KiKo adheres to the following policies with regard to Your privacy.
A. “NPI” is information that is not personally identifiable and that is obtained through Your use of the Service.
B. “PII” is non-public information that is personally identifiable and obtained in connection with providing a product or service to You, including personally identifiable information You provide during the registration process or during Your use of the Service. It may include information such as name, email, phone number and address that You provide to KiKo. PII does not include information that has been made anonymous or aggregated so that it can no longer be used, whether in combination with other information or otherwise, to contact or identify You. For the sake of clarity, PII does not refer to Protected Health Information (as defined at 45 C.F.R. § 160.103) or individually identifiable information of individuals, other than You, that is protected by state or federal privacy laws.
3. Information Collection
When You use the Service, KiKo collects NPI such as Your device’s browser type. Likewise, in order to offer You meaningful products and services and for other reasons, KiKo may collect PII about You from the following sources:
- Information available to Us through weblogs about Your traffic on other websites; or
- Information You give KiKo on applications or other forms while using the Service, including, without limitation, the information You provide in creating Your account; or
- Information You send KiKo via any medium, including, but not limited to the Service, email, telephone, and social media interaction; or
- Information You, or a third party on Your behalf, send KiKo to create or authenticate Your account (e.g., Facebook authentication APIs); or
- If You use a mobile device platform to access the Service or communicate with KiKo, information transmitted from Your mobile device; or
- Information purchased from or provided by third parties.
In order to use the Service (apart from the publicly available portion of the Site or App), You must provide KiKo the following information: first name, last name, email address, zip code, and medical specialization or focus. In addition, You may choose to add additional information to Your account such as specialty, subspecialty, interests that You tag, employment history, publications, etc.
Content, including electronic scans of pathology slides, that You upload to the Service or otherwise provide KiKo to upload to the Service (i.e., User Generated Content (as defined in the Terms of Service)) may be used, copied, exploited, modified, archived, stored, reproduced, adapted, published, translated, distributed, performed and displayed by KiKo in accordance with the Terms of Service, any written agreement You enter into with KiKo, and applicable law. You shall not submit, transfer, upload, or otherwise provide access to User Generated Content, or any other data or materials, through the Service or KiKo (including through the Scanning Services) that contain Protected Health Information (as defined at 45 C.F.R. § 160.103) or other individually identifiable information protected by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (“HITECH”), or other state or federal privacy laws, and all related amendments and regulations thereof (collectively “Privacy Laws”).
Do Not Track: Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including KiKo, do not respond to DNT signals.
Collection of Location Information
When You use the Service, We may collect location data that You provide KiKo. For example, You may provide KiKo with Your zip code in creating Your account.
Log Files, IP Addresses and Information About Your Device
When You use the Service, KiKo may automatically receive the URL of the site from which You came and the site to which You are going when You leave the Service. KiKo may also receive the IP address of Your computer (or the proxy server You use to access the internet), Your computer operating system and type of web browser You are using, Your mobile device, including Your Unique Device Identifier (“UDID”) and mobile operating system, as well as the name of Your ISP or Your mobile carrier. The link between Your IP address and Your PII is not shared with third parties without Your permission, except as described in Section 8. (“When KiKo May Disclose Your Information”), below.
5. Use of PII
KiKo provides a platform for account holders to share scans of pathology slides and other content and to communicate with one another. KiKo earns money through certain subscription fees and selling advertisements based on account holders’ self-identified specialties and zip codes.
From time to time, We may disclose the information collected from You, including PII, in accordance with Section 8 (“When KiKo May Disclose Your Information”), below.
KiKo uses and/or intends to use PII to:
- Operate and improve the Service;
- Track use of the Service;
- Create Your account
- Provide You with the Service and other products and services that You may request or that You have expressed interest in, including services provided to You under a written agreement entered into between You and KiKo;
- Evaluate Your interest and needs in order to improve the Service and make available other offers, products or services;
- Evaluate the types of offers, products or services KiKo makes available to You and potential customers;
- Facilitate subscription processing, reviews and analysis;
- Provide customer support;
- Communicate and provide additional information that may be of interest to You through email or other means, such as special offers, announcements, and marketing materials;
- Send You reminders, technical notices, updates, security alerts and support and administrative messages, service bulletins, or marketing; and
- Manage KiKo’s everyday business needs such as Service administration, forum management, fulfillment, analytics, fraud prevention, enforcement of KiKo’s corporate reporting obligations, Terms of Service or to comply with the law.
6. Limitations on Access to PII
Our policies limit access to un-aggregated user PII that is collected from the Service, to Our employees and agents and the employees and/or agents of Our affiliates and business partners who need the information to fulfill their business responsibilities, and who are under obligations of confidentiality. In some cases, this may require Your information to be sent to other countries. By supplying Your PII to KiKo, including information supplied through the Service, You consent to Your information being transferred to KiKo, its affiliates, vendors or agents. Vendors and other outside contractors We engage are subject to Our contractual requirements for safeguarding PII.
In addition, KiKo employs commercially reasonable security measures, including advanced technology, to protect PII collected against unauthorized access, disclosure, alteration or destruction. KiKo reviews and enhances its security systems in a commercially reasonable manner and as it deems necessary. Even with such technology, no web site or database is 100% secure. KiKo cannot and does not guarantee that such security measures will prevent loss, misuse and/or alteration of information under its control.
7. Links/Postings to Other Websites
KiKo is not responsible for the actions, practices, or content, including but not limited to the privacy practices, of such third-party websites from which You may access the Service or that are linked to in the Service. KiKo does not guarantee, approve, or endorse any information, material, services, or products contained on these third-party websites. KiKo is not responsible for any content on sites linked from or to the Service or for obtaining the necessary consent for such third party sites to collect, transmit, or otherwise use Your information.
You understand that such websites may have their own legal documents to which You must agree prior to using and that KiKo has no control over these legal documents. As always, You understand that it is Your responsibility to verify Your legal use of a website as well as use of information from the website with the corresponding website owner. If You visit the sites of third parties, please be sure to review the privacy policies applicable to those sites.
8. When KiKo May Disclose Your Information
A. KiKo may share Your zip code, specialty, subspecialty, and/or interests that You tag on the Service with advertisers in order to create targeted advertisements that appear for You on the Service. For clarity, KiKo may also disclose aggregated and anonymized data to its advertisers or other business partners.
B. KiKo may share Your account name, certain information You provide KiKo, content You upload (including scans of Your pathology slides) (as permitted by Privacy Laws) and messages to KiKo and other users of the Service at Your request. For example, when You communicate on public forums or to other users of the Service, Your communications, account name, and other account information may be viewable by other users of the Service, in accordance with any distribution or viewing limitation options provided by KiKo that You select. Please see the Terms of Service for further information on the use and distribution of this type of information (i.e., User Generated Content).
D. KiKo may share PII KiKo collects, as permitted by law, to companies such as credit reporting agencies, or servicing and processing companies, or when required or advised to do so in response to a valid legal requirement to release this information such as a state or federal law, regulation, search warrant, subpoena, or court order; or in special cases, such as in response to a physical threat to You or others, to protect property, or if We determine such disclosure is legally advisable or necessary to defend or assert legal rights or prevent harm, to defend ourselves in litigation. In the event that KiKo is legally compelled to disclose Your PII to a third party, KiKo will attempt to notify You unless doing so would violate the law or court order.
E. KiKo may share PII in accordance with Section 11 (“Transfer of Ownership”), below.
F. If You prefer that KiKo does not share certain information with third parties, as described above, You can direct KiKo not to share that information by contacting Us (firstname.lastname@example.org). Please note that an opt-out with respect to information sharing will not apply to information sharing arrangements described in Sections 8. D or E.
9. Security Policy & User ID/Password
The Service utilize various information security measures such as internet firewalls, encrypted data transmission, and operating procedures to protect Your PII, accounts, passwords, etc. Your PII is kept completely separate and confidential, unless You have given someone else access to Your PII. If KiKo provides the capability for You to create a user ID and password, You should protect Your user ID and password and NOT share it with anyone. If You believe Your user ID and password have been compromised and You have trouble changing Your user ID/password on the Service, please contact KiKo’s technical support department (email@example.com).
10. CAN-SPAM Compliance Notice
KiKo and its affiliates fully comply with the federal CAN-SPAM Act. You can always opt out of receipt of further email correspondence from KiKo by contacting KiKo at firstname.lastname@example.org.
11. Transfer of Ownership
12. Notice to Residents Outside of the United States of America
13. California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of PII that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. In particular, the law provides that companies must inform consumers about the categories of PII that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by KiKo pursuant to Section 1798.83 of the California Civil Code, please contact KiKo via email to email@example.com.
15. Protecting Childrens' Privacy
Use of the Service is limited to users who are eighteen (18) years of age or older and/or have legal capacity to form a binding contract.
16. General Data Protection Regulation (GDPR)
You may be entitled to other rights under the GDPR. These rights are summarized below. We may require You to verify Your identity before We respond to Your requests to exercise Your rights. If You are entitled to these rights, You may exercise these rights with respect to Your PII that We collect and store:
- the right to withdraw Your consent to data processing at any time (please note that this might prevent You from using certain aspects of the Site, or the App or Service altogether);
- the right of access Your PII;
- the right to request a copy of Your PII;
- the right to correct any inaccuracies in Your PII;
- the right to erase Your PII;
- the right to data portability, meaning to request a transfer of Your PII from Us to any other person or entity as chosen by You;
- the right to request restriction of the processing of Your PII; and
- the right to object to processing of Your PII.
You may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above listed rights may be made to: firstname.lastname@example.org.
You may also lodge a complaint with the competent Data Protection Authority if You are dissatisfied with the manner in which Your PII is used by Us.
17. How Long We retain Your Information
We keep Your PII only as long as necessary for the purposes for which the PII are processed and as permitted by applicable law.
In practice, We delete or anonymize Your PII upon deletion of Your account, unless:
- We must keep it to comply with applicable law;
- We must keep it to evidence Our compliance with applicable law;
- there is an outstanding issue, claim or dispute requiring Us to keep the relevant information until it is resolved; or
- the information must be kept for Our legitimate business interests, such as fraud prevention and enhancing users' safety and security. For example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account.
Keep in mind that even though Our systems are designed to carry out data deletion processes according to the above guidelines, We cannot promise that all data will be deleted within a specific timeframe due to technical constraints.