Privacy Policy
Kintavo ("Kintavo," "we," "us," or "our") provides an electronic quality management system (eQMS) and related services (the "Service"). This Privacy Policy explains what personal information we collect, how we use and share it, and the choices and rights you have. It applies to our website, the Service, and other interactions with us.
This policy does not cover personal data that our customers upload into the Service to manage their own quality processes. For that data, we generally act as a processor on the customer's behalf, and our handling of it is governed by our customer agreement. The customer (your employer or the organization that gave you access) is the controller of that data, and their own privacy policy applies.
Who we are
The data controller for the purposes of this policy is:
Kintavo LLC | Email: [info@kintavo.com]
If you are in the European Economic Area (EEA) or the United Kingdom, our representative and/or Data Protection Officer can be reached at [info@kintavo.com].
Information we collect
Information you provide to us. This includes information you submit when you create an account, request a demo, contact support, subscribe to communications, or otherwise interact with us — for example your name, business email address, company name, job title, phone number, and any content you include in your messages.
Billing information. If you purchase a subscription, our payment processor collects the payment details needed to process your transaction. We do not store full payment card numbers on our systems.
Information collected automatically. When you use our website or the Service, we and our service providers automatically collect certain technical information, such as your IP address, device and browser type, operating system, pages viewed, referring URLs, and usage activity. Some of this is collected through cookies and similar technologies — see our Cookie Policy.
Information from third parties. We may receive information about you from business partners, marketing providers, and publicly available sources, which we may combine with information we already hold.
How we use information
We use personal information to:
provide, operate, maintain, and secure the Service;
create and administer your account and authenticate users;
process transactions and send related information such as invoices and renewal notices;
respond to your inquiries and provide customer support;
send administrative and service-related communications;
send marketing communications where permitted, from which you can opt out at any time;
understand how the Service is used and improve our products, content, and features;
detect, prevent, and address fraud, security incidents, and misuse;
comply with legal obligations and enforce our agreements.
Legal bases for processing (EEA/UK)
Where the GDPR or UK GDPR applies, we rely on the following legal bases: performance of a contract (to provide the Service and account features); legitimate interests (to operate, secure, and improve our business and the Service, where not overridden by your rights); consent (for certain marketing and non-essential cookies, which you may withdraw at any time); and compliance with a legal obligation.
How we share information
We do not sell your personal information. We share it only as described here:
Service providers and subprocessors who perform functions on our behalf, such as cloud hosting, payment processing, analytics, customer support, and communications. A current list of subprocessors is available at [subprocessors page / on request].
Professional advisors such as auditors, lawyers, and accountants.
Business transfers, in connection with a merger, acquisition, financing, or sale of assets, subject to this policy.
Legal and safety reasons, where we believe disclosure is necessary to comply with law, respond to lawful requests, protect rights and safety, or enforce our terms.
International data transfers
We may transfer, store, and process information in countries other than your own, including the United States. Where we transfer personal data out of the EEA or the UK, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum), or other lawful transfer mechanisms.
Data retention
We retain personal information for as long as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of data and the purpose for which it was collected.
Your rights and choices
Depending on where you live, you may have the right to access, correct, delete, or receive a copy of your personal information; to object to or restrict certain processing; to withdraw consent; and to lodge a complaint with a supervisory authority. Residents of certain U.S. states (such as California) have rights to know, delete, correct, and opt out of certain disclosures of personal information, and not to be discriminated against for exercising those rights.
To exercise any of these rights, contact us at [info@kintavo.com]. We will respond consistent with applicable law and may need to verify your identity. If your personal information was provided to us by an organization using the Service, please direct your request to that organization.
Security
We maintain administrative, technical, and physical safeguards designed to protect personal information. See our Security page for more detail. No system is completely secure, and we cannot guarantee absolute security.
Children's privacy
The Service is intended for business use and is not directed to children. We do not knowingly collect personal information from children under [16].
Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, provide additional notice.
Contact us
Questions about this policy or our privacy practices can be sent to:
[Legal Entity Name] [Registered Address] Email: [info@kintavo.com]