Privacy Policy
Privacy Policy
We are KOM Cloud Service, LLC (“KOM Cloud Service”, “KOM”, “we”, “us” and “our”).
Each person or entity who uses our Services is referred to as a “user” or “you” or “your”. This Privacy Statement and our Terms of Service (“Terms”) apply to each user.
This document is our statement of our privacy practices (“Privacy Statement”). Among other things, it explains how we and some of the companies we work with collect, use, share and protect the information you provide to us (“your Content” or “User Content”). The User Content may include any personally-identifiable information, including without limitation name, address, telephone numbers, electronic mail and postal addresses, and other sensitive information that identifies or is uniquely associated with an individual (collectively, “Personal Data”). This Privacy Statement also discusses your choices about the collection, storage and use of your Personal Data.
Any Content that is not Personal Data is referred to as “Non-Personal Data.” Non-Personal Data may include without limitation information about how users use the Services, what Services users select, how users respond to service offerings, how users share information with others, what users say they like and dislike, all of which we aggregate into larger data sets that do not identify individuals (collectively, “Behavioral Data” which is a type of Non-Personal Data).
Among other services, KOM may connect users with other users. Please note that this Privacy Statement does not apply to any other websites, mobile applications, or businesses. This Privacy Statement applies to any Personal Data and other Content we collect or process via any means, including via our Services; although the focus of this Privacy Statement is on Content we collect via our Services.
By using our Services, you consent to the collection, transfer, analysis, transformation, storage, disclosure and other uses of your Content, including your Personal Data, as described in this Privacy Statement.
For the purpose of any privacy laws which use the terms “controller” and “processor” with regard to Personal Data, KOM is the “Data Controller”, meaning that KOM is the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data. Our service providers and contractors who process Personal Data are each the “Data Processor,” meaning that they process Personal Data at our direction.
1. Information We Collect
As noted above, we collect Content from you while providing the Services. Some of the Content is Personal Data that we may use to contact you, and which is necessary to provide the Services. Other Content we collect from you includes Behavioral Data and other Non-Personal Data that we aggregate, share, and use to improve our Services, and the services of others.
We collect many different types of information from you, both directly and indirectly.
Information you provide us directly
We may collect the following information from you.
Location Information. We may ask for your postal address or your geographic location information, especially if you request our legal services. When you submit User Content to our website or to social media, you may provide your location information, including location information embedded in or accompanying the User Content (e.g., in tags or captions).
Communications between you and KOM: We may send you emails, SMS or text messages, and other electronic communications for sales and delivery, notices of changes/updates to features of the Services, technical and security notices, and for other purposes. We may collect and store these communications.
Information we gather from your use of our Services
We collect the following information from your use of our Services.
- We may save private emails sent to us by users, and we may share your emails with any third parties or other users. You may elect to disclose Personal Data and Non-Personal Data to us.
Social Media. In addition to media that we control, you may post comments, photographs, drawings and other User Content on third party social media, such as YouTube, Facebook, Instagram and Twitter, each of which enforces its own terms of use and privacy policies for its respective service. Any User Content you post to social media services may contain Personal Data about you and other people in the form of names, email addresses, and location information. You should also be aware that a photograph or drawing of a person may be Personal Data to the extent the person may be recognized in and identified by the photograph or drawing, and medical or other healthcare information may be gleaned from any medical conditions, disorders or diseases are discussed or portrayed in the User Content, such as dietary restrictions. We may collect and use User Content and the Personal Data contained in the User Content posted to social media services to market our Services.
- We may use third-party analytics tools to help us measure traffic and usage trends and other Non-Personal Data (as that term is defined in our Privacy Statement) for the Services. These tools collect information sent by your device or our Services, including the web pages you visit, add-ons, and other information that assists us in improving our Services. We collect and combine this analytics information with analytics information from other users so that it cannot be used to identify any particular individual user. One of the analytics tools we use is Google Analytics. For more information and steps you can take to control Google’s collection and use of your data, please visit Google’s page, “How Google uses information from sites or apps that use our services”. Google also provides an opt-out plugin for web browsers, available here.
- Metadata is usually technical data that is associated with other data, including User Content. For example, metadata can describe how, when and by whom an item of User Content was collected and how that User Content is formatted. KOM may collect and store metadata, including about each user’s public posts on the Services.
Log Data. Our servers automatically record information (“log data”) created by your use of the Services. Log Data may include information such as your Internet Protocol (“IP”) address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device and application IDs, search terms, and cookie information. We receive log data when you interact with our Services, for example, when you visit our website, sign into our Services or interact with our email notifications. KOM uses log data to review how we provide our Services and to measure, customize, and improve the Services.
2. How We Store Your Information
We currently provide the Services from within the United States, and we store all User Content, including Personal Data, that we currently collect and retain on servers inside the United States.
Certain types of User Content you submit to us might reveal your gender, ethnic origin, nationality, age, religion, sexual orientation, or other Personal Data about you or others.
By using our Services, or by submitting your personal information to us, you consent to the collection, storage, processing and onward transfer of your personal information as stated in the current version of this Privacy Statement and the current version of our other online documents, including the Terms of Service.
3. How We Use Your Information
We share and use your Personal Data in the following circumstances. Unless specifically stated below, these do not include the use of Biometric Information:
To provide and maintain the Services, including to monitor the usage of our Services.
Opt-in with Your Consent. We may ask for your permission to share your Personal Data with other people and organizations outside of KOM, including to provide you with Services. As with any opt-in procedure, you are under no duty to agree to a request that you opt-in.
Partners and Affiliates of KOM. We may share your Personal Data with Partners to sell and provide the Services.
- Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide features and remember your personalization choices. We use cookies to make it easier to access and use our Services. The help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, by changing the add-on’s settings or visiting the website of its manufacturer. Because cookies allow you to take advantage of some of the Services’ essential features, we recommend that you leave them turned on. Cookies are also used to display particular Content and to set session identifiers for visitors who voluntarily join user areas.
Do Not Track. We honor general opt-out preference signals such as Global Privacy Control; however, the specific “Do Not Track” setting has been found to enable the fingerprinting of user devices, and companies have generally moved away from this standard. Therefore, we do not honor the “Do Not Track” setting on users’ devices.
Opt-out Email or Postal Address. If you supply us with your postal or email address you may receive periodic mailings from us with information on new products and services or upcoming events. If you do not want to receive such mailings, please let us know by sending an email to us at the “opt-out” address, below. We will remove your name from the list we use internally. Opting-out of these emails does not mean we remove your email from our system entirely, because we still retain your email addresses for other purposes.
Required by Law. We may access, preserve and share your Personal Data in response to a legal request (like a search warrant, court order or subpoena). We may also access, preserve and share Personal Data when we have a good faith belief that it is necessary to: help to ensure security and integrity generally to the extent that your Personal Data is reasonably necessary and proportionate for those purposes; detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
Change of Control. If we sell or otherwise transfer part or the whole of KOM or our assets to another organization (e.g., a merger, acquisition, or reorganization), your Personal Data such as email address, User Content and any other information collected through the Services may be among the items sold or transferred. You will continue to own your User Content, but the license you grant to us in the Terms may be transferred to others at KOM’s sole discretion.
Non-Personal Data. We may share Non-Personal Data publicly and with publishers, researchers or connected sites. For example, we may share aggregated Non-Personal Data publicly to show trends about the general use of our Services. Non-Personal Data includes aggregated or collective information about multiple users that does not reflect or reference an individually-identifiable user.
- In addition to some of the specific uses of information we describe in this Privacy Statement above, we may use Personal Data that we receive to:
- help you efficiently access your information after you sign in.
- remember information so you will not have to re-enter it during your visit or the next time you visit the Services.
- provide personalized Content and information to you and others, which, in the future, could include online ads or other forms of marketing.
- provide, improve, test, and monitor the effectiveness of our Services.
- develop and test new products and features.
- monitor metrics such as total number of visitors, traffic, and demographic patterns.
- diagnose or fix technology problems.
4. Security of Your Personal Data
When we or our Partners store, transmit, or protect your Biometric Data:
- We use no less than a reasonable and industry-standard level of care; and
- We use measures that offer the same or greater level of protection as that which we use to protect other confidential and sensitive information (personal information that can be used to uniquely identify an individual or an individual’s account or property) from disclosure.
5. Your Right to Review, Request Changes, and Disclose Personal Data
Where required by applicable laws and regulations, each user may inspect and receive a copy of his or her Personal Data as stored in the Services. In rare circumstances, we may deny a request, and we may provide you with an explanation. If we deny your request, you may request a review by another professional, who will be chosen by KOM, and we will comply with the outcome of the review.
Subject to applicable laws and regulations, the Personal Data you provide to us remains completely under your control. If you believe the Personal Data we have is incorrect or incomplete, you may in writing request an amendment to your Personal Data. We will approve or deny each request, and notify you of our decision. If approved, we will amend the Personal Data. We will also make a reasonable effort to notify people to whom the Personal Data was released. In the case of a denial, we will provide the reason for the denial and instructions on how to appeal.
Any information or User Content that you voluntarily disclose for use of the Services, such as your Personal Data or other User Content, may become available to the public if you release it to other users or to the general public. Once you have shared your Personal Data or your User Content with other people, or otherwise made it public, that Personal Data and your User Content may be re-shared by others.
6. Changes to this Privacy Statement
We may modify our Privacy Statement from time to time on prior written notice sent to the email address we have for you, or ten (10) calendar days after posting on the Services, whichever occurs first. If you choose not to be subject to a revised version of this Privacy Statement, then you may terminate your use of our Services.
7. Different Locations, Different Laws
The laws and regulations that address privacy rights and responsibilities (collectively, “Laws”) are different from one to another. Indeed, some of the Laws do or do not apply depending on different factors, including:
- Location or residence of the user.
- Location or residence of the individual that is the subject of the Personal Data (“Data Subject”).
- Location or residence of the person or organization that employs or contracts with the Data Subject.
- Location of each server or other machine where the Personal Data is received, stored, processed or forwarded to.
- Location of the relevant office of KOM or any company that processes Personal Data.
Several of the Laws that concern users and KOM are discussed in this Section, but these are not all of the Laws that may apply. In addition, if there is any conflict or ambiguity between the statements made in this Privacy Statement and an applicable Law, then the Law will control.
Consent to United States Law
All Personal Data and other data provided by users will be stored in the United States under United States law. Accordingly, United States law will apply to all users. All users consent to the application of the law of the United States in connection with the Services.
United States Federal and State Laws
Several of the federal Laws in the United States may apply to the Personal Data collected by us. Congress has passed several federal information privacy and security laws, while each state in the United States has passed and enforces information privacy and security laws that apply to data subjects, data, and businesses resident in that state.
Currently, all Personal Data of KOM users is stored on servers and other machines physically located within the United States. From time to time, Personal Data may be moved between servers in the same location or may be moved to a different location. When we receive a verified request by a user, we will provide the user with information required by applicable laws regarding the location and storage of their Personal Data.
Children’s Online Privacy Protection Act (“COPPA”)
Currently, COPPA does not apply to the Services. Each user must be 18 years of age or older. As noted in this Privacy Statement, if we learn any user is under the age of 18 (“Minor User”), or if any parent or guardian contacts us, we will delete all information provided by the individual from our Services. Moreover, users of the Services are responsible and liable for compliance under COPPA and are prohibited from collecting, using, and/or disclosing personal information from and about children in connection with the use of the Services, or assisting any third party in doing so.
If you are the parent or guardian of a Minor User, and you become aware that your Minor User has provided us with Personal Data or User Content, please contact us at [email protected] and we will delete the information or User Content.
Your Privacy Rights Under State Laws
This section supplements the information contained elsewhere in our Privacy Statement and applies to all visitors, users, and others (“consumers” or “you”). This notice of privacy rights has been adopted in order to comply with United States state and federal laws, and any terms defined in such laws have the same meaning when used in this notice.
California residents: Please see our document titled Your California Privacy Rights for additional rights which may apply to you.
Specific Rights Under State Laws
Under several state privacy and data protection laws (for example, California, Colorado, Connecticut, Utah, and Virginia), residents of those states may have one or more of the following rights and may exercise these rights free of charge. Since these state laws are generally modeled on the European Union’s General Data Protection Regulation (“GDPR”), the following list mirrors the GDPR section below:
- Right to lawfulness, fairness and transparency. Requires that we follow these principles when processing your personal information
- Right to Access. Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- Right to Rectification. Require us to correct any mistakes in your information which we hold
- Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
- Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
- Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Right to Restriction of Processing:
- Object in certain other situations to our continued processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
You may also have the right to claim compensation for damages caused by our breach of any data protection laws.
Rights Regarding Sensitive Data
Under state laws, you may have the right to opt-out of our processing Sensitive Personal Data, or the right to prevent our processing your Sensitive Personal Data without your affirmative consent. “Sensitive Personal Data” is defined differently by each state, but generally includes Personal Data relating to one or more of the following categories:
- Social security, driver’s license, state identification card, or passport number.
- Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
- Precise geolocation.
- Racial or ethnic origin, religious or philosophical beliefs, or union membership.
- Genetic data.
- Biometric and health information.
- Information regarding a consumer’s sex life or sexual orientation.
- Citizenship or immigration status
- Personal Data regarding a known Minor User.
Your Rights under the GDPR and UKDPA
If you are covered by the European Union’s GDPR or by the United Kingdom Data Protection Act 2018 (“UKDPA”), you may have a number of important rights. In summary, those include:
- Right to lawfulness, fairness and transparency. Requires that we follow these principles when processing your personal information
- Right to Access. Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- Right to Rectification. Require us to correct any mistakes in your information which we hold
- Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
- Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
- Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Right to Restriction of Processing:
- Object in certain other situations to our continued processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
You may also have the right to claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation, available at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you would like to exercise any of those rights, please:
- Email, call, or write to us.
- Provide us enough information to identify you.
- Provide us proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill)
- Provide us with the information to which your request relates.
If you make requests which are manifestly unfounded or excessive, we may charge a reasonable fee based on administrative costs, or may refuse to act on the request.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The EU maintains a website which you may use to locate your supervisory authority, at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Use and Transfer of Your Information Out of the EEA
The Services are operated in the United States and third parties with whom we might share your personal information as explained above are located in the United States. If you are located in the European Economic Area (“EEA”) or elsewhere outside of the United States, please be aware that any information you provide will be transferred to the United States. By using the Services, participating in any of its services or providing your information, you consent to this transfer.
The United States and many other countries do not have the same data protection laws as the United Kingdom and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, if you live in the EEA or the United Kingdom, any transfer of your personal information will be subject to the derogation in Article 49 permitting non-repetitive transfers that concern only a limited number of data subjects, as permitted by Article 49 of the GDPR that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data.
If you would like further information, see “Contact Us” below.
8. Use of Email Addresses and Other Contact Information
We collect the email addresses of those who voluntarily provide them to us. You may receive subscription, editorial and other messages from the Services or from us. If you do not want to receive email from us in the future, please let us know at [email protected].
9. How to Exercise Your Rights
If you would like to exercise any of your rights as described in this Privacy Statement, please:
- Email us at [email protected].
10. Verifying Your Identity
If you choose to contact us directly, you will need to provide us with:
- Enough information to identify you (e.g., your full name, address and customer or matter reference number);
- Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
- A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.
Any Personal Data we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.
11. Contact Us
If you have questions or concerns about this Privacy Statement, please contact us online at [email protected].
12. Revision Date and History
This Privacy Statement was last revised: September 11, 2023.