Privacy Policy—Legal Form

If there is any conflict between the language in this “Privacy Policy—Legal Form” document and the "Plain English" version of this document, the language in this “Privacy Policy—Legal Form” document will control.


Overview

This Privacy Policy tells what Kimono will and will not do with personal data collected by Kimono or provided to Kimono by schools or other entities (“Organizations”) or by individuals (“Users”) interacting with this website (www.kimonocloud.com) or Kimono’s Services (collectively referred to as “Services”). Please read this Policy carefully to understand our policies and practices.

Personal data includes any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier and includes, without limitation, personally identifiable information as such term is defined in the Family Educational Rights and Privacy Act of 1974, as amended (“FERPA”).

Kimono has signed and is pleased to support the K-12 School Service Provider Pledge to Safeguard Student Privacy.

This Policy does not apply to any third-party site or service linked to our website or recommended or referred to by our website, the Kimono Services, or by our staff.  For example, YouTube hosts our videos. YouTube’s privacy policy will govern your processing when you view any of the videos available from our website.


If You Do Not Agree with Our Policy

If you do not agree with our policies and practices, your choice is to not use our Services. By accessing or using the Services, you agree to this Policy.


Personal Data We Collect

We collect four types of personal data: 1.) Student, which is about students associated with an Organization; 2.) Other, which is data about faculty, staff, parents, and other people associated with the Organization; 3.) User, which are users who interact with Kimono and have account login credentials; and 4.) Kimono Business, which is business-contact personal data of people we serve or work with that is not Student, Other, or User personal data.

We collect personal data from you in several ways in the course of providing Kimono Services to you and/or marketing our products and services. We may collect personal data from you when you ask to learn more about our products and services, request a demo or evaluation, sign up for newsletters, enter promotions, interact with us on our social media channels, order products or services, request white papers, watch training videos, and sign up for or attend events or seminars. You provide us with personal data when you purchase products and services, or download, access, and submit information to Kimono Services, and otherwise use our Services. We collect certain information automatically as you interact with our Services, and when you provide comments and suggestions, or send us feedback requests and use maintenance and support services. We may get information about you from Organizations. If you do not want us to collect this personal data directly from you, please do not provide it.

1. Direct collection of personal data: We directly collect the following personal data:

Student personal data: We collect and process personal data about students associated with an Organization when an Organization uses Kimono Services to provide students’ personal data to Kimono for processing. At all times, each Organization owns and maintains the Student personal data it has sent to or placed with Kimono’s Services. We do not use Student personal data for marketing purposes.

Other personal data: We collect personal data about faculty, staff, parents, and other people associated with the Organization when an Organization uses Kimono Services to provide their personal data to Kimono for processing. We do not use Other personal data for marketing purposes.

User personal data: We collect personal data about users who are tasked by Organizations to interact with Kimono and who have account login credentials to access Kimono Services. These users use our Services on behalf of their Organizations and communicate with Kimono for business purposes, including, without limitation, billing, payment, and support. Examples of User personal data include, but are not limited to, name, login user names, passwords, Organization name, address, phone numbers, Organization details (e.g., Organization name, address, phone number, website address, National Center for Education Statistics (NCES) ID, approximate student enrollment count, application information and billing information), organizational role, system information, application information, and other information used to access all or part of Kimono Services or to contact Kimono about its contracted for products or services or need for support and when requesting information about the status of Kimono Services.

Kimono Business personal data: This means business-contact personal data which is not Student, Other, or User personal data, such as name, title, job function, business name, business address, business e-mail address, and business phone number that we collect about people we serve or work with, including actual and prospective customers, alliance and channel partners, contractors, vendors, and other parties interested in Kimono or its products and services. This includes visitors to our website, individuals who fill in forms requesting us to contact them, individuals who attend any events where we demonstrate our Services and other individuals with whom we interact for business purposes, including, without limitation, marketing. We also purchase information about potential leads from third parties and we use publicly available personal data from NCES and other governmental entities.

Example: If a User works for a school and uses Kimono to send student records from one educational application to another, then the personal data in the student records may include student names and other privacy-sensitive personal data. These records would constitute “Student personal data” while the User’s own name, email address, and password would constitute “User personal data.” Records with personal data about parents or staff would be “Other personal data.” Personal data of an individual contacting Kimono for a demonstration and asking to be on the contact list for future events would be Kimono Business personal data.

2. Information We Automatically Collect from You When You Use the Services. The personal data we collect automatically is statistical information and may include personal data, or we may maintain it or associate it with personal data we collect in other ways or receive from third parties. If you do not want us to collect this personal data, please do not use the Services.

Information collected through our cookies, web beacons and other tracking technologies. Kimono, or service providers on our behalf, may use technologies, including “cookies,” “web beacons,” and other tracking technologies to automatically collect personal data from you when you use the Services. We collect this personal data to, among other things, improve our Services and your experience, see which areas and features of our Services are popular, and count visits. We use these cookies and tracking technologies to analyze trends, administer the Kimono website and Services, track users’ movements around the website and Services, gather demographic information about our user base as a whole, remember users’ settings, and for authentication purposes. Cookies are small amounts of data that are stored within your Internet browser, which saves and recognizes your browsing habits. Kimono uses both session cookies (which track a user’s progression during one site visit) and persistent cookies (which track a user over time). Web beacons (also called pixel tags or clear GIFs) are web page elements that can help deliver cookies; count visits; track browser type; identify your IP address; understand usage and marketing campaign effectiveness; recognize certain types of information on your computer, in your email, or on your mobile device, such as the time and date you viewed a page, which emails are opened, which links are clicked, and similar information.

Log files. As is true of most websites, we gather certain personal data automatically and store it in log files. This personal data may include internet protocol (IP) addresses and usage data such as browser type, browser language, device identifier, Internet service provider (ISP), referring/exit pages, length of visit, pages viewed, operating system, date/time stamp, clickstream data, crashes, system activity, hardware settings, the date and time of requests, referral URL, and other usage data. We may combine this automatically-collected log information with other information we collect about you. If you reach out to us over the telephone, facsimile, email, our contact form on our website, or via any other mechanism, we may also log telephony information such as your phone number, forwarding calls, SMS routing information, types of calls, and other details of your communications to us for us to respond to your questions, improve our products and services, and develop new products and services.


How We Use Your Personal Data

We may use personal data collected from or about you for any of the following purposes:

Student and Other personal data: Kimono uses Student and Other personal data to provide Kimono Services contracted for by Organizations, including transmitting Student and Other personal data between software applications used by the Organization. Other than as necessary to provide these services, we do not review it, we do not look at it, we do not copy all or any part of it to any third party other than as directed by an Organization, and we do not attempt to review it or analyze it for direct or indirect advertising or marketing or for data mining purposes. Kimono will only transmit data to and receive data from systems that have been authorized by the Organization and at the Organization’s instruction. We do not use Student personal data or Other personal data for marketing purposes.

Occasionally, in the course of assisting a User, a Kimono employee may see or use specific Student or Other personal data to help diagnose a problem. Kimono will not record or keep that Student personal data apart from the Organization’s designated space in Kimono’s systems. Kimono employees are trained to not copy, transmit, share, or otherwise use that Student or Other personal data except in the course of the specific assistance being provided to the User. Once the problem is resolved, Kimono deletes any personal data temporarily stored by the support person.

To respond to your requests or to tailor content. We may use your personal data to respond to your requests or the requests of Organizations and Users, which may include processing orders, sending confirmations, providing invoices, responding to requests for information about our products and services, and assisting you in downloading whitepapers or product demonstrations or evaluations. We may also use your personal data to customize your interaction with our website and our Services and to provide you with more relevant information regarding our products or services.

To provide Services to you. We may communicate with you about our Services. These may include reports, consulting, services (including, without limitation, education, training, and maintenance and support) for which you have inquired or contracted. For instance, as part of support services, our technical staff may require periodic access to Services data to troubleshoot or monitor your system. We may provide technical support and related product information via our website or a customer support portal. We may require access to your systems to implement our Services. Any temporary copies of data accessed, used or created as a necessary part of these services are only maintained for time periods relevant to those purposes. As part of these Services, we may be required to remotely access your systems or an individual computer to troubleshoot a support issue or have direct physical access as part of an onsite engagement. We may also use this data to provide you service, product updates, and notices. We may keep a record of your communications and ours to provide improved customer service to you and others. If you make payments to us online, we also share information with our third-party payment processor.

To provide informational services. We may use personal data while providing online forums, such as user groups and bulletin boards, including communications through social media. We may also do so while delivering live or online events such as training seminars or conferences, including third-party events sponsored by Kimono.

Prevent improper or illegal activity. We may use personal data to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity. To meet legal requirements. Kimono may be required to provide personal data to comply with legally mandated reporting, subpoenas, court orders, or other legal process requirements.

To market and improve our products and services and to create new products and services. Except for Student and Other personal data, we may inform you about our products, services, events, promotions, and otherwise perform marketing activities. Further, we may use personal data for analytics purposes and to operate, maintain, and improve our products and services. We may also use personal data to create new products and services.

Verify users. We may use personal data to manage and verify your account and the identity of Users of the Services.

Contests and rewards. We may use personal data to process contest entries and deliver rewards. Other purposes. We may use personal data for any other legal, business, or marketing purposes that are not inconsistent with the terms of this Policy.


“Do not track” requests

Your Internet browser and mobile device may allow you to adjust your browser settings so that “do not track” requests are sent to the websites you visit. We do not process “do not track” (DNT) signals. Our third-party service providers may also not respond to DNT signals.


How we share your personal data with third parties

As Directed by Organizations. Kimono’s Services are used to assist Organizations in transferring data between software applications. Kimono will transfer Student and Other personal data provided to Kimono by an Organization, its Users, or third parties providing software or services to the Organization, either to the Organization or to third party entities solely at the direction of the Organization and its Users. Organizations and its Users may use a feature of Kimono’s Services that involves a third party, which may result in the transmission of Student personal data and/or Other personal data to that third party. (A very common example is when an Organization uses Kimono to automatically provision such Information into an instructional software system hosted by a third-party company.) Users and Organizations should carefully consider the privacy policy and practices of such third parties before using such a feature and instructing Kimono to transfer the Student or Other personal data. It is the responsibility of the Organization to enter contractual arrangements to comply with all applicable privacy and data security laws and to ensure that the third party provides appropriate privacy and data security protections.

Business Partners and Subcontractors. Kimono may disclose personal data to business partners and subcontractors (such as third-party distributors and resellers, vendors, suppliers and other service providers), who may use the information solely at Kimono’s direction, including, without limitation, to fulfill product orders; develop and improve products; contact you about product orders or in connection with the performance, operation, and support of the Services or solutions; or performing marketing or consulting services, or as otherwise appropriate in connection with a legitimate business need. For example, Kimono currently works with service providers for cloud computing, data storage, data management, and related services, among others. Further, we may disclose personal data to service providers who host or facilitate the delivery of online training, seminars and webinars; email-delivery services; and other technology providers; and third parties that may assist in the delivery of marketing materials, technical support services, or other products, services, or other information. These companies are authorized to use your personal data only as necessary to provide these services. Onward transfers of customer proprietary information to third parties remain subject to the agreements with our customers and with applicable laws and regulations, including without limitation agreements with each Organization and FERPA. For sake of clarity, Student and Other personal data will not be used by Kimono or its business partners and subcontractors for any data mining or marketing purpose.

Third Party Analytics Providers. Kimono may disclose User and Kimono Business personal data to third parties who conduct marketing studies and data analytics, including those that provide tools or code which facilitates our review and management of our Services, such as Google Analytics or similar software products from other providers. For example, we use Google Analytics to analyze site traffic to our website. For more information about how Google collects and processes data when you visit websites or use apps that use Google technologies, please see “How Google uses data when you use our partners' sites or apps”.

Resellers. With authorized reseller partners, so that they may follow up with you regarding Kimono products and services.

Transfer or Assignment in Connection with Business Transfers or Bankruptcy. In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets, any user information owned or controlled by us may be one of the assets transferred to third parties. We reserve the right, as part of this type of transaction, to transfer or assign your personal data and other information we have collected from Users of the Services to third parties. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you, the use and disclosure of all transferred user information will be subject to this Policy. However, any information you submit or that is collected after this type of transfer may be subject to a new privacy policy adopted by the successor entity.

Response to Subpoenas or Court Orders; Protection of Our Rights; Safety. As required or permitted by law, regulation, legal process, or other legal requirement, or when we believe in our sole discretion that disclosure is necessary or appropriate, to respond to an emergency or to protect our rights; protect your safety or the safety of others; investigate fraud; comply with a judicial proceeding or subpoenas; comply with a court order, law-enforcement, or government request; including, without limitation, to meet national security or law enforcement requirements; comply with other legal process; and enforce our agreements, policies, and Terms of Use.

Publicly Posted Content. If you post comments, images, and other content on our social media pages or any other location widely available, that information will be publicly viewable.

With Your Consent. We may share some or all of your information to any other third party with your affirmative consent. For instance, we may display personal testimonials of satisfied customers. With your consent, we may post your testimonial along with your name. Of course, if you wish to update or delete your testimonial, you may contact us at privacy@kimonocloud.com.


Preferences and opting out

If your personal data is Student or Other personal data, please contact the applicable Organization with your preferences and to opt out of any data processing. With respect to User personal data, if you have an account you may terminate your account or opt out of marketing communications. Visitors to our website and individuals to whom we market our Service may request to opt-out of receiving specific types of communications from us at the point where we request information to send you the communication or contained within the communication itself. If you have previously signed up to receive information about our Services, you may unsubscribe or opt out of all future marketing communications from us that do not relate to products or services you have already ordered by (a) sending an email to privacy@kimonocloud.com; or (b) clicking the unsubscribe link on any email marketing communication you receive.

We partner with a third party to manage our advertising on other sites. Our third-party partner may use cookies or similar technologies to provide you advertising based upon your browsing activities and interests. Most Internet browsers allow you to block or delete cookies from your browser. If you do not agree to the use of these cookies, please disable or delete them by following the instructions for your browser, or use automated disabling tools where available. You can generally opt out of receiving personalized ads from third-party advertisers and ad networks who are members of the Network Advertising Initiative (NAI) (Link) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising (Link) by visiting the opt-out pages on the NAI website and DAA website. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. You can also delete cookie files from your hard drive, or avoid them altogether, by configuring your browser to reject them or to notify you when a cookie is being placed on your hard drive. Not all features of the Services will function as intended if you reject cookies.


Accessing/correcting/updating/transferring/restricting/ removing and retaining your personal data

Upon request, Kimono will provide you with information about whether we hold any of your personal data. We will respond to any request to access your personal data within 30 days. You have the right to access your personal data and to correct, amend, or delete such personal data if it is inaccurate (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to your privacy or the rights of other persons).

If you have an account with Kimono, you can access, correct, update, or request deletion of your personal data accessible at one of our accounts by logging into your account. If we communicate with you for marketing purposes, you may use the unsubscribe link in any email communication to ask us to discontinue emailing you for marketing purposes. Other requests for access, correction, amendment, restriction on use, or deletion should be sent to privacy@kimonocloud.com. If your personal data is information provided to us by an Organization, you should direct your requests or questions about processing of personal data to the Organization. If you contact us directly about Student or Other personal data, we will communicate to you and request you to directly contact the applicable Organization.

Kimono supports access to and correction of Student and Other personal data by the Organization using Kimono’s standard update mechanisms. The affected individual, including, without limitation, any student or their authorized parent or legal guardian, must provide such changes to the Organization, and the Organization will have access to the Kimono update mechanisms. Kimono does assist its Organizations in transferring and transforming data from one software application or format to another, and may use the data provided to transform the data from one format to another, as requested by the Organization.

We will retain Student and Other personal data we process on behalf of Organizations, as instructed under our agreements with each Organization. Once an Organization has requested that we process your personal data and send it to a third-party software application, we immediately process it and cannot delete it from the third-party software application. We retain User personal data for ninety (90) days post-termination of an account or last use of an account. We retain Business personal data so long as it is necessary to fulfil the purposes for which it was collected and to comply with applicable law or regulations.

We will retain and use all personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If you delete any account information, we may retain certain information as required by law or for legitimate business purposes. If your account becomes inactive, or if we close or suspend your account, we will continue to adhere to the then current Policy when we collected your personal data so long as we retain it in our databases. We may delete any or all of your personal data at any time without notice to you for any reason or no reason, unless otherwise required by law or contract to retain it.


Data Security

Kimono takes commercially reasonable and appropriate measures to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the personal data.

Organizations use Kimono’s Services to transmit personal data between software applications used by the Organization. This personal data will include Student and Other personal data. Kimono will only transmit data to and receive data from systems that have been authorized by the Organization. Kimono has no ability to control the security of Student or Other personal data in another entity’s system, including, without limitation, any Organization which provides us with your personal data or any provider of a software application with whom we process your personal data at the direction of an Organization.

User names and passwords are used as credentials for Users and Kimono employees with a need and proper authorization to access the Kimono Services. When using Kimono Services to share Student or Other personal data between software applications, we encrypt the transmissions. However, no method of transmission over the Internet, or method of electronic storage, is 100 percent secure. Therefore, we cannot guarantee its absolute security. If you have any questions about our security, you can contact us at privacy@kimonocloud.com.


FERPA

Certain personal data, such as Student personal data provided to us by an Organization, is subject to FERPA. We comply with requirements imposed on service providers by FERPA when processing such personal data at the instruction of an Organization. To see the requirements imposed on service providers, please review Responsibilities of Third-Party Service Providers under FERPA.


California privacy

If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal data by Kimono to a third party for the third party’s direct marketing purposes. To make such a request, please send an email to privacy@kimonocloud.com or write us:

Kimono LLC
Chief Privacy Officer
35 West Broadway Suite 103
Salt Lake City, UT 84101
Telephone: 877-262-9143
Email: privacy@kimonocloud.com


No use by children

We do not knowingly collect User or Kimono Business personal data directly from children under the age of 18 without verifiable parental consent. We assume Users are 18 or over since they are employees of school districts, other education entities, or companies. If we become aware that we have collected User or Kimono Business personal data from an individual under the age of 18 without verifiable parental consent, we will remove his or her information from our files. If there is a concern about our processing of Student or Other personal data of child under the age of 18, please directly contact the Organization, as we are providing our services at their instruction and their privacy policy would govern such processing.


Requirement for Providing Kimono Information About Others

If you provide any other individual’s personal data to Kimono, we will process the personal data to fulfill the purpose for which you provided it to us. You agree that you are responsible for providing any notices and obtaining any consents required by applicable law necessary for Kimono to access, use, process, and disclose that personal data for the purposes you provided Kimono with the data.


Updates to this Policy

This Policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates. If a policy change affects how we use Student personal data, Other personal data, or User Information, we will first notify Organizations and Users according to the email or similar electronic contact information we have on file before any changes take effect. Kimono will not reduce your rights under this Privacy Policy or lower the protection of any type of information - Student personal data, Other personal data, or User Information - unless compelled to by law. Privacy Policy changes will also be posted on this page.


Contacting Us About Privacy

If you have a specific privacy question or complaint, or you want to object to or restrict any processing of your information, please contact us at:

Kimono LLC
Chief Privacy Officer
35 West Broadway Suite 103
Salt Lake City, UT 84101
Telephone: 877-262-9143
Email: privacy@kimonocloud.com

Version 1.0; last modified 5/1/2018

Read Kimono's Terms of Use.