At Akiflow Inc (“Akiflow”, “Company”, “us” or “we”), we respect and protect the privacy of visitors to our website, www.akiflow.com, and the other websites under the akiflow.com domain (collectively, the “Sites”), and the users of our desktop, mobile and web applications (the “Apps”) and services integration platform, tools, and related services (together with the Sites and the Apps, the “Service”).
Any discussion of your use of the Service in this Policy is meant to include your visits and other interactions with the Sites and Services, whether or not you are a user of the Service. Capitalized terms that are not defined in this Policy have the meaning given them in our Terms of Service.
By using the Service, you do hereby warrant and represent that
- you have read, understood, and agreed to all terms and conditions stated herein, and
1. Compliance with Data Privacy Frameworks
Considering our commitment to upholding the highest standards of data protection for our users, Akiflow complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce (https://www.dataprivacyframework.gov).
Akiflow has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.
Akiflow has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
2. Personal Information
We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Information about you, or when Personal Information about you is automatically collected in connection with your use of our Services. Following is a description of the types of data we collect and the purposes of collection and processing.
2.1 Information We Collect Directly From You
2.1.1 Essential Account Data
We receive Personal Information directly from you when you provide it to us as part of creating an account, including, but not limited to, at least:
- Full Name
- Email address
These data are processed in order to provide you with Services and secure access to your account.
2.1.2 Contact Information
We may collect contact information for both present and prospective customers including, but not limited to, name, address, phone number, title, and company name, from various sources, including offline marketing activities.
We process this information for marketing purposes and to provide support to present and prospective customers.
2.1.3 Online Form, Email, and Chat Data
When you fill out an online form, for example, to subscribe to a newsletter or engage in email or online chat communications with us, you may voluntarily supply us a contact and other information and we may also retain a record of any communications with you or activities you perform.
Data from these sources is processed in order to supply you with information that you request from us, and may be used for direct marketing and analytic purposes.
2.1.4 Third-Party Service Connection
Our Service allows you to connect various third-party services (“Third-Party Services”). When you connect a Third-Party Service and grant us permission to access your account, we never request or receive your log-in credentials for that Third-Party Service.
We use the OAuth authorization protocol to request a token from the Third-Party Service; the token then gives us access to your account to the extent authorized by you and permitted by that Third-Party Service.
2.1.5 Support Ticket Data
When you submit a support ticket through our systems, we will collect the company and contact data, and record activity related to your request.
Information submitted as part of support tickets is processed by us in order to provide help to you in using the Service, to contact you about your request(s), and to improve the Service.
2.1.6 Information We Receive From Third-Party Sources
2.1.7 Cookies and tracking technologies
We also use technologies such as cookies, local storage (as defined below), scripts to collect information, provide a better user experience, and improve our services. A cookie is a small data file that we transfer to your device. We may use “persistent cookies” to save your ID for future logins to the service. We may use “session ID cookies” to enable certain features of the service, to better understand how you interact with the service and to monitor aggregate usage and web traffic routing on the service. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of the service. “Local storage” is a way for a website to collect and store information “locally” (e.g., on the user’s device rather than on the website’s server) and then later retrieve it again. Local storage includes “localStorage” and “sessionStorage.” By using local storage, a user’s visits can, for example, be stored on their own computer, counted, and then given to us.
2.2 Information We Automatically Collect When You Use Our Service
In addition, we collect anonymized usage data regarding the Service, which we may analyze and use to improve the Service.
3. Personal Data Processed with Akiflow, including from Third-Party Services
Users may Process Personal Data of third parties as part of the data they Process with the Service. The Personal Data of third parties could for example be entered in the description of a task or an event, or in the list of guests of an event. The Service also allows Users to connect to Third-Party Services to transfer data from those Third-Party Services into the Apps, periodically or on-demand, and store such data on the servers of the Service. Storing data in our server is done with the purpose of providing you with additional features, such as multi-device synchronisation of your data, and backup in case your device is not recoverable (lost/broken).
Users shall not use the Service to process personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. Additionally, users shall not use the Service to process passwords, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation. We urge all users to exercise responsible and lawful conduct while using our service, ensuring the privacy and dignity of all individuals are respected and protected.
Collectively, the Personal Data of Third Parties entered in the Apps by users, and Personal Data imported from Third-Party Services, is referred to as User Data for the purposes of this Policy.
Users who process User Data with Akiflow, are the Data Controller. It is the Users’ sole responsibility to ensure that they can process the Personal Data of such third parties with Akiflow.
In relation to such data, we act as a Data Processor. In this capacity, we shall comply with all applicable Data Protection Laws in the processing of such Personal Data, and not Process such Personal Data other than on the relevant Users’ documented instructions, including automated instructions provided through the Apps.
4. Analytics and Logs
We may collect and use the analytic information from our own systems and from third-party analytics tools so that we can serve you better and improve the Service. Akiflow gathers certain information automatically from visitors to the Sites and stores it in log files.
This information includes internet protocol addresses as well as browser, internet service provider, referring/exit pages, search terms, operating system, date/time stamp, and clickstream data.
We may share the Sites log files with third-party analytics tools for marketing and product improvement purposes or otherwise. Furthermore, we may also use such analytic information, including contact and billing data, to personalize our services and products, and to provide customized prices and special offers. We may do so through fully automated systems.
In addition, Akiflow gathers anonymized usage data from users of the Apps and the Service. Before storing this anonymized usage data in Service-specific log files, we redact any Personal Information or other specific data, such as search terms entered in the Apps. We may share the Service log files with third-party analytic tools to analyze trends, administer and maintain the Service, track usage of various features within the Service, or otherwise as necessary to improve the Service.
Occasionally, we may connect Personal Information to information gathered in our log files, as necessary to improve the Service for individual customers when specific needs of individual users arise, such as, but not limited to, bug fixing.
5. Use and Disclosure of Personal Information
Akiflow may use Personal Information provided to operate, improve upon, and personalize the Service, for billing identification and authentication, to contact and communicate with you about the Service and your use of the Service, to support the use of the Service, to send marketing materials (subject to your opt-in option), for research purposes, and to generally improve the content and functionality of the Service.
We may also combine your Personal Information with third-party analytics information to build a broader profile of our individual users to serve you better and provide custom, personalized content and information. Additionally, we may use the Personal Information we collect for identification and authentication and fraud prevention, to analyze Sites usage and improve the Service, for internal market research, troubleshooting problems, enforcing our Terms of Service, and as otherwise set forth in this Policy.
Note that we will never email you to ask for your account information; if you receive such an email, please forward it to firstname.lastname@example.org
6. Third-Party Service Providers and Sub-processors
We transfer some of your Personal Information and User Data, such as data about your account (name/email/billing information/etc), with certain third-party service providers (such as our credit card processors and hosting partners) to provide the necessary hardware, software, networking, storage, and other services we use to operate the Service and maintain a high-quality user experience (sub-processors).
We utilize sub-processors exclusively to facilitate the operation, monitoring, and enhancement of our services. Please be assured that the transfer of data to sub-processors is confined strictly to the purposes outlined in this policy, and under no circumstances we engage in the sale of data or permit the transfer of data to other entities for objectives other than those explicitly delineated herein.
By using the Service, you warrant that Akiflow has your permission to perform any such transfers on your behalf, notwithstanding that these may contain Personal Information and User Data and may cross international borders.
The updated list of the third-party service providers to whom we share with some Personal Information can be found here.
In the event of onward transfers of data to third parties, we remain liable in accordance with our obligations under the applicable data protection frameworks, unless we prove that we are not responsible for the event giving rise to the damage. If it is determined that we processed data in a manner contrary to the principles of these frameworks, we will take appropriate steps to address the issue and ensure compliance.
7. Other Information Sharing
In addition to the purposes described above, we disclose Personal Information and User Data to respond to subpoenas, court orders, on the legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
We may share information, including Personal Information, with any parent, subsidiary or affiliate of Akiflow, which includes any entity that controls, is controlled by, or under common control with Akiflow.
8. Additional Limits on Use of Your Google User Data
- to use our Gmail integration, we require certain permissions from you. Specifically, we need permission to read and modify emails metadata in order to import emails as tasks, and then enable the unstar/unlabel function when you mark a task as done. Additionally, we need to be able to read the contents of emails to include the email subject in your Akiflow task. Please note that the authorization tokens to access your Gmail account are only stored on your device, and all operations on your emails are done by our desktop or mobile apps. This means that our servers have never access to your Gmail account and thus that the only Gmail data that is shared with us are those that are imported in tasks, i.e. the “date”, “from”, and “subject” fields.
- we will never access, read, or modify your emails for any other purpose, and will not transfer this data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- we will not use this Gmail data for serving advertisements.
- we will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for Akiflow’s internal operations and even then only when the data have been aggregated and anonymized.
- our use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
9. Links to Other Websites
The Service contains links to websites and applications other than the Service, including websites and applications operated by affiliates and other third parties. Please be aware that we do not determine, and we are not responsible for, the privacy practices or content of websites and applications operated by third parties.
Your browsing and interaction on any third-party website or service, including those that have a link on our website, are subject to that third party’s own rules and policies. We encourage you to be aware when you leave the Service and to read the privacy statements of third-party websites and applications linked to the Service.
10. Your Privacy Rights
Depending upon your location and in accordance with applicable laws, you may have the following rights regarding your personal data:
- Information on the Types of Personal Data Collected: You have the right to receive detailed information regarding the personal data that we collect about you.
- Information on the Purposes of Collection and Use: You can request information about why we collect certain data and how we use it.
- Information on the Type or Identity of Third Parties to Which Your Personal Data is Disclosed: You have the right to know if and to whom we have disclosed your personal data, including to third parties.
- Choices for Limiting Use and Disclosure of Your Personal Data: We provide you with options to limit the use and disclosure of your personal data.
- Access to Your Personal Data: You have the right to access the personal information we hold about you, consistent with legal requirements. In addition, in some cases, you may have the right to receive or have your electronic personal information transferred to another party.
- Request Correction: Where your personal information is inaccurate or incomplete, you may ask for it to be corrected.
- Request Deletion: You can request the deletion of your personal information, subject to certain exceptions prescribed by law.
- Request Deletion, Restriction, or Object to the Processing: You can ask to restrict the processing of your personal data or object to certain processes, including the right to opt-in or opt-out of the sale of your personal data to third parties.
- Notification of the Organization’s Liability if it Transfers Your Personal Data: You will be notified of our liability in cases where your personal data is transferred.
- Notification of the Requirement to Disclose Personal Data in Response to Lawful Requests by Public Authorities: We will inform you if we are required to disclose your personal data in response to lawful requests by public authorities.
- Reasonable and Appropriate Security for Your Personal Data: We ensure reasonable and appropriate security measures to protect your personal data.
- A Response to Your Complaint Within 45 Days: If you raise a complaint, we will respond to it within 45 days.
- Cost-Free Independent Dispute Resolution: To address your data protection concerns, we provide a cost-free independent dispute resolution mechanism. See Sections 19 and 22 of this Policy for further information.
- The Right to Invoke Binding Arbitration: In case your complaint indicates a violation of obligations under the DPF Principles and has not been resolved through other means, you have the right to invoke binding arbitration. For additional information please see: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
- Non-Discrimination: You will not be discriminated against for exercising your privacy rights.
If you would like to exercise any of these rights, please contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request, such as requiring you to submit your request via your account, if you have one, or proof of ID.
We process and store information on behalf of our customers. You may decline to submit any Personal Information through the Service; in which case we may not be able to provide certain services to you.
You can customize how your Personal Information and User Data are processed, including opting-out to marketing materials:
- In your user account page and in the Apps settings.
- In the messages you receive from us (e.g. unsubscribe link in e-mails).
- By exercising your rights under the previous Section of this Policy. Or
- By contacting us at email@example.com.
Please note that requests to opt-out of transfers to our third-party vendors may also be submitted, but limitations on data sharing may make it difficult or impossible to provide the Service after an opt-out.
Additionally, you can opt-out of certain Analytics and Logs that we automatically collect by changing the settings of your devices. Please refer to your mobile device or browser’s technical information for instructions on how to delete and disable cookies, and other tracking/recording tools. Note that disabling cookies on your devices or browser may prevent us or our business partners from tracking your activities in relation to the Service and may impact the correct functioning of certain features available through the Service.
12. Correcting and Updating Your Information
Customers may update or change the Personal Information they have provided Akiflow by logging into the Service and providing such additional information where applicable.
If you are our customer and would like to gain access to, or request deletion of information we have collected as data controllers, you can do so autonomously in the “Settings → My Account” section of our Desktop app.
Alternatively, you can also contact firstname.lastname@example.org. We will use commercially reasonable efforts to respond to such queries within 30 business days but are not liable for any failure to do so.
13. Do Not Track
We do not track or respond to your browser “Do Not Track” requests.
14. Data Retention
Akiflow will retain Personal Information we process on behalf of our customers or collect directly from our customers for as long as needed to provide Service to our customers, subject to our compliance with this Policy.
We may further retain and use this Personal Information only and insofar as necessary to comply with our legal obligations, maintain accurate accounting, financial, and other operational records, resolve disputes, and enforce our agreements.
We have established internal policies for the swift deletion of data from customer accounts following a termination of a customer’s subscription to the Service.
15. Children’s Personal Information
Akiflow does not knowingly collect any Personal Information from children persons under the age of 18 years. If you are under the age of 18, please do not use our Service and do not submit any Personal Information through our Service.
We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Policy by instructing their children never to provide Personal Information on our Service without their permission.
If you have reason to believe that a child person under the age of 18 has provided Personal Information to Akiflow through our Service, please contact us, and we will use commercially reasonable efforts to delete that information from our databases.
16. Business Transactions
Akiflow may assign or transfer this Policy, and your User account and related information and data, including any Personal Information, to any person or entity that acquires all or substantially all of the business, stock, or assets of, or is merged with Akiflow.
17. Share Availability Guests’ Personal Information
When using the Share Availability feature, Akiflow collects the Personal Information of Guests who are not currently Akiflow users in order to complete the booking process, including creating a calendar event.
This data is securely stored on our servers and is only used for the stated purpose. We will not disclose this information to any third parties, nor use it for any purpose other than the one explicitly stated. Specifically, we will not create an account for Guests who are not Akiflow users and we will not utilize their information for any marketing activities.
18. Data Protection Measures
Akiflow is unwavering in our dedication to protecting the personal data of our users. To fulfill this commitment, we have instituted a series of stringent protective measures, which encompass:
- Segmented Storage: Your contact information and user-generated content are stored across various databases on different servers, minimizing the risk associated with centralized storage.
- Secure Hosting Facilities: Our servers are hosted in premises that uphold stringent security measures, safeguarding against unauthorized access and potential breaches to ensure the utmost safety of user data.
- Restricted Access: Access to our servers and the databases hosted therein is limited to a select group of high-level employees, to the extent necessary for maintaining and developing the service. This access is regulated through strict authentication mechanisms with 2FA.
- Data Pseudonymization: We employ data pseudonymization techniques to further protect user data, with unique identifiers for each user and their respective data being housed in separate databases on distinct servers.
- Encryption: Ensuring the security of data both in transit and at rest is paramount. We utilize TLS for data in transit and secure data at rest with industry-standard 256-bit AES encryption, safeguarding vital aspects like API keys and authorization tokens.
Through these measures, we staunchly safeguard the personal data of our users, aligning with the highest standards of data protection and adhering to the principles of EU law regarding data transfer to the United States.
19. Oversight by Statutory Bodies
The Federal Trade Commission has jurisdiction over Akiflow’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
Additionally, the following statutory bodies are responsible for overseeing our compliance with the following data privacy frameworks:
- For the EU-U.S. Data Privacy Framework – the EU Data Protection Authorities.
- For the UK Extension to the EU-U.S. Data Privacy Framework – the UK Information Commissioner’s Office (and the Gibraltar Regulatory Authority).
- For the Swiss-U.S. Data Privacy Framework – the Swiss Federal Data Protection and Information Commissioner.
These bodies guarantee that we are held to the highest standards, ensuring the safety and privacy of our users’ personal data.
20. Further provisions for users subject to data protection laws
If you are subject to any data protection regulation not covered by this Policy and that requires further commitments on our part, such as signing a Data Protection Agreement, please contact us at email@example.com to facilitate the necessary arrangements.
Please note that it is your sole responsibility to verify that you are able to use our services in accordance with applicable privacy regulations. If you have any doubts about your ability to transfer personal data to us in compliance with such regulations, please do not hesitate to contact us for further guidance.
We may, at our sole discretion, modify or update this Policy from time to time. If we make any material changes to this Policy, we will endeavor to notify you by email prior to the change becoming effective but will not be liable for any failure to do so. We encourage you to periodically review this page for the latest information on our privacy practices.
Your continued use of the Service constitutes your agreement to be bound by such changes to this Policy. Your only remedy, if you do not accept the terms of this Policy, is to discontinue the use of the Service.
22. Inquiries, complaints, recourse mechanism and contact information
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
If you have questions, inquiries or complaints regarding your Personal Data, this Policy or about the privacy practices of Akiflow, please contact us at firstname.lastname@example.org, or at:
Akiflow Inc. 2093
PHILADELPHIA PIKE #2731
CLAYMONT, DE 19703