Please note, if you use Kimo Free, Premium, or Pro, you are both the Account Holder and End User of a Kimo service account. If you use Kimo Business, the Account Holder is the Customer who has contracted with Kimo as defined in our Kimo Business Agreement and the End Users are the individuals whose user accounts are linked to that Kimo Business account. You can find these, and other defined terms used in this policy in our Glossary at the end of this page.
Although significant changes are rare, this policy may be amended as new features, technology, or legal requirements arise, so please check back from time to time. We'll notify you if we make a significant change and, where required, seek your consent.
WHAT PRINCIPLES GOVERN YOUR POLICIES?
Kimo processes your data in accordance with the General Data Protection Regulation (GDPR), the law on data protection and privacy which is applicable in the European Union (EU) and European Economic Area (EEA). At Kimo, we uphold five central principles around data protection, as we believe the future of Artificial Intelligence has to be one of explainable models, transparency and mutual trust. It is our aim to go beyond laws like GDPR and the California Consumer Privacy Act (CCPA) and provide a leading example of how to combine deep technology expertise with sound ethical principles. You can find our principles below, along with an explanation.
Kimo is not a company that makes money from selling your data to third parties for advertising purposes. Our business model is simple: we make money when you decide to pay us for a service that is valuable to you. This means that trust is our biggest asset and keeping your data private is fundamental.
Kimo uses artificially intelligent ('AI') models that can at time be optimized by seeing new data. This optimization makes the models more precise over time, and with that more valuable to End Users. By using our products, you give Kimo opportunity to do certain things with your data so that we can run our service and improve it over time. For example, we back it up, send it over a network, index it for searching, optimize our models with etc. Some of these operations may require us to send your data to our normal business partners – such as the Cloud Partners we use (Google Cloud and Amazon Web Services at this point in time) – that we have contracted with to provide parts of the Kimo Service. Before we do this, we'll always make sure that our contracts with such partners protect your data protection rights as much as possible. The Cloud Partners act as data processors and are not allowed to use the data for any of their own purposes.
Personal data is pseudonymized at all times in our database. In practice, this means that - in the case of a data breach - users have unique URLs as ID-tokens that cannot be traced back to the user. Other data that can be traced back to the user (e.g. addresses for invoicing purposes) are stored in a separate location. This also means that when KIMO uses your data for optimization purposes, it does so at all times by using your data in a pseudonymized form. After this process, we only keep aggregated, anonymous data and delete any data that can be traced back to you.
Kimo takes appropriate technical and organizational measures to keep everything you put into KIMO secure. We take many precautions to protect your data from accidental loss and theft. Everything you put into Kimo is stored in a highly secure Cloud environment with the highest level of protection available today. This environment also provides automated (offsite) backups for your data, should a server go offline due to unforeseen circumstances (e.g. flooding, earthquake).
There may be features in Kimo where you share notes, insights, or elements of your learning journey (including, in relation to Kimo Business, the Account Holder) with others via Social Media or other means, but these features are optional and whether or not you use them is up to you.
Communications between Kimo clients and servers (and between our various data centers) are all encrypted. We provide industry-leading security technologies, like two factor authentication, to all users, and we're constantly investing in ways to improve data security. We take the utmost care in protecting your password and no one at Kimo will ever ask you for it.
You have full control over the data you put into Kimo. Personal data can be requested at any time by users. It can also be deleted instantly by users if desired. KIMO provide this functionality openly and without hiding it from users.
We recognize that learning new materials requires users to write down personal things (e.g. learning notes). These notes belong to the End Users, not to Kimo. For all of those End Users, we are committed to making it straightforward to get all of your data into, and out of, Kimo at any time. For this reason, our platform facilitates easy imports and exports of data.
To ensure Kimo is available across platforms and remembers the context of your learning journey, you have a unique ID that can be used to access Kimo recommendations and notes across devices. Whether you login on your laptop or your smartphone, Kimo will recognize who it is talking to.
We built Kimo to help you learn more effectively and stay relevant in the jobs market. This purpose means that Kimo has access to data around your learning process, and we recognize that those datapoints can contain private information. We collect and receive the following types of information that relate to the user:
As described in our principles, we are committed to protecting the privacy of your information. Below, we describe the ways in which we use the information we collect and receive to provide, maintain, and improve the Service; to provide troubleshooting and customer support; to protect the Service for all our users; to contact you; and to administer Kimo Business accounts.
WHEN AND WHERE DO WE SHARE INFORMATION?
Kimo is not in the business of selling or renting your information, but we work with partners to ensure our Service can be delivered. Here are instances when we may disclose your information — and then only the minimum information necessary:
WHO HAS ACCESS TO INFORMATION?
Consistent with the principles we uphold at Kimo—your data is yours—in most cases, you can manage your information simply by logging into your account and editing your information directly within the Kimo service.
However, if you prefer, you can contact us at firstname.lastname@example.org to ask us to provide access to, correct, update, or delete your personal information. Please note that we may ask you for proof of account ownership and/or identity before fulfilling your request. We will comply with such requests to the extent required by applicable law.
DATA PROCESSING GROUNDS AND DATA ACCESS RIGHTS
We process Account Holder or End User personal information on one of three grounds, depending on the circumstances: (i) your affirmative consent, in which case you will have the right to withdraw consent at any time; (ii) contractual necessity; or (iii) our legitimate interest in providing the Service.
DATA SUBJECT RIGHTS
You have the right to request us to give you access to your data. If the data are incorrect, incomplete or irrelevant, you have the right to ask us to alter or supplement them. You also have the right to object to the processing of these data and to ask us to erase them.
To the extent that our data processing is based on your consent, you at all times have the right to withdraw your consent. Withdrawal does not affect the lawfulness of the processing that was based on your consent before you withdrew it.
If you wish to make use of the aforementioned rights, please contact us by letter or email, using the contact details shown below. We will take a decision on your request within four weeks.
You also have the right to submit a complaint to the supervisory authority. The competent supervisory authority is the Dutch Data Protection Authority.
HOW LONG IS INFORMATION STORED?
Kimo's mission is to help you learn more effectively. In order to do that, we make the Content you store in Kimo readily accessible to you, until you make the decision to delete it. If you delete your Kimo account and/or your personal data, it will no longer be accessible. As described in our principles, your data is portable and can be exported from Kimo.
Note that Kimo's back-up system, provided by Cloud partners, may retain individual copies of your deleted Content for up to one year due to the nature of those system's operations.
For users who are inactive for extended periods of time, we may close your account to satisfy our obligations under applicable law, and in accordance with our data retention policy. If that happens, we will try to notify you before taking any action.
If Kimo deactivates your account due to a ToS (Terms of Service) violation, then you may contact us to request deletion of your Content, and we will evaluate such requests on a case by case basis, pursuant to our legal obligations.
WHERE IS INFORMATION STORED?
When you use KIMO Software on your computing device, such as by using one of our downloadable applications, some of your data will be stored locally on that device. When you sync your computing device with the Service, that data will be replicated on servers maintained in the EU. This means that if you store information in or submit data to the KIMO website, app or browser plugin, you acknowledge your personal information will be transmitted to, hosted, and accessed in the EU.
We reserve the right to make changes to this privacy statement at any time in accordance with applicable legislation and regulations. Please check this webpage from time to time to see whether any changes have been made.
HOW DO I CONTACT YOU?