Knowde Privacy Notice

Updated: July 31, 2023

Introduction

This privacy policy (this “Privacy Policy”) describes the collection of personal information by Cesium, Inc., a Delaware corporation (“Company,” “we,” or “us”) from users of our website at www.knowde.com along with our related websites, networks, applications, and other services provided by us and on which a link to this Privacy Policy is displayed (collectively, our “Service”and “Services”). This Privacy Policy also describes our use and disclosure of such information. This Privacy Policy is incorporated by reference into the Company Terms of Use (TOU) and subject to the provisions of the Terms of Use.

This Privacy Policy also describes your rights as a data subject to inquire about your personal information that we process and describes certain rights that you, as the data subject, have regarding this information. This Privacy Policy also describes your rights to limit the use and disclosure of your information, including where your personal information may be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you. To exercise these rights, you may contact us using the information in the ‘Contacting us’ section of this Privacy Policy.

For the purposes of EU,  United Kingdom, and Swiss data protection laws (“Data Protection Legislation”), Cesium is a data controller (i.e., the company that is responsible for and controls the processing of your personal information). 

Please read this Privacy Policy carefully to understand our practices regarding  your personal information and how we will use it.

Contacting us

If you have any questions or comments about this Privacy Policy, please contact us at privacy@knowde.com, or by using the following contact information:

Cesium, Inc. dba Knowde
Attn: InfoSec/Privacy Team
333 W San Carlos Street, Suite 600
San Jose, CA 95110

Alternatively, If you are located in the EU, you may contact us using the following contact information:

Knowde Ireland Limited
Attn: Henry Barrett
Palmerston House
Denzille Lane
Dublin 2
Ireland
01 905 8810

If you are located in the UK, and pursuant to Article 27 of the UK GDPR, we have appointed EDPO UK Ltd as its UK GDPR representative. You can contact EDPO UK regarding matters pertaining to the UK GDPR by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/. or in writing to the EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom.

 

What information do we collect?

We use your personal information to carry out the obligations arising from providing and improving the Service. This section describes the types and categories of personal information we may collect, and how we may use that information.

Information you provide us directly

We collect personal information that you provide when you sign up or otherwise use the Service. We use this personal information in a variety of ways, and these include the following:

  • Email Newsletters: We may offer email newsletters from time to time on our Service. If you sign up to receive a newsletter from us, we collect your email address and may use that email address to contact you.
  • User Accounts and Profiles: Our Service gives you the ability to register for a Company account or to create and update a user profile on the applicable Service. When you sign up for the Service we will collect the personal information that you provide to us in the course of registering for an account or creating or updating a user profile. This information may include name, postal address, telephone number, email address, your professional title, interests you express in different products and services and related demographic information about you. We may indicate that some personal information is required for you to register for the account or to create the profile, while some is optional.
  • Interactive Features: Our Service may contain interactive functionality that allows you to engage with other users on the Service, post comments to forums, to upload photographs and other content (the “User Materials”), participate in surveys, and otherwise to interact with the Service and with other users. If you use any interactive functionality on our Service that requests or permits you to provide us with personal information (including, for example, any services that allow you to post User Materials on our Service), we collect the personal information that you provide to us in the course of using these interactive features.
  • Correspondence: If you contact us by email, using a contact form on the Service, or by mail, fax, or other means, we collect the personal information contained within and associated with your correspondence (the “Correspondence”).
  • Contests and Sweepstakes: We or our advertisers and other business partners may conduct or sponsor special contests, sweepstakes, and other promotions that users may enter or otherwise participate in on our Service. Certain of these promotions may be co-branded with one of our advertisers or other business partners. In these instances, the collection of your personal information may occur directly by the third-party partner on its website or other online service and may be shared with us. The promotion will state the privacy policy or policies governing the collection of such personal information.
  • If you apply for a job posting on our careers page, we collect information necessary to process your application, including your name, address, contact information, and details regarding your education and prior employment.

Automatically collected information

When you visit our Service, some information is collected automatically. For example, when you access our Service, we automatically collect your browser’s Internet Protocol (IP) address, your browser type, the nature of the device from which you are visiting the Service (e.g., a personal computer or a mobile device), the identifier for any handheld or mobile device that you may be using, the web site that you visited immediately prior to accessing our Service, the actions you take on our Service, and the content, features, and activities that you access and participate in on our Service. We also may collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message.

We may collect this information passively in our server logs. We may also collect information passively using technologies such as cookies, clear image files, or Javascript tags as described in the section “Cookies and Similar Technologies” in this Privacy Policy.  We use passively-collected information to administer, operate, and improve our Service and systems, to improve the effectiveness of advertising on our Service, and to provide advertisements and other content that is tailored to you. If we link or associate any information gathered through passive means with personal information, or if applicable laws require us to treat any information gathered through passive means as personal information, we treat the combined information as personal information under this Privacy Policy. Otherwise, we use and disclose information collected by passive means in aggregate form or otherwise in a non-personally identifiable form.

Cookies and Similar Technologies

The Service uses cookies to distinguish you from other users of the Service. This enables us to provide you with the service specifically linked to your user profile and is required for the Service to function. Cookies are small files that allow for personalization of the Service experience by saving your information such as user ID and other preferences.

Also, please be aware that third parties, such as companies displaying advertisements on the Service or sites or services provided by third parties (“Third-Party Sites”) that may be linked to from the Service, may set cookies or use other means of passively collecting information about your use of their services, Third-Party Sites or content. We do not have access to, or control over, these third-party means of passive data collection. For more information, please refer to our cookie policy at https://privacy.knowde.com/cookie-policy/.

Information from other sources

We may receive information about you, including personal information, from third parties, and may combine this information with other personal information we maintain about you. If we do so, this Privacy Policy governs any combined information that we maintain in a personally identifiable format.

Collection and processing of sensitive information

The Service does not collect or process ‘sensitive information’, which includes data describing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, data concerning a natural person’s sex life or sexual orientation, precise geolocation, and government issued identifiers.

As such, you should not provide any such information as part of your user profile, as part of any User Materials, as part of any Correspondence, or by any other means with your use of the Service.

If you provide account information related to financial institutions and services when interacting or otherwise using one of our contracted payments processors, we do not process this category of data directly.

How do we use personal information?

We collect personal information when you register for access to the Service as a member, or when you update your account information. We use your personal information for the following purposes:

  • We use Personal Information to provide the Service and the information that you request;
  • We link this personal data to data about the way you use our Service and the pages you visit to help enhance, improve, operate, and maintain our Service, our programs, services, websites, and other systems;
  • to verify that your contact information matches a company or other commercial entity that is relevant to the Services that we offer;
  • to prevent fraudulent use of our Service and other systems;
  • to prevent or take action against activities that are, or may be, in violation of our Terms of Use or applicable law;
  • to tailor advertisements, content, and other aspects of your experience on and in connection with the Service;
  • to maintain a record of our dealings with you; for other administrative purposes; and for any other purposes that we may disclose to you at the point at which we request your personal information, and pursuant to your acceptance of this Privacy Policy;
  • to assess your suitability for employment if you have applied for a job posting on our careers page.
We may also use the personal information you provide to contact you regarding products, services, and offers, both from ourselves and from third parties, that we believe you may find of interest. We allow you to opt-out from receiving marketing communications from us as described in the “Communication choices” section below, and also at the time you sign up and create a profile in the Service.
 

When do we share personal information?

Except as described in this Privacy Policy, we will not disclose your personal information that we collect on the Service to third parties without your consent. Even if you provide consent, you have the choice to opt out of this sharing, and you may do so by using the information in the ‘Contacting us’ section of this Privacy Policy. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

  • Service Providers: We may disclose personal information to third-party service providers (e.g., payment processing and data storage and processing facilities) that assist us in our work and who are acting as an agent to perform this work on behalf of and under our instructions. We limit the personal information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such personal information as part of our contractual arrangements with these Service Providers;
  • Suppliers, Producers, and Distributors: We help customers find suppliers of products and services that meet their needs. An inherent part of that business model is marketing our Service and sharing customer contact information with our client companies to enable their follow-up sales and marketing activities. We may share this information passively when you browse a supplier storefront, or when you explicitly request quotes or request further information from a supplier. These companies may include suppliers of products and services that are listed on our Service, including their distributors and affiliates. These companies may contact you using the contact information you provided, send product samples, documents, or otherwise follow up on products you have  expressed an interest in, either implicitly or explicitly;
  • Public Areas and Syndicated Services: Some features of our Service may allow you to upload, post, or otherwise transmit User Materials to public areas of the Service, such as content that you post in a public profile on the Service. Please be aware that any personal information that you include within any User Materials will be made available to other users of the Service who view it. You include Personal Information in User Materials at your sole risk. We may allow you to select privacy options that limit access to some types of personal information in User Materials, but no security measures are impenetrable or perfect. Additionally, even after information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service. We cannot warrant or guarantee that any personal information that you provide on and in connection with the Service will not be accessed, viewed, or used by unauthorized persons;
  • Business Transfers: Information about our users, including personal information, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of company assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets;
  • To Protect our Interests: We also disclose personal information if we believe that doing so is legally required, or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Service and other users of the Service;
  • To Comply with the Law: We may also disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
For personal information subject to an onward transfer by us under the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework, we will remain liable under the Data Privacy Framework Principles (the “Principles”) if a recipient of your personal information processes such personal information in a manner inconsistent with the Principles, unless we are able to prove that we are not responsible for the event giving rise to the inconsistent processing.

Communication choices

If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time (e.g., by postal mail) by sending your request to us by email at privacy@knowde.com or by writing to us at the address given in the ‘Contacting us’ section of this policy. Additionally, we allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us as part of your user settings.

Please be aware that if you opt-out of receiving commercial email from us, it may take up to ten business days for us to process your opt-out request, and you may receive commercial email from us during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding your use of the Service.

Rights to access

If you have a user account and profile on our Service, you have the ability to access and update many categories of personal information that you provide to us by logging in to your account and accessing your account settings. If you wish to access or amend any other personal information we hold about you, you may contact us at privacy@knowde.com If you request that we delete your account with our Service (via a user settings page, by email, or otherwise), we will do so within a reasonable period of time, but we may need to retain some of your personal information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so. Requests for personal information are processed within 30 days.

Links to external sites

The Service may contain links to other websites, products, or services that we do not own or operate. The Service also may contain links to Third-Party Sites such as social networking services. If you choose to visit or use any Third-Party Sites or products or services available on or through such Third-Party Sites, please be aware that this Policy will not apply to your activities or any information you disclose while using those Third-Party Sites or any products or services available on or through such Third-Party Sites. We are not responsible for the privacy practices of these Third-Party Sites or any products or services on or through them. Additionally, please be aware that the Service may contain links to Web sites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any website or service you visit other than the Service before providing any personal information on them.
 

How long do we keep your personal information for?

Unless otherwise specifically stated elsewhere in this Privacy Policy, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. If you request that your personal information be removed and close your account, your data is removed from our systems no later than 30 days from receiving the request.

Aggregated and anonymized data that no longer identifies the user of the Service is maintained for the purposes necessary to provide the Service.

Legal basis for processing in Europe

If you are resident in the EU, the United Kingdom, or Switzerland, we need to inform you about the legal basis on which we collect and use your personal information.  In the EU, the United Kingdom, and Switzerland, the purposes for which we process your personal information are:

  • Where we need to perform the contract we are about to enter into or have entered into with you for the Service;
  • For the purposes of legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • When we have your consent to do so (e.g., when you opt-in to be contacted by one of our suppliers). When consent is the legal basis for our processing your personal data, you may withdraw such consent at any time; and
  • Where we need to comply with a legal or regulatory obligation in the EU.

The legal basis depends on the category of personal information being processed, and the purpose for that processing. The following table indicates each category of personal information we process, and the legal bases we rely on to do so. Where legitimate interest has been used as the legal basis for processing, the specific legitimate interest we use has been described. 

Please contact us if you need details about the specific legal basis we are relying on to process your personal information where one or more legal bases has been indicated.

Category of personal information

Legal Basis for Processing

Account profile information, including contact information

The performance of a contract and to take steps prior to entering into a contract;

Our legitimate interests, namely, administering the Service, for marketing purposes and communicating with users.

When we have your consent to do so.

Online Inquiries and Correspondence

Legitimate interest, namely for marketing purposes and to respond to inquiries.

User Materials

The performance of a contract and to take steps prior to entering into a contract.

Automatically collected information such as user actions and IP addresses

Legitimate interest, namely better understanding your use of the Service, making improvements to the Service

Employee candidate information

Legitimate interest, namely for considering your application for employment with us.

European privacy rights

If you are located in the EU, the United Kingdom, or Switzerland, you have the following Data Subject Access Rights with respect to your personal information that we hold:
 
Right of access. You have the right to access the personal information that we hold about you;
Right to rectification. You may have the right to require us to correct any inaccurate or incomplete personal information we hold about you;
Right to erasure. In certain circumstances, you may have the right to the erasure of your personal information we hold about you (for example where it is no longer necessary in relation to the purposes for which it was collected or processed);
Right to restriction. You may have the right to request that we restrict processing of your personal information in certain circumstances (for example where the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of that personal information);
Right to portability. In some limited circumstances, you may have the right to portability which allows you to move, copy or transfer personal information from one organization to another;
Right to object. You have a right to object to us processing your personal information when the processing is based on legitimate interests and also to stop us from sending you direct marketing;
Rights in relation to automated decision making and profiling. You have the right not to be subject to a decision that affects you based solely on automated processing. 
 
If you wish to exercise one of these rights, please contact us using the information in the ‘Contacting us’ section of this Privacy Policy.

 

What is our policy on children?

Children’s safety is important to us, and we encourage parents and guardians to take an active interest in the online activities of their children. Our Services are not directed to children under the age of 18, and we do not knowingly collect personal information from children under the age of 18 without obtaining parental consent. If we learn that we have collected personal information from a child under the age of 18 on our Services, we will delete that information as quickly as possible. If you believe that we may have collected any such personal information on our Services, please notify us at privacy@knowde.com.

Where do we store and process your personal information?

  • International Transfers: Our servers and data centers are located in the United States. If you choose to use the Service from outside the U.S., then you should know that you are transferring your personal information outside of your region and into the U.S. for storage and processing. By providing your Personal Information to us through your use of the Service, you agree and consent to that transfer, storage, and processing in the U.S. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Service. You should know that each region can have its own privacy and data security laws, some of which may be less stringent as compared to those of your own region. If you are located in the European Union (EU),the United Kingdom (UK), or Switzerland, then the countries we may transfer your data to, including the US, may not have data protection laws as comprehensive as those in the EU, the UK, and Switzerland. To ensure your data is protected, and that we comply with the applicable data protection laws, we have implemented the following measures:
    • EU-US Data Privacy Framework. We comply with the EU-US Data Privacy Framework (“EU-US DPF”), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework (“Swiss-US DPF”) for the purposes of processing data received from the EU, UK, and Switzerland. Please see the section ‘US Data Privacy Framework Notice’ in this Privacy Policy for more information.
    • Standard Contractual Clauses. We may use the Standard Contractual Clauses (SCCs) for transfers of personal information to us, and also for transfer of personal information to third-party service providers. These clauses require the recipients to protect the personal information they receive in accordance with European data protection laws and regulations. Details of our use of SCCs can be provided upon request.
    • Derogations. In certain circumstances we may transfer personal information based on the derogations contained in Article 49 of the General Data Protection Regulation (GDPR).
    • Supplementary Measures. In addition to the SCCs, we may use contractual, technical and organizational measures to further protect your personal information.
    • Adequacy Decisions. Where applicable, we may rely on adequacy decisions provided by the European Commission under Article 45 of the GDPR to transfer your personal information outside of the EU, the UK, or Switzerland.
  • U.S. Data Privacy Framework Notice: We comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Cesium, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Cesium, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF and UK Extension to the EU-US DPF Principles  and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
 

Jurisdiction and Enforcement

  • As part of our participation in the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission (“FTC”).
  • For European Union residents, you also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
  • For UK residents, you also have the right to lodge a complaint to the UK Information Commissioner’s Office at: https://ico.org.uk/.
  • For Swiss residents, you also have the right to lodge a complaint to the Swiss Federal Data Protection and Information Commissioner (FDPIC) at: https://www.edoeb.admin.ch/edoeb/en/home.html.
  • In compliance with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles we commit to resolve complaints about your privacy and our collection or use of your personal information. European Union, UK, or Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact us at privacy@knowde.com.
  • We have further committed to refer unresolved privacy complaints under the EU-U.S. DPF and UK Extension to the EU-US DPF Principles and the Swiss-U.S. DPF Principles to an independent dispute resolution mechanism. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit JAMS at: https://www.jamsadr.com/DPF-Dispute-Resolution for more information and to file a complaint.
  • Under certain conditions specified by the EU-U.S. DPF and UK Extension to the EU-US DPF Principles and the Swiss-U.S. DPF Principles, you may also be able to invoke binding arbitration to resolve your complaint.
  •  

California privacy disclosures

Your web browser settings may allow you to automatically transmit a “Do Not Track” signal to websites you visit. Note, however, there is no industry standard as to what website and app providers should do when these signals are received. Accordingly, unless and until privacy regulations require us to do so, we do not monitor or take any action with respect to these “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.

Customers who are residents of California may request a list of the categories of personal information disclosed by us to third-parties during the immediately preceding calendar year, and a list of the categories of third parties to whom we disclosed such information. You can request this information by sending an email to privacy@knowde.com. We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

How we secure your personal information?

To help protect your data, we use commercially reasonable steps to protect the data that we collect, including your personal information. The reasonable steps include protecting this data against accidental loss, unauthorized use, and disclosure, and restricting access to personal information by our staff. The Service is hosted by a third-party hosting company that we have determined maintains adequate security controls and utilizes TLS encryption for all internet communication with the Service. We also require all staff that administer and develop the service follow industry-standard controls, including strong passwords, the use of anti-virus and anti-malware software, disk encryption and other best practices.

We use various 3rd party processors to enable us to provide the Service, and as part of our vendor due-diligence, we review the security controls these processors have in place and ensure they meet industry standards appropriate for the type of data we collect.

You should keep in mind, however, that the Service utilizes software, hardware, and networks, which from time to time require maintenance and experience problems beyond our control. Note that no data transmission over the public internet or encryption method can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.

You can learn more about how we protect your data by going to our privacy portal at: https://privacy.knowde.com/

Updates to this Policy

We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Service after such changes will be subject to the then-current policy. If we change this Policy in a manner that is material, we will use reasonable efforts to notify you via the contact methods you have provided of the change prior to applying the change to any personal information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose personal information.