Data Collection and Use
Krofile collects and processes personal data to provide, enhance, and personalize our services. This includes, but is not limited to:
- User account information (name, email address, contact details)
- Usage data (interaction with our platform, preferences, and settings)
- Content and communications (messages, documents, and files shared through Krofile)
Legal Basis for Processing
We process personal data based on one or more of the following legal grounds:
- Consent: When you provide us with explicit consent to process your data for specific purposes.
- Contractual Necessity: To fulfill our contractual obligations and provide you with the services you have requested.
- Legitimate Interests: To improve our services, enhance user experience, and ensure the security of our platform.
Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including complying with legal obligations, resolving disputes, and enforcing our agreements.
Specific retention periods are as follows:
- User account information: Retained for the duration of the user’s account and up to 3 years after account deletion.
- Usage data: Retained for up to 2 years after collection.
- Communications and content: Retained for the duration of the user’s account and up to 1 year after account deletion.
User Rights
Under the GDPR, users have the following rights regarding their personal data:
- Right to Withdraw Consent: If we process your data based on consent, you can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
- We implement appropriate technical and organizational measures to ensure the security of personal data. These measures include:
- Data Encryption: We use strong encryption protocols for data at rest and in transit.
- Access Controls: Access to personal data is restricted to authorized personnel only.
- Regular Audits: We conduct regular security audits and assessments to ensure compliance with security standards.
- Incident Response: We have an incident response plan to address data breaches promptly and effectively.
Data Security
We implement appropriate technical and organizational measures to ensure the security of personal data.
These measures include:
- Data Encryption: We use strong encryption protocols for data at rest and in transit.
- Access Controls: Access to personal data is restricted to authorized personnel only.
- Regular Audits: We conduct regular security audits and assessments to ensure compliance with security standards.
- Incident Response: We have an incident response plan to address data breaches promptly and effectively.
Data Transfers
Krofile may transfer personal data to third-party service providers and partners outside the European Economic Area (EEA) to facilitate our services. In such cases, we ensure that appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Binding Corporate Rules (BCRs) where applicable.
- Certification under the EU-U.S. Privacy Shield Framework (for transfers to the United States).
Contact Information
If you have any questions or concerns regarding our GDPR compliance or wish to exercise your rights, please contact us at:
Email: privacy@krofile.com
Address: Concord, NC 28025, USA
We are committed to resolving any complaints and working with regulatory authorities to address any privacy concerns.
By adhering to these principles, Krofile ensures that your personal data is managed with the utmost care and in full compliance with GDPR regulations.
Sincerely,
The Krofile Team
