1.1. Akumina (www.akumina.com) is the Employee Experience Platform that empowers global enterprises to quickly create personalized digital experiences that help every employee in every role work smarter, not harder. By offering a customizable, brandable, and multilingual platform that seamlessly integrates with leading enterprise cloud applications, Akumina delivers a contextual, collaborative, and engaging workplace experience to every user on any device. It was incorporated under the laws of United States of America and having its corporate office at 30 Temple Street, Nashua, NH, US.
- What personally identifiable information is collected from you through the website and 3rd party affiliations, how it is used and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
1.4. The company is the controller for all the information that they are collecting via their website or other sources and data processors for the information received from their customers as part of the service contract for Akumina.
For the purposes of this Policy, the key terms are defined as follows:
- ‘Personal Identifiable Information’ means any information relating to User or identifiable to User; an identifiable to User is one who can be identified, directly or indirectly, in particular by reference to User such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person and Payment information (including payment card numbers, billing address, and bank account information);
- ‘Processing’ means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- ‘The controller’ or ‘data controller’ is simply the organization (a legal person, agency, public authority, etc.) or the natural person which, alone or depending on the organization and personal data processing activity, in collaboration with others defines what needs to happen with the personal data (and also collects personal data) and obviously is key in personal data protection.
- The ‘processor’ or ‘data processor’ is a person or organization who deals with personal data as instructed by a controller for specific purposes and services offered to the controller that involve personal data processing.
- ‘Recipient’ means a Company or any legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a third party or not. However, public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
- ‘Third party’ means a natural or legal person, public authority, agency or body other than the User, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data;
- ‘Consent’ of the User means any freely given, specific, informed and unambiguous indication of the User’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her;
- ‘Personal Data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed;
- ‘Representative’ means a natural or legal person established in the Union who, designated by the controller or processor in writing pursuant to Article 27, represents the controller or processor with regard to their respective obligations under this Regulation;
- ‘Binding corporate rules’ means Personal Data protection policies which are adhered to by a controller or processor established on the territory of a Member State for transfers or a set of transfers of Personal Data to a controller or processor in one or more third countries within a group of undertakings, or group of enterprises engaged in a joint economic activity;
- ‘Sensitive Data’ refers to the various categories of Personal Data identified by data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent from User. These categories include racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offences (including information about suspected criminal activities).
- ‘Supervisory Authority’ means an independent public authority which is established by a Member State pursuant to Article 51;
- ‘Supervisory Authority concerned’ means a supervisory authority which is concerned by the processing of Personal Data because:
- the controller or processor is established on the territory of the Member State of that supervisory authority;
- Controllers/ data Processor/Users residing in the Member State of that supervisory authority are substantially affected or likely to be substantially affected by the processing; or
- a complaint has been lodged with that supervisory authority;
14. ‘Cross-Border Processing’ means either:
- processing of Personal Data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or
- Processing of Personal Data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect Users in more than one Member State.
- ‘relevant and reasoned objection’ means an objection to a draft decision as to whether there is an infringement of this Regulation, or whether envisaged action in relation to the controller or processor complies with this Regulation, which clearly demonstrates the significance of the risks posed by the draft decision as regards the fundamental rights and freedoms of Users and, where applicable, the free flow of Personal Data within the Union;
2. Information collection, use and sharing
2.1 Akumina is the sole owner of the information collected on this site. Akumina only has access to/collect information that you voluntarily give us via email or other direct contact from you. Akumina will not sell or rent this information to anyone.
2.1.1. Information that we receive from our customer who implement Akumina is:-
- First and last name;
- Email address(es);
- Mobile and other phone number(s);
- Organization information;
2.1.2 Information Collected Automatically: When User use or interact with our Website, we receive and store information generated by activity, like Usage Data, and other information automatically collected from browser or mobile device. These information are collected from the cookies. This information may include IP address; browser type and version; preferred language; geographic location using IP address, wireless, or Bluetooth technology on device; operating system and computer platform; the full Uniform Resource Locator (URL) clickstream to, through and from our Website, including date and time.. We may assign User one or more unique identifiers to help keep track of future visits.
Further we use Google Analytics for analytics and measurement to understand how our services are used. For example, we analyze data about your visits to our sites to do things like optimize product design
2.1.4 Information from our visitors: Our website visitors contact us for more information or request for product demos. For this purpose, we generally request for name, email, company name and contact number.
2.2. Sensitive Data: We do not require or seek to collect sensitive data.
3. How the collected information will be used
3.1 Lawful Basis of processing
We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and consent as the lawful basis for processing. For certain processing, we may also use legitimate interests as provided under the Data Protection Regulations.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
3.2 Use of Customer Data –
The information collected by us when customers use the Website and services, shall be used in the manner described below:
- Process payment and verify payment information;
- Contact and communicate with Customers and Users with respect to Akumina.
- Provide technical service and support, including updates.
- Respond to legal requirements, exercise our legal rights or defend against legal claims, to protect our interests, fight fraud or illegal activity, to enforce our policies, or to protect third party rights, property, or safety.
- Customize and/or tailor the website and user experience, which may include displaying information based on their search or content from other users.
- Responding to our customer on queries and support issues
With respect to Akumina product, we only process data on behalf of our customers and in accordance with their instructions provided in the applicable Services agreement with us.
Responding to our Customer’s end users on queries and support issues and providing Training
As part of our contractual agreements with our customers, we also provide their end users with support on queries, technical support and training. In doing so, we act as processors for our customers and any data collected from such end users is collected on behalf of our customers.
3.4 Users under 16 years of age
4. Disclosure of Information
The following categories of recipients will most likely receive your data in order for us to provide services to you
- Third Party Data Center Services such as AZURE
- Third Party SMTP Services such as Salesforce and Marketo
- Third Party helpdesk applications/tools for troubleshooting
- Salesforce CRM for direct marketing
- Third party Service Providers
4.1 We may also disclose certain information to third parties solely to help diagnose technical problems, to customers of Akumina, and improve the quality of the services provided by us.
4.2 We reserve the right to disclose any personal information as required by law or to respond to legal process, to protect our customer, to protect lives, to maintain the security of our products, and to protect the rights or property of the Company and when we believe, at our sole discretion that disclosure is necessary to protect our rights, protect someone from injury and/or to comply with a judicial proceeding, court order, or legal process served on the Company.
4.3 We also share data with the Company-controlled affiliates and subsidiaries, with vendors working on our behalf.
5. Customers’ Rights with respect to Processing Data
Individuals may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website.
6.2 On most web browsers you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie, and how to turn cookies off. We recommend that you leave cookies turned on because they will enable you to take advantage of some of our websites best features.
6.3. We may use third party cookies to track visitor behavior and to improve the quality of our services. However, such cookies will not store any kind of personal information, nor will such information be disclosed to any third party.
6.4. These cookies are intended to be automatically cleared or deleted when the User quits the browser application. User are encouraged to use the “clear cookies” functionality of browser to ensure such clearing / deletion, since it is impossible for us to guarantee, predict or provide for the behavior of system. User have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. User’s browser and other choices may impact experiences with our products.
6.5. The information we collect with cookies is not sold, rented, or shared with any third parties.
7. Data Security Procedures
7.1. We maintain organizational, physical and technical security arrangements for all the Data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements taking into account the risks associated with the categories of Data and the processing we undertake to protect any kind of personal sensitive information that we have under our control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss.
7.2 Regarding use of our Websites, User should understand that the open nature of the internet is such that information and Data flows over networks connecting User to our systems without security measures and may be accessed and used by people other than those for whom the data are intended.
8. Retention of Information
8.1. We will retain Data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that Data are deleted after a reasonable time according to the following retention criteria:
- User data provided by our customers is refreshed at a frequency defined by the customer. The data refresh ensures that all user data for employees who have left our customer is deleted automatically.
- We retain Data as long as we have an ongoing relationship with our Customer. Once our customers choose to close their accounts, the information is deleted within 30 days of such closure. When you decide to close your account, we delete all personal information about you including any user generated content.
- We will only keep the data while account is active or for as long as needed to provide services.
- We retain data for as long as needed in order to comply with our legal and contractual obligations.
9.1. If the Customer wishes to opt- out of receiving non-essential communications from us, after setting up an account, they may choose to do so by making such preference changes within the application or contacting us at firstname.lastname@example.org
10. Governing Law
If you are a resident of the European Economic Area and we maintain your Information within the scope of the General Data Protection Regulation (GDPR), you have additional rights. If, despite our commitment and efforts to protect Data, you believe that your data privacy rights have been violated, we encourage and welcome customer to come to Company first to seek resolution of any complaint. Customers have the right at all times to register a complaint directly with the relevant supervisory authority or to make a claim against Company with a competent court.