EFFECTIVE DATE: Feb 2023
We, KIMCO Holdings, LLC (KIMCO, also referred to as we, us, our in this document), are committed to protecting and respecting your privacy. For the purposes of this policy ‘you’ are our customers or individuals who supply personal information to us in order to communicate with us.
For the purposes of data protection legislation, we are the controller of this personal information. This means that we determine the purposes and means of the processing of this personal data.
Data protection legislation determines the following to be personal information: your name, identification number, phone number, job title and e-mail address. It also includes less obvious information such as location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person. Personal information is treated confidentially.
Our Sites do not collect personal information about you except for information that you voluntarily provide (for example, when you complete a form on the Sites or submit an email to us with comments or questions about our Sites or products). We may set cookies from time to time to better gauge our readership level, please see our cookie information for further details https://www.kimcoerp.com/about-cookies.
If you wish to subscribe to our newsletter(s), you will submit your name and email address to the Site and we will use these details to send the newsletter to you. If you no longer wish to receive these newsletters you may follow the unsubscribe mechanism contained in each of the emails you receive.
From time to time we post customer testimonials/comments/reviews on our Sites which may contain personally identifiable information. We will obtain your consent via email prior to posting any testimonial which contains personally identifiable information. An individual may ask to have their testimonial removed from our Sites at any time and can make this request by contacting us at firstname.lastname@example.org.
We may collect contact details from you when you communicate with us by email, telephone or post. This could be in order to obtain some further information about any of our products or services. Where you have indicated that you would like further information we will include you on our mailing list (see MARKETING COMMUNICATIONS).
We also collect personal data from you when you enter into a contract with us to use our Cloud Services. In these circumstances we collect and process the following information about you:
Information you give us:
We use this information to:
We provide a support portal to our customers through which you log any service issues associated with the Cloud Services. To enable our helpdesk to respond quickly and efficiently, contact details will be collected from the individual logging the problem. Where necessary the helpdesk engineer will use this personal data logged to communicate with the individual in order to reach a resolution of the service issue.
Our Cloud Service platforms offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com.
In order to provide the Cloud Services we engage third parties to perform functions on our behalf, for example, we use a third party hosting service provider. If you are a customer, we will inform you of the identity of these processors and of any intended changes concerning the addition or replacement of processors and give you an opportunity to object. We have comprehensive data processing agreements in place with all processors we engage. Where a processor fails to fulfil its data protection obligations, in most circumstances we remain responsible to you for the performance of those obligations.
If we sell our business, or it undergoes a business transition, your services agreement with us may be transferred as part of the process. As a result, the personal data that we store and process on your behalf may also be incidentally transferred. Where this is likely to occur, we will endeavour to inform you in advance. If you are a customer please see the terms on which we provide your service for further information.
Under certain circumstances, we may be required to disclose personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (at the point of collecting your data or as soon as possible thereafter) if we intend to use your data for direct marketing purposes (i.e. providing you with details of our other products and services which we feel may interest you). You will have the option to refuse permission for us to do this when we collect your contact details and in every email we send you, there will always be an option to unsubscribe.
We will obtain your consent before we pass on your information to selected third parties to provide you with information about goods and services that they offer and which could interest you. You can exercise your right to prevent such processing by not checking certain boxes on the forms we use to collect your data.
The right to be informed about our collection and use of personal data;
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website policy. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is often termed a ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you, we will provide it to you free of charge and aim to do so within 30 days from when your identity has been confirmed.
We would ask for proof of identity and sufficient information about your interactions with us, so that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.
We are committed to providing the information you request as part of your Subject Access Request and have procedures in place to ensure this occurs in a timely fashion.
We do not have agreements in place with any third-party platforms that offer “Subject Access Requests as a Service”. As a responsible data controller of your personal information this represents significant risks when sharing data. The right of access afforded to you, does not obligate data controllers to share data with third-parties. It is our policy to provide the information directly to data subjects ensuring the safety and security of the information throughout the process.
We will monitor future guidance from the Information Commissioner’s Office but currently undertake our own reasonable measures to verify the identity of data subjects. We would like to assure you that the protection of your data is our main concern and we are committed to providing information as part of any valid request.
If any of the personal information we hold about you is inaccurate, incomplete or out of date, you may ask us to correct it.
You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
The right to portability, gives you the right to receive personal data you have provided to a controller in a structured, commonly used and machine readable format. It also gives you the right, to request that a controller transmits this data directly to another controller.
If you would like to exercise any of the rights above, please contact us as set out below.
The security of your personal information is extremely important to us. All information you provide us is stored on our secure servers and we encrypt the transmission of personal information using secure socket layer technology (SSL).
Where you have created a user account or where we have given you (or you have chosen) a password which enables you to access our Support Portal, you are responsible for keeping this password confidential. We ask you not to share that password with anyone.
We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. If you have any questions about security on our Site or our Platforms, you can contact us at firstname.lastname@example.org.
In the event of a personal data breach, we will, without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the breach to the relevant supervisory authority (Information Commissioner in the UK), unless the breach is unlikely to result in a risk to your rights and freedoms. When the data breach is likely to result in a high risk to your rights and freedoms, we shall communicate the breach to you without undue delay unless data protection legislation stipulates that we are not required to do so.
In compliance with the Privacy Shield principles, KIMCO Holdings, LLC. commits to resolve complaints about our collection or use of personal information. If you want to ask something or if you have concerns about the way in which personal data is handled please contact our Privacy Team at email@example.com. We will investigate and respond as quickly as possible.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with KIMCO Holdings, LLC. and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Website: https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint.
Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users. We use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. If you have elected not to receive marketing emails from us, clear gifs will not be used in any other communications with you.
Our Sites may, from time to time, contain links to and from other websites that are not owned or controlled by us. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory or other requirements.
We may update this privacy statement to reflect changes to our information practices or changes in applicable law. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a prominent notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
If you have questions about our privacy or legal policies, contact us by email at firstname.lastname@example.org or via postal mail in the US at 8500 Normandale Lake Blvd, Suite 350, Bloomington, MN 55437