Valid from 21st November 2018

We care about your privacy

Kojto Platform, managed by Kojto Ltd. (hereinafter referred to as “Kojto”), is committed to respect your privacy and to comply with applicable data protection and privacy laws, including the General Data Protection Regulation EU No. 2016/679 (“GDPR”). This privacy policy (“Policy”) describes how we collect and use personal data where Kojto is either the data controller or joint data controller, together with a respective corporate entity, or where we refer to the applicability of this Policy. “Personal data” means information relating to you or another identifiable individual, submitted by each respective account, regardless of its type (personal or corporate).

Corporate users hereby declare and agree that personal information uploaded via their respective accounts has been lawfully obtained, its due protection remains responsibility of the respective Entity that has registered said Corporate account, and the Entity’s capacity in respect to said personal data is one of a “joint controller”, together with Kojto Ltd. Each Entity is thus obliged to duly enter into the Mutual Data Protection and Confidentiality Agreement, accessible here, as a prerequisite to successful registration with the Platform.

We will give you additional privacy information that is specific to a product or service in Supplements to this Policy and other notices you may see while using our products or services. If there is a difference between such notices and this Policy, the notices should be considered first.

Software on your device may access your information. Our products or services may contain links to other companies’ websites and services that have privacy policies of their own. Kojto is not responsible for the privacy practices of others and we recommend you read their privacy notices.

If you do not agree with this Policy, do not use our products and services or provide Kojto with your personal data.

What Information Do We Collect?

We collect your personal data and other information when you use our services or register into Kojto Platform, take part in campaigns or research or otherwise interact with us. This includes following categories:

Use of products and services When you access Kojto Platform online, our web servers automatically create records of your visit. These records typically include IP-address, access times, the sites linked from, pages visited, the links and features used, the content viewed or requested, browser or application type, language and other such information.
Information you provide us with When you create an account, request services, participate in research or campaigns or otherwise interact with us, we may ask for information such as your name, email address, phone number, street address, user names and passwords, date of birth, age, gender, and language. We also maintain records of your consents, preferences and settings relating to, for example, location data, marketing and sharing of personal data.
Positioning and Location data Location-based services establish location through the use of satellite, Wi-Fi or other network based positioning methods. These technologies may involve exchanging your location data, Wi-Fi or other network related identifiers with Kojto Platform. Our products may operate on multiple device platforms which may also collect your location data. We do not use this information to identify you personally without your consent.

When you use our location based services and features, for example location based search, your location data is sent to Kojto Platform to serve you with the right content, which may also include location based advertising.

Why Do We Process Personal Data?

Kojto Platform may process your personal data for the following purposes. One or more purposes may apply simultaneously.

Providing services We may use your personal data to provide you with our services, to process your requests or as otherwise may be necessary to perform the contract between you and Kojto, to ensure the functionality and security of our services, to identify you as well as to prevent and investigate fraud and other misuses. Notably, this includes implementation of the external Cognitive and Azure Services, provided by Microsoft Inc.
Accounts Our services require an account to help you manage the content you upload, for whose authenticity you are solely liable. Through uploading the latter you warrant that you have duly obtained the consent of the data subject whose data may be incorporated in any of the documents you upload and you remain fully liable for any claims with reference thereto.
Developing and managing services We may use your personal data to develop and manage our services, customer care, and marketing. We may combine personal data collected in connection with your use of a particular Kojto service with other personal data we may have about you, unless such personal data was collected for a different purpose.
Communicating with you We may use your personal data to communicate with you, for example to inform you that our services have changed or to send you critical alerts and other such notices relating to our services and to contact you for customer care related purposes.
Marketing, advertising and making recommendations We may contact you to inform you of new services and to conduct market research when we have your consent or it is otherwise allowed. We may use your personal data to personalize our offering and to provide you with more relevant services, for example, to make recommendations and to display customized content and advertising in our services. This may include displaying Kojto Platform and third party content.

Do We Share Personal Data?

We do not sell, lease, rent or otherwise disclose your personal data to third parties unless otherwise stated below.

Your consent and social sharing services We may share your personal data if we have your explicit written consent to do so. Some services may allow you to share your personal data with other users of the service or with other services and their users. Please consider carefully before disclosing any personal data or other information that might be accessible to other users.
Kojto affiliates and authorized third parties We may share your personal data with other Kojto affiliates or authorized third parties who process personal data for Kojto for the purposes described in this Policy.

These affiliates are not permitted to use your personal data for any other purposes. We require them to act consistently with this Policy and to use appropriate security measures to protect your personal data. You hereby expressly agree and consent to the use of any personal data provided to KOJTO ltd. by Microsoft Inc. in its capacity of an authorized third party, in compliance with their respective Privacy Standards, available on this link.

Mandatory disclosures We may be obligated by mandatory law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies in the countries where we or third parties acting on our behalf operate. We may also disclose and otherwise process your personal data in accordance with applicable law to defend Kojto’s legitimate interests, for example, in civil or criminal legal proceedings.

How Do We Address Data Quality?

We take reasonable steps to keep the personal data we possess accurate and to delete incorrect or unnecessary personal data.

We encourage you to access your personal data through your account from time to time to ensure that it is up to date.

Where Do we Store Personal Data?

Your personal data is stored by Kojto Ltd. on its servers merely for the purposes of using our service. We further store your data on cloud-based database management services engaged, located at Microsoft West Europe Data Center in Amsterdam , and externally provided cloud-based database hosted by Microsoft Inc.

How Long Do We Store Personal Data?

We store personal data for no longer than the time needed to fulfill the purposes, for which these personal data were collected, unless the relevant legislation expressly requires that your data be processed for a longer period.

We undertake to delete and erase your personal data with the expiration of the above-mentioned time period, or where:

You withdraw your consent, based on which said data is being processed, and there is no longer a legal ground for data processing;
You object to the data processing and there is no overriding legal ground for its continuation, or if you object to data processing for the purposes of direct marketing;
Personal data have been unlawfully processed;
Personal data must be deleted in order to comply with a legal obligation, binding on Kojto Ltd.;

Erasing and deletion have limited application, as data processing is required in order to comply with legal obligations, prescribing data processing activities, or in order to fulfill a task of national importance; for archiving purposes of national importance, or for the purposes of scientific or historical research, or statistical activities; or in relation to any court proceedings involving Kojto Ltd.

What Steps Are Taken To Safeguard Personal Data?

Privacy and security are key considerations in the creation and delivery of our products and services. We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our databases containing personal data to authorized persons having a justified need to access such information.

Data Protection Officer

In order to ensure full compliance with the GDPR, Kojto has appointed a Data Protection Officer (“DPO”). It has a duty to maintain high level of expertise in the applicable data protection legislation, bylaws and other regulations, including the GDPR, and related thereto national legislation. If you have any concerns or specific questions about the applicable personal data policies and practices, please refer to the information below.

Data Protection Officer Contact Details:

Name: Christian Prodanov

E-mail address: DPO@kojto.com

Telephone number: +359 2 421 55 00

The DPO is responsible for monitoring and communicating any data protection issues to the relevant Data Protection Authority, and to report regularly to the highest level of management. Kojto Ltd. hereby declares that the DPO does not carry out activities that do or may result in a conflict of interest, has good legal standing and relevant capacity to hold the office appointed.

How Do We Use Cookies?

Kojto Platform uses cookies and other similar technologies to operate and improve our websites and better tailor your website experience. We also use cookies for personalization and to display ads.

Our domains may include third party elements that set cookies on behalf of a third party, for example relating to third party social network.

What Are Your Rights?

You have a right to know what personal data we hold about you. You have a right to have incomplete, incorrect, unnecessary or outdated personal data deleted or updated. You have a right to unsubscribe from direct marketing messages and to request that we stop processing your personal data for direct marketing purposes or on other compelling legal grounds. However, if you opt-out from marketing and other communications from Kojto, critical alerts may still be sent to you.

Specifically, you have a right to

a) Be notified if a data breach, likely to result in a risk for your rights and freedoms occurs;

b) Receive confirmation as to whether personal information concerning yourself is processed, where, and for what purpose, as well as to receive, free of charge, copy of the personal data in an electronic format;

c) be forgotten – i.e. upon your request we shall erase all your personal data. This right is subject to certain conditions, as we have the duty to evaluate and compare this right to the public interest in the availability of the data;

d) receive the information applicable to yourself "in a commonly used and machine readable format and have the right to transmit that data to another controller;

You may exercise your rights by contacting our DPO, who shall serve as a general contact point for privacy issues, or by managing your account and choices through available profile management tools on Kojto Platform. In some cases, especially if you wish us to delete or stop processing your personal data, this may also mean that we may not be able to continue providing the services to you.

Information Security

To help protect the privacy of data and personally identifiable information you transmit through use of this Site, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.

Who Is The Controller of Your Personal Data?

Kojto Ltd., a company incorporated and operating under Bulgarian law with Reg. No. 201555697, with seat and registered address at 117 Zaychar Str., Sofia, Bulgaria, represented by its manager Hristo Guentchev, is the main controller of your personal data.

In respect to certain services, carried out with the participation of other Entities via registered Corporate Accounts, the above-mentioned company has the capacity of Joint Controller of personal data, together with said Entities. The contact point for privacy issues remains the DPO designated above.

Further details may be found in the Mutual Data Protection and Confidentiality Agreement, which all Entities - Corporate Users are obliged to enter into, accessible here.

Changes to This Privacy Policy

By using this Website, you agree to the terms and conditions contained herein, the general Terms and Conditions, applicable to your relationship with Kojto Ltd. and/or any other agreement or a NDA that we might have signed with you. If you do not agree to any of the terms and conditions, you should not use the Website or continue any relation already established by visiting it.

As our organization, partners, and overall endeavours develop and change from time to time, this Privacy Policy is subject to change as well. We hereby reserve the right to amend this document at any time, for any reason, without express notice to you, other than posting an accessible and valid version of the Privacy Policy on the Website. We may e-mail periodic reminders of our notices or material changes thereto, but it is important that you check Kojto Ltd.’s website frequently to be aware of any outstanding changes. The provisions contained herein supersede all previous notices or statements regarding our privacy practices and the terms and conditions applicable thereto, and shall be superseded by any expressly concluded NDAs or other official bilateral or multilateral agreements / contracts you may enter into with Kojto.