Privacy Policy
PRIVACY POLICY
Last Updated: August 5th, 2023
This Privacy Policy (the “Policy”), regulates the processing of personal data that may be carried out by Kaayu Technologies Inc. and its subsidiaries (collectively, “we” or “KAAYU”) with address for communication purposes in 600-2000 Av. McGill College, Montréal, QC H3A 3H3, and registered in the Company Register of Quebec (NEQ) : 1173089542, through its website www.kaayu.io, its mobile application (the “App”), and their respective sub-pages (collectively, the “Website”).
By means of this Policy, KAAYU informs Website users (the “Users”) that they may freely and voluntarily determine whether they wish to provide KAAYU with personal data that may be required from them or that KAAYU may obtain in connection with the processing purposes detailed below in Purposes, Legal Bases and Time Limits for the Conservation of Personal Data. The User is neither legally nor contractually obliged to provide KAAYU with the personal data specified in this Policy. However, the refusal to provide KAAYU with certain personal data may imply the impossibility of establishing a contractual relationship with the User and he or she may not be able to use KAAYU’s services, or only to a limited extent.
We reserve the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of the Website following the posting of changes constitutes your acceptance of such changes.
General Data Protection Regulation
This section of our Policy applies to the Processing of Personal Data by KAAYU in its role as a Controller, or as otherwise covered by the General Data Protection Regulation 2016/679 (the “GDPR”).
Identity and contact details of the Data Controller
In accordance with the GDPR, the User is duly informed that KAAYU acts as the Controller of the personal data collected through the Website, and that this data will be entered into a record of processing activities owned by the KAAYU.
If you have any questions or complaints regarding data protection that you would like to address to our Data Privacy Officer (“DPO”), you can do so at the above address or at the following e-mail address: support@kaayu.io.
Data processed
KAAYU may collect and process the following information regarding the User:
- When you visit the website, you send technical information to our web servers, which we store in server log files. This happens regardless of whether you subsequently contact us (e.g. via the contact form). In any case we collect the following usage and web access data (which we call “usage data”):
- The date and time of the visit and the duration of the use of the website;
- The IP address of your device;
- The referral URL (the website from which you may have been redirected);
- The subpages of the website visited; and
- Further information about your device (device type, browser type and version, settings, installed plug-ins, operating system).
The processing is exclusively pseudonymous. We ourselves cannot identify you as a person on the basis of this data.
- KAAYU provides its users with the app to bring together talented, qualified professionals with employers. Therefore, KAAYU may collect the following personal information from you as a user:
- Name;
- E-mail address;
- Telephone number. The app can only be used by applicants who verify their telephone number with a confirmation code;
- Personal information, such as your biography and/or resume, work experience or education level, and any special skills.
- Date of birth or address;
- Job references;
- Certificates of education;
- Work permits;
- Other official documents such as your driver’s license or other relevant documents;
- The offers you apply for;
- Your search requests;
- You video interviews;
- You bank account;
- Your payroll; and
- Contractual documents for current and previous activities for employers
- Ratings, which are entirely posted by Users. KAAYU maintains User ratings on its servers but does not edit these ratings.
Data sources
As a rule, we collect your personal data directly from you. However, we would like to point out that our services are designed to place only suitable applicants with employers who are suitable for them. For this reason, our services use feedback and behavioural data from your previous employers to determine whether you are suitable for the jobs for which you are applying. In the case that you have had a previous assignment with KAAYU, we may be listed as a former employer. We may be able to build a quality score from this after we have evaluated the feedback and behavioural data from your former employers. Obtaining this feedback serves as a quality control in our services.
Purposes, legal bases and time limits for the conservation of personal data
The personal data collected shall be processed for the following purposes and on the following legal basis:
| Purpose | Legal basis (Art. 6 GDPR) | Retention period |
|---|---|---|
| Providing the Service stipulated in the General Terms of Use and managing all the necessary issues for its maintenance, for which these data are strictly necessary. More information in section 2 of the General Terms of Use. | Necessary for the performance of the contract (Art. 6.1.b GDPR). | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted |
| Sending promotional information related to the recruitment and hiring service you have activated, such as training courses related to your professional activity. | Necessary for the performance of the contract (Art. 6.1.b GDPR) and for legitimate interest (Art. 6.1.f GDPR). | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. Personal data shall also be processed until the legitimate interest that legitimizes the processing disappears. From then on, the data may be kept blocked for up to five years to meet any liability that may arise from the processing described in this section. Once this retention period has elapsed, the personal data will be deleted. |
| Sending promotional information which is not related to the main activity of KAAYU: benefits negotiated with third parties for being a KAAYU worker | Consent (Art. 6.1.a GDPR). | Personal data may be processed until the given consent is revoked. From then on, the data may be kept blocked for up to one year. Once this period has elapsed, the personal data will be deleted. |
| Automated decision-making including profiling related to the activity of providing and applying for jobs. Methodology: KAAYU algorithm to find the applicants who best match their offer, taking into account their profile information and behaviour. Consequences: sending information about offers which match their profile | Necessary for the performance of the contract (Art. 6.1.b GDPR).. | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. |
| Professional references of the applicants with the purpose of improving the employability of the workers. More information in section 6 of the General Terms of Use. | Legitimate Interest (Art. 6.1.f GDPR). | Personal data shall be processed until the legitimate interest that legitimizes the processing disappears. From then on, the data may be kept blocked for up to five years to meet any liability that may arise from the processing described in this section. Once this retention period has elapsed, the personal data will be deleted. |
| Processing of the usage data to enable you to use the website and to ensure the functionality of the website. In addition, we process usage data to analyse the performance of the website, to continuously improve the website and correct errors or to personalise the content of the website for you. We also process the usage data to ensure IT security and the operation of our systems and to prevent or detect misuse, especially fraud. | Legitimate Interest (Art. 6.1.f GDPR). | These server log files are deleted after a maximum of 7 days. |
| Enable registering as a User. | Necessary for the execution of the contract (Art. 6.1.b GDPR).. | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. |
| Enable the posting of personal content in KAAYU’s platform | Consent (Art. 6.1.a GDPR). | Personal data may be processed until the given consent is revoked. From then on, the data may be kept blocked for up to one year. Once this period has elapsed, the personal data will be deleted. You can revoke this consent at any time by deleting posted documents. |
| Provide the User with the functions of the app in order to provide him/her with the platform in the requested version. These functions include the entire management of your applicant profile and your relationship with the various employers. The App also provides you with job offers tailored to your needs, which we may also proactively offer you, and a personalized user experience in the App, where you are only shown offers and employers that are of interest to you. | Necessary for the performance of the contract (Art. 6.1.b GDPR). | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. |
| Enable user ratings. The transparent presentation of user ratings is part of the platform’s scope of services. | Necessary for the performance of the contract (Art. 6.1.b GDPR). | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. |
| Use feedback from the User’s former employers to determine whether he/she is suitable for the applied job. | Necessary for the performance of the contract (Art. 6.1.b GDPR). | Personal data may be processed during the course of the contractual relationship. Once the contractual relationship has ended, the personal data may be stored for a period of five years. At the end of that period, the personal data shall be deleted. |
| Transfer of the user’s personal data to third parties when legally obliged to do so. | Necessary for compliance with a legal obligation to which the controller is subject (Art. 6.1.c GDPR). | Personal data may be processed until the legal obligation no longer applies. From then on, the personal data may be stored for five years. When that period has elapsed, the personal data will be deleted. |
| The assertion or defense of legal claims on KAAYU’s part. | Legitimate Interest (Art. 6.1.f GDPR). | Personal data shall be processed until the legitimate interest that legitimizes the processing disappears. From then on, the data may be kept blocked for up to five years to meet any liability that may arise from the processing described in this section. Once this retention period has elapsed, the personal data will be deleted. |
We process your personal data as long and as far as this is necessary to fulfil our contractual or legal obligations. Therefore, we process (unless otherwise stated above) the aforementioned data for the duration of the contractual relationship with you and after termination only to the extent and for as long as required by law. If, after termination of the contractual relationship or deletion of your user account, the data is no longer required to fulfil legal obligations (e.g. tax or commercial law), it will be deleted, unless further processing is necessary to preserve evidence or to defend legal claims against us. The relevant periods, e.g. under Spanish civil law, are between three and thirty years (e.g. in the case of the retention of documents which are subject to the German Social Security Code and are relevant for company pension schemes).
Automated decision-making
We do not process your personal data within the scope of exclusively automated processing for the purpose of making decisions which have direct legal effect on you without human intervention or which significantly affect you in a similar way.
KAAYU uses an algorithm that automatically generates a ranking of the most suitable Applicants for each available job offer based on the information contained in its database, searching for the Applicants who best match the requirements and characteristics of each job offer received. These automated decisions are made based on the personal data collected during the recruiting process, behavioural data of the Applicant if he has had previous assignments with KAAYU, as well as on the performance data sent by the Applicants’ former employers.
In this context, we automatically process data in order to provide you with a user experience in our app that is as tailored to your needs as possible and to display offers that match your interests.
The Applicants who are most suitable for a particular job offer (i.e. those included in the ranking) will be notified by KAAYU, allowing them to decide whether they are interested in participating in the specific selection process.
Please note, however, that all employers make the decision about whether to work with you, independently and within the framework of their own company policies and processes. If you disagree with an employer’s decision, please contact them directly.
KAAYU’s automated processing of Applicants’ data is necessary in order to carry out the tasks outlined in the agreement made with Applicants, and thus provide the services offered by KAAYU through its platform.
If, as a Candidate, you do not agree to the automated processing of your personal data, then you cannot accept this Policy. In this case, it will be impossible for us to provide you with our services or for you to become a member of the KAAYU platform.
Acceptance and consent
The User declares that he/she has been informed of the conditions regarding the protection of personal data, accepting and consenting to the processing of such data by KAAYU, in the manner and for the purposes indicated in this Policy.
The User may cancel the service or revoke the consents granted to KAAYU for data processing at any given time. KAAYU uses two mechanisms through which the Users, upon request, can activate or cancel the e-mail communications services easily and free of charge, both while signing up and in the access menu. For this purpose, the User shall enter the Applicant’s access menu and enable or disable the sending option in the e-mail communications section. In addition to this, this service can be cancelled by following the instructions given at the bottom of the main text included in the e-mails. The User can also disable notifications in the mobile app from the settings of their own mobile device.
Accuracy and veracity of the data provided
Users undertake to provide personal data which is true and accurate, as well as to notify KAAYU of any modifications or updates of this data. Users are solely responsible for the truthfulness of their personal data. Failure to communicate or the incomplete communication of the personal data that is required to formalize the hiring of the Service will imply the impossibility of providing this Service and, thus, when applicable, the termination of the contract.
Recipients of personal data
Processors
In some cases, KAAYU shall allow, for the correct provision of the Services, the access to the personal data of the Applicants by third parties. Such third parties will act as Processors, so they will not process these personal data for their own purposes or for purposes which are different to those stipulated in this Policy. KAAYU guarantees that all these entities comply with the data protection regulations which, at the same time, are directly applicable to Processors. Thus, these third parties will always follow the instructions given by KAAYU and under no circumstances will they reveal such information to third parties. It is possible that these Processors shall, in turn, subcontract certain tasks related to the services stated in this contract to third parties, and they will also act as Processors, and, thus, they will be bound by the same provisions stipulated for Processors in this Policy.
The subcontracted entities which will act as Processors shall be, among others:
- Providers of technology services and telecommunication networks necessary for the provision and management of the services, as well as for Applicant support:
Your personal data will also be transmitted for technical reasons if this is necessary for the provision of the website or services (i.e. our web host and possibly other service providers, e.g. Kustomer, Inc. , 1019 Market St, San Francisco, CA 94103 as the provider of our Customer Relationship Management solution).
In this context, data recipients also include the third-party providers mentioned in our overview of cookies and similar technologies. Detailed information about the third-party providers we use in this context, e.g. to process customer inquiries or web analytics, can be found in the information about cookies and similar technologies in the Cookie Policy.
- Business Processing Outsourcing (BPO) providers for documentation and interview validations
KAAYU may subcontract third parties to help with documentation screening and/or video interview validators
- Agencies which help us deal with the tax and work-related obligations of the applicants.
- Payroll providers:
KAAYU may subcontract third parties to help process all the payslips and payroll
- Lawyers which provide us with legal services.
Transfers of personal data
In addition, in individual exceptional cases and if a corresponding legal basis is available, we will transfer personal data to third parties, which may process the User’s personal data for their own purposes. Among these third parties, we may find:
- Financial and criminal prosecution authorities, social security institutions or courts and, under certain circumstances, also on request to the supervisory authority responsible for us under labour law regulations in Germany, the Federal Employment Agency Nuremberg.
- Potential employers: The core service of our services is to bring you and potential employers together. It therefore goes without saying that we forward your profile information and application documents to the respective interested employers within the app to enable them to get in touch with you.
- Group companies: KAAYU has subsidiaries in various countries worldwide. These support KAAYU in providing the services to provide you with the best possible user experience.
- Mutual societies partnering with Social Security and other organizations providing health care, occupational health and safety services required to comply with the applicable work-related obligations
Joint controllers
Moreover, based on your country and on the kind of process of use in which you take part, particular conditions will be applied to the data processing by some of the following local companies which are the ones carrying out the services as joint controllers, along with KAAYU
- Kaayu Technologies France (France)
- Kaayu Technologies Inc. (QC, Canada)
- Kaayu Technologies SLA (RDC)
- Kaayu Technologies USA, Inc. (Delaware)
Under no circumstances will the data be transferred among these companies without your express consent, and you will always be informed about the company or companies which will process your data through the particular terms and conditions of the recruitment process in which you take part.
Data processing outside the European Economic Area (EEA)
We do not transfer your personal data to countries outside the EEA without taking appropriate protection measures. We will therefore always ensure that an adequate level of data protection is guaranteed at all times. To this end, we will ensure that sufficient guarantees within the meaning of the GDPR are in place, e.g. because the so-called EU standard contractual clauses are included in our contracts with the recipients in order to guarantee the security of processing and an appropriate level of data protection at all times, or because other suitable guarantees within the meaning of the GDPR are in place, such as binding corporate rules or approved rules of conduct.
Security measures
Your data will be protected with security measures of a technical and organizational nature in order to guarantee the safety of personal information and prevent their non-authorized modification, loss, processing or access, in the light of the scope, context and purposes of the processing; the state of the technique and the existing risks, such as control proceedings for the safety of the information systems. When determining these measures, criteria such as the scope, context and purposes of the processing have been taken into account, as well as the state of the technique and the existing risks.
Exercise of rights
The User may exercise the following rights regarding data protection before KAAYU.
| Right | What does it consist of? |
|---|---|
| Right of access by the data subject (Art. 15 GDPR) | Check which personal data KAAYU processes. |
| Right to rectification (Art. 16 GDPR) | Modify personal data processed by KAAYU when they are inaccurate. |
| Right to erasure (Art. 17 GDPR) | Request that KAAYU removes your personal data. |
| Right to restriction of processing (Art. 18 GDPR) | Request that KAAYU limits the processing of your personal data. |
| Right to data portability (Art. 20 GDPR) | Request that KAAYU provides you with information about yourself in a computer format. |
| Right to object (Art. 21 GDPR) | Request that KAAYU does not process your personal data for some specific purposes. |
| Right to lodge a complaint with a supervisory authority (Art. 77 GDPR) | If you consider that the processing of your personal data infringes the GDPR, you may lodge a complaint, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. You may also lodge a complaint with the corresponding supervisory authority at the place of business of KAAYU, i.e. the Commission nationale de l’informatique et des libertés, CNIL (France Data Protection Agency). |
Furthermore, the Users may also revoke a given consent at any time. However, this revocation is only valid from that moment onwards. Any processing that may have taken place before the revocation remains unaffected.
If the Users wish to exercise their rights as data subjects, they may do so through the platform settings, or by editing their Applicant profile. Alternatively, you may also contact the DPO of KAAYU at support@kaayu.io from the e-mail address associated to the account on which you wish to exercise your rights. In case of sending a request by e-mail, it shall include a copy of your ID or any other equivalent identity document, as well as the minimum content stipulated in the applicable regulations.
If the request does not meet all the specified requirements, KAAYU may ask for it to be corrected. No consideration for the exercise of any rights will be required. The exercise of rights will be granted unless there is a legal or contractual obligation to retain them.
Information about your right of objection under Art. 21 GDPR
With regards to the aforementioned right to object to the processing of your personal data at any time for reasons arising from your particular situation; provided that such processing is carried out on the basis of Art. 6 (1) lit. f) GDPR (data processing based on a balancing of interests), if you object, we will no longer process your personal data unless we can demonstrate circumstances that outweigh your interests, rights and freedoms and therefore justify the processing.
You also have the right to object, at any time and free of charge and without giving any reason, to the processing of your personal data for the purpose of direct marketing, including the creation of a user profile (so-called “profiling”), insofar as it is for the purpose of direct marketing.
Please note that you may not be able to use the services, or only to a limited extent, if you object to the processing of this data. You can submit your objection informally by e-mail to our customer service: support@kaayu.io .
California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information.
Your California Privacy Rights
This section addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (“CCPA”). It applies to personal information about California residents using our Website. For purposes of the CCPA, personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
In the event of a conflict between this CCPA notice and any of our other privacy notices, this CCPA notice shall control only with respect to the personal information of California residents.
Personal Information Categories
The chart below describes the categories of personal information we collect and the sources from which we collect the personal information, organized into the categories specified by the CCPA.
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | YES |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. |
YES |
| C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
| D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES |
| E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
| F. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | YES |
| G. Geolocation data. | Physical location or movements. | NO |
| H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | YES |
| I. Professional or employment-related information. | Current or past job history or performance evaluations. | YES |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | YES |
| K. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO |
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete on our Website.
- Indirectly from you. For example, from observing your actions on our Website.
We use this personal information for the purposes outlined in Purposes, Legal Bases and Time Limits for the Conservation of Personal Data set forth above.
Sharing Personal Information
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.
We do not sell personal information. In the preceding twelve (12) months, we have not sold any personal information. For more on your personal information sale rights, see Personal Information Sales Opt-Out and Opt-In Rights .
| Personal Information | Category of Third-Party Recipients | |
| Category | Business Purpose Disclosures | Sales |
| A: Identifiers. | Government entities Service Providers Partners |
None |
| B: California Customer Records personal information categories. | Government entities Service Providers Partners |
None |
| C: Protected classification characteristics under California or federal law. | Government entities Service Providers Partners |
None |
| D: Commercial information. | Affiliates Service Providers Partners |
None |
| E: Biometric information. | None | None |
| F: Internet or other similar network activity. | Data analytic providers Internet cookie data recipients (i.e. Google Analytics) |
None |
| G: Geolocation data. | None | None |
| H: Sensory data. | Partners Affiliates |
None |
| I: Professional or employment-related information. | Partners Affiliates |
None |
| J: Non-public education information. | Partners Affiliates |
None |
| K: Inferences drawn from other personal information. | Affiliates | None |
Your rights and choices
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by either:
- Emailing us at support@kaayu.io.
- 2222 Ponce de Leon Blvd, Coral Gables, FL 33134, Attn: KAAYU
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
For instructions on exercising your sale opt-out or opt-in rights, see Personal Information Sales Opt-Out and Opt-In Rights.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the ten (10) day timeframe, please contact support@kaayu.io.
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another forty-five (45) days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the twelve (12) month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by email.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Personal Information Sales Opt-Out and Opt-In Rights
If you are age sixteen (16) or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of any Users.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits Users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@kaayu.io.
Contact Information
If you have any questions or comments about this Policy, the ways in which KAAYU collects and uses your information described in the Policy, your choices and rights regarding such use, or wish to exercise your privacy, please do not hesitate to contact us at:
Canada
- Website: https://www.kaayu.ca/privacy-policy
- Email: support@kaayu.io.
- Postal Address:
Kaayu Technologies INC.
600-2000 Av. McGill College, Montreal, QC H3A 3H3
Europe
- Phone: +33 7 62 79 11 55
- Website: https://www.kaayu.fr/privacy-policy
- Email: support@kaayu.fr
- Postal Address:
Kaayu Technologies France. SLA
du Stade de France, Porte E, Zac du Cornillon Nord, 93216 Saint-Denis
Paris, France
United States
- Website: https://www.kaayu.us/privacy-policy
- Email: support@kaayu.us
- Postal Address:
Kaayu Technologies INC. USA
901 Mopac Expressway South Barton Springs, Building 1, Suite 300, Austin, TX 78746,
United States
Congo RDC
- Website: https://www.kaayu.cd/privacy-policy
- Email: support@kaayu.cd
- Postal Address:
Kaayu Technologies INC. RDC
4 Av. des Batetela, Kinshasa, Congo – Kinshasa
Attn: KAAYU