Privacy Policy
Your privacy is important to us. We respect your privacy regarding any information we may collect from you across our website.
At Kroolo, we collect and manage user data according to the following Privacy Policy, with the goal of incorporating our company values: transparency, accessibility, sanity, usability. This document is part of Kroolo's Terms of Service, and by using Kroolo.com (the “Website”), you agree to the terms of this Privacy Policy and the Terms of Service. Please read the Terms of Service in their entirety, and refer to those for definitions and contacts.
Data Collected
Kroolo collect and receive information from our Services and Website. Such information is classified as Personal Information and Non-Personal Information as defined below.
Personal Information
Personal information is data that can be used to uniquely identify or contact a specific individual or user.
Here are examples of the types of personal information that we collect:
When you Sign up and create a Kroolo account, we collect a variety of information, including your name, email address;
When you update your profile picture in your Profile page. You are able to view, change and remove your data associated with your profile;
When you pay for the Subscription services, we collect your Billing detail to process the payment.
Non-Personal Information
Kroolo also collects or receives Non-Personal information or Other information, required to deliver our services.
Services metadata. When user interacts with the Services, metadata is generated that provides additional context about the way you use the Services. For example, Kroolo creates the Workspaces, projects, goals, documents, channels, and other contents, that you use to interact with Kroolo.
Log data. Kroolo automatically collect information when you access or use our Website or Services and record it in logs. This log data may include your Internet Protocol (IP) address, the address of the web page you visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, and your language preferences.
Device information. Kroolo collects information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the type of device used and its settings.
Location information. We receive information from you that helps us approximate your location. Kroolo may, for example, use IP address received from your browser or device to determine approximate location to assist with localization or for security purposes.
Cookies information: We ask you to log in and provide certain personal information (such as your name and email address) in order to be able to save your profile and the documents and comments associated with it. In order to enable these or any other login-based features, we use cookies to store session information for your convenience. You can block or delete cookies and still be able to use Kroolo, although if you do you will then be asked for your username and password every time you log in to the Website.
Minors and children should not use Kroolo. By using the Website, you represent that you have the legal capacity to enter into a binding agreement.
Collection and Use of Personal Information
We collect user information using user authenticated consent from Google, if user chooses to Sign-up through Google. Manual sign-up requires user to provide personal information, such as, name and email address, which is collected and stored securely within our infrastructure hosted on AWS.
Personal information is data that can be used to uniquely identify or contact a specific individual.
You may be asked to provide your personal information anytime you are in contact with us (like when you fill out our contact form or sign up for a newsletter). You are not required to provide the information we requested, but if you choose not to do so, in many cases this means we will not be able to provide you with our products or services or respond to your inquiries.
Here are examples of the types of personal information that we collect:
When you visit our website, connect to our services, contact us, use our software, create a Kroolo account, or subscribe to your newsletter, we collect a variety of information, including your email address, device information, IP address, and a record of your communication.
When using Kroolo to update your tasks, documents, comments, chat messages, we collect the content you provided, as well as additional information such as access logs and device identifiers.
When using our software, we collect additional information such as crash reports, information about the operating system, application version, user language, and whether or not you're logged in to Kroolo.
How we use your personal information
We collect and process all your personal data in accordance with the relevant data protection regulations, including the General Data Protection Regulation (GDPR). This means that we may process your personal information for the purposes described in this Privacy Policy with your consent, if it is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, if it is necessary for compliance with a legal obligation to which Kroolo is subject, or when we have assessed it is necessary for the purposes of the legitimate interests pursued by Kroolo or by a third party to whom it may be necessary to disclose information.
The personal information we collect allows us to keep you up to date on our latest product announcements, software updates, and services. You may at any time opt out of receiving such communications by contacting us. In particular, we only send you our newsletter with your prior consent, and you can opt out of receiving the newsletter anytime by clicking the unsubscribe link we include in each newsletter, or by contacting us.
We also use the personal information we collect to help us create, develop, deliver, protect, and improve our products, services, content, and customer communications.
We may use your personal information to send important notices, such as communications about changes to our terms, conditions, and policies. As this information is important to your interaction with Kroolo, you may not opt out of receiving these communications.
We may also use personal information for internal purposes such as auditing, data analysis, and research to improve our products, services, and customer communications.
With respect to any documents and files you may choose to upload to Kroolo, we take the privacy and confidentiality of such documents and files seriously. We encrypt all documents and files. If you choose to make a document public, we recommend you redact any and all references to people and addresses, as we can't protect public data and we are not responsible for any violation of privacy law you may be liable for.
We employ industry standard techniques to protect against unauthorized access of data about you that we store, including personal information.
We do not share personal information you have provided to us without your consent, unless:
doing so is appropriate to carry out your own request;
we believe it's needed to enforce our Terms of Service, or that is legally required;
we believe it's needed to detect, prevent or address fraud, security or technical issues;
otherwise protect our property, legal rights, or that of others.
Collection and Use of Non-Personal Information
We collect user information using:
1. User authenticated consent from Google, if user chooses to Sign-up through Google. Manual sign-up requires user to provide personal information, such as, name and email address, which is collected and stored securely within our infrastructure hosted on AWS;
2. User authenticated content from Slack, if the user chooses to connect through Slack. This ensures that Kroolo collects enough information from Slack to validate that user’s authentication profile with Slack, so that user shall be able to push notifications from Website to specific Slack channel.
Non-personal information is data that cannot, on its own, be used to uniquely identify a specific user. We may collect, use, transfer, and disclose non-personal information for any purpose. We may combine personal and non-personal information for certain purposes; this data will then be treated as personal information for as long as it remains combined.
Conversely, aggregated information, i.e. data that might have originated from personal information, but that has been processed in such a way as to not allow personal identification, is treated as non-personal information.
Cookies and Other Technologies
Our website, services, apps, email communications and advertisements may use “cookies” and other technologies such as “pixel tags” and “click-through URLs”.
We use the information we collect in this manner to better understand our users’ interaction with our website and to optimize the user experience. You can disable cookies in your browser settings, but please note that certain features on our website may not be available as a result.
In our email communications, we may use other technologies like “pixel tags” and “click-through URLs” in order to determine if an email has been opened and which links have been clicked. We use this information to help us determine interest in particular topics and improve the effectiveness of our communications, and to reduce or eliminate messages sent to customers. Pixel tags are small images shown inside an HTML email; you can disable tracking by disabling HTML in your email client. A link with a click-through URL, when clicked, first sends the user to a web server which records the click, and then to the link’s destination. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
As you access our services, we gather some information automatically on our servers and store it in log files. This information includes your browser type, version, and language, your operating system, the referring and exit websites, IP address, a date/time stamp of the request, and the requested resource (file name and URL). We use this information in anonymized form for statistical analysis, to administer our site, and to improve our product and services, without directly associating this data with individual users.
Kroolo is operated from the United States. If you are visiting the Website from outside the U.S., you agree to any processing of any personal information you provide us according to this policy.
Kroolo may contact you, by email or other means. For example, Kroolo may send you promotional emails relating to Kroolo or other third parties Kroolo feels you would be interested in, or communicate with you about your use of the Kroolo website. Kroolo may also use technology to alert us via a confirmation email when you open an email from us. You can modify your email notification preferences by clicking the appropriate link included in the footer of email notifications. If you do not want to receive email from Kroolo, please opt out of receiving emails at the bottom of any Kroolo emails or by editing your profile preferences.
Sharing of Data
We don’t share personal information with anyone outside of Kroolo, except for the few exceptions below.
We work together with other third-parties who provide information processing services, to provide aforesaid mentioned services to Kroolo’s users. We share personal or non-personal information with these third-parties if you have agreed to the transfer, or if it is permitted by data protection law.
The information we share is limited to the data necessary for the third parties to provide their services.
We use these third-parties for the following services:
Sign up with Google – we use Google’s Sign up service, to complete user authentication and onboarding as chosen by the user;
Notifications – we use Slack as our integration partner, to send user-initiated notifications (example task status change, project completion and others). After Slack authentication is completed, notification rule is managed by the user;
Payment and Billing processing - we use Chargebee to process the Subscription payment on our behalf, and for that, basic customer information like name, email and billing information is shared;
Help desk support - we use Zendesk to provide the support services for our customers, and for that, email and user generate query is shared for proper review and response;
Authentication service - we use AWS Cognito for authentication services ‘OAuth’, and for that, user information like name, email and login credential is shared;
Analysing website traffic - we use Google Analytics, and for that cookies and session information is shared;
Email services - we use AWS SES (for transactional emails) and HubSpot (for promotional emails), and for that, email is shared. Email preference is managed by the User.
AI Models - we use Large Language Model ('LLM') as a prompt, to process user initiated prompts to generate the response, and for that, we share the prompt and prompt contex from our Website. We don't share any other user information to AI models or third-part LLM services.
We do not collect or store any personal user data when user interact with our ChatGPT-powered services. We believe in respecting your privacy, and our goal is to provide a secure and anonymous platform for your interactions.
We just ask for user input prompts to generate documents data based on that prompts. We send that prompts (Data inputs) to the ChatGPT and insert content returned by ChatGPT. Once data is generated we give Regenerate, Make Shorter, Make Longer & Summarise options to the user. Our App will not use/share Google API data to Third Party AI Models.
It's important to clarify that our use of ChatGPT does not involve the collection, storage, or sharing of any personal user data. Conversations with ChatGPT are processed in real-time and are not logged or stored on our servers.
We comply with all applicable data protection laws and regulations to ensure that your privacy rights are protected.
These third-parties are obligated to protect your information in accordance with data protection law and provide the necessary safeguards if they are outside of the EU. The companies are bound by our instructions, and are not allowed to use the shared data for any other purpose.
We also share personal information if disclosure of such information is reasonably necessary to satisfy any applicable law, regulation, legal process or enforceable governmental request; to enforce applicable Terms of Service, including investigation of potential violations thereof; to detect, prevent, or otherwise address fraud or security issues; and to protect against harm to the rights, property or safety of Kroolo, its users or the public as required or permitted by law.
If Kroolo is involved in a reorganization, merger, or sale, the information we collect may be transferred as part of that transaction.
We also use social buttons provided by services like X (formerly 'Twitter'), LinkedIn and Facebook. Your use of these third party services is entirely optional. We are not responsible for the privacy policies and/or practices of these third party services, and you are responsible for reading and understanding those third party services’ privacy policies.
We may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your personal information as set forth in this policy.
Requesting Deletion of Personal Data
If you wish to have your personal data deleted from our records, please contact us at security@kroolo.com. We will process your request within a reasonable timeframe, subject to any applicable legal obligations or legitimate business interests.
Please note that certain data may be exempt from deletion if it is necessary to fulfill our legal obligations, protect our rights, or resolve disputes. Additionally, deletion of certain data may result in the inability to provide you with certain products or services.
Protection of Personal Information
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal data.
Inside Kroolo, we restrict access to personal information to only those employees who need to know that information in order to deploy and maintain our services. These individuals are bound by confidentiality agreements and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Whenever you connect to our service, we use encryption such as Transport Layer Security (TLS) for all information that is being transmitted. However, no method of transmitting or storing data is 100% secure, so we cannot guarantee the security of information you transmit to us.
Some parts of our website, such as our blog or forums, may allow you to post personal information, such as your name or email address. This information is publicly accessible and can be read, collected, and processed by anyone. So please take care when using these features.
Limits of Use of Your Google Information
Kroolo relies on certain Google services, including the Google API, where we allow you to connect your Google account using OAuth authentication, a secure method to give Kroolo access to your Google account data without letting it know your password. We would like to clarify that, despite any statements to the contrary in our Privacy Policy, if you give Kroolo permission to access your Google account data, we will only use this data according to the following restrictions:
Our usage of access to read, write, modify, or control settings will be limited to only retrieving and providing information for the specific features that you grant and use on Kroolo.
We will not transfer your data to anyone else unless it is necessary to improve the features of our application provided to you, comply with applicable law, or participate in a merger, acquisition, or sale of assets.
We will never use or distribute your data for the purpose of serving advertising, including retargeting, personalized, or interest-based advertising.
We will not allow humans to access your data unless one of the following conditions is met: we have your explicit permission to access specific messages, we need to investigate a security issue, we are required by law, or the data has been aggregated and anonymized for our own internal operations purposes.
Kroolo's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Access to Personal Information
You are entitled to request information about the personal data stored by us, to have incorrect data corrected, or to request the freezing or deletion of your data. For example, you can request the deletion of your account and its associated email address and content by going into the settings in any of our applications. You are also entitled to the portability of your personal data. Further, you may object to the use of your data at any time with effect for the future.
There are, however, cases where we are not allowed to delete your data in its entirety as a result of legal retention periods. We may also decline requests if they risk the privacy of others, would be extremely impractical, or for which access is not required by law.
Your personal information is retained for as long as it is necessary in order to fulfil the purposes outlined in this Privacy Policy, to enforce applicable Terms of Service, or to comply with our legal obligations.
Children
We do not knowingly collect personal information from children under 13 years, or equivalent minimum age in the relevant jurisdiction, unless their parent provided verifiable consent. If we learn that we have collected personal information from a child under 16, or equivalent minimum age in the relevant jurisdiction, without consent of their parent, we will take steps to delete this information as soon as possible. Parents or guardians can contact us at privacy@kroolo.com.
Third-Party Sites and Services
Kroolo’s website or any of our services may contain links to third-party websites or services. We are not responsible for the information collected by those third parties and we encourage you to read their privacy policy before submitting any personal information to them.
When using the Services in conjunction with third party sites and services, such as logging in with credentials from a third party service, exporting User Content to third party services, or integrating the Services with third party services, we may obtain information from those sources. For instance, if you log in with a third party service like Google, we may obtain your name, email address, access tokens, and other account-related data. When sharing or exporting User Content from the Services with third party services, we may obtain data like user names, IP addresses, device identifiers, profile information, contacts, and email addresses. Additionally, when integrating the Services with third party services, we may obtain similar information. It's possible that we could receive any other data that a third party site or service decides to share with us, or that you permit them to share with us. The information we obtain could be dependent on your privacy settings with the site or service, but we don't control those settings or guarantee their effectiveness. It's always recommended to review and customize your privacy settings with sites and services before using them with the Services.
Changes to the Privacy Policy
We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make major changes in the way we collect or use information, we will notify you by posting an announcement on the Website or sending you an email. A user is bound by any changes to the Privacy Policy when he or she uses the Services after such changes have been first posted.
Should you have any question or concern, please write to privacy@kroolo.com.