantee the security of your Personal Information and you cannot reasonably expect that our databases will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse. In addition, your Personal Information may be accessible to internal KGI parties such as administration, sales, marketing, legal, system administration, and to external parties such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies appointed, if necessary, by KGI. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
KGI will not identify you personally to other Users or make your account information available to any third parties in any way that could identify you without your prior consent.
Protecting the privacy of children is especially important. For that reason, KGI does not knowingly collect any Personal Information from anyone under the age of 13. In no other way do we knowingly collect or maintain personally identifiable information from persons under 13 years of age, and no part of our Website is directed to persons under 13. If KGI learns that Personal Information of persons under 13 years of age has been collected through its Website or a Mobile Product, then KGI will take the appropriate steps to delete this information
Types of Information Collected
KGI collects, by itself or through third parties, Cookie, Usage and Email information in order to provide and optimize its Services, as well as for analytics, managing email addresses and sending messages, and interaction with external social networks and platforms. The information may be freely provided by the User, or collected automatically when using KGI’s Services.
A valid email address, a first and last name, and a shipping address must be provided when ordering products or services from KGI’s Website. Payment information is required to process your order and is not stored on our servers.
You are not required to register or provide any Personal Information in order to browse our Website and learn more about our company, our products and our technology. We may collect Personal Information from you if you voluntarily provide us to, and it is needed to provide you a service. For example, we will collect your email address if you provide it and want to subscribe to our newsletter, if any.
Browser-Level Information: When you browse our Website or use any of our Mobile Products, our web server automatically collects limited information about your computer configuration or device or, such as the type of browser software you use and the operating system you are running and your IP address.
KGI does log non-personally-identifiable information including IP address, profile information, browser type, browser language, referring / exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, from users and visitors to the Website and the type of mobile device you use, the IP address of your mobile device, your mobile operating system, and the type of mobile browsers you use. This data is used to manage our Website, including diagnosing problems with our Website, track usage and improve the Website. User IP addresses are recorded for security and monitoring purposes.
Mobile Products and Services
A valid email address and password are required to create a Mobile Product account.
Personally-Identifiable Information: We do store Personal Information through our Mobile Products.
Automatically Collected Information – Other Non-Personally Identifiable Information: When you use any of our Mobile Products and our Services, we automatically collect limited information about your computer configuration or device, such as the operating system the device is running and its IP address. KGI does log non-personally-identifiable information including IP address, profile information, browser type, browser language, platform type, domain names, the type of mobile device you use, the IP address of your mobile device, your mobile operating system, identifierForVendor and the type of mobile browsers you use. This data is used to manage the Mobile Product, including diagnosing problems with the Mobile Product, track usage, and improve the Mobile Product.
Mobile Advertising Identifiers: Both the Android and iOS mobile operating systems provide transient, resettable, and unique identifiers for the purposes of advertising; these are known as the Android Advertising ID and the Apple Identifier for Advertising (IDFA). Both identifiers have policies governing appropriate use, which the Mobile Products respect. The most important aspect of acceptable use of identifiers is respecting your ability to opt-out of its use. KGI collects these identifiers whenever the Mobile Products communicate with our server, if you have allowed your device to use these identifiers. These identifiers are considered not to be personally-identifiable, because they can be reset and are randomly generated.
Location Data: By opting in to share your location data, the Mobile Product also allows us to collect information regarding your location, or the location of your device, by using GPS coordinates provided by your mobile device, or if you come within proximity of a Bluetooth Low Energy (BLE) device such as a beacon (“Location Data”). When any of our Mobile Products is open on your mobile device, we periodically receive Location Data. Most GPS-enabled mobile devices can identify a user’s location to within less than 50 feet. You can opt-out of our collection of such Location Data by turning off the GPS capability of your mobile device and rejecting our request to collect such data upon installation of the Mobile Product. If following installation of the Mobile Product, you wish to opt out of the collection of Location Data, you can change the preferences on your mobile device (by turning off the GPS capability for the Mobile Product) or by uninstalling the Mobile Product. If you choose not to permit the Mobile Product to collect such Location Data, certain services may not be available to you. KGI stores Location Data, and Location Data is passed through to the service providers and partners, including ad networks, ad serving companies and third party information providers, as described below. It is important to note that location data is not mappable to any personally-identifiable information in the manner that we collect it.
Aggregate Information Used to Serve and Target Ads: We may aggregate the information we collect from users of our Services and use this to target ads on digital out-of-home screens. Additionally, we may use information we collect from users of our Services to obtain consumer data (Third Party Data) from third parties (Third Party Data Providers); this is described in the next section. When we aggregate your information, no specific personal information is included, and you cannot be identified from this aggregate information.
Aggregate Information Used for Location Analytics: We may aggregate the information we collect from users of our Services and Third Party Data for reporting and analytics purposes. This is the same data we use to serve and target advertising, and follows the same restrictions and guidelines. Location Analytics refers to the process of aggregating, packaging, and visualizing this data for particular physical locations.
Mobile Analytics: We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
Service Analytics: We may aggregate the information we collect from users of our Services and Third Party Data for reporting and analytics purposes. Such aggregate information can be shared with third parties. When we aggregate your information, no specific personal information is included, and you cannot be identified from this aggregate information.
Opt-Out of Information Collection: You can stop all collection of information by emailing email@example.com.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the KGI. If requested to remove data we will respond within a reasonable timeframe.
MAC ID and Descriptors
When you activate a KYCS device using the any of our Mobile Products or Services, the universally unique MAC ID assigned to the KYCS device will become associated with your Mobile Product account. You will have the option to add descriptors (such as a name, physical description etc.) to the KYCS device’s profile on the Mobile Product, including adding a photo. This information will also be associated with your account and is stored on our servers.
Our Mobile Products are designed to allow you to identify the GPS Location of any KYCS devices associated with your Mobile Product account. To do that, it is necessary to collect data about your location and the location of your KYCS devices.
While our Mobile Product is open on your device, it periodically transmits your GPS Location information. This allows us to show you, the last place your KYCS device was identified by the Mobile Product and/or the last place your KYCS device was identified by other Mobile Product Users.
KGI may also collect and update GPS Location information for your KYCS devices anonymously from other Mobile Product Users who are running a Mobile Product within Bluetooth range of your KYCS device. This provides you with the most recent and accurate GPS Location of your KYCS device, even if your KYCS device is out of your mobile device’s Bluetooth range.
KGI may use your GPS Location Information to provide Services and may use your GPS Location information to promote Services or provide you with offers. However, your GPS Location information is never shared with other Users unless you choose to share it through our services.
KGI provides support services via email request submissions, recorded telephone calls and direct email. We collect any Personal Information you may choose to provide to our customer care team in the process. This includes, but is not limited to: your name, email address, phone number, and mailing address. We may use and process your Personal Information, including GPS Location information, to handle your support request and provide you with the best support possible.
KGI provides theft-recovery services via recorded telephone calls. KGI will only ask you for your phone number or email address on this call. KGI will only use and process your Personal Information to process your the theft-recovery request and provide you with the best theft-recovery service possible.
KGI may communicate with the User via email and may collect information concerning the date and time when the mail is viewed by the User, as well as when the User interacts with incoming mail, such as by clicking on links included in the email.
KGI’s Services allow interaction with social networks or other external platforms. We may collect information regarding those interactions and other information which may be associated with your name and personal social network accounts. The interaction and information obtained by KGI’s Services are always subject to your privacy settings for each social network or platform.
KGI collects cookie and usage data relating to the Twitter Tweet button and social widgets (provided by Twitter Inc.), as well as the Facebook Like button and social widgets (provided by Facebook Inc.).
If, through one of our Mobile Products, you connect or interact with a third-party social networking service, KGI is permitted to collect Personal Information that you have already made public on your social networking account. You can manage this information in the privacy settings of each such social network.
Web beacons (also known as web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our services for several purposes, including to deliver or communicate with cookies, to track and measure the performance of our services, to monitor how many visitors view our services, and to monitor the effectiveness of our advertising. Unlike cookies, which are stored on the User’s hard drive, web beacons are typically embedded invisibly on web pages (or in an e-mail).
Do Not Track
While our website and Mobile Products at this time do not recognize automated browser signals regarding tracking mechanisms, such as “do not track” instructions, you can generally express your privacy preferences regarding the use of most cookies and similar technologies through your web browser, as indicated above.
Third Party Services
Sometimes KYCS uses third party services, such as certain services offered by Facebook and Google. These outside services may also collect Personal Information about you and your online activities.
The User assumes responsibility for the Personal Data of third parties published or shared through this Application and declares to have the right to communicate or broadcast them, thus relieving KGI of all responsibility.
Web Analysis Services
These outside services may also collect information about your use of other websites over time. Since we do not link any Personal Information that you provide to us within the app to the information we store within the third party analytics software, this additional information is only analyzed in a way that cannot identify you.
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the information collected to track and examine the use of this KGI’s Services, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network. Usage data and cookies are collected.
Measurement Services and Ad Targeting
We may use tools offered by third party services, such as Facebook, to send data about actions Users take on the services. These third party services may use such data to provide measurement services to KYCS or to target ads.
Information not Expressly Set Out in this Policy
KGI may collect, use and disclose information not expressly set out in this Policy, pursuant to the terms herein. For more information regarding the collection or use of User information, please contact KGI.
Use and Disclosure of User Personal Information
We may use your Personal Information and GPS Location Information to provide you with a better service, improve the quality of our products and services, and promote our services. We use and process your Personal Information and GPS Location Information to create anonymous, statistical and aggregated data reports where individual Users are not identified.
KYCS uses third party services and software solutions, including web hosting and other cloud based services, to provide you with the best possible experience. We may share your Personal Information (including your GPS Location Information and your KYCS devices’ GPS Location Information) with our third party service providers or affiliates (e.g. cloud-based and hosting services, technical service providers, consultants, mail carriers, communication agencies and customer support providers) in order to provide, improve, and promote the services on our behalf.
For example, we may disclose Personal Information to our service providers in order to enable them to communicate with you on our behalf. We may also disclose Personal Information to platform providers, such as Facebook, in order to permit such providers to serve ads and promote the services on our behalf on such platforms. To the extent possible, your Personal Information will be stored in hashed or obfuscated form.
We may share with third parties, including advertisers and service providers, anonymized, aggregated data we collect about Users, such as de-identified demographic information, de-identified GPS Location information, and information about the computer or device from which you access the services.
We may disclose your personal information to our service providers who work on behalf of KGI, including to provide our Website or the Mobile Product or fulfill user requests such as demographics databases. However, these companies are not allowed to share this information or to use it for their own purposes. These companies are authorized to use your personal information only as necessary to provide these services to us.
We may disclose your Mobile Advertising Identifiers to Third Party Data Providers for the purposes of acquiring additional consumer data. The Mobile Advertising Identifier acts as an index that can be used across data sets, similar to how cookies are utilized. These Third Parties have their own privacy policies that govern the use of the data they collect, which we do not control.
We may disclose your Location Data to third parties for the purposes of providing targeted advertisements and information our advertising partners believe may be of relevance and interest to you; these third parties include but are not limited to ad networks and ad serving companies. Advertising helps us provide the Mobile Product. You can opt-out of our collection of such Location Data by turning off the GPS capability of your mobile device and rejecting the request to collect such data upon installation of the Mobile Product.
We may disclose your Data to third parties to provide you with targeted information as requested by you. For example, we will provide your Location Data to a third party partner so that they can provide you with location specific advertising.
We may disclose your Non Personal Information, including your IP address and as part of an aggregate data set to third parties for the purposes of providing targeted advertisements and information our advertising partners believe may be of relevance and interest to you.
We may disclose your personal information to enforce our rights in our Website and Mobile Products or to protect the rights, property or safety of members of the KGI community, other visitors to our Mobile Products, the public, or KGI and its employees/contractors.
As our business grows, we may buy or sell various assets. In the event that KGI or some or all of our assets are acquired by another company, our users’ personal information may be among the transferred assets. You will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. We may also disclose your personal information to any other third party with your prior consent.
In the event that KGI goes through a bankruptcy, reorganization, receivership or similar event, you understand and agree that we may not be able to control how your personal information collected by us is treated, transferred or used.
KGI may use Personal Information to prevent fraud, misappropriation, infringements, identity theft, and other illegal activities and misuse of our Services and for legal purposes by KGI, in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
GENERAL DATA PROTECTION REGULATION (“GDPR”)
As of May 25, 2018, the EU General Data Protection Regulation (“GDPR”) went into effect through the EEA countries and Switzerland. The GDPR requires that companies provide users with certain information about the processing of their “Personal Data.” “Personal Data” is a term used in Europe that means, generally, data that identifies or can identify a particular unique user or device – for instance, names, addresses, cookie identifiers, mobile device identifiers, precise location data and biometric data.
To comply with GDPR, we provide the below representations and information, which are specific to persons located in EEA countries or Switzerland (so please don’t rely on the below, if you’re not):
Legal grounds for processing your Personal Data
GDPR requires us to tell you about the legal basis we’re relying on to process any Personal Data about you. The legal basis for us processing your Personal Data for the purposes set out in the section entitled Information Collection and Use will typically be because:
- You provided your consent. In order to provide our services that involve use of precise location information related to other Personal Data, (and to store and gain access to information stored on your device such as Device IDs), we rely on your consent. To obtain this consent, we rely on our own compliance steps and our web and mobile partners’ compliance steps, designed to ensure that consent is collected and passed on to partners, and to ensure that we only facilitate the collection of legally obtained data. We may choose to obtain consent in other cases as well, in which case we will adhere to applicable laws relating to such consent and its withdrawal. We also seek to obtain consent for certain partners with whom we work, who are often independent data controllers. A list of our Trusted Partners, if any, can be found on our Website.
- The processing is in our legitimate interest. In some cases, we use legitimate interest as a legal basis for processing Personal Data. We rely on legitimate interest when we use Personal Data to maintain the security of our services, such as to detect fraud or to ensure that bugs are detected and fixed. We also rely on legitimate interest when we use our own customers’ data (or Visitors’ data) to communicate with them about our Services or analyse our own Site activity.
- Contractual Relationships. Sometimes, we process certain data as necessary under a contractual relationship we have (such as our customer records and contact information);
- Legal Obligations. Finally, some processing of data may be necessary for us to comply with our legal or regulatory obligations.
Transfers of Personal Data
When we transfer Personal Data outside of the EEA or Switzerland, we take steps to make sure that appropriate safeguards are in place to protect your Personal Data. In general, our data transfers of our Personal Data are safeguarded by European Standard Contractual Clauses and Data Processing Agreements where this is required by European Data Protection Law. Feel free to contact us at the contact information below for more information about the safeguards we have put in place to protect your Personal Data and privacy rights in these circumstances.
As KGI works with global companies and technologies, we may need to transfer your Personal Data outside of the country from which it was originally provided. For instance, we may transfer your data to third parties that we work with who may be located in jurisdictions outside the EEA or Switzerland, and which have no data protection laws or laws that are less strict compared with those in Europe.
Personal Data Retention
As a general matter, we retain your Personal Data for as long as necessary to provide our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. Please note that we may retain this (and other) Information whenever and so long as we have a significant legal or operational need to do so, such as for auditing, corporate record-keeping, compliance accounting or security and bug-prevention purposes.
If you are a customer of ours and thus have an account with us, we will typically retain your Personal Data for as long as required in order to serve the purpose for which it was collected, such as to provide you relevant information about our products and services.
Your Rights as a Data Subject
The GDPR provides you with certain rights in respect of Personal Data that data controllers hold about you, including certain rights to access Personal Data, to request correction of the Personal Data, to request to restrict or delete Personal Data, and to object to our processing of your Personal Data (including profiling for online ad targeting):
- Right to Access: If you wish to exercise your right to access Personal Data we process as a data controller, you may do so by requesting access through the e-mail address firstname.lastname@example.org. When we receive your request, we will provide you with current, step-by-step instructions to follow in order to obtain access. As we are required to verify a requestor’s identity prior to providing Personal Data, we will assess requests to exercise certain data access rights on a case-by-case basis: in doing so, we consider (a) the difficulty of verifying whether data that we hold and data we have linked to it truly and solely belongs to the data subject making the request, along with (b) the potential adverse effects on disclosure of personal data to the wrong individual. Because such improper disclosure would likely adversely affect the privacy rights and freedoms of the data subject, we may limit the Personal Data we make available. Please note that we will only grant requests for access for Personal Data for which we are a data controller, as explained further in sub-section (e) below. Where we act as a processor for one of our customers, we will refer your request to that customer. Please identify the customer your request refers to (if possible), to simplify this process.
- Right to Correct: If you wish to exercise your right to correct Personal Data, you may do so by contacting us at the contact information below.
- Right to Erasure. You also have the right to obtain the erasure of Personal Data concerning you that we hold as a controller. The above opt-out process satisfies this right. When a user opts-out through our partners (or through mobile device settings), and we receive this signal, we no longer use Personal Data to provide our advertising services. We will also manually delete your Personal Data if you prefer that we do so; you may do this by contacting us at email@example.com for further instructions if you wish to exercise this right manually. Please note, however, that we may retain copies of certain Personal Data on inactive or back-up files, for our certain important internal and purposes, such as auditing, accounting and billing, legal or bug-detection, for as long as is necessary to fulfill those purposes.
- Right to Lodge Complaints. You have the right to lodge a complaint with a supervisory authority. However, we hope that you will first consult with us, so that we may work with you to resolve any complaint or concern you might have.
KGI as a data controller and a data processor
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as “data controllers”) and organizations that process Personal Data on behalf of other organizations (known as “data processors”). There may be situations where we are not always the data controller of the data in our possession, but are a data processor for other companies. In such cases, we may direct your inquiry to the relevant data controller, since data controllers are the ones with primary responsibility for your Personal Data. In order to opt-out of Google Analytics, please contact us at firstname.lastname@example.org.
Access and Choice
Upon request KGI will provide you with information about whether we hold or process on behalf of a third party, any of your personal information. To request this information please contact us at email@example.com.
If you wish to request access, or deletion of your personal information please contact us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe.
If you provide Personal Information to us through our Website, such as signing-up for our newsletter, you may request that we delete such Personal Information from our system, by sending a request to email@example.com. We will promptly cease use of any such Personal Information and will remove such Personal Information from our servers in accordance with our standard practices. Certain other components of your Data relating to your use of the Website or Mobile Products, such as Mobile Advertising Identifiers, may be retained indefinitely.
Social Media Sites, Links to Other Sites
We may have pages, accounts or presence on various social networking and media sites or services, such as Facebook and Twitter. Social media buttons or interactive mini-programs that run on our website may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Any information you post or provide through such social media sites and services will be subject to the policies of the applicable site or service.
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
Users have the right, at any time, to know whether their Personal Information has been stored and can contact KGI at the contact information below for more information about the information collection and use of information. Users can also contact KGI to verify information accuracy or to modify, cancel, update or correct, or to block any information held in violation of the law. Please note that the GPS Location Information associated with your Account is a core part of our services and you will not be able to modify it. However, if you do not want us to use your GPS Location Information, you can delete it by deleting your Account as set out below.
If you want us to delete your Personal Information, GPS Location Information and your Account, please contact KGI with your request. We will take steps to delete your information as soon as we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
Please note, however, that if you delete your Personal Information, GPS Location Information and Account, the GPS Location information associated with any active KYCS devices may still be collected anonymously from other Mobile Product Users who are running our Mobile Products within Bluetooth range of your KYCS device. However, since your Personal Information will be deleted, any new GPS Location information that is collected will no longer be associated with your Personal Information. You may dispose of your KYCS devices at a local e-waste facility or contact customer care at the address below for more information.
We may periodically send you promotional newsletters and emails. You have the opportunity to opt-out of these by following the unsubscribe instructions provided in the emails you receive. Certain communications, like billing information and Service updates are necessary for you to receive, so you will not be able to opt out of those communications.
Your Personal Information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside of Canada and choose to provide your Personal Information to us, we may transfer your Personal Information to the United States and/or Canada to process it there.
Customer Care Contact Information