Company is a Delaware corporation with the following corporate information:
Krisp Technologies, Inc.
2150 Shattuck Ave, Suite 1300, Berkeley, CA 94704, United States
For End Users in the EEA and the U.K., note that we may collect your personal data as:
A “data controller” when we determine the means and purpose of processing, or as
A “data processor” when we collect and process End User personal data on behalf of our Customers who use our Services.
Customers: as noted above, this includes entities and organizations as well as any individuals who register or create an account on behalf of an entity or organization in order to use Krisp.
What personal information we process depends on how and why you use Krisp. We process personal information that we receive:
Directly, from you when you provide it to us, such as in connection with Krisp.
Indirectly, through automated technologies as described herein, or from third parties.
PLEASE NOTE AT THE OUTSET THAT COMPANY DOES NOT HAVE ACCESS TO OR STORE ANY AUDIO DATA. COMPANY PROCESSES MICROPHONE/SPEAKER AUDIO DATA ONLY ON CUSTOMERS’ DEVICES. THIS DATA DOES NOT LEAVE THE CUSTOMERS’ DEVICES AND COMPANY DOES NOT HAVE ACCESS TO THE CONTENT OF CUSTOMER AND END USER CONVERSATIONS.
You can generally visit our Site without having to submit any personal information. If you request more information, or sign up for Krisp, we will collect personal information as follows.
If you contact us via the contact form on our Site, we will ask you to provide information (e.g. your name, email address, company name, title).
Our Customers are responsible for ensuring that they comply with applicable privacy laws and notice requirements with respect to any individual whose name and information is submitted in connection with the Account Information.
Customer Payment Information
In order to process your payment Information, we use PCI-compliant third-party processors, as explained in the section on Payment Processing below. This information is processed by our payment service provider and we receive a confirmation of payment, which we then associate with your Account Information and any relevant transactions. Please note that other payment methods (e.g wire transfer) may be availed to you as well.
We may also ask you to submit personal information if you choose to use interactive features of Krisp, including participation in research studies, surveys, requesting customer support, or otherwise communicating with us. For example, if you participate in a research study or survey, we may record your participation and feedback. In accordance with the consent provided by your device or other third-party API, we may process any contact information that you choose to provide us access to when using Krisp. We may also ask you for information when you interact with us (such as when responding to notices and announcements from us), and when you report a problem with Krisp or otherwise correspond with us. This includes:
Your responses to surveys that we might ask you to complete for research purposes.
Device and Usage Information
When you download, use or interact with the Site, even if you do not have an account, we, or authorized third parties engaged by us, may automatically collect information about your use of the Krisp and/or the Site via your device (“Device and Usage Information”). This information consists of:
Information About your Device: information about the devices and software you use to access Krisp — primarily your device ID (or other persistent identifier that uniquely identifies your computer on the Internet), the operating system of your computer, device screen size, and other similar technical information.
Usage Information: information about your interactions with Krisp, including access dates and times, hardware and software information, device event information, log data, crash data, and search queries on the Site and/or Krisp. This information allows us to understand the screens that you view, how you’ve used the Site and/or Services (which may include administrative and support), and other actions on Krisp. We, or authorized third parties, automatically collect log data when you access and use Krisp. We use this information to administer and improve the Site and/or Krisp, analyze trends.
Location Information: based on Device and Usage Information, we are also able to determine general location information, but we do not store IP addresses.
In some instances, we process personal information from third parties. This consists of data from our partners, such as transactional data from providers of payment services, or information from third parties who assist us with fraud prevention.
From time to time, we may combine information we collect as described above with personal information we obtain from third parties. For example, we may combine information entered through a Krisp sales submission with information that we receive from a third-party sales intelligence platform to enhance our ability to market our Services to Customers or potential Customers.
As noted above, we will process Account Information in order to provide Krisp to our Customers. This includes End User information, in order to enable End Users to access and use Krisp, and may consist of names and/or email addresses.
As explained above, we do not have access to or store any voice content.
We do not directly collect your payment information and we do not store your payment information. We use third-party, PCI-compliant, payment processors, which collect payment information on our behalf in order to complete transactions. While our administrators are able to view and track actual transactions via customer portals, we do not have access to, or process, your credit card information.If we availed other payment methods, we may request your bank information to process refunds, if any.
We use your personal information for a number of different reasons, as further explained below.
For End Users located in the EEA, and the U.K., we must have a valid legal basis in order to process your personal data when we are acting as a ‘data controller’. The main legal bases under the European Union’s General Data Protection Regulation (GDPR) that justify our collection and use of your personal information are:
Performance of a contract: when your personal information is required in order to enter into or perform our contract with you, such as when you engage us to provide Krisp.
Consent: when you have consented to our use of your personal information via a consent form (online or offline).
Legitimate interests: when we use your personal information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
Legal obligation: when we must use your personal information to comply with our legal obligations.
Legal claims: when your personal information is necessary for us to defend, prosecute or make a claim.
Below are the general purposes and corresponding legal bases (in brackets) for which we may use your personal information:
Providing you access to and use of Krisp, including accessing content, features and functionality [depending on the context, performance of a contract, legitimate interests, or consent]
Providing Krisp and creating accounts [performance of a contract]
Processing and completing transactions, including verifying payments, and sending you related information, including purchase confirmations and invoices and important notices [depending on the context, performance of a contract or legitimate interests]
Developing and improving Krisp and user experience and conducting research studies, surveys. [legitimate interests or consent]
Responding to your queries and requests, or otherwise communicating directly with you such as to give you notices about your account [depending on the context, performance of a contract, legitimate interests, and in some cases, legal claims]
Detecting fraud, illegal activities or security breaches [legitimate interests]
Ensuring compliance with applicable laws [compliance with a legal obligation]
Conducting statistical analyses and analytics by monitoring and analyzing trends, usage, and activities on Krisp [consent where required, or legitimate interests]
Customizing Krisp experience according to your individual interests, such as through storing information about your preferences and recognizing you when you use or access the Site or Krisp [legitimate interests]
Managing our relationship with you, including Customer service or feedback [legitimate interests or performance of a contract]
Send you related information, such as updates, security alerts, and support messages [legitimate interests]
Increasing the number of Krisp customers through marketing and advertising [consent where required, or legitimate interests]
Sending commercial communications, in line with your communication preferences, about products and services, features, newsletters, offers, promotions, and events [consent and in some cases, depending on location, with existing customers, legitimate interests]
Carrying out our obligations and enforcing our rights arising from any contracts entered into between you and us, including for billing and collection [depending on the context, performance of a contract or legal claims]
We only disclose your personal information as described below.
Third-Party Service Providers
Company discloses personal information to our third-party agents, contractors, or service providers who are hired to perform services on our behalf. These companies do things to help us provide the Site and/or Krisp, and in some cases collect information directly, for example as explained in Payment Processing above. Below is an illustrative list of functions for which we may use third-party service providers:
Hosting and content delivery network services
Customer support services
Functionality and debugging services
Professional service providers, such as auditors, lawyers, consultants, accountants and insurers
Business Transfers and Transactions
As we continue to grow, we may purchase websites, applications, subsidiaries, other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities and/or sell assets or stock or receive financing, in some cases as part of a reorganization or liquidation in bankruptcy. In order to evaluate or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation or other corporate reorganization in which Company participates, to a purchaser or acquirer of all or a portion of Company’s assets, bankruptcy included, or to an investor.
When we act on behalf of our Customers (as a data processor or service provider), we may provide End Users’ personal information to our Customers in order to comply with their requests, End Users’ requests and/or regulator requests, among others. Occasionally, we will provide our Customers with aggregated information that does not identify End Users directly, in order to provide information about usage, demographics (such as location) or other general information.
Legal Obligations and Security
We respect and are committed to safeguarding your privacy and have undertaken and put in place reasonable security measures.
To learn about our Security measures, please visit our Security for Enterprises page.
General Retention Periods
We use the following criteria to determine our retention periods:
The amount, nature and sensitivity of your information.
The reasons for which we collect and process the personal data.
The length of time we have an ongoing relationship with you and provide you with access to our Site and/or Krisp.
Applicable legal requirements.
We retain personal information for as long as needed to provide Krisp. Note, however, that with respect to our Customers with active accounts, we may retain certain essential account information, but otherwise regularly delete other information that is less essential to the provision of Krisp in order to minimize our storage of data. We also will retain personal information that we’ve collected from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements). Additionally, we cannot delete information when it is needed for the establishment, exercise or defense of legal claims (also known as a “litigation hold”). In this case, the information must be retained as long as needed for exercising respective potential legal claims. When we no longer have an ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible. For any questions about data retention, please contact [email protected].
In some instances, we may choose to anonymize your personal data instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to you or any specific End User.
Company is a United States corporation, which primarily stores information in the United States. To facilitate our global operations, we may process personal information from around the world, including from other countries and in other countries in which Company has operations, in order to provide Krisp.
If you are accessing or using Krisp or otherwise providing personal information to us, you are agreeing and consenting to the processing of your personal information in the United States and other jurisdictions in which we operate.
If the GDPR applies to you because you are in the EEA or the U.K., you have certain rights in relation to your personal data:
The right of access: your right to request a copy of the personal data we hold about you (also known as a ‘data subject access request’)
The right of rectification: your right to request that we correct personal data about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your Account Settings)
The right to erasure (also known as the ‘right to be forgotten’): under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you)
The right to restrict processing: your right, under certain circumstances, to ask us to suspend our processing of your personal data
The right to data portability: your right to ask us for a copy of your personal data in a common format (for example, a .csv file)
The right to object: your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing)
Rights in relation to automated decision-making and profiling: our obligation to be transparent about any profiling we do, or any automated decision-making. These rights are subject to certain rules around when you can exercise them.
How you may exercise these rights depends on how you use Krisp, as explained below..
End Users in the EEA or the U.K.
Company has no direct relationship with End Users. Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their End Users, and this includes handling all data subject requests. We rely on our Customers to comply with the underlying legal requirements and respond directly to End Users when End Users wish to exercise the rights set forth above. However, if an End User sends a request to Company to access, correct, update, or delete his/her information, we will direct that End User to contact the Customer’s website(s) with which he/she interacted directly, and cooperate with our Customers as required by applicable law in order to ensure that our Customers satisfy their End Users’ requests.
If you have questions about data protection, or if you have any requests for resolving issues with your personal data, we encourage you to first contact us so we can reply to you more quickly.
Krisp Technologies, Inc.
2342 Shattuck Ave, Suite 367, Berkeley, CA 94704, United States