Updated as of 2024.11.28
This Privacy Policy (the “Policy”) explains how Kiwibit Inc. (“Kiwibit,” “we,” “us,” or “our”) collects, uses, and processes your personal data when you engage with our websites, products, and mobile applications (collectively, the “Kiwibit Services”).
The Kiwibit Services are provided or controlled by Kiwibit Inc. and its affiliates (collectively, “Kiwibit”). We are subject to various data privacy protection laws, including but not limited to the Personal Data Protection Act (“PDPA”), the European Union’s General Data Protection Regulation (“GDPR”), and the California Consumer Privacy Act of 2018 (“CCPA”).
1. Collection of Information
Information Provided to Us: We collect the following categories of personal information when you interact with us (e.g., registering an account, placing an order, or contacting customer service).
• Basic Contact Details: Name, shipping address, phone number.
• Payment Information: Name, billing address, shipping address, payment confirmation, email address, phone number, or third-party payment account information.
• Shopping Information: Items viewed, added to cart, or saved to wishlist.
• Customer Support Information: Information collected during customer support interactions, including communication records, content, pictures, videos, email addresses, requests, comments, name, contact information, purchase records, order information, and other necessary details.
• Video Content Data: Collected with your request and/or permission.
• Facial Recognition Data: Collected with your request and/or permission.
• Technical Information: Product-related information collected with your permission during troubleshooting.
• Cloud Service Data: Data collected when using our cloud services, each with its user agreement, and opt-out feature.
• App Data: Account information, operational behavior data, usage frequency, crash data, running status, network logs, and Wi-Fi network information.
Information Shared Voluntarily: Personal data provided on our site, apps, social media, or posted publicly.
Third-Party Information: Data collected from third parties who provide it to us (e.g. advertising provider).
2. Use of Information
We utilize the personal information we collect for various purposes, which include:
• Delivering our products and services to you.
• Creating and overseeing your Kiwibit account and profile.
• Handling and completing claims and orders related to our products and services, and updating you on their status.
• Tailoring your interaction with our products and services.
• Enabling you to stream, save, and share content via our services.
• Verifying your identity to grant access to certain content or use of some of our services.
• Enhancing and preserving the security of our products and services, and to prevent abuse.
• Engaging in communication with you, which includes delivering offers and other updates about our products and services, as well as providing customer support.
• Facilitating interactions with certain third-party products or services, such as allowing you to link to or view content from third-party sites within our services or to connect with third-party products and services through Works With Kiwibit.
• Conducting analytics, which includes market and consumer research, trend analysis, financial analysis, and anonymization of personal information.
• Steering, assessing, developing, administering, and refining our business, which includes managing our products and services, creating new products and services, assessing the efficacy of our communications, and performing accounting, auditing, billing, reconciliation, and collection tasks, among other internal operations.
• Safeguarding against, detecting, and averting fraudulent activities and other misconduct, claims, and liabilities.
• Adhering to and enforcing applicable legal requirements, relevant industry standards, and policies, including this Privacy Policy and our User Agreement.
We may also use the personal information we gather for other specific purposes, for which we will provide explicit notice at the time of collection, and will obtain your consent if necessary, in accordance with applicable law.
3. Disclosing and Sharing of Information
Your personal information is securely maintained and processed within Kiwibit's servers and facilities, and we only share or disclose it under specific circumstances:
• Transfer within Kiwibit: We transfer your personal information to Kiwibit group companies for customer service, product and service provision, and IT system support for business and data storage.
• Product Sharing: We share your Kiwibit products with individuals you invite to access your products upon your explicit initiation of a sharing invitation or request.
• Service Providers: We send data to third-party service providers who perform services on our behalf, following our instructions and adhering to confidentiality and security measures. This includes services like data storage related to your use of our services, order processing, credit card transactions for subscription payments, and sending emails for customer support or marketing. We prohibit our service providers from using or disclosing your personal information beyond what is necessary to perform their services or comply with legal requirements.
• Legal and Regulatory Compliance: We disclose information to legal and regulatory authorities when requested or to report any actual or suspected violation of laws or regulations.
• Third-Party SDKs: If our App uses third-party SDKs, your personal information may be shared with those providers. We advise you to review the privacy policies of those third parties before engaging with their SDKs.
• With Your Consent: We disclose your personal information upon receiving your explicit request and consent.
When we employ a third-party processor for your personal information, they are contractually obligated to: (i) process the personal information strictly as per our written instructions, and (ii) implement measures to safeguard the confidentiality and security of the personal information, along with any additional requirements under applicable law.
4. International Data Transfer
We operate servers across various regions, such as the European Union and the Americas, and adhere to the respective regional laws. The servers that store your personal information may vary based on your location. Your personal information is processed and stored in the regional server corresponding to the country you've selected when setting up your account. It's possible that your personal information could be processed and stored in a different country within the same region. For instance, the personal information of users from EU countries is processed and stored in our EU-based server located in Germany, while users from other regions may find their information processed and stored in our North American server located in the U.S. No matter where it's stored, we uphold stringent protection and safeguarding measures for your personal information.
Given the global span of our operations, your personal information might be accessed by our affiliates to supply our products and services or support our IT systems, or it may be shared with third-party customer service providers and SDK providers to fulfill the intentions outlined in this policy. Consequently, we may transfer personal information to jurisdictions with different legal systems and data protection compliance requirements from your own.
We are in compliance with cross-border transfer laws to ensure the protection of your personal information, no matter its location, and we ensure that all data is anonymized and pseudonymized in accordance with the GDPR before any cross-border transfer. We maintain an adequate level of protection for your personal information through various methods, including, when necessary, relying on a determination that a specific country provides suitable protection for personal information, or by employing the European Commission's approved Standard Contractual Clauses and the UK International Data Transfer Agreement with our affiliates and third parties (where applicable) or any other lawful method that allows for the legitimate transfer of personal information from those countries.
5. Data Security
To protect your personal information, we've put in place a suite of technical and organizational security measures. These are designed to safeguard your information from unauthorized access, loss, modification, disclosure, or any other form of unlawful processing as mandated by law.
Specifically, we've implemented end-to-end encryption for the communication between your device and our App. This ensures that your information is secure. For particularly sensitive information such as video content and facial recognition data, we store these locally on your device unless you opt in to our video cloud storage service.
It's important to remember that the internet is not a secure environment by default. While we take all reasonable steps to protect your personal information, no transmission via the internet can be guaranteed to be entirely secure. Therefore, any information you transmit to us online is done so at your own risk. You are responsible for ensuring that your personal information is sent to us securely.
6. Data Retention
We utilize your personal information as described in Section 1 and 2. We are committed to ensuring that we process your personal information only during the minimum necessary period for the purposes stated in this Policy. Here's how we determine the retention period for your personal information:
1. Identification-Based Retention: We retain personal information in identifiable form during:
○ The duration of our ongoing relationship with you (for instance, while you're an App user).
○ The period required for the lawful purposes of this Policy for which we have a legal basis to collect and process such information.
2. Legal Requirements: Additionally, we consider:
○ The applicable statute of limitations under the law, which is the time frame within which a legal claim can be made concerning your personal information.
○ A grace period of two months following the statute of limitations to allow us sufficient time to identify any relevant personal information should a claim arise.
3. Ongoing Claims: If legal claims are made, we may continue to process personal information for the duration necessary to address those claims. We may also retain the data if deletion would conflict with protecting the interests of concerned parties or if continued processing is necessary under Article 17(3) of the GDPR.
During the periods described above, we restrict our processing of personal information to storage and security maintenance, except for any data required for legal claim review or compliance with law.
After the conclusion of the periods outlined above, we will either:
• Permanently delete or destroy the specified personal information.
• Anonymize the specified personal information.
7. Your Privacy Choices
You have certain rights regarding how we handle your personal information, subject to applicable legal provisions. These rights include:
1. Withholding Information: You can choose not to provide your personal information. However, please be aware that doing so may limit our ability to offer you the full functionality of our App.
2. Access and Copies: You can request access to, or copies of, your personal information, along with details about how it is processed and disclosed.
3. Rectification: You have the right to ask for corrections if there are inaccuracies in your personal information.
4. Deletion: You can request the removal of your personal information.
5. Restriction: You can limit our processing of your personal information.
6. Objection on Grounds Relating to Particular Situation: You can object to the processing of your personal information in certain circumstances relating to your particular situation.
7. Objection to Processing Based on Legitimate Interest: You can object to our processing based on legitimate interests, where applicable.
8. Withdrawing Consent: If we rely on your consent to process your personal information, you can withdraw this consent. Note that this does not affect the legality of any processing done prior to your withdrawal.
9. Filing Complaints: You have the right to lodge complaints with the relevant data protection authorities regarding our processing of your personal information.
To exercise any of these rights, ask questions about them, or raise concerns about our processing of your personal information, please contact us using the details provided in Section VIII. We will address your request or complaint in accordance with data protection laws. Note that:
• In some cases, we may need to verify your identity before fulfilling your request.
• For requests that involve establishing additional facts (e.g., determining non-compliance with the law), we will investigate and respond promptly.
9. Children's Privacy
We understand the significance of protecting children's privacy. Kiwibit's products and services are designed for general use and are not targeted at children. We are committed to not intentionally collecting personal information from children under 13 years old online. If you become aware that personal information about children under 13 years old have been provided to us, please immediately contact us by using the contact details provided in Section 11 below. That way, we can delete the information from our records. In certain countries, we may impose higher age limits as required by applicable law.
10. Policy Updates
We may amend or update this Policy from time to time to reflect changes in our data processing practices or applicable laws. Please review this Policy periodically for any updates. If you do not agree with this Policy, please refrain from using our Services. This Policy is part of our User Agreement, which can be found link.. Undefined terms in this Policy have the same meaning as in our User Agreement.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at support@kiwibit.com, or at
Kiwibit Inc. 17880 Skypark Circle, Suite 260,
Irvine, CA 92614