Work Smarter not Harder with Kofax SmartHub
(California Consumer Privacy Act) Supplemental Privacy Statement
Do not sell my personal data
(General Data Protection Regulation)Data Subject Access Rights
This policy was last updated December 31, 2019
This privacy statement describes Kofax Inc. and its affiliates' use of your data. Reference in this policy to "Kofax", "we" or "us" shall mean Kofax, Inc.
We at Kofax are committed to respecting your online privacy and recognize your need for appropriate protection and management of any personal data collected by or submitted to us (or carefully selected third parties acting on our behalf).
Below we explain in more detail how we process your personal data. For purposes of this privacy statement, "personal data" means any information that relates to you and identifies you personally, either alone or in combination with other information available to us.
We collect personal data when:
The types of personal data collected include:
We also collect information on the use of our website via cookies. Please view the section "Cookies" below for more information.
Whenever we collect personal data directly from you, we will indicate whether the provision of personal data is mandatory. Such will be the case where we require personal data to comply with legal or contractual obligations: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, the active provision of requested personal data is optional.
We will use your personal data for the following purposes:
More information about how we have balanced our legitimate interest with your privacy interests can be obtained upon request through firstname.lastname@example.org.
If necessary to perform a service you request from us, to execute an order you have placed or to follow-up on your enquiries, we will share your information with other Kofax entities or third party service providers, for example email and hosting providers, suppliers and delivery services.
We (or any third party on our behalf) disclose or transfer personal data to others as follows:
Third party service providers will process your information on behalf of Kofax for the purposes above. When we share your data with these parties, we make sure that appropriate safeguards are taken to protect your information.
We may transfer your personal data to our Kofax affiliates or third parties (e.g., service providers) overseas, which may involve the transfer of personal data to countries outside the European Economic Area which have different data protection standards to those which apply in the European Economic Area. For a list of the countries in which we operate, please see https://www.kofax.com/contact-us/offices.
The international footprint of Kofax involves a large number of transfers of personal information between different subsidiaries, as well as to third parties located in the countries where we do business. For example, Microsoft Azure and Amazon Web Services (AWS) involved in transfer of personal data.
Some of these countries are subject to a European Commission adequacy decision. For other countries, we have put in place European Commission-approved standard contractual clauses within the Kofax group or with the relevant third party to protect this personal data. We also rely on other permitted data transfer mechanisms such as relying on the relevant third party’s Privacy Shield certification or third party corporate rules (approved by EU data protection authorities and put in place to protect your personal data). You have a right to ask us for a copy of the safeguard used (by contacting us as set out below).
Where information is transferred outside the EEA, and where this is to an Kofax affiliate or vendor in a country that is not subject to an adequacy decision by the EU Commission(read more here.), data is adequately protected by EU Commission approved standard contractual clauses (read more here), an appropriate Privacy Shield certification (read more here) or a vendor's Processor Binding Corporate Rules.
We retain information about you only for as long as we need it for the purposes for which it was collected. After that time your personal data will be erased (unless we have the statutory right or obligation to further keep this data).
For example, if you are a customer of Kofax, we will keep your information for the duration of the contractual relationship you have with us, and, to the extent permitted, after the end of that relationship for as long as necessary to perform the purposes set out in this notice. The criteria to determine the storage period are statutory and contractual requirements, the nature of our relationship with you, the nature of the data concerned, technical necessities. Laws may require us to hold certain information for specific periods.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your request). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place technical and organisational measures to safeguard and secure the information we process from you.
You have the right to ask us:
and you may also:
These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data. In some instances, this may mean that we are able to retain data even if you withdraw your consent.
Where we require personal data to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, provision of requested personal data is optional.
We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, you can use the data subject rights request form at EU GDPR - Data Subject Access Right (DSAR) Center, or contact our Data Protection Officer at email@example.com. When addressing us, please always provide your name, address and/or email address as well as information about your request.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
You can find more information about the types of cookies we use and the purposes for which we use them below:
You can usually use the browser that you are viewing this website through to enable, disable or delete cookies. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note that if you set your browser to disable cookies, you may not be able to access secure areas of the website and other parts of the website and some of our services may also not work properly.
You can find out more information about how to change your browser cookie settings at www.allaboutcookies.org. Some third parties may use Advertising Cookies to help gather information about your browsing activity so that they can deliver website advertising to you that is relevant to your interests. The advertising industries in EU have developed schemes to help you opt-out of receiving cookies used for these purposes. You can find out more about the EU scheme from www.youronlinechoices.eu. For questions about which cookies we use for what purposes please contact us at firstname.lastname@example.org.
Our website may use Google Analytics, which is a web analytics service provided by the third party provider Google, Inc. (“Google”). Google Analytics is used for the purpose of evaluating your use of our website, compiling reports on website activity and other services relating to website activity and internet usage. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States. This transfer is covered by Google’s Privacy Shield certification and a separate data processing agreement that we have concluded with Google.
Our Google Analytics implementation employs the IP anonymization tool “gat._anonymizeIp();” provided by Google to help protect your privacy. This means that your IP address will automatically be shortened after it is collected so it can no longer be connected to you. For more information on Google Analytics and data privacy click here.
Oracle Eloqua is used on this website and for e-mail services. Eloqua places a cookie for a better user experience, tracking and analysis, unless an Eloqua cookie already exists on your device. For more information on Oracle Eloqua and data privacy click here.
On our website we may use the following social media plug-ins: Facebook, Google+, Twitter, LinkedIn. The plug-ins can be identified by the social media buttons marked with the logo of the provider of the respective social media networks.
We have implemented these plug-ins using the so-called 2-click solution. This means that when you surf on our website, personal data will initially not be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your personal data be transmitted: By activating the plug-in, data is automatically transmitted to the respective plug-in provider and stored by them (in the case of US providers your personal data will be stored in the USA). We neither have influence on the collected data and data processing operations conducted by the providers, nor are we aware of the full extent of data collection, the purposes or the retention periods.
Information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the respective data protection policies of these providers, where you will also find further information on your rights and options for privacy protection.
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA: https://www.facebook.com/privacy/explanation
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA:
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA: https://twitter.com/privacy.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA: http://www.linkedin.com/legal/privacy-policy.
Kofax has pledged to adhere to the fundamental principles of privacy and data protection. We therefore regularly review this privacy statement in order to ensure that it is free of errors and clearly visible on our websites, that it contains appropriate information about your rights and our processing activities, and that it is implemented and is compliant with applicable law.
We are committed to privacy and, through our membership in the Online Privacy Alliance, are actively involved in and support current industry initiatives to preserve individual privacy rights on the Internet. Protecting your privacy online is an evolving area, and Kofax's Web sites are constantly evolving to meet these demands.