Last Updated: 30th November, 2020
Konch obtains information about individuals in these main ways:
Customers who have signed up for a Konch account. If you interact with Konch in the course of seeking customer service for a particular product or service, you are probably an end user. We process “End User Data” which means information about end users of Konch customers, which includes but is not limited to the first name, last name, email address of an end user.
Personal information identifies you or may be used in combination with other pieces of personal information to identify you. Examples of personal information include your name, company name, e-mail address, and billing information. Personal information can also include information that does not identify you, but could be combined with other information in a way that enables you to be identified. This includes information such as profession, zip code, IP address, and current location.
Non-personal information is information that cannot be used or combined with other information to identify or contact you, including browser types, domain names, and statistical data involving the use of the Konch website.
Customers will be required to register an account to leverage Konch’s platform. If you wish to create an account you will be required to provide us with information (including personal information and non-personal information). In addition, we may obtain your personal information from you if you identify yourself to us by sending us an e-mail with questions or comments.
Konch will collect End User Data necessary to provide the Konch services to our customers. In the course of business, Konch leverages the GDPR compliant platform Firebase. Firebase is used to manage authentication and users. Via Firebase authentication, Konch leverages Single Sign-on (SSO) to seamlessly authenticate users via Google and other federated providers. As part of federation, authentication with these 3rd-parties imports user information such as email, first and last name, and public avatars. That information is then used to connect payments services, such as Stripe, or support services such as email or Help Scout’s customer service platform to Konch users.
In general, we use the information collected to provide you with a great overall experience and for internal operations such as operating and improving the Konch platform, to contact you for customer service and billing purposes. We also use your information to send welcome emails, transcription notification and workspace sharing alerts, when you are invited to Konch, or when you sign up for a demo, webinar or to receive our newsletter. We also use your information to send other email communication related to the Konch website. We always give you the option to unsubscribe in any email we send you.
We may also use the information gathered to perform statistical analysis of user behavior or to evaluate and improve the Konch services. We may link some of this information to personal information for internal purposes or to improve your experience with the Konch website and our services, in these cases we will obtain your consent.
We use End User Data to identify you and to provide you with customer service on behalf of a Konch customer. We will disclose End User Data to the relevant Konch customer so that they are better able to assist you. If you are interested in how we process the data on behalf of Konch customers, please read our Data Processing Amendment.
We may disclose your information (including personal information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process. We may disclose personal information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the Konch Terms of Service, to detect fraud, or to protect the safety and/or security of our users, the Konch website, or the general public. Konch is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU Standard Contractual Clauses, Konch is potentially liable.
Konch, Inc is incorporated in the U.S. and its subsidiary, Konch, Ltd, is based in the UK. User information is stored in regions related to the user’s location respectively. Information collected via our website, through direct interactions with you, or via our platform and services may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. To the fullest extent allowed by applicable law, by using any of the above, you voluntarily consent to the trans-border transfer and hosting of such information.
We take precautions to protect the security of your information. We employ electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security, and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes or fail to follow policies. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.
Konch maintains ongoing Cyber Security Essentials compliance standards and auditing. Any payment information adheres to stringent industry standards (PCI-1) for storing, processing and transmitting credit card information online.
You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable.
If you are an end user and wish to update, delete, or receive any information we have about you, you may do so by contacting the organization of which you are a customer.