Privacy Policy

Your privacy is important to us. As such, we provide this Privacy Policy to inform you of our online information practices and the choices you can make about the way your PII is collected and used on this Website or via our Services. Except where otherwise expressly indicated in this Privacy Policy or on the Website, this Privacy Policy applies only to PII collected on the Website and through Services offered by Kapta. It also describes the choices available to you regarding our use of your PII and how you can access and update this information.

By utilizing the Website or Services offered by Kapta, you acknowledge, agree and represent that you have read and understand the Privacy Policy and consent to the processing of your PII as set forth below.

1. Definitions

1.1 “Applicable Data Protection Law(s)” means the data protection laws, rules and regulations applicable to Services offered by Kapta; with respect to PII from Europe, “Applicable Data Protections Law(s)” shall include Regulation (EU) 2016/679 (“GDPR”) and the Data Protection Act of 2018 (“UK GDPR”);

1.2 “Customer” or “Customers” means the natural or legal person engaging or approaching Kapta for the purpose of soliciting, securing, or otherwise utilizing one or more of Kapta’s Services;

1.3 “Europe” shall mean the European Economic Area, the European Free Trade Association and the United Kingdom;

1.4 “Kapta” means Kapta, Inc., a Delaware corporation with its principal place of business located at 885 Arapahoe Avenue, Boulder, Colorado 80302, USA; the terms, “we,” “our,” and “us” refer to Kapta;

1.5 “PII” means personally identifiable information or any representation of information that permits the identity of the Customer or data subject to whom the information applies to be reasonably inferred by either direct or indirect means;

1.6 “Service” or “Services” means the information, software or services made available to you through the Website;

1.7 “Website” means Kapta’s websites located at the domain addresses [https://kapta.com] and [https://login.kaptasystems.com] and any affiliated websites;

1.8 “You” or “your” means the data subject or the person whose information (PII or otherwise) may be subject to the terms of this Privacy Policy.

2. The Information We Collect

We collect and use your PII to provide you with the information or content that you have requested, and, in some cases, to contact you about our programs, products, features or services. If you no longer wish to receive press releases or any other type of marketing information from us, you may send us an email through the “Contact Us” link on the Website, use our E-mail Alert Form to change your preferences, or follow the “unsubscribe” link provided in the e-mail that you receive.

We also collect and utilize non-PII information to better understand your use of the Website and to enhance your enjoyment and experience. For example, we may use the information to improve the design and content of our Website or to analyze our programs and Services.

We may employ other companies and individuals to perform certain services on our behalf. Our employees, contractors, and agents who have access to PII are required to protect the information in a manner that is consistent with this Privacy Policy, the Terms of Service, the Data Processing Addendum, and the Data Security Statement (collectively “Policies”).

3. Cookie and Web Beacon Policy

To enhance your online experience, we may use “cookies” or similar technologies. Cookies are text files placed in your computer’s browser to store your preferences. Cookies do not contain PII; however, once you choose to furnish a site with PII, this information may be linked to the data stored in the cookie.

We use cookies to understand site and Internet usage and to improve or customize the content, offers or advertisements on our site. We may also use cookies to help us offer you products, programs, or Services that may be of interest to you and to deliver relevant advertising.

We, our third-party service providers, advertisers, or partners also may use cookies to manage and measure the performance of advertisements displayed on or delivered by us and/or other networks or sites. This also helps us, our service providers, advertisers, and partners provide more relevant advertising.

We, our third-party service providers, advertisers, or partners may also use “web beacons,” clear “.gifs,” or similar technologies, which are small pieces of code placed on a web page, to monitor the behavior and collect data about the visitors viewing the Website. For example, web beacons may be used to count the users who visit the Website or to deliver a cookie to the browser of a visitor viewing the Website.

You can change your privacy preferences regarding the use of cookies and similar technologies through your browser. You may set your browser to accept all cookies, block certain cookies, require your consent before a cookie is placed in your browser, or block all cookies. Blocking some or all cookies may affect your online experience and may prevent you from enjoying some or all Services provided by Kapta. Please consult the “Help” section of your browser for more information.

4. Access to and Modification of PII

If you visit our Website and volunteer PII, you may modify, update or delete such information by sending us an e-mail at support@kapta.com. You should be aware, however, that it is not always possible to completely remove or modify PII in our databases. In addition, please be aware that your ability to opt out from receiving marketing and promotional materials does not change our right to contact you regarding your use of the Website or our Services.

You can opt out of receiving promotional emails from us by emailing support@kapta.com or unsubscribing from our marketing emails. If you choose to no longer receive marketing information, we may still communicate with you regarding security updates, product functionality, responses to service requests, or other transactional, non-marketing-related purposes.

If we have collected and processed your PII with your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your PII conducted pursuant to lawful processing grounds other than consent.

You have the right to contact a data protection authority about our collection and use of your PII. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with Applicable Data Protection Law(s). To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your PII.

5. Data Security

We take reasonable steps to maintain the security of the PII we collect. However, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, we do not warrant or represent the security of any information (PII or otherwise) that you transmit to us. By using our Services, you understand, acknowledge and agree that you transfer data to us at your own risk.

6. International Transfer

We operate globally, and so it may be necessary to transfer your PII internationally. In general, your PII will likely be transferred to and processed in the United States and/or Europe. When transferring data from Europe, Kapta relies upon a variety of legal mechanisms, including contracts with our users as well as documents issued by regulatory authorities.

7. Compliance with Laws and Enforcing our Rights

We may be required to disclose PII by law, such as to comply with a subpoena or similar legal process, or in response to a government request. We also may be required to disclose PII in response to a lawful request by law enforcement or public authorities in an effort to meet national security or law enforcement requirements.

We may disclose PII to relevant parties to protect and defend the rights, property or safety of Kapta or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security concerns.

8. Disputes

In the event a dispute concerning the terms of this Privacy Policy arises between you and Kapta, Kapta will make a good-faith effort to resolve such a dispute via mutual discussion and/or negotiation. In the event the dispute remains unresolved after such discussion or negotiation, the dispute may be internally escalated to Kapta’s senior officers to attempt to resolve the dispute.

If a dispute remains unresolved following the attempts for resolution in the preceding paragraph, you and Kapta agree to commit to mediation by a mediator appointed by JAMS, an alternative dispute resolution provider located in the United States. The services of JAMS are provided at no cost to you.

9. Accessing or Correcting Information

You may view all information provided to us by accessing the relevant page on your Kapta account.

In the event you did not create a Kapta account or cannot find the appropriate location to determine what information you provided us, you may send us an email at info@kapta.com to request access to or correction of your information (PII or otherwise). For verification purposes, please include your first name, last name, the e-mail address, and password you use for such Service.

10. Kapta as a Data Processor

We may collect, use and disclose certain information (PII or otherwise) about you when acting as our Customers’ data processor. Our Customers are responsible for making sure that your privacy rights are respected, including ensuring appropriate disclosures about third-party data collection and use. To the extent that we are acting as a Customer’s data processor, we will process your information, including any PII, in accordance with the terms of our agreement with the applicable Customer, our Data Processing Addendum, and Applicable Data Privacy Law(s).

If you are a resident of Europe and object to our processing of your PII, please contact us at support@kapta.com to restrict processing, or request portability, of your PII.

For information on how we may process your information (PII or otherwise), please read the Kapta Data Processing Addendum, found at https://kapta.com/data-processing-addendum/.

We may share PII with third-party service providers (“Sub-Processors”) (e.g., email service providers, data storage and processing facilities) to allow them to perform services on our behalf. we will not share your information with third parties for a purpose that is materially different from original purposes without your consent.We do not permit our Sub-Processors to use the PII we share with them for their marketing purposes or for any other purpose than in connection with the services they provide us. For additional information about how we work with Sub-Processors, please read the Kapta Data Processing Addendum, found at https://kapta.com/data-processing-addendum/.

11. How to Contact Us

If you have any questions or concerns about the Privacy Policy or its implementation, then please contact us at support@kapta.com.

12. Updates & Effective Date

The effective date of this Privacy Policy is July 22, 2024.

Kapta may update, amend, or otherwise modify this Privacy Policy at its sole discretion, in whole or in part, with such updates, amendments, or modifications being immediately effective upon their posting to the Website. Your use of the Website after modification, addition or deletion of the Privacy Policy shall be deemed to constitute your understanding, acknowledgment and acceptance of all such updates, amendments, or modifications. We will notify you about material changes to the Privacy Policy by sending an email message to the email address you most recently provided to us or by prominently posting a notice on our Website. We encourage you to periodically check back and review this Privacy Policy so that you always will know what information we collect, how we use it, and with whom we share it.

 

13. EU-U.S. Data Privacy Framework Principles

Kapta complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Kapta has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Kapta has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Kapta commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint.  The services of JAMS are provided at no cost to you.

Investigatory and Enforcement Powers of the Federal Trade Commission (FTC)

Kapta is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). This means that the FTC has the authority to examine our privacy practices and enforce compliance with the Data Privacy Framework (DPF) principles.

Binding Arbitration

Under certain conditions, individuals may invoke binding arbitration. Kapta, Inc. is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles. If an individual wishes to invoke binding arbitration, they must deliver notice to Kapta, Inc. and adhere to the procedures and conditions outlined in Annex I of the Principles.

Liability in Cases of Onward Transfers to Third Parties

Kapta may share your personal data with third parties for various purposes. In cases of onward transfers to third parties, Kapta, Inc. remains liable for ensuring that the third parties handle your personal data in accordance with the Data Privacy Framework principles. We require that these third parties provide the same level of protection for your personal data as we do.

14. Your California Privacy Rights (California Consumer Privacy Act - CCPA)

If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of PII with third parties for their direct marketing purposes. To the extent applicable, California residents may also request that we:

  1. Disclose the categories of PII we collect, use, disclose, and sell;
  2. Disclose the categories of sources from which we collect PII;
  3. Disclose the business or commercial purpose for collecting or selling PII;
  4. Disclose the categories of third parties with whom we share PII;
  5. Provide access to and/or a copy of specific pieces of PII we collect about you;
  6. Delete PII we collect from you (subject to certain exceptions);
  7. Opt-out of the sale of PII.

To exercise your rights under the CCPA, please contact us at support@kapta.com. You may also designate an authorized agent to make a request on your behalf.

We will not discriminate against you for exercising your rights under the CCPA. This means we will not deny you our services, charge you different prices or rates, or provide you with a different level or quality of services.

15. Children's Privacy

Our Website and Services are not intended for children under the age of 13, and we do not knowingly collect or solicit PII from children under 13. If we become aware that we have collected PII from a child under 13 without parental consent, we will delete that information promptly. If you believe that we might have any information from or about a child under 13, please contact us at support@kapta.com.


16. Data Retention


We will retain your PII only for as long as necessary to fulfill the purposes for which it was collected, including to comply with any legal, accounting, or reporting requirements. When we no longer need to use your PII, we will delete it or anonymize it, in accordance with our data retention policies and Applicable Data Protection Law(s).