1. Who are we and what do we do?
We are Kaizo Operations B.V. (Kaizo, we or us). Kaizo provides a performance management system that enables our Clients to store, analyze, review and evaluate the day-to-day interactions between its employees (Users) and customers, by connecting via an API the third-party customer communication platform account to a Kaizo account (the Services). The Services enables you to improve the overall performance of your customer service department, as well as the individual performance of your employees towards your customers. You can find more information about our services on the website https://kaizostaging.wpengine.com/ (Website) and our online application (the App). The Website and App hereinafter altogether referred to as Tools.
2. What is this?
This is our Privacy Policy. On this webpage we explain what kind of Personal Data we collect via our Tools and Services and if you contact us via one of our e-mail addresses or social media pages. We also explain for which purposes we use the Personal Data, how we protect them and how we store them.
3. Personal Data and the Privacy Regulation
We are all about respecting your privacy and protecting your Personal Data. We process Personal Data – i.e. all information by which a person can be directly or indirectly identified – in line with the General Data Protection Regulation (GDPR) and other relevant legislation on the protection of Personal Data (collectively referred to as Privacy Regulation).
4. Our role as Processor and Controller
We collect and process most Personal Data on behalf of our Clients within the context of our Services. Our Clients define the purpose and the means of such processing of Personal Data, which means they act as Controller within the meaning of the Privacy Regulation. We only process such Personal Data following the instructions of our Clients and not for our own purposes. Within this context we therefore act as Processor within the meaning of the Privacy Regulation.
Apart from the processing of Personal Data for the sake of our Clients, we also collect and process some Personal Data for our own purposes. Within this context we act as Controller ourselves within the meaning of the Privacy Regulation.
5. What Personal Data do we collect as Controller?
As Controller we collect and process the following Personal Data of our Clients and the Users of our Tools and Services:
Personal Data we process of our Clients:
| (Personal) data: | Purpose(s): | Legal basis: |
|
Contact information: (Company) name, e-mail address and other contact information of the Company and the contact person (i.e. name, phone number and address), time zone and role of the contact person. |
We use this information to contact our Client regarding the Services we provide them.
|
We may process these Personal Data, because we need these Personal Data to perform our contract with our Clients, i.e. to enable you to use our Services.
|
|
Payment details of our clients: Invoice details, bank account number, IBAN and BIC code.
|
We use these data to: – handle, check and administer payments from our Clients; – maintain our list of accounts receivable and outstanding invoices; – include in our administration on behalf of the tax authorities. |
We may process these Personal Data, because we need these Personal Data to perform our contract with our Clients. We are also obligated to share (some of) these data with the national tax authorities.
|
Personal Data we process of our Users:
| (Personal) Data | Purpose(s) | Legal basis |
|
Contact information of the User: Professional e-mail address, role of the user and 16-digit User-ID.
|
We use this information to: – address you appropriately in our communications; – enable you to make use of our Services; – send you updates about our Services.
|
We may process these data because it is needed to enable the Employees to make use of the Tools and Services and thus for carrying out the agreement with our Clients.
|
|
Ticket (meta) information: Information included in the ticket by the user (e.g. name, email, cell number) and information regarding the reason a ticket is raised. |
We use this information to: – help the user with its ticket; – extract metrics and gamification information for improvement purposes; – note the rating of the ticket for improvement purposes. |
We may process these data, because we have a legitimate interest to process the data. We need these data to adequately assist the user with any problem and to improve our services on these matters.
|
Personal Data we process through messages sent via our contact form, to one our email addresses or via in-app messaging:
| (Personal) data: | Purpose(s): | Legal basis: |
|
Your name, e-mail address and other (personal) data you share with us in your message.
|
We use these data to contact you about your message and/or to provide you support.
|
We may process these Personal Data, because we have a legitimate interest to process these data. We need these data to contact you about your message and/or to provide you support. |
Personal Data we process to send you our newsletters:
| (Personal) data: | Purpose(s): | Legal basis: |
|
Your name and e-mail address and whether the newsletter is opened and which links are clicked on.
|
We use these data to send you newsletters about our products and services.
|
We may send newsletters to existing Client about similar products and services, because we have a legitimate interest to keep our Clients updated about such products and services. If you’re not an existing client, we will only send you a newsletter if you have given your consent for this by registering for our newsletter on the Website. If you do not wish to receive the newsletter any longer, you can use the unsubscribe link in every newsletter. |
Personal Data we process through our social media pages:
| (Personal) data: | Purpose(s): | Legal basis: |
|
Information you make public, when you leave a comment or otherwise post something on our social media pages.
|
We use these data to: – Contact you via our social media pages; – Process your feedback left on our social media pages.
|
We may process these Personal Data, because we have a legitimate interest to process these data and you voluntarily made public such information. Our social media pages are also controlled by the social medium itself. Please check their own privacy policy’s, to see how each social medium handles your Personal Data: LinkedIn: Privacy Policy Facebook: Data Policy Twitter: Privacy Policy |
Personal Data we process through the use of our Tools:
| (Personal) data: | Purpose(s): | Legal basis: | |
|
Technical information with the use of our Tools: IP-address, functional cookies and technical information (i.e. type of browser and operating system) Optional: analytical and tracking cookies |
We use this information to: – analyze (the use of) our Tools; – improve our Tools and Services; – adjust our Tools to the used Device; – flag, report and prevent misuse, fraud and threats of/regarding to our Tools and/or Services. |
We have a legitimate interest to use technical information, functional cookies and your IP-address, namely to analyze and improve our Tools. We ask for your consent to use tracking cookies and analytical cookies. You may always withdraw your consent.
|
|
6. How long do we keep the Personal Data?
We store Personal Data for as long as we need it for the above purposes:
- Personal Data in our records for the tax authorities | This data is stored for seven (7) years, unless we are legally obliged to retain the data for a longer period;
- Personal Data of clients | This data is stored as long as we have a contract for our Services with the Client and for a maximum period of 30 days after, unless we are legally obliged to retain the data for a longer period;
- Other information | We store other Personal Data only for as long as it is necessary for the purposes. This is deleted as soon as it is no longer necessary for the purposes for which we processed it.
7. Do we share your Personal Data with others?
We use Processors to assist us in our Services. Within this context these Processors receive Personal Data from us which they process by our order. We use, for instance, the following categories of Processors: hosting our data, running our services, sending newsletters and messages, managing your payments and managing contact information. Our use of Processors is always in accordance with the Privacy Regulation.
We are legally obliged to include (some of) the Personal Data in our financial administration, which has to be shared with the national tax authority. The tax authority will process these Personal Data as Data Controller in accordance with its own privacy policies.
If we are taken over or if we merge with another company, it may be necessary that your Personal Data will be inspected or taken over by the new company. They are obliged to uphold the conditions of this Privacy Policy. If changes occur in the way that we process your Personal Data, we will communicate this to you in advance.
Apart from the above, we will not share your Personal Data with third parties, unless we are legally obliged to do so.
8. Export of data outside the European Union
We may transmit Personal Data to parties outside the European Union, if one of our Processors is established outside the European Union. The Personal Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the European standards.
The transmission of data outside the EU will always happen in conformity with the Relevant Legislation (chapter 5 of the GDPR).
9. How do we protect the Personal Data?
We protect all Personal Data we process from unauthorized and unlawful access, change, disclosure, use and destruction. For instance, we take the following technical and organizational measures to protect the Personal Data:
- we secure all our services using SSL (Secure Socket Layer);
- we review our information collection, storage and processing practices, from time to time to guard our systems against unauthorized access;
- we restrict access to Personal Data to our employees and all other parties we work with, who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations;
- we limit access to the (Personal) Data for authorized employees on a need-to-know basis and track such access;
- we organize regular security awareness trainings;
- password protection of computers, laptops and other devices;
- locking of premises and areas where (devices containing) Personal Data are located;
- annual internal security audits;
- we keep our dependencies (libraries) on the latest versions;
- we chose our third-party providers who implement the latest standards on security practices (e.g. Google Cloud);
The measures we take are continually improved in line with technological development.
10. General Aggregated (non-personal) Data
We may convert your Personal Data in non-Personal Data. This means that the data will be fully and irreversibly anonymized and aggregated: in that case they do not include any Personal Data anymore, because no identification can take place on the basis of the data. We may share such aggregated data with business partners for analytical purposes, demographic profiling and improving our services.
11. Links to other websites and third-party customer communication platform
You can find (hyper) links on our Tools which link to the websites of partners, providers, advertisers, sponsors, licensors or any other third parties. We have no control of the content or the links which appear on said websites and we are not responsible for the practices of websites linked to from our Tools. Furthermore, these websites, including their content and links, may constantly change. These websites may have their own privacy policies, user conditions and customer policies. Browsing and interaction on any other website, including websites linked to from our Tools, are subject to the terms and conditions of such website.
12. Changes of the Privacy Policy
The Privacy Policy may be changed from time to time. Please check our Privacy Policy frequently and take note of any changes. The new Privacy Policy will be effective immediately upon posting on our Website. If we change our Privacy Policy significantly, then we will state so on our Website together with the revised Privacy Policy.
Effective Date: 09.08.2021
13. Your rights and our contact data
As laid down in the Relevant Legislation, you have the right to:
- Ask us to rectify or update your Personal Data;
- Ask us to remove your Personal Data from our systems;
- Ask us for a copy of the Personal Data we process of you. We can also transmit such copy to another data controller at your request;’
- Withdraw your consent to process your Personal Data. This only affects the processing activities that are based on your consent and does not affect the validity of such processing activities before you have withdrawn your consent;
- Object to the processing of your Personal Data;
- File a complaint with the Dutch Data Protection Authority, if you believe that we process your Personal Data unlawfully.
If you have questions or concerns about this Privacy Policy or your privacy, you can contact us at security@kaizo.com.
Kaizo Operations B.V.
Singel 126
1015 AE Amsterdam
Chamber of Commerce number: 71088415
