PRIVACY POLICY
Update Date: December 17, 2022
Welcome to Kogito!
We are committed to protecting the privacy of the personal information you provide to us when using Kogito and we value your privacy. That's why we have created this document (the “Privacy Policy”). It applies to all Users of the Platform.
We invite you to carefully read our Privacy Policy and to contact us for any question about the collection and processing of your Personal Data at the following e-mail address: info@mykogito.com.
Please note that the Privacy Policy is an integral part of the General Terms of Use and that the definitions set forth therein are applicable to this document.
1. Scope and Application
The Privacy Policy details the Personal Data collected and processed when using our Application, the purposes for which Users' Personal Data is processed, how Kogito uses it, and the features offered to allow Users to access and update their Personal Data.
Personal Data is defined as any information relating to a natural person who can be identified, directly or indirectly. It is for example: the name, first name, email and postal address of a physical person, his image on a photograph or a video, an IP address, a location data, etc.
2. Acceptance and Modification of Our Privacy Policy
By accepting the Terms of Use, you confirm that you have read and accept without limitation or qualification this Privacy Policy, which forms an integral part of the ToU. In case of disagreement with one or more of its conditions, the User is free not to use or no longer to use our services (especially in case of modification of the terms of the Privacy Policy).
This Privacy Policy may change from time to time, but any reduction in your rights will not be enforced without your consent. Kogito will post new versions of the Privacy Policy on the Application and at https://www.mykogito.com/privacypolicy and will alert Users by means of a pop-up window that will appear upon opening the Application.
In general, the Privacy Policy is always easily accessible at https://www.mykogito.com/privacypolicy or from your User Account settings.
3. Identification of the Data Controller
The processing of your Personal Data is subject to French law, including Law No. 78-17 of January 6, 1978 relating to computers, files and freedoms, as amended (known as the Data Protection Act) as well as the EU Regulation 2016/679 of April 27, 2016, known as the General Data Protection Regulation (GDPR).
According to the regulations in force, Kogito is the Controller of the processing of your Personal Data.
In this capacity, Kogito undertakes to comply with the legal provisions in force and to carry out a lawful, fair and transparent processing of Personal Data of Users. Kogito also guarantees to the Users that this processing is in accordance with the explicit and legitimate purposes determined in the Privacy Policy. The duration of processing does not exceed the time necessary for the purposes for which the Personal Data are collected and processed.
4. Categories of Personal Data Processed When Using the Application
a) Which Personal Data Are Processed?
In order to provide access to the Platform to its Services, Kogito may collect several categories of Personal Data about you, for different purposes, legal bases for processing and different retention periods. We offer a summary of all this information in the table below.
If you wish to know more about the Data collected and the purposes of processing you can also read the details below the following table.
-
Details On The Personal Data Collected and Processed
Kogito collects two different types of Data:
(i) Data that you provide to us
Profile Data: This is the Data that you are required to enter when you sign in: your phone number, first or last name, username, and password.
You can also fill in optional Data: your biography, email address, date of birth, profile picture.
Communications with Kogito : When you report a problem with the Platform (inappropriate content, bugs, errors), respond to a survey about the quality of our Services, request assistance, or make a request to exercise your rights, we record the information you agree to share with us or that we need to respond to your request.
(ii) Data we collect when you use our Services
Data related to your activity on Kogito: this notably includes:
-
Connection Data: IP address, date of registration, date of your last connection;
-
Data about how you interact with other Users: the number of friends and invitations, comments left on Content shared by your friends, the friends with whom you interact the most;
-
Data about how you use our Services, including use of emojis, time of posting, number of late Kogito posts, etc.
Content Data: We collect content that you create through our Services such as thoughts, emojis and comments. Note that Users who view your Content can always take a copy or screenshot of it. Therefore, we strongly recommend that you do not post or send to a friend any Content that you do not want to share.
Geolocation Data: Use of the Service requires your consent to the collection of Geolocation Data.
If you do not want Kogito to collect your Geolocation Data, you may refuse to give the Platform permission to access your location when you first open the application. If you wish to withdraw your consent after accepting such processing, you must change the permissions given to the application in the system settings of your phone.
Phonebook Data: With your consent, Kogito may access your phone book to identify your contacts already registered on Kogito or so that you can invite your friends to register on the Platform. We never access your contact list without your permission.
Device and Equipment Data: We collect information about and from the devices and equipment you use to access Kogito. This includes your IP address, device type, application crashes, operating system version, language used.
Cameras and Photos: Some of our Services require that you allow us to collect Data from your phone's camera and photo library (i.e. send and upload photos). If you refuse to allow us access to your camera or photo library, you will not be able to take, upload and share your own photos.
-
Details of the legal basis and purposes of the processing
We process the above-described Data in accordance with the requirements of the GDPR for various purposes on the bases of:
-
Contract performance where the processing enables Kogito to provide the Services as described in the Terms of Service. This includes:
-
Access to the Platform and related services (profile visibility, transmission of comments and shared content, suggestion of friends, emojis);
-
The proper functioning of Users' accounts;
-
Notifications that it is time to write your thought;
-
Notification of changes to our services;
-
User support services;
-
Administration of the Platform, repair and correction of bugs, updates;
-
The provision of services for sharing User Content and interacting with other Users;
-
-
Our legitimate interests where the processing allows us to provide you with an efficient and dynamic Platform. This includes:
-
Monitoring User Content, comments, messages and associated metadata for administrative purposes and to verify their compliance with our Terms of Service;
-
Verifying the compatibility of the content presentation methods with respect to the type of device used;
-
The understanding of the modalities of use of the Platform by the Users for the purposes of improvement, development and commercial promotion of the Application;
-
Verifying the stability and security of the Platform;
-
Identifying criminal activities, fraudulent behavior, misuse of the Platform;
-
Sending surveys and requesting feedback in order to improve the Services offered.
-
-
Compliance with our legal obligations where the processing of Data is aimed at preventing and combating abusive, fraudulent, and illegal activities.
-
Your consent where the processing relates to geolocation or phonebook Data. This includes:
-
Geolocation for the purpose of connecting the User with friends who are geographically close to the User's location;
-
Geolocation for the purpose of indicating where User content was created;
-
Access to the phone book to identify Users of our Services that you know.
-
b) Cookies
A “cookie” (or “tracker”) is a connection indicator that designates a text file that may be recorded in a dedicated space on the hard disk of your terminal (computer, tablet, or smartphone), when you consult a service available online. A cookie allows its issuer to identify the terminal in which it is stored, during the period of validity or storage of the cookie. The cookie does not identify the User as such; it is used to record your browsing information on the Platform.
When you connect to the Platform, information relating to your browsing is likely to be recorded in “Cookies” files installed on your terminal, according to the choices you may have expressed concerning cookies and which can be modified at any time. These cookies allow personalized navigation and are also used for analytical purposes (audience measurement).
The existence of cookies and their purpose(s) will be indicated to you when you connect to the Platform, by the presence of an information banner placed at the bottom or top of the home page.
The deposit and reading of cookies on your terminal generally requires your prior consent, which, if applicable, is obtained by clicking on “I accept”. The consent given for the use of cookies is valid for 13 months. After this period we will ask you to renew your agreement.
In case of refusal of cookies, objection to those stored by default, or deletion of the cookies, the User is informed that he can no longer benefit from a number of features that are nevertheless necessary to navigate in some areas of the Platform. Where appropriate, Kogito disclaims any responsibility for the consequences related to the degraded operation of its Services resulting from the inability of Kogito to record or view the cookies necessary for the proper functioning of the Platform and that you have refused or deleted.
Finally, it is important to distinguish the cookies issued on the Platform from those issued by third parties. In this respect, we inform you that cookies may be placed from time to time on certain pages of the Platform by third parties (advertisers or others). Please be aware that Kogito has no control over the use of cookies by third parties.
Kogito uses the following cookies and trackers:
-
On the Application:
-
Cookies that are necessary for you to use the Services, such as allowing you to stay logged into your account;
-
Cookies analyzing your use of the Application to generate statistical reports, without identifying you:
-
Google Analytics
-
Sentry
-
-
Cookies necessary for the proper and efficient operation of the Application, for example by saving your user preferences.
-
-
On the website www.mykogito.com:
-
cookies analyzing your use of the website to generate statistical reports, without identifying you:
-
Google Analytics
-
-
5. Conditions of use of Personal Data
Any use of Personal Data for purposes other than those set out above in our Privacy Policy will require the prior express consent of the User.
Kogito undertakes to keep the Personal Data of the Users only for as long as is strictly necessary for the declared processing of the data for the above-mentioned purposes or for the exercise and establishment of its legal rights, and in any case within the limits imposed by the law.
Kogito undertakes to delete the Personal Data from its databases at the end of these various periods. In case of request for deletion of your account, it will be effective within 30 (thirty) days. All of our backups are automatically deleted after 90 (ninety) days.
However, Kogito may retain certain information for a period of time after the closure of the User's personal account in order to meet legal, accounting and tax obligations and, in particular, to prevent possible unlawful behavior after the deletion of a User Account (reuse of an old account by a third party). In this case, the Personal Data will be deactivated and will no longer be accessible online.
6. Sharing of Information with Third Parties
a) No disclosure of Personal Information to third parties
With the exception of Content that you have licensed to us in accordance with the Terms of Use, Kogito will not disclose to third parties any information or Personal Data provided by Users. This information and Personal Data is used exclusively by Kogito's internal services and will not be transferred or sold to third parties without your prior express consent.
b) Communication of Personal Data for external processing purposes
Your information and Personal Data may, where appropriate, be transmitted to third party contractors involved in the provision of the Services (technical and hosting providers, sending notifications, publishing and sharing content, user tracking and satisfaction surveys, management of security incidents or fraudulent activity, etc.).
Kogito undertakes to communicate Users' Personal Data only to authorized and trusted service providers, who process it on our behalf, according to our instructions, in accordance with this Privacy Policy and in compliance with any other appropriate security and confidentiality measures.
c) Disclosure of Personal Data outside the European Union
Processing Personal Data as described in the Privacy Policy may involve transferring your Data to one or more other countries, inside or outside the European Economic Area, including the United States.
Where applicable, we use standard contractual clauses and/or other mechanisms approved by the European Commission to maintain a level of protection for your Personal Data equivalent to that guaranteed by the GDPR.
d) Disclosure for Legal and Statutory Purposes
Information and Personal Data may also be disclosed to a third party if Kogito is required to do so by law, regulation, or court order, or if such disclosure is necessary for the purposes of an investigation, court order or legal proceeding, either domestically or abroad.
In addition, Kogito may share information and Personal Data with third party companies, consultants or individuals in order to:
-
Enforce the Privacy Policy and the General Terms of Use of the Application in force, including to ascertain any breach thereof;
-
Protect against any infringement of the rights, property or safety of its users, in accordance with and in compliance with the law.
7. Security of Personal Data
We implement technical and organizational measures, such as encryption of Data or restriction of access to authorized personnel, to ensure that your Personal Data is processed securely in accordance with the Privacy Policy. However, the transmission of information via the Internet involves irreducible risks that do not allow us to guarantee perfect security of the information transmitted via the Platform. Consequently, any transmission of Personal Data is made at your own risk.
8. Respect of the rights of the Platform Users
You have certain rights regarding your Personal Data, as follows:
-
Right of access: it allows you to access free of charge the Personal Data collected about you.
-
Right of rectification: it allows you to update or correct the accuracy of your Data. You can exercise this right directly from your account settings.
-
Right of deletion: it can be exercised when the processing of Personal Data is no longer necessary for the purposes for which they were collected or, if applicable, when you withdraw your consent to the processing.
-
Right to object to the collection and processing of all or part of your Personal Data: this right is not absolute and applies only to Personal Data collected for commercial prospecting purposes, including profiling when it is linked to commercial prospecting activities. When you choose to object to such processing we ask you to indicate the reasons for your objection so that we can balance our legitimate interests against your request.
-
Right to limit the processing of Personal Data. This right is not absolute, and can only be applied when:
-
a request for rectification has been made under the right of rectification described in 8.2. You may then request that the processing of your Personal Data be stopped for the time necessary to verify the accuracy of the requested rectification.
-
you wish to object to the deletion of your Personal Data whose processing was unlawful;
-
Kogito no longer needs the Personal Data in accordance with the purposes of processing but they are still necessary for the establishment, exercise or defense of legal claims;
-
You wish to exercise your right to object as described in 8.4. You may then request that the processing of your Personal Data be stopped for the time necessary to balance our legitimate interests against your request.
-
Before we can respond to a request to exercise one or more of your rights, we may ask you to confirm some of your Account information to verify your identity. In case of reasonable doubt, we may ask you for identification.
9. Information Regarding Children
Kogito is not intended for children under the age of 13. If you believe that we have Personal Information about a child or that it has been collected from a child under the required age, you may report your concerns to us by reporting the content or the User Account.
10. Information About Users Located In the USA
This clause is only valid and legally binding if you are a party to the Kogito Terms of Service. This clause regarding U.S. users, including California and Virginia residents, applies to Personal Information (as defined in applicable regulations) provided to Kogito by the User.
In light of the California Consumer Privacy Protection Act of 2018 (“CCPA”), we are providing this information to you as a service provider required to process your Personal Information (as defined in the applicable law), to confirm that we have adequate contractual terms in place. The term “applicable law” refers to all laws, regulations, standards, regulatory guidance and self-regulatory guidelines that may apply in relation to the management of your Data. Applicable laws include, but are not limited to, the California Consumer Privacy Protection Act (Cal. Civ. Code §1798.100 - 1798.199), or the Virginia Consumer Data Protection Act (SB 1392).
As a service provider, we will collect, hold, use, disclose and process your personal information only to fulfill our obligations to you under our agreement, for operational purposes previously stated in this Policy, to the exclusion of any other purpose.
We will not sell your personal information or disclose your personal information for commercial purposes.
We certify that we understand and comply with the restrictions and obligations set forth in Cal. Civ. Code § 1798.140(w)(2) as well as Va. SB 1392. In the event of any inconsistency or conflict between the terms and conditions of this clause and the TOS or Privacy Policy, the TOS or Privacy Policy shall govern with respect to Data of individuals in the European Economic Area.
If you have any questions about the CCPA or other U.S. regulations at Kogito or to exercise your rights under them, you may contact us as set forth in Section 11.
11. Contact
You can exercise these rights at any time by e-mail to: info@mykogito.com
Kogito undertakes to respond to your requests concerning the Privacy Policy or the exercise of your rights, as soon as possible and no later than the time limit set forth by applicable legislation.