This policy was last updated December 31, 2019
This privacy statement describes Kofax Inc. and its affiliates' use of your data. Reference in this policy to "Kofax", "we" or "us" shall mean Kofax, Inc.
We at Kofax are committed to respecting your online privacy and recognize your need for appropriate protection and management of any personal data collected by or submitted to us (or carefully selected third parties acting on our behalf).
Below we explain in more detail how we process your personal data. For purposes of this privacy statement, "personal data" means any information that relates to you and identifies you personally, either alone or in combination with other information available to us.
What information do we collect?
We collect personal data when:
- you make purchases of products or services;
- you register products online;
- you request support for a product;
- you request software downloads;
- you create a user account (login user name and password);
- you request information or materials (e.g., whitepapers or newsletters);
- you participate in surveys and evaluations;
- you participate in promotions, contests or giveaways;
- you apply for a job or submit your resume;
- you submit questions or comments to us.
The types of personal data collected include:
- your first and last name;
- your title and your company's name;
- your home, billing, or other physical address (including street name, name of a city or town, state/province, postal code);
- your e-mail address;
- your telephone number;
- your IP Address;
- (for job applicants submitting electronic information) your educational background, employment experience, and job interest;
- any other identifier that permits Kofax to make physical or online contact with you;
- any information that we collect online from you and maintain in association with your account, such as your username and your password;
- any other information that you provide to us when using our web shop or when you are communicating with us.
We also collect information on the use of our website via cookies. Please view the section "Cookies" below for more information.
Whenever we collect personal data directly from you, we will indicate whether the provision of personal data is mandatory. Such will be the case where we require personal data to comply with legal or contractual obligations: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, the active provision of requested personal data is optional.
What do we do with the data we collect?
We will use your personal data for the following purposes:
- To establish and fulfil a contract with you, for example if you make a purchase from us or download an application. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services;
- As required by Kofax to enable our business and pursue our legitimate interests. In particular:
- we will use your personal data to provide services you have requested, and respond to any comments or complaints you may send us;
- we monitor use of our products and services, and may use your personal data to help us monitor, improve and protect our products, content, services and websites;
- we may use personal data you provide to personalize our products or services for you;
- we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;
- we may use your personal data for market research and marketing purposes;
- we may process data for administrative transfers within a group of companies;
- we may process employee or client data;
More information about how we have balanced our legitimate interest with your privacy interests can be obtained upon request through email@example.com.
- For compliance with applicable laws and protection of our legitimate business interests and legal rights, including, but not limited to, use in connection with legal claims, compliance, regulatory, investigative purposes (including disclosure of such information in connection with legal process or litigation).
- In addition, we will send you, based on your consent (if required), direct marketing communication in relation to our relevant products and services, or other products and services provided by us, our affiliates and carefully selected partners. You can withdraw your consent at any time ("opt out"); see the section "What are your rights?" below. In case of electronic direct marketing you can opt out by following the instructions in the communication.
Who will we share your data with?
If necessary to perform a service you request from us, to execute an order you have placed or to follow-up on your enquiries, we will share your information with other Kofax entities or third party service providers, for example email and hosting providers, suppliers and delivery services.
We (or any third party on our behalf) disclose or transfer personal data to others as follows:
- to service providers that provide hosting services and technology service providers, business process outsourcing service providers and call centre service providers;
- as required in order to establish, exercise or defend or to protect legal claims, including in relation to our contracts with our clients and in order to protect the rights, property or safety of us, our business, any affiliate, our customers or others, including to legal advisors, government and law enforcement authorities and with other parties involved in, or contemplating, legal proceedings;
- to competent regulatory, prosecuting, tax or governmental authorities, courts or other tribunals in any jurisdiction or Markets, domestic or foreign, upon their request or in accordance with or as desirable in respect of any Applicable Law;
- to any other third parties to the extent such disclosure is required under applicable law or to enable products and services to be provided to you and/or our clients;
- payment infrastructure providers and persons from whom we receive or to whom we make payments on your or our client's behalf;
- to prospective sellers or buyers as part of a sale or merger of our or any affiliates business or assets (subject to local laws).
Third party service providers will process your information on behalf of Kofax for the purposes above. When we share your data with these parties, we make sure that appropriate safeguards are taken to protect your information.
Where will we send your data?
We may transfer your personal data to our Kofax affiliates or third parties (e.g., service providers) overseas, which may involve the transfer of personal data to countries outside the European Economic Area which have different data protection standards to those which apply in the European Economic Area. For a list of the countries in which we operate, please see https://www.kofax.com/contact-us/offices.
The international footprint of Kofax involves a large number of transfers of personal information between different subsidiaries, as well as to third parties located in the countries where we do business. For example, Microsoft Azure and Amazon Web Services (AWS) involved in transfer of personal data.
Some of these countries are subject to a European Commission adequacy decision. For other countries, we have put in place European Commission-approved standard contractual clauses within the Kofax group or with the relevant third party to protect this personal data. We also rely on other permitted data transfer mechanisms such as relying on the relevant third party’s Privacy Shield certification or third party corporate rules (approved by EU data protection authorities and put in place to protect your personal data). You have a right to ask us for a copy of the safeguard used (by contacting us as set out below).
Where information is transferred outside the EEA, and where this is to an Kofax affiliate or vendor in a country that is not subject to an adequacy decision by the EU Commission(read more here.), data is adequately protected by EU Commission approved standard contractual clauses (read more here), an appropriate Privacy Shield certification (read more here) or a vendor's Processor Binding Corporate Rules.
How long do we store your data?
We retain information about you only for as long as we need it for the purposes for which it was collected. After that time your personal data will be erased (unless we have the statutory right or obligation to further keep this data).
For example, if you are a customer of Kofax, we will keep your information for the duration of the contractual relationship you have with us, and, to the extent permitted, after the end of that relationship for as long as necessary to perform the purposes set out in this notice. The criteria to determine the storage period are statutory and contractual requirements, the nature of our relationship with you, the nature of the data concerned, technical necessities. Laws may require us to hold certain information for specific periods.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your request). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.
How do we protect your data?
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place technical and organisational measures to safeguard and secure the information we process from you.
What are your rights?
You have the right to ask us:
- for access to and a copy of your personal data that we hold on you (Art. 15 GDPR)
- for a copy of the personal information you provided to us and to provide it to you or send to a third party in a commonly used, machine readable format (Art. 20 GDPR)
- to update or correct your personal data in order to make it accurate (Art. 16 GDPR)
- to delete your personal data from our records in certain circumstances Art. 17 GDPR)
- to restrict the processing of your personal data in certain circumstances (Art. 18 GDPR).
and you may also:
- object to us processing your personal data in certain circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing - Art. 21 GDPR)
- withdraw your consent at any time, where we are using your personal data with your consent. This will not affect our use of your personal data prior to the withdrawal of your consent. If you want, you can opt out your consent anytime by updating your consent at EU GDPR - Data Subject Access Right (DSAR) Center
These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data. In some instances, this may mean that we are able to retain data even if you withdraw your consent.
Where we require personal data to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, provision of requested personal data is optional.
We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, you can use the data subject rights request form at EU GDPR - Data Subject Access Right (DSAR) Center, or contact our Data Protection Officer at firstname.lastname@example.org. When addressing us, please always provide your name, address and/or email address as well as information about your request.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
You can find more information about the types of cookies we use and the purposes for which we use them below:
- Strictly Necessary Cookies: These cookies are essential to make our website work. They enable you to move around the website and use its features. Without these cookies, services that are necessary for you to be able to use our website such as accessing secure areas cannot be provided.
- Performance Cookies: These cookies collect information about how people are using our website, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. These cookies don't gather information that identifies you. All information these cookies collect is grouped together with information from other people’s use of our website on an anonymous basis. Overall, these cookies provide us with analytical information about how our site is performing and how we can improve it.
- Functional Cookies: These cookies allow us to remember choices you make and tailor our website to provide enhanced features and content to you. For example, these cookies can be used to remember your user name, language choice or country selection, they can also be used to remember changes you have made to text size, font and other parts of pages that you can customize.
- Advertising Cookies: These cookies are used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information may be shared with other organizations such as advertising partners. This means after you have been to our website you may see some advertisements about our services elsewhere on the Internet.
You can usually use the browser that you are viewing this website through to enable, disable or delete cookies. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note that if you set your browser to disable cookies, you may not be able to access secure areas of the website and other parts of the website and some of our services may also not work properly.
You can find out more information about how to change your browser cookie settings at www.allaboutcookies.org. Some third parties may use Advertising Cookies to help gather information about your browsing activity so that they can deliver website advertising to you that is relevant to your interests. The advertising industries in EU have developed schemes to help you opt-out of receiving cookies used for these purposes. You can find out more about the EU scheme from www.youronlinechoices.eu. For questions about which cookies we use for what purposes please contact us at email@example.com.
Our website may use Google Analytics, which is a web analytics service provided by the third party provider Google, Inc. (“Google”). Google Analytics is used for the purpose of evaluating your use of our website, compiling reports on website activity and other services relating to website activity and internet usage. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States. This transfer is covered by Google’s Privacy Shield certification and a separate data processing agreement that we have concluded with Google.
Our Google Analytics implementation employs the IP anonymization tool “gat._anonymizeIp();” provided by Google to help protect your privacy. This means that your IP address will automatically be shortened after it is collected so it can no longer be connected to you. For more information on Google Analytics and data privacy click here.
Oracle Eloqua is used on this website and for e-mail services. Eloqua places a cookie for a better user experience, tracking and analysis, unless an Eloqua cookie already exists on your device. For more information on Oracle Eloqua and data privacy click here.
Social Media Buttons
On our website we may use the following social media plug-ins: Facebook, Google+, Twitter, LinkedIn. The plug-ins can be identified by the social media buttons marked with the logo of the provider of the respective social media networks.
We have implemented these plug-ins using the so-called 2-click solution. This means that when you surf on our website, personal data will initially not be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your personal data be transmitted: By activating the plug-in, data is automatically transmitted to the respective plug-in provider and stored by them (in the case of US providers your personal data will be stored in the USA). We neither have influence on the collected data and data processing operations conducted by the providers, nor are we aware of the full extent of data collection, the purposes or the retention periods.
Information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the respective data protection policies of these providers, where you will also find further information on your rights and options for privacy protection.
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA: https://www.facebook.com/privacy/explanation
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA:
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA: https://twitter.com/privacy.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA: http://www.linkedin.com/legal/privacy-policy.
Changes to this privacy statement
Kofax has pledged to adhere to the fundamental principles of privacy and data protection. We therefore regularly review this privacy statement in order to ensure that it is free of errors and clearly visible on our websites, that it contains appropriate information about your rights and our processing activities, and that it is implemented and is compliant with applicable law.
If you have any questions about your data
We are committed to privacy and, through our membership in the Online Privacy Alliance, are actively involved in and support current industry initiatives to preserve individual privacy rights on the Internet. Protecting your privacy online is an evolving area, and Kofax's Web sites are constantly evolving to meet these demands.