Kendo Privacy Policy
Effective: August 3, 2023 | You may contact us for previous versions of the Privacy Policy.
In a nutshell:
- Kendo is committed to processing your personal information lawfully and responsibly.
- Employers, marketers, and businesses worldwide use Kendo's services to improve their communications with candidates, prospects, and customers.
- Kendo Platform and Extension collect, generate, and process lists of business professionals and companies. In the process, data that may be considered ‘personal data’ is also collected and processed.
- Our customers receive or acquire contact details and lists from Kendo and then manage such data independently, on our Platform and other platforms they might use. If you want any of our customers to delete or stop processing your data, please contact them directly. If you want us to delete or stop processing your data, please contact us by clicking this link.
- Like most businesses, we at Kendo.com also collect and process personal information of our website visitors, business contacts, and customers.
- We respect your rights regarding your personal information.
- Have a question and can't find an answer? Contact us, we're here to help: [email protected].
Now in more detail:
1. Introduction and Definitions
Kendo.com Ltd. (“Kendo”) is an Israeli company. You can find our contact details below.
We operate an online platform (the “Platform”) and a Chrome Browser Extension (the “Extension”). The Platform, which includes a Professional Contact Database, portal and API, enables Customers to find emails and phone numbers of business professionals, search for email addresses under a specific domain, verify emails, and validate phone numbers. The Extension connects to the Platform and enables Customers to find out the contact details of specific LinkedIn users.
Kendo’s Platform and Extension collect, generate, and process contact details and lists of business professionals and companies. In the process, data that may be considered ‘personal data’ is also collected and processed.
Our Customers - people and businesses from around the world - receive or acquire contact details or contact lists from us and then manage such data independently, on our Platform and on other platforms they might use, such as their CRM systems, mailing systems, or telephony systems. Once they receive or acquire the contact details or lists, they decide the purposes for which they use the data, the means for processing the data, as well as the actions to communicate with people on these lists. Our Customers control the data they process and they are responsible under our Terms of Service for handling any data rights and data requests of individuals on these lists as Data Controllers.
We also collect, generate, and process data from various sources, and therefore assume Controller responsibility with respect to such data, when it is held and used by us. Our responsibilities as Controllers, as well as our Customers’ commitments and responsibilities, are detailed in our Terms of Service.
In addition, we also operate several Websites - such as https://kendoemailapp.com - and collect personal data of Visitors. Some Visitors and other people who communicate with us, become our business Contacts or Customers. We collect and process various personal information regarding our Visitors, Contacts, and Customers, and we are the Data Controllers for such personal data.
If you are a Visitor, Contact, or Customer of ours and have any issue regarding your personal information that we control, please contact us (details below).
2. How Do We Collect Personal Data?
If you’re a Contact or Customer of ours, there might be several ways in which we receive your personal data:
- When you share it with us directly, through your communication with us on the Website’s contact forms, through our Extension installation and usage, by email, phone, chat, or facsimile, in conferences, meetings, or via any other communication channel
- When other Customers, Contacts, resellers, business partners, or third parties, share your information with us, based on their interaction with you, their purposes, their legal bases, and their privacy policy. In such cases, we take responsibility for controlling only the personal data that we have received.
- We might augment the personal data we have about you with information you provided us directly, information others have provided us about you, data we’ve collected about you from your use of Kendo or Websites (see below), and available data about you in the public domain.
If you’re a business professional listed in our Professional Contact Database (“Data Subject”), there are several ways in which we receive personal data about you:
- Your data was available in the public domain and was collected by our staff or technology (inc. our web crawler or our Extension); or
- Your data was given to us or purchased by us from another company; or
- Your data was generated based on likely patterns (for example: standard corporate email addresses structure)
If you’re a Visitor to our Websites or a Customer using our Platform or Extension, we might receive some personal data through your device, operating system, and browser, and various hosting, tracking, analytics and advertising technologies, such as cookies (see below), Customer support services, social media information, and other technologies. Our Websites do not currently respond to “Do Not Track” signals sent by your browser or device.
If you’re an Extension Customer, your data is not being added to our Professional Contact Database, it is not sold to third parties, outside of the approved use cases disclosed on the Google Chrome Web Store terms, it is not being used or transferred for purposes that are unrelated to the Extension's core functionality, and are not being used or transferred to determine creditworthiness or for lending purposes.
3. What Personal Data Do We Process?
Kendo focuses on business professionals’ data. We try to avoid processing non-business (i.e., personal and private) contact details in our Professional Contact Database. We do not collect sensitive data of any kind. Some of the data we collect may be considered ‘personal data’ in some countries and jurisdictions.
If you’re a Contact or Customer of ours, we may collect and process these types of personal data about you:
- Identification and Account information, such as full name, username and password
- Contact details, such as country/time zone, home, work, and billing addresses, phone numbers, and email address
- Phone contacts information and social networking information you’ve shared with us
- Work-related information, such as company, division, department, role, and title information
- Payment information, such as billing information. If you’re a Customer paying by credit card, our payment processor collects your payment information and we do not have access to it.
- Any personal data contained in any photos, media, and other files sent to us or uploaded to the Platform
- Any other personal data you provide us on any communication channel, such as email correspondence, customer support, and product feedback.
On the Platform, various types of information about business professionals (Data Subjects) are collected, some of which might be considered ‘personal data:
- Identification information, namely full name, profile URL on social media
- Contact details, namely phone numbers and email addresses
- Professional information, namely current and former companies/employers and current/former positions or titles
- Location information, namely country and city (we do not collect street addresses or GPS coordinates)
We also collect and process these types of personal data about anyone using the Platform, Extension, or Websites:
- Usage, logs, analytics, and other device and technical data collected when you use our Websites or Extension, including device information and identification numbers, operating system information, IP address, browser and session information, browsing history and referrals, cookies information, advertising identification numbers, language information, connectivity information, configuration information, metadata of files, and usage information (such as screen views, clicks, and usage time).
4. What About Personal Data of Children?
Kendo is a platform that is intended to list only business professionals. Our services are also intended to be used by adult Customers only. As a result, we do not intend or attempt to have any children’s data on our Platform or Professional Contact Database. If we become aware that a minor is included in our Professional Contact Database or our records, we will delete his/her information.
Please contact us if you have any concerns with respect to children’s personal data on Kendo’s services.
5. What About Cookies?
A cookie is a small data file that your browser saves on your computer or mobile device. We use cookies to collect information and provide our services. We may use cookies to save your login credentials, enable certain features, understand how you interact with us, monitor your usage of our Platform, Extension and Websites, products and services, and personalize your experience and advertising displayed to you. You can set your browser to prevent the use of cookies. If you don’t accept cookies, our Websites and Kendo services might not function properly.
6. What Are The Purposes for Processing Personal Data? How Is Your Personal Data Used?
Customers who receive or purchase Contact Details or Lists
The purposes for the processing of personal data by our Customers are determined by them. Each Customer might use Kendo services for different purposes. Such purposes might include validation of details entered by candidates and prospective customers, preventing identity theft, preventing online fraud, recruiting of candidates, outreach to potential customers, business-to-business (B2B) direct marketing and sales, data validation, data augmentation, and more. Our Customers take Data Controller responsibilities with respect to the data of business professionals that they receive or acquire from us and they are responsible for their use of such data and for handling any Data Subject requests.
Kendo
If you’re a Data Subject, we collect, generate, and process your data to provide our services to our Customers, so they can achieve their respective purposes. Kendo may use your contact details to communicate with you and to provide you with various notices, to provide technical support, or to handle requests and complaints.
We also use of the data collected on the Platform and Extension, including usage, analytics and statistical data, to ensure our products and services are working as intended; to analyze, measure and understand how our services are used; to improve our products and services; to develop new features, products, and services; to protect our company, staff, and Customers; and to comply with any applicable law and assist law enforcement agencies under any applicable law.
We may also use anonymous, statistical or aggregated information collected on the Platform, in a form that does not enable the identification of a specific user, by posting, disseminating, transmitting or otherwise communicating or making available such information to Customers, vendors, partners and any other third party.
Websites, Customers, Contacts and Visitors
If you’re a Customer, Contact, or Visitor on our Websites or a Customer using our Extension, we may process your personal data for our own business purposes, including:
- Delivering our products and services, improving them, and developing new features, products, and services
- Providing information about our company, products, and services
- Providing customer support, billing and invoicing
- Contacting you via any communication channel, including email, phone, Whatsapp, SMS, Extension, and other messaging platforms
- Analyzing and optimizing Websites traffic, as well as Website and Extension usage
- Protecting of our company, staff, Customers, and systems
- Online advertising in all forms and channels, including targeting you and others who share similar characteristics as you (lookalikes) online on search engines, websites, apps, messaging platforms, social networking platforms, and offline
- Direct Marketing in all forms and channels, including email, SMS, messaging, postal service, and more; you can always opt-out from Direct Marketing by unsubscribing yourself through links on any communication or by contacting us and notifying us accordingly.
7. What Is The Legal Basis For The Processing of Data?
Customers who receive or purchase Contact Details or Lists
Our Customers use the data based on their own, respective legal bases.
Kendo
As Data Controllers, we process the personal data of Data Subjects based on any or some of the following legal bases:
- Processing is necessary for the performance of a contract to which the data subject is party (for example, an agreement of a data subject with a Customer of ours) or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary for the purposes of our legitimate interests, for example, the conduct of our business, the development and delivery of our products and services, and the promotion and sales of such products and services;
- The data subject (Customer or Data Subject) has given consent through forms, the Extension, Websites, or otherwise (e.g. by providing consent to a third party from which we’ve received his/her details), to the processing of his or her personal data for specific purposes communicated by Kendo in this Privacy Policy (or a third-party in its Privacy Policy).
Websites, Customers, Contacts, and Visitors
As Data Controllers for our Customers, Contacts and Visitors’ personal data, we process personal data based on any or some of the following legal bases:
- The data subject has given us consent to the processing of his or her personal data for specific purposes communicated in this Privacy Policy;
- Processing is necessary for the performance of a contract to which the data subject is a party - for example, an agreement with us, such as our Terms of Service or Data Processing Agreement - or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary in order to protect the vital interests of the data subject or of another natural person, for example, protecting our staff;
- Processing is necessary for compliance with a legal obligation to which we are subject, for example, the need to maintain billing records for transactions;
- Processing is necessary for the purposes of the legitimate interests pursued by us, for example, the conduct of our business, the development and delivery of our products and services, and the promotion and sales of such products and services.
8. Who Is Your Information Shared With?
Kendo
For the delivery of our services, we share contact details and lists on our Extension, Platform and otherwise with our Customers, who become Data Controllers with respect to such data. Our Customers may select to share the information with others.
Customers, Contacts, and Visitors
We process your details on our cloud servers (DigitalOcean and Microsoft Azure) and computers, cloud CRM services (such as Zoho), support systems and services, billing and payment systems (such as BlueSnap), SMS gateways, Email and SMS communication services (such as SendGrid and Google), project management systems (such as Trello and Slack), and backup systems. We may share some of your details with our staff, consultants, resellers, affiliates, and other third-party business partners for research and analysis, cooperation opportunities, joint promotions, sales, and events.
Everybody
We use additional processors around the world for various processing activities needed for the performance of Kendo, our Websites, our Extension, our other products and services, our operations, and our business, and share information with such processors on a need basis. Such processors include hosting and backup providers (such as DigitalOcean, Microsoft Azure, Amazon Web Services, and Google), analytics providers (such as Google, LeadFeeder, and CrUX), website technology (such as Strapi), advertising technology (such as Google, Facebook, and Capterra), telecommunication and chat services (such as Crisp Chat), security technology (such as Cloudflare), and more. We limit the information we share with each processor based on the business need in using such processor, to protect your information while still effectively benefiting from the services of such processor.
We may also share non-personally identifiable information and aggregate information for any purpose. Such data is not personal data, and its sharing cannot be used to identify you.
We may need to share your information with law enforcement agencies, courts of law, and other governmental organizations, if ordered to do so by competent bodies and according to applicable law.
Mergers and Acquisitions
If we are involved with a merger, asset sale, financing, liquidation, bankruptcy, or the acquisition of all or part of our business to another company, we may share your information with that company and its advisors before and after the transaction date.
9. How Do We Safeguard Your Personal Data?
We take information security very seriously. We implement the state of the art security standards to prevent unauthorized or excessive access, maintain data accuracy, and ensure the correct use of information. We encrypt all major data communication transmissions to avoid interception and securely backup the information on the Platform to avoid data loss. We also implement appropriate organizational measures to protect your information.
We apply our security standards also when working with business and technology partners. We only select and contract with processors and third parties who use appropriate security measures and provide sufficient guarantees, including technical and organizational measures, to ensure the appropriate protection of the data we entrust with them. Unfortunately, although we make every effort to keep your data safe, we cannot fully ensure or warrant the security of your personal information.
You can take part in securing your personal data. If you’re a Customer, prevent unauthorized access to your computer, mobile phone, Kendo Extension and account, and to personal information by selecting a strong password and protecting your login credentials appropriately. Lock your computer or phone when you’re not using it.
10. Do We Transfer Personal Data Internationally?
Most of our information is stored over the cloud on DigitalOcean and Microsoft Azure in the U.S. These hosting providers take extreme measures with respect to privacy and data security. Our company and staff are located in Israel.
At the same time, our business is international - we serve Customers around the world and we utilize additional processors and service providers in various countries. Therefore, we transfer, store or otherwise process your personal information in other countries.
We take appropriate safeguards in the selection of our processing vendors around the world to require that your personal information is well protected. We also limit certain Customers from receiving information about business professionals from certain countries.
Despite our efforts, it may be the case that a country where your personal information is processed has different, or less protective, data protection and privacy regulation than the country you live in.
11. For How Long Do We Keep Personal Data?
We keep the personal information we collect for different periods, depending on the type of information, the period of our contract with our Customers, legal requirements regarding certain types of data, and other factors. Generally speaking, we will retain your personal information for a period reasonably needed to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. We will also retain your personal information for as long as necessary to resolve disputes, enforce our rights and agreements, and protect our staff and Customers.
If we no longer need your information for the purposes mentioned in this Privacy Policy, we will delete or anonymize it. On certain occasions, we might not be able to fully delete or anonymize your personal information due to technical or operational reasons, for example deleting from backup storage and archives. In such cases, we shall take reasonable measures to secure any information still maintained by us according to our standard data security practices.
Please be aware that our Customers may also retain on their own systems and computers copies of personal data received from Kendo, even after we completed the provision of our services, ended our contractual relationships, and deleted or anonymized any data on the Platform. Such data retention by Customers is subject to their purposes, legal bases, Privacy Policy, and any applicable law. We take no responsibility for Customers’ use of personal data.
12. What Are Your Rights With Respect to Your Personal Data?
According to the data protection and privacy regulation where you live, you may have certain rights with respect to your personal information.
Your rights may include, under certain terms and conditions set in the EU General Data Protection Regulation (GDPR), California Privacy Rights Act (CPRA), or other applicable laws:
- Right of Access to your personal data processed by us
- Right to Rectification of inaccurate or incomplete personal data
- Right to Erasure of your personal data (“Right to be Forgotten”). Opt-Out by clicking here.
- Right to Restriction of Processing for a certain period or under certain conditions. Opt-Out by clicking here.
- Right to Data Portability of your personal data to another data controller in a structured format
- Right to Object the processing of your personal data. Specifically, you have the right to object to further processing of your personal data for direct marketing purposes. Opt-Out by clicking here.
- Right Not To Be Subject to a Decision Based Solely on Automated Decision-Making. We do not make any decisions based solely on automated decision-making.
- Right to File a Complaint with the applicable data protection authority in your country
- Right to know whether personal data are sold or disclosed, and to object to the sale of your personal data. As part of Kendo services, data that might be considered personal data are disclosed and sold. Opt-Out by clicking here.
- Right not be discriminated against for exercising your privacy rights
If you opt out of our Business Contact Database, we will keep the URLs of your public social profiles so that you’re less likely to get re-added to the database in the future as a result of our data collection activities.
After the deletion or anonymization of your personal data following its retention period, the rights to access, erasure, rectification, and data portability cannot be enforced.
Your Choices with Respect to Your Personal Information
Your personal information is processed based on several legal bases, including your consent. You can withdraw your consent at any time. Other legal bases, including statutory or contractual requirements that apply to you or our Customer might remain intact even following the withdrawal of your consent. If you’re a Customer, you can also uninstall the Extension or cancel your Platform account - this would stop sending new personal data to us.
13. Do We Ever Change Our Privacy Policy?
Occasionally, we change this Privacy Policy to accommodate product and service development, industry standards, or new regulation. We will let you know personally if such changes are material, and seek consent for the updated Privacy Policy where required and as needed.
Please read the latest Privacy Policy available here from time to time. Note that we may require your consent to our up-to-date Terms of Service and Privacy Policy whenever you use our Websites, Platform, or Extension. If you do not agree to these terms and privacy policy, please do not use our services.
14. Who Can You Contact Regarding Your Personal Data?
You can contact us with any question or concern you have at:
Kendo.com Ltd.
Haparsa St., Herzliya , Israel
[email protected]