With the number of data breaches sky rocketing, Knowmea wants to do things differently and have placed security as one of the top priorities for the company.
Knowmea is designed to be aligned with industry best practice security standards such as ISO 27001 and SOC 1. Both standards are used and followed by leading financial institutions (e.g. Wells Fargo and Morgan Stanley) and tech companies (e.g. Google and Apple). Knowmea is designed with your best interest in mind.
Our privacy information explains how we will handle your personal information when you sign up websites, products, and services. Where we say ‘we’ and ‘us’ we mean Knowmea. Where we say ‘third party’ this means anyone who is not you or us. This could be another person or an organization.
This general section contains information that applies across all our business. The product-specific sections cover our different products and services, so you can easily find the information you need for the specific product or service you use. If a product-specific section doesn’t have a topic you are looking for, then the right information will be in the general section.
As transparency and privacy are Knowmea core values, we regularly check and update this policy to reflect new features and functionality. We have a lot of new features and functionality planned, so to avoid having to issue new privacy information every month, there may be information about things that aren’t quite in place yet, but they will be soon. Regularly reviewing our privacy information makes sure that you are always aware of what information we collect, how we use it and how we might share it.
WHO WE ARE
Who we are
We are a digital personal preference platform and we design our software and services with privacy at their heart, guided by a set of principles.
We take your privacy very seriously. We design our software and services with privacy at their heart. We focus on acting with the users’ interest at heart, encouraging personal data ownership, and enabling privacy and anonymity.
We ensure our products and services are designed to follow the highest industry security standards including ISO 27001, SOC 2, and GDPR.
INFORMATION COLLECTION AND USE
What we collect and what we do it with it
Accessing Your Information
With your permission, Knowmea requests access to your Gmail inbox as well as some basic personal information (i.e. Name, Gender, Birthday) through Google OAuth. Google OAuth grants Knowmea access to Google’s Gmail APIs.
Using and Storing Your Information
When you set up and use our products and services, almost all the personal information and email data collected are necessary to provide the product or service that Knowmea offers.
Personal information (i.e. Name, Gender, Birthday) helps Knowmea create basic personal profiles. This basic personal profiles enable us to better sort through promotional emails to enhance personalization and relevance.
Knowmea only accesses emails that have been identified and labeled by either Google or yourself as “Promotions”; these are emails that can be found in the “Promotions” tab. Knowmea does not access any other types of emails.
Knowmea stores the most recent copy of the “Promotions” email in our database. Knowmea analyzes and searches these emails to identify information that is relevant to each individual user based on preferences that were set up (e.g. 30% off at a XXX retailer or new products from XXX retailer). Knowmea presents the information in the dashboard.
Sharing Your Information
Knowmea does not share with or sell your information to any third party.
The information you add to your account or provide as part of using a product or service remains until you delete the account or request the deletion of your information.
SECURITY AND DATA LOCATION
Security is a core business principle. We always keep personal information in secure locations with strict access controls.
We continually ensure that our systems are designed in compliance with ISO 27001 and SOC 2, which means we follow top industry standards for information security.
Where we use other organizations to support our business we have contract terms in place that contain obligations on the other organizations to safeguard your information. Some of these organizations have their servers in other countries. We have contract terms with these third parties and measures in place to cover any transfers of personal information. The measures used are EU-approved model contract clauses, Privacy Shield for some US companies, and some have Binding Corporate Rules.
YOUR RIGHTS AND CHOICES
You have several different rights with regard to your personal information. Some rights only apply in certain circumstances or to certain information. There are also exemptions from some rights in some circumstances.
You are entitled to know what personal information we hold about you and to receive a copy of it.
You are entitled to correct personal information we hold about you that is inaccurate.
In certain circumstances you are entitled to ask us to delete the personal information we hold about you.
In certain circumstances you are entitled to ask us to restrict our processing of your personal information.
You can ask us to do this if:
– you dispute the accuracy of your personal information;
– our processing is unlawful but you prefer restriction to deletion;
– we no longer need the information but you need it for legal reasons; or
– you have objected to our processing and we are still dealing with this objection
In certain circumstances you are entitled to receive the personal information you have provided us in a structured, commonly used and machine-readable format.
We collect information about your device and your use of our products using in-house analytics and third-party tools. We use it to understand how our products are being used and to improve them.