1. Introduction and Scope
Keybe (“Keybe”, “the Company”, “We”, “Us”, and the derived adjective “Our”) is committed to protecting the privacy of all individuals who interact with our company, including visitors to our websites (“Visitors”), users of our mobile applications and SaaS services (“Users”), and partners (“Partners “) or attendees of our corporate events (“Attendees”) collectively referred to as “You”, and the derived adjective “Your”.
Under GDPR (General Data Protection Regulation), “You” can be referred to as the “Data Subject”.
1.2.- Modifications to this Policy
This Privacy and Personal Data Protection Policy (“Policy”) may be revised or updated at any time. We recommend periodically reviewing our corporate website, where you will be notified of any changes and the most recent version of this Policy or the mechanisms for obtaining a copy.
1.3.- Effective Date
This Policy came into effect on January 1, 2020.
1.4.- Objective and Scope
At Keybe, we recognize the significance of security, privacy, and confidentiality of personal information belonging to you. We are committed to protecting and adequately handling personal information in accordance with the legal framework for personal data protection applicable in each country where we operate.
Keybe requires specific personal data to perform activities intrinsic to its business operations. Consequently, Keybe is legally and socially obliged to implement appropriate security measures to protect the personal data it collects for the purposes outlined in this Policy.
The aim of this Policy is to inform you about the type of data we collect, the purposes for which we process the data to provide our service, the protection and rights afforded to you, and the procedures for exercising those rights.
In general, all information and data provided to us or collected through various channels (including websites, applications, APIs, physical documents, and others) will be used by Keybe in accordance with the applicable data protection laws and regulations in the relevant jurisdiction(s).
1.5.- Definitions and concepts
For the interpretation of this Policy, we ask you to take into account the following definitions:
- Account means a unique account created for You to access our Service or parts of our Service.
- Business, for the purpose of the CCPA (California Consumer Privacy Act), refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of the processing of Consumers’ personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers’ personal information, that does business in the State of California.
- Consumer, for the purpose of the CCPA (California Consumer Privacy Act), means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
- Data Controller, for the purposes of the GDPR (General Data Protection Regulation), refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Private Data: Personal Data is any information that relates to an identified or identifiable individual.
For the purposes for GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.
For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
- Sale, for the purpose of the CCPA (California Consumer Privacy Act), means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer’s personal information to another business or a third party for monetary or other valuable consideration.
- Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. For the purpose of the GDPR, Service Providers are considered Data Processors.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- Sensitive Data refers to a specific category of personal information that reveals an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation. Handling and processing of sensitive data are subject to stricter regulations and require a higher level of protection due to the increased potential for harm if such information is mishandled or disclosed without proper consent.
2.- Data Controller and DPO
2.1.- Data controller and Personal data protection officer (DPO):
Company Name: KEYBE INC
Address: 19148 N HIBISCUS ST, WESTON, FL 33332
Email: [email protected];
KEYBE has designated Daniel Agudelo as the Personal Data Protection Officer (DPO), responsible for implementing policies and procedures to ensure compliance with personal data protection regulations and promoting good data management practices within the Company. The DPO is also responsible for updating and distributing the Policy, and any changes must be approved by them.
Contact the DPO at: Daniel Agudelo, [email protected].
3.- Information Collection and Cookies
3.1.- Information Collected and Processed by Keybe
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- General identification: First name and last name, Address, State, Province, ZIP/Postal code, City, Email address, Phone number, Date of birth, Gender, Marital status, Profession, Trade, Nationality, Country of residence
- Payment information: Cardholder information, Billing addresses, Credit card information
- Sensitive data: Health information, Biometric data (used for identification purposes) including images, photographs, videos, voices and/or sounds, and fingerprints that identify or make identifiable our Clients and User
- Security data: Login, Password
- Contact lists
Certain categories of personal data, such as health or biometric data, are considered special categories requiring additional protection under European Union data protection regulations. While Keybe aims to limit the collection and processing of such data, it may be collected and processed in certain circumstances.
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the time and date of Your visit, the time spent on those pages, content syndication, website registration forms, webinars, and conference registration forms. This information is collected in accordance with the Policy and may include personal information provided by You, as well as information collected automatically using tools like cookies and web beacons.
By agreeing to the Policy on the covered websites, individuals consent to Keybe collecting, storing, managing, enhancing, and using their personal information for marketing, legal, and financial purposes. Keybe maintains policies and principles of good behavior, prioritizing the individual’s integrity, safety, and security.
3.2.- Temporary limitations on Personal Data processing
Keybe will collect, store, use, or circulate personal data only for as long as reasonably necessary, in accordance with the purposes justifying the treatment, considering applicable provisions and administrative, accounting, fiscal, legal, and historical information. Once the purpose(s) of the treatment have been fulfilled, Keybe will delete the personal data in its possession, unless legal regulations dictate otherwise. However, Keybe may retain personal data when required for legal or contractual obligations. You may revoke your consent for the processing of your personal data at any time, unless Keybe is legally or contractually obligated to process the information. To revoke consent, send a communication and/or written request through the contact channels provided in this Policy, along with a copy of your identification document or any other document that, in Keybe’s opinion, verifies your identity.
A cookie is a piece of data contained in a very small text file that is stored in Your browser or elsewhere on Your hard drive. Cookies allow Keybe to identify Your device as You navigate our websites or Your account. This makes navigating and interacting with Our websites or Your account more efficient, easy and meaningful for You.
By themselves, cookies do not identify You specifically. Rather, they recognize Your web browser. So, unless You identify yourself specifically to Keybe, like signing into Your account, we don’t know who You are just because You visited Our website.
Keybe uses session-based cookies on its websites, which exist only during a session and disappear once the session ends. Most browsers have an option to disable cookies, preventing the browser from accepting new cookies and allowing the visitor to decide on the acceptance of each new cookie.
4.- Processing of Personal Data for Different Purposes
4.1.- Use of Your Personal Data
Keybe may use Personal Data for the following purposes:
- To provide and maintain Our Service, including to monitor the usage of Our Service, Analyze and process data through Artificial Intelligence.
- To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
- For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
- To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
- To provide You with news, special offers and general information about other goods, services and events which We offer that are similar to those that You have already purchased or enquired about unless You have opted not to receive such information.
- To manage Your requests: To attend and manage Your requests to Us.
- To Comply with legal and security obligations.
- For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
- For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.
These purposes will be applicable to all Data Subjects who have provided explicit and informed consent for the processing of their personal data.
We may share Your personal information in the following situations:
- With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of Our Service, for payment processing, to contact You.
- For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
- With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
- With Your consent: We may disclose Your personal information for any other purpose with Your consent.
4.2.- Shareholders’ Personal Data processing
The treatment of Keybe shareholders’ Personal Data will be carried out in accordance with the Delaware General Corporation Law (DGCL) and any other applicable regulations. The following purposes apply to the processing of shareholders’ Personal Data:
• Facilitate the exercise of rights and duties derived from their shareholder status.
• Manage dividend payments.
• Collect, register, and update personal data to inform, communicate, organize, control, attend to, and accredit activities related to their shareholder status.
• Comply with judicial, administrative, and legal decisions pertaining to their shareholder role.
4.3.- Candidates’ Personal Data processing
Keybe will use the Personal Data of candidates for a vacancy in accordance with the following purposes:
• Manage the recruitment, selection, and hiring process, including conducting competency and skill tests, home visits, psychosocial evaluations, and any other assessments deemed necessary to determine the candidate’s suitability for employment.
• Store the personal data in a physical and/or digital file or folder identified by the candidate’s name, accessible by Keybe management or their delegates.
• Retain the candidate’s information in their file or folder indefinitely to fulfill administrative and audit requirements, as well as any requests from relevant authorities.
4.4.- Employees: data processing purposes
Keybe will use its employees’ Personal Data in accordance with the following purposes:
• Manage employment contracts, including any necessary modifications or additions, and other documents required for managing the employment relationship and obligations derived from it, with Keybe acting as the Data Controller for employee personal information.
• Conduct performance evaluations, competence and skills assessments, home visits, psychosocial evaluations, and other relevant activities to assess the suitability of the employment relationship.
• Facilitate proper management of the employment relationship.
• Maintain and update active and historical labor files for employees.
• Send internal communications, whether or not related to the employment relationship.
• Ensure Keybe, as an employer, fulfills its obligations, such as managing affiliations to the Comprehensive Social Security System, family compensation funds, social benefits, contributions, withholdings, taxes, labor disputes, and other entities where the employee has authorized data processing.
• Manage the employee’s Personal Data and their family nucleus for affiliation procedures with health promoting entities, family compensation funds, labor risk administrators, and other necessary entities for Keybe to fulfill its duty as an employer.
• Respond to employee requests for certificates, records, and other documents related to the employment relationship.
• Promote participation in Keybe’s well-being and positive work environment programs.
• Manage Personal Data to correctly assign work tools, including IT tools such as email, computers, mobile devices, database access, etc.
• Ensure proper execution of provisions in the Internal Work Regulations, including disciplinary processes and pertinent investigations.
• Monitor and use images captured through video surveillance systems to control and evaluate work activities’ development and performance in the workplace.
• Manage Personal Data for accurate payroll processing, including authorized third-party payments and deductions, and generating related reports.
4.5.- Clients and commercial prospects
Keybe will use the Personal Data of Clients and commercial prospects, either directly or through third-party providers of products or services, in accordance with the purposes listed below:
• Evaluate and register potential Keybe customers.
• Verify the accuracy of the provided information and the legality of their assets.
• Consult and report their information in risk and credit information centers.
• Provide information about brands, products, and promotional activities, as authorized by the respective legislation.
• Tailor services to the needs of the 14. Clients and commercial prospects.
• Collect, register, and update personal data to manage their status as a Client or business prospect.
• Respond to requests or requirements for information about our services.
• Send commercial information, advertising, or promotional content via various communication channels, including text messages (SMS and/or MMS), WhatsApp, Facebook Messenger, or other existing or future digital means.
• Develop loyalty programs and conduct credit, collection, and credit risk studies.
• Verify data through consultations in public databases or risk centers.
• Evaluate service quality and conduct satisfaction surveys.
• Conduct market studies and statistical analyses of trends, consumption habits, and consumer behavior.
• Maintain accounting, financial, and statistical records.
• Share information with third parties and/or allied managers for the fulfillment of the purposes described above.
• Implement other purposes determined by Keybe in the information collection processes for its treatment, which will be communicated to Clients and commercial prospects at the time of personal data collection.
4.6.- Processing of Personal Data on behalf of a third party
In certain cases, Keybe may act as a Data Processor on behalf of its interest groups that have contracted with Keybe. In this capacity, Keybe commits to comply with the following duties:
• Verify that the Data Controller has authorization to supply the personal data for processing.
• Ensure the full and effective exercise of your Data Rights at all times.
• Maintain the necessary security conditions to prevent unauthorized or fraudulent access, loss, alteration, or consultation of the information.
• Update, rectify, or delete data in a timely manner.
• Update information reported by the Data Controller within five (5) business days of receipt.
• Process queries and claims made by data subjects according to the terms in this Policy.
• Register the label “claim in process” in the database as established in this Policy.
• Insert the label “information in judicial discussion” in the database upon notification from the competent authority about judicial processes related to the Personal Data quality.
• Refrain from circulating disputed information if the relevant regulatory authority has ordered its blocking.
• Allow access to information only to persons authorized by You or those legally empowered for that purpose.
• Inform the relevant regulatory authority about any security code violations or risks associated with the data subject’s information management.
• Adhere to the instructions and requirements issued by the relevant regulatory authority.
4.7.- Retention of Your Personal Data
Keybe will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
4.8.- Disclosure of Your Personal Data
Under certain circumstances, Keybe may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements
Keybe may disclose Your Personal Data in the good faith belief that such action is necessary to:
- Comply with a legal obligation
- Protect and defend the rights or property of Keybe
- Prevent or investigate possible wrongdoing in connection with the Service
- Protect the personal safety of Users of the Service or the public
- Protect against legal liability
5.- Transmission of Personal Data to Third Parties
5.1.- Transfer of Your Personal Data
If you are located outside the United States and choose to provide Your personal information to Us, We will transfer and process your personal information in the United States. Keybe takes all reasonable steps to ensure that Your privacy rights remain protected during such transfers.
For data transfers outside the European Economic Area (EEA) or the United Kingdom, Keybe complies with the GDPR (Regulation (EU) 2016/679) and relevant national laws of the Member States. Keybe utilizes contractual data protection clauses adopted by the European Commission and the EU-US Privacy Shield as guarantees for transfers to countries without an adequacy decision from the European Commission, ensuring a harmonious and coherent approach to data protection.
5.2.- Transmission of Personal Data to third parties
As a global organization, Keybe recognizes the importance of maintaining the security and privacy of Your personal information when transferring it to affiliates, contractors, service providers, and third parties across various countries and jurisdictions. In each case, Keybe implements appropriate safeguards to ensure Your personal information remains protected.
5.3.- We Do Not Sell your Personal Information
At Keybe, We take the privacy and security of Personal Data very seriously. We are committed to ensuring that the personal information we hold is treated with the utmost care and respect. To this end, we would like to clarify that We do not engage in the sale of Personal Data that We possess.
Our data protection policies and practices are designed to safeguard the personal information entrusted to Us by Our clients, customers, and partners. We strictly adhere to all applicable laws and regulations governing the collection, processing, and storage of Personal Data. In addition, we continuously strive to improve Our data protection measures, ensuring that We remain in full compliance with industry standards and best practices.
6.- Treatment of Sensitive Data and Children’s Data
6.1.- Treatment of Sensitive Data
Keybe, in its capacity as Data Controller, will identify the sensitive data that it will eventually collect or process to meet the following objectives:
• Implement special attention and reinforce its responsibility for the treatment of this type of data, which translates into a greater demand in terms of compliance with the principles and duties established by current regulations on data protection.
• Establish technical, legal and administrative security levels to treat this information appropriately.
• Increase restrictions on access and use by the staff of Keybe, in its capacity as employer, and third-party contractors or suppliers.
6.2.- Minors: Keybe’s Compliance with COPPA and Age Restrictions
The Children’s Online Privacy Protection Act (COPPA) protects the online privacy and personal information of children under 13 years of age. In compliance with this act, Keybe does not knowingly permit children (under the age of 13 in the US and UK or 16, if you live in the EEA) to sign up for a Keybe account.
If we discover someone who is underage has signed up for a Keybe account, we will take reasonable steps to promptly remove that person’s personal information from our records. If you believe a person who is underage has signed up for a Keybe account, please contact us at [email protected].
The processing of personal data of minors over 13 years of age in the US and UK, and over 16 years of age in the EEA, by Keybe will always adhere to the following requirements:
• Prioritize and respect the best interests of children and adolescents.
• Ensure that the data controller upholds their fundamental rights.
• Obtain authorization from the minor’s legal representative, who should be able to provide input after considering factors such as: Maturity, Autonomy, Ability to understand the purpose of the data processing and Awareness of the consequences of the data processing.
IMPORTANT: Keybe will not conduct a general assessment of the aforementioned characteristics. Any data controller, processor, or third party involved in the processing of personal data of minors must always ensure the appropriate use of such Personal Data.
7.- Data Security, Confidentiality, and Your Rights
7.1.- Security of Your Personal Data
At Keybe, We are committed to safeguarding the security of the Personal Data We collect, process, and store. To protect Your personal information from unauthorized access, use, alteration, or disclosure, We have implemented a combination of technical, administrative, and physical security measures that align with industry best practices.
These measures may include, but are not limited to:
- Secure storage and encryption of Personal Data, both during transmission and at rest.
- Use of strong authentication protocols and password protection for access to Personal Data.
- Regular monitoring and auditing of our information systems to identify and remediate potential vulnerabilities and security threats.
- Employee training and awareness programs to ensure that our personnel understand and follow the necessary security procedures and practices.
- Restricting access to personal data on a need-to-know basis, ensuring that only authorized personnel with a legitimate business need can access your information.
We continuously evaluate and update Our security measures to adapt to the evolving threat landscape and ensure compliance with applicable data protection laws and regulations. However, please note that no method of electronic storage or transmission can guarantee absolute security. While We strive to protect Your Personal Data to the best of our ability, We cannot guarantee its complete security.
In the event of a security breach that compromises the confidentiality, integrity, or availability of Your Personal Data, We will promptly notify You in accordance with Our legal obligations and take appropriate steps to mitigate the impact and prevent further unauthorized access.
7.2.- Your Rights
Keybe provides you with numerous self-service features through the Services, including the ability to delete, obtain a copy of, or restrict the use of your content. You may use these self-service features to help comply with your obligations under applicable data protection laws concerning your requests via the Services at no additional cost. Upon your request, Keybe will offer reasonable additional and timely assistance to help you comply with your data protection obligations regarding your rights under applicable data protection laws, to the extent that you cannot resolve a request through the self-service features made available via the Services.
7.3.- Methods to Exercise Your Rights
You may exercise your rights related to your Personal Data at any time to ensure your right to access, rectification, erasure, and confirmation of authorization. You can reach us through the following contact channels:
The following are the legally permitted methods to exercise your rights:
- On your own behalf: As an individual, you have the right to know, update, access, rectify, delete, be informed about the use of your data, request proof of authorization granted, and revoke the authorization granted for Your Personal Data stored in Keybe’s databases and/or files.
- Through a proxy: Your rights can be exercised by an interested party acting on Your behalf or by a proxy with proper identification. In such cases, a duly authenticated special or general power of attorney must be attached to the request.
- Exercise of rights by minors: Minors must exercise their rights through a person who can prove their legal representation.
Please note that the exercise of these rights may be subject to limitations and conditions set forth by applicable laws and regulations.
7.4.- Procedures for Inquiries and Complaints
• Inquiry Procedure: If You wish to make inquiries, please be aware that Keybe, as the Data Controller, will provide You with all the information contained in Your individual record or linked to Your identification. Inquiries can be made through the channels provided by Keybe and will be answered within a maximum of ten (10) business days from the date of receipt of the request. If it is not possible to address the inquiry within this time frame, You will be informed of the reasons for the delay and the date on which Your inquiry will be addressed, which shall not exceed five (5) business days following the expiration of the initial period, notwithstanding any special laws or regulations that may establish shorter time frames, considering the nature of the Personal Data.
• Complaint Procedure: If You believe that the information contained in a Keybe database should be corrected, updated, or deleted, or who notice an alleged breach of any of the duties contained in the applicable data protection laws, may submit a complaint to the Data Controller or the Data Processor.
The complaint will be processed under the following rules:
- The complaint must be submitted in writing to the Data Controller or the Data Processor, including your identification, a description of the facts giving rise to the complaint, and the address, along with any supporting documents.
- If the complaint is incomplete, you will be requested to correct the deficiencies within five (5) days of receiving the complaint. If the required information is not submitted within two (2) months from the date of the request, it will be assumed that the complaint has been withdrawn.
- If the person receiving the complaint is not competent to resolve it, they will transfer it to the appropriate party within a maximum of two (2) business days and inform you of the situation.
- Once the complete complaint has been received, a caption stating “claim in process” and the reasons for it will be added to the database within no more than two (2) business days. This caption must be maintained until the complaint is resolved.
- The maximum time to address the complaint will be fifteen (15) business days from the day following the date of receipt. If it is not possible to address the complaint within this period, you will be informed of the reasons for the delay and the date on which your complaint will be addressed, which shall not exceed.
8.- Covered Websites and Third-Party Tracking
Our websites may contain links to other websites. Keybe is not responsible for the information practices or the content of such external websites. We encourage you to review the privacy policies of other websites to understand their information practices.
Our App collects information from users through a registration form, chat feature, and the option to upload files. The collected data may include identity, address, phone number, email address, and identification documents. You also have the option to upload any other type of personal information at their discretion through the file upload feature.
We use the collected information to provide a personalized service and improve Your experience within our App. This information will not be shared with third parties without Your prior consent, unless required by law.
We prioritize the security of Your information and implement measures to protect it from unauthorized access, alteration, disclosure, or destruction. However, We cannot guarantee absolute security for information transmitted over the internet.
8.3.- Third-Party Tracking Technologies
At Keybe, We collaborate with third-party service providers who utilize web beacons, images, and scripts to help Us manage and optimize the content on Our website. We do not share your personal information with these third parties directly. However, We may link the information collected by their tracking technologies with Your personal information to enhance Your user experience and for marketing purposes. We ensure that these third-party service providers adhere to strict data protection standards and maintain the confidentiality and security of Your personal information.
9.- International Privacy Regulations
9.1.- GDPR Privacy
Legal Basis for Processing Personal Data under GDPR
We may process Personal Data under the following conditions:
- Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
- Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
- Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Your Rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
- Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, You can access, update or request deletion of Your Personal Data directly within Your account settings section. If You are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
- Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
- Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to Our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
- Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
- Request the transfer of Your Personal Data. We will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
- Withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
Exercising of Your GDPR Data Protection Rights
You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.
You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
9.2.- CCPA Privacy
Your Rights under the CCPA
As a California resident, you have the following rights with respect to your personal information:
- Right to Access: You have the right to request access to the personal information we have collected about you in the past 12 months.
- Right to Deletion: You have the right to request the deletion of your personal information, subject to certain exceptions.
- Right to Know: You have the right to request disclosure of the categories of personal information we collect, the purposes for which it is used, and the categories of third parties with whom we share the information.
- Right to Opt-Out: You have the right to opt-out of the sale of your personal information to third parties.
- Right to Non-Discrimination: You have the right not to be discriminated against for exercising any of your CCPA rights.
Exercising Your CCPA Data Protection Rights
We will need to verify Your identity before processing Your request. In order to do so, We may ask for additional information to confirm Your identity. We will respond to Your request within 45 days of receiving it, subject to any applicable extensions.
Please note that We are not required to fulfill Your request under certain circumstances, such as when it would interfere with Our legal or regulatory obligations, or when an exception under the CCPA applies.
9.3.- Colombian Privacy Regulations
Legal Basis for Processing Personal Data under Colombian Law
We respect and adhere to the Colombian data protection principles as established in Law 1581 of 2012 and its regulatory decrees.
Keybe respects and adheres to the Colombian data protection principles as established in Law 1581 of 2012 and its regulatory decrees.
We process your personal data based on the legal grounds provided by the applicable regulations. These legal grounds may include, but are not limited to, Your consent, the performance of a contract, the fulfillment of a legal obligation, the protection of vital interests, and the legitimate interests of Keybe or a third party.
Your Rights under Colombian Data Protection Law
- Right to Access: This right allows You to request information about the Personal Data that a company holds about You, including the types of data, the purposes of processing, and any third parties with whom the data is shared.
- Right to Rectify: If You find that the personal data held by a company is inaccurate or incomplete, you have the right to request that the company correct or complete the data. The company must then update the data as needed and inform You of the changes made.
- Right to Update: This right enables You to ensure that Your Personal Data remains up-to-date and accurate. If any changes occur in your circumstances or personal information, You can request that the company update Your personal data accordingly.
- Right to Delete: Also known as the “right to be forgotten,” this right allows You to request the deletion of your personal data held by a company in certain circumstances. These may include situations where the data is no longer necessary for the purposes for which it was collected, or You withdraw Your consent to the processing.
- Right to Object to processing: You have the right to object to the processing of Your Personal Data for specific purposes, such as direct marketing, profiling, or if the processing is based on the legitimate interests of the company or a third party. If You object, the company must stop processing Your data for those purposes, unless they can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.
You also have the right to be informed about the processing of Your data, to request data portability, and to withdraw Your consent to the processing of Your Personal Data at any time, where consent is the legal basis for the processing.
Exercising of Your Data Protection Rights in Colombia
You may exercise Your rights of access, rectification, update, deletion and object by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.