Kindred Global Privacy Notices

 

Last updated 27 November 2024

In this privacy notice, we describe who we are, and how we look after your data. This notice applies to you if you browse our website, use the Kindred App, Kindred SDK, browser extension, APO's as well as the Add-on for Samsung (each are identified separately below).

You can manage your privacy preferences by contacting us on privacy@kindredteam.com or if you have used the Kindred CMP you can use that mechanism.



Part 1: Our approach    

This section introduces us, the role we play in relation to your data, and our approach to protecting your data.    

Who are we?
We are Kindred Soul Limited, a UK limited company, (‘we’, ‘us’, ‘our’, ‘Kindred’) with a registered office at PEM, Salisbury House, Station Rd, Cambridge CB1 2LA.
We are registered with the UK Information Commissioner's Office under number ZA728760.
For any queries or requests relating to your data, how we collect or process it, or anything to do with this privacy notice, please contact us at privacy@kindredteam.com
What do we do?
Kindred provides several products on our platform/service that displays coupon codes and offers provided by advertisers as you shop online. In addition, Kindred will plant trees/donate to charities as purchases are made using commission paid by advertisers when you purchase online.
Kindred works with advertisers to provide insights into shopping behaviour and audience curation services, while users get access to discount codes to save money at advertisers. Kindred collects commission due from validated transactions from the advertiser and consent to the collection of data necessary to run the service.

What is this notice about?

tick icon We take your rights very seriously and have built our service to collect the minimum data necessary to provide a great service to you and our advertisers. Please take the time to understand how we collect, use, and process your data.

We collect and use certain data to deliver the Kindred experience to you when you use: our websites, www.kindred.co and app.kindred.co and sdk.kindred.co (collectively the ‘Websites’), The Kindred app (from the Apple App Store or the Google Play Store), the Kindred SDK, Kindred API service and the add-on for Samsung or other services (collectively the ‘Services’). Kindred serves as the data controller unless stated otherwise.

Our data capture technology is unique in that it has been designed to selectively capture a limited range1 of your shopping preferences. Kindred does not collect data indiscriminately and only captures data necessary to provide its services to you and to its clients and their third-party vendors. This enables Kindred to use IDs to work with approved third parties and provide insights and audience curation services. In return our users get additional benefits such as exclusive discounts and collectively contribute to environmental and charitable causes.

Kindred services are not intended for children, and we do not knowingly process data relating to children.

Please read this policy carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with how we do this, please do not use our services or use this Website any further. Kindred participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Kindred’s identification number is 1245. Kindred operates the Consent Management Platform.  


Part 2: What we collect and use  

This section describes what data we collect, when, and how and we've set this out by way of a typical user journey (though it may not happen in that sequence)

Our interaction with you

What data we collect and from whom

What we do with your data

Legal basis for processing your data

Visiting our websites

We collect information about your browser, device, and activities on our websites.

We collect this data directly from you and you interaction with our Websites.

We collect, store, and use website visit data to make our website more intuitive and easier to use and protect the security and effective functioning of our websites.

Your data is stored in the UK or the Netherlands, and we keep it for up to 2 years.

We use third parties (see Part 4 below) based in the EU and the US to help us understand how you use our websites.

It is in our legitimate interests to monitor how our website is used to help us (a) improve the layout and information available on our website and provide a better service to our website users, (b) see website usage and statistics, and (c) monitor how our website is used to detect and prevent fraud, other crimes, and the misuse of our website.

Making contact

When you contact us via the Website, email, telephone, instant chat, social media, we will collect and store the details you give us, which may include your first name and surname, email address, job title, company, and any other information you choose to provide us.

We collect this data directly from you when you contact us.

We use the data you provide us to communicate with you, answer your queries, and to respond to your requests.

Your data is stored in the UK or the Netherlands, and we keep it for up to 2 years and is not shared with any third parties, except on occasion with service providers such as IT or security, to ensure that our services are maintained.

 

Our legal basis for processing your data is legitimate interest, and we process your data to respond to you contacting us.

Signing up for our newsletter or alerts

If you sign up for our newsletters or alerts, we will collect your contact details. Depending on how you want to be contacted we will collect your name, email address and/or your phone number.

 

We collect this data directly from you.

We collect your data when you sign up for our newsletters or alerts so that we can provide you with the latest Kindred news and offers as they become available.

Your data is stored in the UK or the Netherlands, and we keep this until such times as you withdraw your consent. This data is not shared with any third parties, except on occasion with service providers such as IT or security, to ensure that our services are maintained.

To process your data in this way, we ask for your consent at the time you sign up for the newsletter or alert.

You can withdraw your consent at any time, and if you do so we will be unable to continue to provide you with our newsletters of alerts.

Signing up

If you create an account, we will collect your contact details (name and email address) and another other details you may provide us (for example, phone number, nickname, Paypal account details, and consent to receiving marketing).

We collect this data directly from you.

We collect your data when you sign up for our services to manage your account, and where relevant, your marketing choice.

Your data is stored in the UK or the Netherlands, and we keep this until you close your account, and then for a further 6 years.

This data may be shared with third parties on occasion with service providers such as IT or security, to ensure that our services are maintained, or as necessary to manage your account.

It is in our legitimate interest to process your data when you sign up for an account, so that we can manage your account (to provide you cashback from merchants from whom you make a purchase and allow you to donate to a charity of your choice) and to communicate with you.

Where you have consented to us providing you marketing material, we use your consent to do so, and you have the right to remove that consent at any time. If you withdraw your consent to marketing, we will stop marketing to you (as described in the sign-up process), however the marketing undertaken prior to you withdrawing your consent is still lawful.

When you use our Websites or Services (e.g., App, browser extension services).


This is the default for all Kindred users.

Information sent to us by your computer, mobile phone, or other device, including:

•  Device identifier, device name, operating system, and browser type, country code
•  Pseudonymous Kindred user ID •  Randomly assigned click IDs for each visit•  Website URL (domain name)

We collect this data directly from you.

We use your data to:

•  To administer the app and browser extension services
•  To personalise your experience
•  To provide you with support

We use third parties (see also Part 4 below) based in the EU and the US to help us understand how you use our websites.

Your data is stored up to 2 years.

In all interactions with our App and services (see also below for App, browser extension service, Add-on for Samsung) on first usage, we ask for your explicit permission to collect specific information from your device. We do not assume you have already given permission and provide you an opt-in permission button to allow us to do so. Only when you have given us permission do we start to collect the information.

We use legitimate interest to process your data as described under 'What we do with your data'.

When you use our Websites or Services (e.g., App, browser extension services, API).

When you use our services, we process information sent to us by your device (e.g., computer, tablet, mobile phone) where you have installed the App and activated the extension including:

•  Country code
•  Device identifier, device name, operating system, and browser type, country code
•  IP address
•  Pseudonymous Kindred user ID

•  Randomly assigned click IDs for each visit

•  Selected keywords from your search strings
•  Website URL (domain name)

•  MAID's (Mobile Advertising ID's)

We collect this data directly from you.

We may also collect third party advertising IDs where these have been made available to us by our partners.

We refer to the above as ‘App Data’.

We process your data for the following purposes, in our legitimate interest:

•  To select advertising using limited data
•  To measure advertising performance
•  To measure content performance
•  To understand audiences through statistics or combinations of data from different sources
•  To develop and improve audience services
•  To select content using limited data
•  To license the 'App data'

‘App data’ is stored in the UK or the EU for up to 2 years or less.

We share ‘App data’ with our partners according to the relationship we have with them, e.g., service providers, business customers (see also Part 4 below).

We use legitimate interest to process your data to provide our services.

Kindred provides you control over our processing under legitimate interest by contacting us using the email address provided above. 

When you use our Websites or Services (e.g., The Kindred App, Kindred SDK, Add-on for Samsung, and Kindred API services) and have used our CMP TCF UI (our privacy preference management facility) to manage your privacy preferences.

When you use our services, we process information sent to us by your device (e.g., computer, tablet, mobile phone) where you have installed the App and activated the extension including:

•  Country code
•  Device identifier, device name, operating system, and browser type
•  IP address
•  Selected keywords from your search strings
•  Website URL (domain name)
•  Your consent and transparency preferences

We collect this data directly from you.

We may also collect third party IDs where these have been made available to us by our partners.

We refer to the above as ‘App Data’.

We process your data for the following purposes, only with your consent:

•  To store and/or access information on a device
•  To create profiles for personalised advertising
•  To use profiles to select personalised advertising
•  To create profiles to personalise content
•  To use profiles to select personalised content
•  To save and communicate privacy choices

We process your data, in our legitimate interest, for the following purposes:
•  To select advertising using limited data
•  To measure advertising performance
•  To measure content performance
•  To understand audiences through statistics or combinations of data from different sources
•  To develop and improve audience services
•  To select content using limited data
•  To license the 'App data'

‘App data’ is stored in the UK or the EU for up to 2 years or less if you withdraw your consent.

We share ‘App data’ with our partners according to the relationship we have with them, e.g., service providers, business customers (see also Part 4 below).

We ask for your consent to process your data as described under 'What we do with your data'.

You can manage your privacy preferences (consent and legitimate interest) for each individual purpose using the Kindred TCF CMP UI (a popup available on all our Websites and Services). This gives you control over your consent and allows you to opt-in (give your consent) and opt-out (withdraw your consent), or object to our processing under legitimate interest, to any of these purposes at any time. 

 

 

When you use our partners' services and they provide us information they have collected about you.

When you use our partners' services, we process information sent to us by them which may include:
• Carrier
• Cell tower information
• Country code
• Device identifier, device name, make and model, operating system and version, and browser type and language
• Geolocation data
• Hashed mobile phone
• Hashed email address
• IP address
• MAID (mobile advertising ID)
• Postal code
• Website URL (domain name)
• Other Advertising ID's
 
We refer to the above as ‘App Data’.
We process your data, in our legitimate interest, for the following purposes:
•  To select advertising using limited data
•  To measure advertising performance
•  To measure content performance
•  To understand audiences through statistics or combinations of data from different sources
•  To develop and improve services
•  To select content using limited data
•  To license the 'App data'
 
‘App data’ is stored in the UK or the EU for up to 2 years or less.
 
We share ‘App data’ with our partners according to the relationship we have with them, e.g., service providers, business customers (see also Part 4 below).
We use legitimate interest to process your data to provide our services to our partners.
 
Kindred provides you control over our processing under legitimate interest by contacting us using the email address provided above.

 

Legal basis: what it means

Data protection law requires that we only process your personal data when we have identified a valid legal basis to do so. There are six available legal bases for processing. No single basis is ‘better’ or more important than the others and depending on the relationship we have with you will determine which basis is most appropriate.

You’ll have seen one or more of the following identified as a legal basis (under ‘How we use it’ above):

Consent

Consent, as a lawful basis for us to process your personal data, means that we have asked you for your explicit consent to process your data. Pre-ticked boxes are not allowed to collect your consent and you can withdraw your consent at any time.

This also means that we can only process data under this basis if (a) we have been clear and unambiguous about the purposes for which we are processing your data, (b) that you have given your consent freely, and (c) we provide a means for you to withdraw your consent as easily as it was for you to give us your consent.

We must ask you for your permission (your ‘consent’) to process your data under the legal basis of consent before we process your data. If you have given your consent, you can withdraw it, which can be done by using the Kindred TCF CMP UI (if available), deactivating the browser extension, uninstalling the app, or emailing us at the address below.

If you withdraw your consent this does not affect the lawfulness of processing based on consent before its withdrawal.

Legitimate interest

Legitimate interest allows us to process your personal data for our own interests and this can include our commercial interests, or broader societal benefits, for example contributing to charities.

This also means that we must provide you the details of the processing as well as what our legitimate interests are. Importantly, we are also required to ensure that our interests do not override your rights.

We do not need to ask permission to process your data under legitimate interest, however you can object to this, which can be done by using the Kindred TCF CMP UI (a popup available on all our Websites and Services), deactivating the browser extension, uninstalling the app, or emailing us at the address below.

It is important to Kindred that you know and understand your rights regarding Kindred’s processing of your personal data, so we ask you to read ‘Part 3: Responsibilities and Rights’ carefully.


Part 3: Rights, responsibilities

This section describes our responsibilities and your rights with regard to your data.    

Our responsibilities

Data Protection law requires that we process your personal data in accordance with established data protection principles

Principle What it means

Lawfulness, fairness, and transparency

We must only process your personal data lawfully, fairly and in a transparent manner.

Purpose limitation

We collect your personal data only for specified, explicit and legitimate purposes.

Data minimisation

We ensure that your personal data is adequate, relevant, and limited to what is necessary in relation to the services that we are providing you.

Accuracy

We ensure that your personal data is accurate and where necessary, kept up to date.

Storage limitation

We ensure that your personal data is not kept in a form which allows for you to be identified for longer than is necessary.

Integrity and confidentiality

We process your personal data in a manner that ensures its security using appropriate technical and organisational measures to protect it against unauthorised or unlawful processing and against accidental loss, destruction, or damage.

Your rights

You have several rights under data protection law, that Kindred is required to uphold. It is important to recognise that not all rights apply all the time, which means some rights are dependent on our relationship and interactions with you.

Your right What it means

Access

You have the right to ask us for copies of your personal data.

This right always applies, however there may be some exemptions, which means you may not always receive all the personal data we process.

Rectification

You have the right to ask us to rectify any of your personal data that you think is inaccurate or incomplete.

This right always applies.

Erasure

You have the right to ask us to erase your personal data:

·       Where it is no longer required for purpose for which it was collected, or

·       Where you withdraw your prior consent to us processing it and we have no other legal ground for processing it, or

·       Where it is being processed unlawfully, or

·       When it must be erased to comply with a legal obligation, or

·       Where it is being used for direct marketing purposes where we have no legitimate grounds for us doing so.

Restriction

You have the right to ask us to restrict the processing of your personal data:

·       Where it is inaccurate (allowing us to verify the accuracy), or

·       Where it is being processed unlawfully (and you want us to stop processing rather than erasing it), or

·       Where you have objected to us processing it while we’re verifying whether we have legitimate grounds for processing, or

·       Where it is no longer required for purpose for which it was collected, and you want us to keep it for the establishment, exercise, or defence of legal claims.

Portability

You have the right to ask us to transfer the information you provided us from one organisation to another or give it to you.

This only applies if we are processing personal data based on your consent or as part of a contract, or in talks with you about entering into a contract and the processing is automated.

This only applies to personal data you have given us.

Objection

You have the right to object to processing your personal data if:

·       We are using legitimate interests as our lawful basis for processing, or

·       It is being used for direct marketing.

Withdraw consent

You have the right to withdraw your consent that you have previously given to us for one or more specified purposes to process your personal data.

This will not affect the lawfulness of any processing carried out before you withdraw your consent.

It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.

Our other obligations

We are also required to tell you about a few other things

Your right What it means

Complaints

You have the right to complain to a Supervisory Authority, in the UK that is the Information Commissioner’s Office.

We would however, appreciate the chance to deal with your concerns before you approach a Supervisory Authority so please consider contacting us first.

Opting out of marketing emails

You can opt out of any marketing at any time by emailing us at privacy@kindredteam.com or by clicking the opt-out or unsubscribe button found in the footer of promotional emails.

Automated decision-making and profiling

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless you have given us your consent to do so, or it is necessary for entering into or the performance of a contract.

Change of purpose

We will only use your personal data for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at privacy@kindredteam.com.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Disclosure of your data

Kindred shares your data to support its relationship and interactions with you, with those identified in ‘Part 4: Your Data’

Breaches

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Dealing with your requests

We will deal with your requests as soon as possible which may take up to 1 (one) month and if this is likely to take longer, we will contact you and explain the situation (possibly extended to 3 months where the law permits). Normally there is no charge, however we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive or we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that your personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Third-party sites

Our Website may provide links to the websites of third parties, for example, the brands and merchants that we're connecting you with. They have their own privacy notices, policies, procedures, and activities which we do not control. Please check their policies before you submit any information via those websites.

Security

Kindred is ISO27001 certified, and we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, destroyed, or accessed without authorisation. This includes consideration of security during the design and development of our services and products.

While no data transmission or storage can be guaranteed to be secure, we implement a range of commercially reasonable physical, technical, and procedural measures to help protect personal data. These measures include policies, confidentiality agreements with third parties, secure development practices, security due diligence of service providers, products, services that may be used.



Part 4: Your Data

This section lists our service providers and other entities, who may have access to your data when you use the Website or App.

As with most technology businesses, we use third parties to host our Website and App and manage certain processes and business operations. This means sharing your data. We do it only when strictly necessary and we make sure there are safeguards in place. If it requires transferring data outside of the United Kingdom or the European Economic Area, we make sure that it's done under available lawful mechanisms.

Provider Purpose and use Who does it apply to? Where More details
Azure

Cloud storage provider which hosts the App, stores Kindred data you provide and provides disaster recovery

All users and partners.

EU , US, SG, IN  

https://azure.microsoft.com/en-us/overview/trusted-cloud/privacy/ 

Hubspot

Customer relationship management information    

partners - B2B contact details only.

UK

https://www.hubspot.com/data-privacy/gdpr 

Freshdesk

Customer relationship management information    

Kindred app only - help desk

EU    

https://freshdesk.com/gdpr 
CustomerIO

Customer relationship management information    

Kindred app only

EU

https://www.customer.io/docs/privacy/ 
Advertisers, Publishers, Agencies and advertising networks    

Store your personal data to select and serve relevant adverts to you, unless you have opted out of personalised adverts    

Kindred app, browser extensions and website service users

EU, US, SG, IN

 

 

Segment    

Data analytics to assist us in improving and optimising the Website and App    

Kindred app only

EU   

https://www.twilio.com/legal/privacy 

Mixpanel

Data analytics to assist us in improving and optimising the Website and App    

Kindred app only

EU   

https://mixpanel.com/legal/privacy-policy/ 

Google Analytics    

Data analytics to assist us in improving and optimising the Website and App    

Kindred app only

EU, US

https://safety.google/ 

Optable

Data management platform

Kindred app, browser extensions and website service users

EU

https://terms.optable.co/privacy/privacy-policies/products-and-services

Other disclosures

We will share your information with law enforcement agencies, public authorities and other organisations if legally required to do so, or if it's reasonably necessary to comply with the law, investigate and enforce any breaches of our terms of use, detect and prevent fraud or security breaches, reduce our credit risk exposure, and protect the rights and safety of Kindred and our users. We may share data with our service providers such as IT or security service providers, to ensure that our services are maintained. If we sell our business, we may need to disclose your data to the prospective buyer, and your data will form part of the assets transferred to the buyer on completion of the sale. We may also operate as a data processor on behalf of our clients. This means we process personal data strictly under their instructions and in accordance with the terms outlined in the Data Processing Agreements (DPAs) with those clients.

Kindred does not collect or process any sensitive personal data (special categories of data), such as data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data, or data concerning a person's sex life or sexual orientation. 

Kindred does not collect or process any personal data relating to criminal convictions and offences.

Well done for reaching the end!

We'd love you to be comfortable with how we collect and use your data. If you have any questions or suggestions, please email privacy@kindredteam.com


US State Law Privacy Notice Addendum

This US State Law Privacy Addendum (‘Addendum’) supplements the Kindred Global Privacy Notice and provides the information that certain US states require us to tell you in addition to the Kindred Global Privacy Notice (https://event.kindred.co/privacy-policy).

Each US state’s laws apply to their residents only and are available when that state’s law is effective. Different terms are used, such as ‘personally identifiable information’ or ‘personal information’. Kindred also uses the term ‘Personal Data’ in its Global Privacy Notice.

California

Definitions

Term

What this means

CCPA

California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, and any regulations made under it

Personal Information

Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, and includes (a) identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers, (b) biometric information, (c) Internet or other electronic network activity information, including browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement, (d) commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies (e) geolocation data, and (f) inferences drawn from any of the information identified in this list to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes

Sensitive Personal Information

Personal Information that reveals (a) a consumer’s social security, driver’s license, state identification card, or passport number, (b) a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account, (c) a consumer’s precise geolocation, (d) a consumer’s racial or ethnic origin, citizenship or immigration status, religious or philosophical beliefs, or union membership, (e)  the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication, (f) a consumer’s genetic data

 

Personal Data Collected

We may  collect (and during the last 12 months, may have collected) the following categories of personal data, sources of personal data, collection purposes, and categories of recipients – for details please see ‘Part 2: What we collect and use ’ above.

 

Your Rights Under the CCPA

You can exercise your rights by making verifiable request (meaning that we need to be able to confirm that the person making the request is the person to whom the personal data pertains or someone who is legally authorised to act on that person’s behalf – this is done to protect you and us) to Kindred by contacting us at privacy@kindredteam.com.

If you are using the Kindred CMP UI, this also allows you to exercise your ‘Do Not Sell my Personal Information’ right (see ‘Right to Opt Out of Sale or Sharing of Personal Information’ in the table below).

Your Rights under the CCPA

What this means

Right to Delete Personal Information

You have the right to ask us to delete any personal information about you which we have collected from you

Right to Correct Inaccurate Personal Information

You have the right to ask us to correct inaccurate personal information relating to you that we have collected

Right to Know What Personal Information is Being Collected. Right to Access Personal Information

You have the right to ask us to tell you about the personal data relating to you that we have collected. Please also see Section ‘Personal Data Collected’ in this Addendum.

Right to Know What Personal Information is Sold or Shared and to Whom

You have the right to ask us to tell you about your personal data that we sell, share, or disclose for a business purpose. Please also see Section ‘Personal Data Collected’ in this Addendum.

Right to Opt Out of Sale or Sharing of Personal Information (aka ‘Do not Sell my Personal Information’)

You have the right to ask us not to sell or share your personal information

Right to Limit Use and Disclosure of Sensitive Personal Information

Kindred does not collect sensitive personal information

Right of No Retaliation Following Opt Out or Exercise of Other Rights

Kindred will not discriminate against you for exercising any of your rights mentioned in this Addendum

 Kindred will respond to your requests within 45 calendar days and if the request is complex, we may notify you of a 45-day extension (potentially totalling 90 days).

 

Other US states

If your state is not listed in the following table, please see the Kindred Global Privacy Notice above for a description of your rights.

Definitions

Term

What this means

State Privacy Laws

The relevant privacy and data protection laws as they become effective including the Colorado Privacy Act, the Connecticut Data Privacy Act (2022), Delaware Personal Data Privacy Act (2023), Indiana Consumer Data Protection Act (2023), Iowa Consumer Data Protection Act (2023), Kentucky Consumer Data Protection Act (2024), Maryland Online Data Privacy Act (2024), Minnesota Consumer Data Privacy Act (2024), Montana Consumer Data Privacy Act (2023), Nebraska Data Privacy Act (2024), Oregon Consumer Privacy Act (2023), Rhode Island Data Transparency and Privacy Protection Act (2024), Tennessee Information Protection Act (2023), Texas Data Privacy and Security Act (2023), Utah Consumer Privacy Act (2022) and Virginia Consumer Data Protection Act (2021) in each case as amended and including any regulations made under each.

 

Your Rights Under Other States’ Privacy Laws

You can exercise your rights by making verifiable request (meaning that we need to be able to confirm that the person making the request is the person to whom the personal data pertains or someone who is legally authorised to act on that person’s behalf – this is done to protect you and us) to Kindred by contacting us at privacy@kindredteam.com.

If you use the Kindred CMP UI, this also allows you to exercise your ‘Do Not sell my Personal Information’ right’ (snip shown below)

While US state privacy law is undergoing change and currently with no comprehensive federal privacy law (e.g., like the UK and EU General Data Protection Regulation (GDPR)) the following table provides an overview of the categories of rights available to data subjects.

Your Rights under other States’ law

What this means

Right to access

You have the right to ask us for the information or categories of information or categories of information we collect, process, and share with third parties, or the specific third parties or categories of third parties to which the information was shared

Right to correct

You have the right to request that we correct, but not delete, incorrect or outdated personal information

Right to delete

You have the right to request deletion of your personal information about the consumer under certain condition

Right to opt out of certain processing

You have the right to restrict our ability to process your personal information

Right to portability

You have the right to request personal information be disclosed in a common file format

Right to opt out of sales

You have the right to opt out of the sale of personal information to third parties

Right to opt in for sensitive data processing

You have the right to opt in before we can process your sensitive data

Right against automated decision-making

You have the right to ask and stop us from making decisions about you based solely on an automated process without human input

 

Please be aware that not every state supports each the above privacy rights, for example the Iowa Consumer Data Protection Act (2023) and the Utah Consumer Privacy Act (2022).

Kindred will respond to your requests within one month of receipt of the request according to the Kindred Global Privacy Notice, unless specified differently in your state’s privacy law.

 

Personal Data Collected

Please see section ‘Personal Data Collected’ under California in this Addendum.

Kindred does not knowingly collect, sell, or share the Personal Information of those under 16 years of age.

Kindred does not collect Sensitive Personal Information.

 

Addendum Update

This US State Law Privacy Notice Addendum was last updated on 22/08/2024.