Privacy Policy

May 26, 2021

Kyber, a Companyons, Inc. product

This Privacy Policy describes what data we collect and process when you use the Kyber application and website (“Service”). The Service includes a software application users install on Slack, optionally download to a mobile device (legacy), and a service that processes data on our servers. We may update this Privacy Policy from time to time. Please return to it whenever you want to obtain information about your privacy options.

Data Collection

Account Credentials

We collect and process your account credentials to provide you the Service. Your account credentials may include the name, username, workplace you entered when signing up with Slack and are explicitly regulated by the Slack permission you grant the Service at installation on Slack. If you create an account through the Service outside Slack, we will store an encrypted version of your password. If you connect your account to a third party service, we store your authentication token to enable this access. Kyber does not use your account credentials for any other purpose.

User entered Data

We collect and process the data you enter, such as to-dos, reminders, events,  polls, announcements, surveys, locations, notes, email addresses, messages, as well as the status of each item (e.g. invite accepted, task done, poll voted, announcement read). Kyber uses this information solely to provide you the Service.

Email Address

We collect and process your email address to provide you the Service, carry out transactions you authorize and communicate with you. For example, we might use your email address to request feedback or provide updates and notifications regarding the Service. Such communications are extremely rare, if any. You may control promotional emails from us by following the instructions in those emails. If you opt out of promotional messages, you may still receive emails from us relating to your account and the Service (e.g., relating to product updates, password resets, etc.). These account communications are part of the Service, and account holders cannot opt out of receiving these account communications.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Calendar, Reminders, Address Book Data (legacy)

When the Service is used in conjunction with the optional mobile app, we collect and process your calendar, reminders and address book data, imported and synced upon your approval from iOS stock apps. Calendar, reminders, address book data includes your schedule, the content of your calendar, reminders, address book entries, and associated information from the local calendar, reminders, address book on your device as well as third-party sites, applications and services. Your calendar, reminders, address book data may contain meetings, appointments, birthdays, addresses, messages, contact information (e.g. email addresses or phone numbers) and other attachments. Kyber uses this information solely to provide you the Service. You can opt in or opt out of calendar, reminders, address book services at any time in Settings.

Location Information (legacy)

If you allow the Service access to your location on the optional mobile app, we collect and process location information from your device while the app is running. We use this information to help provide and improve the Service and tailor content to your location. For example, we may use your location to match the closest addresses and places you enter, adjust your schedule to account for your current time zone or help provide you with directions to your next event. You can opt in or opt out of location services at any time in Settings.

Device Information (legacy)

When you download or use one of our applications or integrations, we will collect and process certain information about your device, such as your device type, operating system and version, and unique device IDs and IP address. We use this information to personalize your experience and provide and improve our Service.

Log Data

Like most web services and websites, we log information about your use of the Service, including the type of browser or device you use, access times, pages viewed, your IP address and the page you visited before navigating to our Service. We use this information to personalize your experience and provide and improve our Service.

Usage Information

We may use cookies, device identifiers and other technologies, including third-party, to collect and process information about your use of the Service. We use this information to personalize your experience and provide and improve our Service.

Support

If you encounter problems with the Service, you may contact us for technical support by emailing [email protected]. We will retain communications related to support issues in order to provide and improve the Service.

Data Usage

We use the collected data for various purposes:

  • To provide and maintain our Service
  • To provide customer support
  • To notify you about changes to our Service
  • To gather analysis or valuable information to improve our Service
  • To monitor the usage of our Service
  • To detect, prevent and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer unless you have opted not to receive such information

Data Disclosure

We may disclose information about you in the following circumstances:

  • If you direct or authorize the disclosure.
  • As necessary to provide the Service, including sharing information with third parties who store or manage your calendars and related information, upon you granting access to those calendars.
  • If we believe in good faith that we must disclose information: to protect the rights or property of our company or other users, including to prevent fraud or to enforce our agreements or policies governing your use of the Service; or, if we believe in good faith that such disclosure is necessary, to protect the personal safety of our personnel, users, or the public.
  • If we sell or reorganize all or part of our business, we may disclose user information to a third party who acquires us or all or part of our assets, as permitted by law.
  • To vendors, consultants and other service providers as necessary to provide services for us (such as customer support, email marketing, and technical infrastructure services).

We also share aggregated statistical information with our analytics partners, which cannot reasonably be used to identify you.

Finally, we may access, disclose and preserve your personal information, including the content you submitted or granted access to, when we have a good faith belief that doing so is necessary to:

  • comply with applicable law or respond to valid legal process from competent authorities, including from law enforcement or other government agencies;
  • protect our customers, for example to prevent spam or attempts to defraud users of the Service, or to help prevent the loss of life or serious injury;
  • operate and maintain the security of the Service, including to prevent or stop an attack on our computer systems or networks; or
  • protect our rights or property, including enforcing the terms governing the use of the Service – however, if we receive information indicating that someone is using the Service to traffic in our stolen intellectual or physical property, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

Please note that the Service may include links to or from sites or services of third parties that have privacy practices different from ours. If you submit personal information to any of those sites or services, your information is governed by the privacy policies of those third parties. This includes Calendar, Reminders, Address Book Data that is synced with third-party services upon you granting us access to them.

Security

We use a variety of security technologies and procedures such as data encryption at rest and data encryption in transit to help protect data from unauthorized access, use or disclosure. We encrypt the data you provide and store it on computer systems that have limited access and are in controlled facilities in USA (North Virginia) and EU (Ireland); your information is also backed up and encrypted. Any information sent or received from Slack or third party services linked to your account is transmitted via a secure connection.

If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share it. If you are sharing a computer, you should always log out before leaving a site or service to protect access to your information from subsequent users.

Data Access and Deletion

You have the right to request a copy of your customer data and to request the deletion of your customer data.

You can deactivate your workplace account by uninstalling Kyber from Slack at any time; deactivating your account does not delete your customer data. You can request to remove your customer data by sending a request to [email protected] from the email address you registered to the Service. Your data will be removed within 30 days from written notice. Deletion of any information from third party services that you connect to the Service is managed through that third party service, and governed by their terms of use and privacy policy.

Special Note to International Users

The Service is hosted in the United States and are intended for and directed to users in the United States. If you are a user accessing the Service from the European Union, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from United States laws, please be advised that through your continued use of the Service, which is governed by California law, this Privacy Policy, and our Terms of Service, you are transferring your personal information to the United States and you expressly consent to that transfer and consent to be governed by California law for these purposes.

In the Event of Merger, Sale, or Bankruptcy

In the event that Companyons, Inc. is acquired by or merged with a third party entity, we reserve the right to transfer or assign the information we have collected from our users as part of such merger, acquisition, sale, or other change of control. In the (hopefully) unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used.

Changes to this Privacy Policy

We may modify and revise our Privacy Policy from time to time. When we post changes to our Privacy Policy, we will revise the “last updated” date at the top of the statement. If we make any material changes to this Privacy Policy, at our sole discretion we will notify you of such changes by posting them on the Service or by sending you an email or other notification.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

We may process your Personal Data because:

  • We need to perform a contract with you
  • You have given us permission to do so
  • The processing is in our legitimate interests and it’s not overridden by your rights
  • For payment processing purposes
  • To comply with the law

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

How to Contact Us

If you need more information, please contact us at [email protected].