CCPA Consumer Privacy Notice
Effective Date: September 21, 2023
KINESSO, LLC and Matterkind, an operating division of KINESSO (collectively “KINESSO,” “we,” “us,” or “our”) provide this CCPA Consumer Privacy Notice that applies to California residents who are not KINESSO employees, employee applicants, owners, directors, officers or contractors of KINESSO, including as applicable, those individuals’ emergency contacts and beneficiaries.
This CCPA Consumer Privacy Notice sets forth our privacy practices as required by California Consumer Privacy Act of 2018 (“CCPA”) as amended and expanded by the California Privacy Rights Act of 2020 (CPRA). Please note, there may be additional or different privacy notices or disclosures that govern our use of Personal Information beyond the CCPA. Where the collection, use and disclosure of Personal Information is subject to the CCPA, this Privacy Notice must be construed in addition to and not in lieu of the KINESSO Products and Services Privacy Notice. In the event of any conflict between this CCPA Consumer Privacy Notice and the KINESSO Products and Services Privacy Notice, this CCPA Consumer Privacy Notice shall prevail. For collection, use and disclosure of Personal Information not subject to the CCPA, those separate and relevant privacy notices and disclosures shall prevail. Any terms defined in the CCPA have the same meaning when used in this disclosure.
KINESSO employees, applicants, owners, directors, officers or contractors of KINESSO, including as applicable, those individuals’ emergency contacts and beneficiaries in California should refer to the CCPA Employee Privacy Notice.
The CCPA confers privacy rights to California consumers and imposes corresponding obligations to covered businesses subject to the CCPA.
You have the right under the California Consumer Privacy Act of 2018 (CCPA), as amended and expanded by the California Privacy Rights Act of 2020 (CPRA), and certain other privacy and data protection laws, as applicable, to exercise free of charge:
- The privacy rights conferred to consumers include: the right to know what Personal Information is collected about them and how that Personal Information is being used and shared;
- the right to correct inaccurate personal information;
- the right to delete Personal Information held by covered businesses;
- the right to object to the sale of Personal Information as “sale” is defined under CCPA;
- the right to opt out of the sale or sharing of personal information (including automated decision-making technology and profiling);
- the right to limit the disclosure of sensitive personal information;
- and the right to non-discrimination in service and price when exercising CCPA privacy rights.
Pursuant to the CCPA, we provide the following details regarding the categories of Personal Information we have collected or disclosed within the preceding twelve (12) months from January 1st, 2023.
Categories of Personal Information Collected
- Identifiers such as name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, state identification card number, or similar identifiers;
- Personal information, as defined in the California safeguards law, including, without limitation, name, physical characteristics or description, address, telephone number, education, employment indicators, employment history, other financial related information, or predicted health and well- being interest indicators;
- Characteristics of protected classifications under California or federal law (e.g., race, ethnicity, gender, marital status, pregnancy interests, childbirth interest indicators, breastfeeding interest indicators, and other health and well-being indicators), religion or creed, ancestry, national origin, disability interests, citizenship, primary language, political affiliation/activities;
- Commercial information, including records of personal property, products or services purchased, obtained or considered, or other purchasing or shopping interests;
- Internet or other electronic network activity, including but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application or advertisement;
- Geolocation data, such as device location;
- Professional or employment-related information, such as work history and prior employer
Education information subject to the federal Family Educational Rights and Privacy Act, such as student records and directory information; and
- Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, about a consumer’s preferences and characteristics.
Other Data Sources:
We did not collect this personal information directly from California residents, but rather from publicly available databases, affiliate companies and third-party sources such as independent data providers, social media platforms and other third-party services.
We collected the above personal information for the following business and commercial purposes:
- Performing services on behalf of a client or affiliate;
- Developing and improving our services and programs for our clients;
- Establishing a direct connection with our AdTech partners;
- Conducting research, analytics, media planning, and data analysis;
- Maintaining our facilities and infrastructure;
- Undertaking quality and safety assurance measures;
- Conducting risk and security controls and monitoring, such as detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, etc.;
- Detecting and preventing fraud; performing identity verification;
Performing accounting, audit, and other internal functions, such as counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, etc.;
- Complying with law, legal process, and internal policies; maintaining records; and
- Exercising and defending legal claims.
- Activating addressable marketing messages and advertisements on partner platforms
- Helping clients find customers or prospective customers interested in their products or services
- Keeping Personal Information up to date and relevant
Sensitive Personal Information
The CPRA introduces a new term known as “sensitive personal information”. The CPRA defines “sensitive personal information” as personal information that reveals a consumer’s (a) social security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required code or credential allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, philosophical beliefs, or union membership; or (e) mail, email, or text messages (unless the business is the intended recipient). A second category of sensitive personal information includes: (a) the processing of biometric information for the purpose of identifying a consumer; (b) personal information collected and analyzed concerning a consumer’s health; and (c) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.
Consumers may “direct a business that collects sensitive personal information to limit its use of the information to that use which is necessary to perform the services or provide the goods reasonably expected,” or to perform other specifically designated services. If a business uses sensitive personal information for other purposes, it must provide notice of that use and the opportunity to opt out.
Disclosure, Share, and Sale of Personal Information
We disclose the above personal information for the business and commercial purposes discussed above to the following categories of recipients: service providers and third parties such as cloud computing and storage vendors, onboarding partners, publishers, demand-side platforms, supply-side platforms, and other AdTech platforms and marketplaces, and partners, including clients’ partners, which help us with activation, measurement, fraud prevention, and analytics. We also disclose the above personal information for the business and commercial purposes discussed above to our affiliates and clients.
During the last year, KINESSO has not sold Personal Information, as broadly defined under the CCPA, to our service providers, third parties, affiliates or clients. However, over the last 12 months from January 1st, 2023 (the effective date of the CPRA) we may have shared your personal information. Pursuant to the changes in the law through the passage of the CPRA, in connection with any personal information we may sell, share, or disclose to a third party for a business purpose, you have the right to know:
- The categories of personal information about you that we sold or shared and the categories of third parties to whom the personal information was sold or shared; and
- The categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom the personal information was disclosed for a business purpose.
California Consumers – Rights to Request
Right to Access, Correct, Limit the Disclosure, Delete, or Opt Out of Sale or sharing of personal information
Pursuant to the CCPA (as amended by the CPRA), California consumers have the right to request Kinesso:
- Disclose the Personal Information we collect about you,
- Correct the Personal Information we may have about you
- Limit the disclosure of sensitive personal information
- Delete the Personal Information we collect from you or
- Opt out of the sale or sharing of your Personal Information.
KINESSO will verify your identity in order to fulfill your request. If we are unable to verify your identity, we will be unable to fulfill your request.
To submit a request to exercise your right to access, opt-out, delete, or correct your data submit your request by email, online or telephone using the contact information below:
Email: [email protected]
Telephone: 1-888-914-9661, Pin #894002
All request responses, no matter the submission method, are completed via our online portal which is only accessible via a link provided by email.
Please note: KINESSO will retain certain Personal Information as necessary to comply with a legal obligation (including ensuring the deletion request is honored), detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for the activity. In such cases, Kinesso will retain only the minimum amount of information and only use the remaining data for the purposes provided by the statutory or regulatory exception.
California Consumers – Right to Not be Discriminated Against
Pursuant to the CCPA, California consumers have a right to be free from discriminatory treatment when exercising privacy rights. KINESSO will not discriminate against California consumers as a result of exercising a right to access, delete or opt out of the sale or sharing of their Personal Information.
The CCPA allows California consumers to use authorized agents to submit requests to KINESSO on their behalf. KINESSO requires the authorized agent verify its identity and provide written authorization from the consumer to act on the consumer’s behalf. If the agent is a business, it must also be registered with the California Secretary of State and provide proof of such registration.
In the case of an authorized agent’s request for access to personal information, the resulting report will be delivered to the consumer directly via an email directing the consumer to the online portal for access. Prior to any release of the report to the consumer, KINESSO will require the consumer to complete the identity verification process described above to minimize the risk of unauthorized access to Personal Information and potential resulting harm.