What about all that data?
When collecting data on your and your team’s emotions, sentiments, moods and feelings, one of the main questions is how to keep all of that sensitive data safe and respect your team members’ privacy.
Here you can find out more about privacy, anonymity, transparency, security and data humanism in Kokoro products:
Kokoro commits to:
1. Never using the data differently to how we say we are going to use it.
2. Never selling or renting your data to marketers or unaffiliated third parties.
3. Using less legal-speak, and providing clearer explanations and easy to understand language.
It is impossible to find out who answered what. You can only see the average and distributed results of the whole team or organisation. Your personal results will not be available to anybody.
The anonymous data is transferred via an encrypted connection, so nobody can intercept your company’s data.
This policy describes your rights and how we collect, process and treat your information via our online presence – www.bekokoro.com, and through our products and services. The following will provide you with the information most relevant to how we work with your personal data, how we share it, your rights and choices, and how you can contact us.
Kokoro wants to ensure you can exercise your privacy rights at any time. Your privacy rights include access, correction, erasure, restriction, objection, and data portability of your data. Read on and make sure you understand what these words mean.
Your right to access means every individual has a right to find out if we are storing your personal data and ask for a copy.
Your right to correction means every individual can ask us to correct and amend incorrect and not complete data.
Your right to erasure means every individual can ask us for their personal data to be erased. This is the right to be forgotten – and this means forever!
Your right to restriction means every individual can restrict or repress the use of their personal data.
Your right to object means every individual can prohibit certain data processing operations. For example, you can object to the processing of personal data for direct marketing.
Your right to data portability means every individual can ask us for their personal data in a way that is accessible and machine-readable – for example as a csv file. You also have the right to ask us to transfer your data to another organisation.
Kokoro has implemented this in the way we are organised and set up internally as well as the way our clients benefit best from this new regulation. We will comply as we see this our day-to-day responsibility for your data protection, while using our product.
This policy does not apply to third-party websites, products or services, even if they are linked to our site. Please consider the privacy practices of those third-parties carefully.
What is General Data Protection Regulations (GDPR)?
We have scoured the web and spoken to data experts in the UK, Germany and Austria. This is the best website we have found that gives an in-depth explanation of GDPR. The language is simple and the examples good, so we can all understand what this means to us as a company and for you as our client.
This website was created by Informations Commissioners Office in the UK. It is an independent authority set up to uphold the information rights of the public.
No time to read the whole thing? Here’s our shortened version.
GDPR is the the legal basis for processing personal data. Each person needs to give consent for the possession of their personal data.
GDPR is a broad concept that covers the EU and the globe. It governs how personal data of EU individuals may be processed by organisations. The two terms you need to understand are:
Before a person can give consent to the processing of their personal data, there has to be a lawful basis to process this data. Kokoro is responsible for providing you a clear explanation for this lawful basis. Continue reading to find out how we process data, and why.
Why does Kokoro collect and store your personal information?
Our purpose is to provide the best tool to help teams move and improve through quantifying their emotional metrics in teams. That is why we want to build trust by delivering the best in privacy standards in the way we store and process your personal and/or sensitive data. Kokoro has GDPR at its core.
Kokoro uses your personal data to provide the best workable and functioning product in service of our clients. Our main clients are organisations and the teams in these organisations. By consent, we store our client’s company name, contact person’s name, and team name, so can we set and administer your account and serve the team.
Our tool helps teams to improve team transparency, cooperation, and the learning cycle. We will also collect data to analyse how to improve our services to guarantee the best experience of our product.
When does Kokoro store personal identifiable data?
Kokoro only stores personal identifiable data when setting up an account with a client. We need this data to set up and store the team’s data anonymously, and provide the services the team require to use the tool.
We also collect identifiable personal data for our newsletter, i.e. name, and email, at the request and consent of individuals who would like to be informed about Kokoro’s news and development. We do not use your identifiable personal data for any other purpose.
What data does Kokoro store, and how do we safeguard your data?
Kokoro will never read or extract any personal identifiable data at any time unless you have expressly authorised us to do so. We have all identifiable data encrypted and then stored. All identifiable data is stored anonymously, and cannot be traced back to the individual. All our data is stored on compliant hosting AWS servers in Frankfurt, Germany.
Currently we have an assigned a person who is responsible for data privacy and security. In the future, we want to work towards appointing a data protection officer, a full-time role, to ensure our continued commitment to data privacy and security.
The data Kokoro stores:
Client company name, client company contact person, contact’s name, email and mobile number, number of polls deployed, number of users, and anonymous individual responses as part of overall aggregated results.
As Kokoro and data standards evolve, we will continue to update this section and keep you informed about our internal checks and controls to safeguard your data. Where necessary, we will use illustrations to help you understand.
How do you exercise your GDPR rights for Kokoro clients and respondents?
We use your personal information to enter into a business relationship with you. We comply with the laws of Germany, the country in which Kokoro is registered as a GmbH. If you are a respondent in an organisation or a team, we will never ask for your personal information.
If you, as a client or respondent, wish to exercise any of your GDPR rights, you can. First, contact the person in your organisation who has been registered as the client’s contact person in our system. If you can’t do that, we will help you to find the right person and do our best to ensure that you, as our client, can exercise your GDPR rights.
Contact us here: firstname.lastname@example.org
What information do we collect, store, and use from respondents?
We collect, store, and use the responses from respondents to aggregate overall anonymous results. This data will never reveal your identity and you will remain unidentifiable. No individual results, names, emails or telephone numbers of respondents can be accessed by us.
If you have any questions, we ask you to approach the contact person who has been registered in our system. If they cannot help, please get in touch with us directly.
Contact us here: email@example.com
What information do we collect to improve and ensure the best online experience?
Through your use of Kokoro’s product and service, we also collect data so that we can improve our online presence, product and service. This means we collect information regarding your use of our website and services, such as the hardware model, operating system version, web-browser software and your internet protocol (IP) address/device identifier.
This information is used to provide you with the best website and service experience, to respond to your requests or to manage user accounts, to provide feedback and understand our users, and to monitor the security of the website and services. We do not require your personal data to do any of this, unless we specifically ask for it with your consent.
You can exercise your privacy rights at any time by contacting us at firstname.lastname@example.org.
What information do we collect automatically?
We use browser and device data to ensure you have the best experience. To do this we need your IP address, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons, and in future the language version of the sites you would like to visit.
We also use usage data to learn about how effective our website is. We use Hotjar to understand what our users want, care about, and interact with on our site. Hotjar visualises clicks, taps and scrolling behaviour by using heatmaps and recordings. Hotjar states in its Privacy Commitment its adherence to GDPR.
Finally, we use Google Analytics for our website to help analyse use of our site and diagnose technical issues.
How does Kokoro link to other sites?
Kokoro tries to keep data processing as simple and limited as possible. In essence, we only process data to provide services to you. The services may provide the ability to connect to other websites, social media channels, and call to action services like MailChimp.
Currently, you can link to Linkedin, Facebook, Twitter, Instagram, the personal websites of Kokoro’s team, and MailChimp if you have signed up for our newsletter.
These websites and services operate independently from us and may have their own privacy notices or policies, which ask you to review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website, or the privacy practices of the operator of the website.
Kokoro Beratungsgesellschaft mbH
Companies Register Number: HRB 31397 P
UID Number: DE321408911