Updated: August 23, 2023
The purpose of this policy is to honor the privacy and security of any data collected from visitors to Knackly’s website, as Knackly acts as a Personal Data Controller under the General Data Protection Regulation (GDPR).
Cookie: A small file of letters and numbers that is stored on a user’s browser or the hard drive of the user’s device. Cookies allow website owners to link the actions of users during a browser session.
First-party cookie: Cookies set by a website that the user is visiting at the time (e.g., cookies placed by an organization website domain).
Third-party cookie: Cookies set by a domain other than that of the website being visited by the user (e.g., when a user visits a website and another entity sets a cookie through that website).
Persistent cookies: These cookies remain on a user’s device for the period of time specified in the cookie. Every time the user revisits the website, the cookies are activated.
Session cookies: These cookies are temporary, once a browser is closed, all session cookies are deleted.
This policy describes the types of cookies that are used on the Knackly website and the purposes for which they are used.
Visitors to the Knackly website will see a cookie banner displayed. This is required for the types of cookies that are used by the organization. The following list of types of cookies may serve multiple purposes.
4.1.1 Strictly Necessary Cookies
Strictly necessary cookies allow the user to navigate around the website and use essential features (such as secure areas). They are used:
- To identify and authenticate the user.
- To ensure the user connects to the correct website service.
- For security purposes.
4.1.2 Performance Cookies
Performance cookies collect information about how users use the website, for example, which pages a user visits and if there are any errors during that visit. Performance cookies do not collect identifiable information about the user. Some Knackly performance cookies may be managed by third parties. Performance cookies are used to:
- Provide statistics on website use and for web analytics purposes.
- Provide feedback to affiliates and to carry out affiliate tracking.
- Gather data on how many users of the website viewed particular services or products.
- Improve the website by measuring errors.
- Test designs of the website.
4.1.3 Functionality Cookies
Functionality cookies provide services to users or remember settings for users. Some Knackly functionality cookies may be managed by third parties. Functionality cookies are used to:
- Remember layout, text size, or color preferences for unique users.
- Remember when users have already been asked to fill in a survey.
- Remember when users have visited or engaged with specific website components.
- Show users when they are logged in to the website.
- Show embedded videos.
4.1.4 Targeting Cookies
Targeting cookies are used to track user visits to the website, and other websites, apps and online services. Targeting cookies are used to:
- Display targeted ads within the website.
- Improve the delivery of personalized content and ads and to measure ad campaign success through the website.
All cookies require user consent before being placed on a user device. Consent can be given by clicking on the appropriate button in the cookie banner displayed to the user. If a user does not wish to give consent or would like to withdraw their consent to any cookies at any time, the user will need to delete and block or disable cookies via their browser settings. Disabling cookies affects website functionality and may prevent user access to particular features of the website.
4.3 How to Delete and Block Cookies
California Consumer Privacy Act (CCPA) Addendum
Last updated: 4/1/2023
This Data Processing Addendum reflects the requirements of the California Consumer Privacy Act (CCPA) of 2018 and its implementing regulations, as superseded or amended over time (California Civil Code §§ 1798.100 to 1798.199). This Addendum makes clear that Knackly is acting as a Service Provider for CCPA purposes.
This acts as an addendum to the Customer Terms of Service (“Agreement”) and its incorporated Customer Data Processing Agreement (the “DPA”) between Knackly (“KNACKLY”) and the Customer (collectively the “Parties”; each a “Party”) and is in effect for so long as KNACKLY maintains Personal Information provided by or collected on behalf of Customer by KNACKLY (hereinafter, the “Personal Information”). The Addendum shall only apply and bind the Parties where and to the extent the Customer is a Business under the CCPA. Additionally, this Addendum prevails over any conflicting terms of the DPA or Agreement, however, does not otherwise modify the Agreement or DPA. All capitalized terms that aren’t defined in this Addendum shall have meanings as set forth in the CCPA. Customer enters this Addendum on behalf of itself, to the extent required under the CCPA, and in the name of and on behalf of its authorized affiliates (defined below).
The parties agree as follows:
- 1. Affiliate: An entity that directly or indirectly controls, is controlled by or is under common control with an entity.
- 2. Authorized Affiliate: Any of Customers’ Affiliate(s) permitted to or receiving the benefit of the Services following the Agreement.
- 3. Third parties: A person to whom the business discloses a consumer’s personal information for a business purpose following a written contract, providing the written contract includes certain conditions.
- 4. Service providers: “For profit” entities that process information on behalf of an organization and to which that organization discloses a consumer’s personal information for a business purpose, following a written contract.
- 5. CCPA: The California Consumer Privacy Act of 2018, as amended, and any regulations promulgated thereunder. The terms “business”, “business purpose”, “personal information”, “aggregate consumer information”, “de-identified information”, “processing”, and “sell”, shall have the same meaning as defined under the CCPA.
- Scope and Applicability of this Addendum
- 1. This Addendum applies to the collection, use, disclosure and retention of Personal Information to provide Services to Customer following the Agreement or for a Business Purpose.
- 2. Customer is a Business and appoints KNACKLY as a Service Provider to process Personal Information on behalf of Customer. Customer is responsible for demonstrating compliance with applicable CCPA requirements.
- 3. KNACKLY’s collection, use, disclosure, or retention of Personal Information for its own purposes outside of providing the services mentioned in the Agreement are outside the scope of this Addendum.
- Restrictions on Processing
- 1. KNACKLY is prohibited from using, disclosing, or retaining Personal Information for any purpose other than for the specific purpose of performing the Services identified in the Agreement for Customer, as permitted by the CCPA, or as set out in this Addendum,
- 2. KNACKLY shall not further collect, sell, or use the Personal Information except as necessary to perform the Business Purpose. For the avoidance of doubt, KNACKLY shall not use Personal Information for the purposes of providing services to another entity or person, except that KNACKLY may combine Personal Information received from one or more entities to which similar services have been provided to, for detecting data security incidents or protecting against illegal or fraudulent activity.
- 3. KNACKLY will work in good faith to assist the customer with any reasonable written request(s) from Customer to comply with its obligation under the CCPA to respond to verifiable consumer requests for access or deletion of personal information that KNACKLY may be processing on the Customer’s behalf.
- 1. Customer represents and warrants that that notice has been provided for the use or disclosure of personal information consistent with Cal. Civ. Code 1798.140(t)(2)(C)(i).
- Consumer Rights
- 1. KNACKLY shall provide reasonable assistance to Customer in facilitating compliance with Consumer rights requests.
- 2. Upon direction by Customer and within a reasonable amount of time, KNACKLY shall delete the Personal Information.
- 2.1. KNACKLY shall not be required to delete any of the Personal Information to demonstrate compliance with a Consumer’s request directed by the Customer if it is necessary to maintain that information in accordance with Cal. Civ. Code 1798.105(d), in which case KNACKLY shall promptly inform Customer of the exceptions relied upon under 1798.105(d) and KNACKLY shall not use Personal Information retained for any purpose other than provided for by that exception.
- De-identified Information
- 1. Where either Party shares de-identified Information with the other Party, the receiving Party warrants that it:
- Has implemented business processes that specifically prohibit re-identification of the information.
- Has implemented technical safeguards that prohibit re-identification of the Consumer to whom the information pertains to
- Has implemented business processes to prevent inadvertent release of personal Information that has been de-identified
- Will make no attempt to re-identify the information.
- Mergers, Sale, or Other Asset Transfer
- 1. Where either Party transfers to a Third-Party any Personal Information of a Consumer as an asset that is part of a merger or acquisition, bankruptcy, or another transaction in which the third-party assumes control of all or a part of such party to the agreement, the information transferred shall be used or shared in line with applicable law. If a Third Party materially changes how it uses or shares the Personal Information of a Consumer in a way that is materially inconsistent with the promises that were made at the time of collection, it shall provide notice of the changed/new practice to the Consumer in accordance with applicable law.
- As Required by Law
- 1. Notwithstanding any provision to the contrary of the DPA, the Agreement or this Addendum, KNACKLY may cooperate with law enforcement agencies regarding conduct or activity that it reasonably and in good faith believes may violate local, federal, state, or international laws.
- No Sale of Personal Information
- 1. The Parties are in acknowledgement and agreement that the exchange of Personal Information between them does not form part of any monetary or valuable consideration exchanged between them with respect to the DPA, the Agreement, or this Addendum.