Privacy Policy

English | Spanish

This policy is effective as of 26 May 2021.

Last updated: 29 January 2024

1.0 Introduction:

Your privacy is important to us. It is KJT Group, Inc.’s policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, https://kjtgroup.com, and other sites we own and operate.

Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service.

In the event our site contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. This Privacy Policy does not apply to any of your activities after you leave our site.

In addition, KJT Group, Inc. complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Frameworks (Data Privacy Framework Services) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom and/or Switzerland, as applicable to the United States in reliance on Data Privacy Framework Services. KJT Group, Inc. has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit www.dataprivacyframework.gov.

 

2.0 Information We Collect

Information we collect falls into one of two categories: “voluntarily provided” information and “automatically collected” information.

“Voluntarily provided” information refers to any information you knowingly and actively provide us when using or participating in any of our services, such as the data specified in section 2.2 and 2.3.

“Automatically collected” information refers to any information automatically sent by your devices in the course of accessing our products and services, such as the data specified in section 2.1.

2.1 Log Data

When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your device’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.

Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred, or what the nature of the error is.

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

2.2 Personal Information

We may ask for personal information — when you contact us — which may include one or more of the following:

  • Name
  • Email
  • Date of birth
  • Phone/mobile number
  • Home/mailing address

2.3 Sensitive Information

“Sensitive information” or “special categories of data” is a subset of personal information that is given a higher level of protection. Examples of sensitive information include information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation, sexual practices or sex life, criminal records, health information, or biometric information.

The types of sensitive information that we may collect about you include:

  • Racial or ethnic origin
  • Political opinions
  • Religion
  • Philosophical beliefs
  • Sexual orientation
  • Sexual practices or sex life
  • Health information

We will only collect sensitive information for the purposes of providing research services. We will not collect sensitive information about you without first obtaining your expressed affirmative consent, and we will only use or disclose your sensitive information as permitted, required, or authorized by law.

2.4 Legitimate Reasons for Processing Your Personal Information

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

2.5 Collection and Use of Information

We may collect personal information from you when you do any of the following on our website:

  • Use a mobile device or web browser to access our content
  • Contact us via email, social media, or on any similar technologies
  • When you mention us on social media

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:

  • to provide you with our core services
  • to contact and communicate with you
  • to consider your employment application

We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, our research activities may uncover data and insights, which we may combine with information about how visitors use our site to improve our site and your experience on it.

While your personal data is being processed, we will take reasonable steps to ensure that the data is reliable for its intended use, accurate, complete and current.

2.6 Security of Your Personal Information

When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss, misuse and theft, as well as unauthorized access, disclosure, copying, use, alteration or destruction.

Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure, and no one can guarantee absolute data security.

2.7 How Long We Keep Your Personal Information

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. For example, if you have provided us with personal information such as an email address when contacting us about a specific enquiry, we may retain this information for the duration of your enquiry remaining open as well as for our own records so we may effectively address similar enquiries in future. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you.

However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.

3.0 Children’s Privacy

We do not aim any of our products or services directly at children under the age of 13, and we do not knowingly collect personal information about children under 13.

4.0 Disclosure of Personal Information to Third Parties

We may disclose personal information to:

  • third-party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, analytics, error loggers, debt collectors, maintenance or problem-solving providers, professional advisors, and payment systems operators.
  • our employees, contractors, and/or related entities
  • our existing or potential agents or business partners
  • credit reporting agencies, courts, tribunals, and regulatory authorities, in the event you fail to pay for goods or services we have provided to you
  • third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you
  • third parties to collect and process data
  • an entity that buys, or to which we transfer all or substantially all of our assets and business

Please note that in addition to the conditions state above, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or to establish, exercise or defend our legal rights.

We utilize a myriad of third party providers to provide market research services. All third-party providers that process personal information on our behalf must protect the privacy of personal information entrusted to them and must only utilize personal information for the limited and specific purpose consistent with the consent provided by the individual. We will always ensure that appropriate contracting is in place prior to disclosing your personal information to a third party. The third party will provide the same level of protection as KJT and will notify us if they make a determination that they can no longer meet this obligation. The contract shall provide that when such a determination is made the third party ceases processing or takes other reasonable and appropriate steps to remediate unauthorized processing and provide a summary or representative copy of the relevant privacy provisions of its contract with to KJT upon request. We will remain liable under the principles if a third party processes information in a manner that is inconsistent with the principles.

5.0 International Transfers of Personal Information

The personal information we collect is stored and/or processed in United States, or where we or our partners, affiliates, and third-party providers maintain facilities.

The countries to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy.

6.0 Use of Cookies

We use “cookies” to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified.

Please refer to our Cookie Policy for more information.

7.0 Business Transfers

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.

8.0 Additional Disclosures for Australian Privacy Act Compliance (AU)

International Transfers of Personal Information

Where the disclosure of your personal information is solely subject to Australian privacy laws, you acknowledge that some third parties may not be regulated by the Privacy Act and the Australian Privacy Principles in the Privacy Act. You acknowledge that if any such third party engages in any act or practice that contravenes the Australian Privacy Principles, it would not be accountable under the Privacy Act, and you will not be able to seek redress under the Privacy Act.

9.0 Additional Disclosures for General Data Protection Regulation (GDPR) Compliance (EU)

9.1 Data Controller / Data Processor

The GDPR distinguishes between organizations that process personal information for their own purposes (known as “data controllers”) and organizations that process personal information on behalf of other organizations (known as “data processors”). We, KJT Group, Inc., located at the address provided in our Contact Us section, are a Data Controller and/or Processor with respect to the personal information you provide to us.

9.2 Legal Bases for Processing Your Personal Information

We will only collect and use your personal information when we have a legal right to do so. In which case, we will collect and use your personal information lawfully, fairly, and in a transparent manner. If we seek your consent to process your personal information, and you are under 16 years of age, we will seek your parent or legal guardian’s consent to process your personal information for that specific purpose.

Our lawful bases depend on the services you use and how you use them. This means we only collect and use your information on the following grounds:

9.3 Consent From You

Where you give us consent to collect and use your personal information for a specific purpose. You may withdraw your consent at any time using the facilities we provide; however this will not affect any use of your information that has already taken place. When you contact us, you may consent to your name and email address being used so we can respond to your enquiry. While you may request that we delete your contact details at any time, we cannot recall any email we have already sent. If you have any further enquiries about how to withdraw your consent, please feel free to enquire using the details provided in the Contact Us portion (section 15) of this privacy policy.

9.4 Performance of a Contract or Transaction

Where you have entered into a contract or transaction with us, or in order to take preparatory steps prior to our entering into a contract or transaction with you. For example, if you contact us with an enquiry, we may require personal information such as your name and contact details in order to respond.

9.5 Our Legitimate Interests

Where we assess it is necessary for our legitimate interests, such as for us to provide, operate, improve and communicate our services. We consider our legitimate interests to include research and development, understanding our audience, marketing and promoting our services, measures taken to operate our services efficiently, marketing analysis, and measures taken to protect our legal rights and interests.

9.6 Compliance with Law

In some cases, we may have a legal obligation to use or keep your personal information. Such cases may include (but are not limited to) court orders, criminal investigations, government requests, and regulatory obligations. If you have any further enquiries about how we retain personal information in order to comply with the law, please feel free to enquire using the details provided in the Contact Us portion (section 15) of this privacy policy.

10.0 International Transfers Outside of the European Economic Area (EEA)

We will ensure that any transfer of personal information from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.

11.0 Your Rights and Controlling Your Personal Information

11.1 Your choice: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You have the right to choose if your information can be disclosed to a third party and for what purposes it may be used.

Please note that you do not have to provide personal information to us and you have the right to choose how your information may be used as stated above, however, it may affect your use of our website or the products and/or services offered on or through it.

11.2 Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

11.3 Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

11.4 Access: You may request details of the personal information that we hold about you. We will provide you access to your personal information except where the burden or expense of providing access would be disproportionate to the risk to your privacy or where the rights of persons other that you would be violated.

11.5 Correction: If you believe that any information that we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct or amend information found to be inaccurate, incomplete, misleading, or out of date.

11.6 Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example providing user support), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.

11.7 Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

11.8 Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

11.9 Unsubscribe: To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details provided in this privacy policy, or opt-out using the opt-out facilities provided in the communication. We may need to request specific information from you to help us confirm your identity.

11.10 Restrict: You have the right to request that we restrict the processing of your personal information if (i) you are concerned about the accuracy of your personal information; (ii) you believe your personal information has been unlawfully processed; (iii) you need us to maintain the personal information solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests.

11.11 Objecting to processing: You have the right to object to processing of your personal information that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information.

11.12 Data portability: You may have the right to request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may also have the right to request that we transfer this personal information to a third party.

11.13 Deletion: You may have a right to request that we delete the personal information we hold about you at any time, and we will take reasonable steps to delete your personal information from our current records. If you ask us to delete your personal information, we will let you know how the deletion affects your use of our website or products and services. There may be exceptions to this right for specific legal reasons which, if applicable, we will set out for you in response to your request. If you terminate or delete your account, we will delete your personal information within 10 days of the deletion of your account. Please be aware that search engines and similar third parties may still retain copies of your personal information that has been made public at least once, like certain profile information and public comments, even after you have deleted the information from our services or deactivated your account.

12.0 Recourse Enforcement and Liability:

For data subjects under the EU DPF there is the possibility, under certain limited conditions, for individuals to invoke binding arbitration before the DPF Arbitration Panel.

We have readily available independent recourse mechanisms by which each individual’s complaints and disputes are investigated and expeditiously resolved at no cost to the individual and by reference to the Principles, and damages awarded where the applicable law or private-sector initiatives so provide.

We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC). When it is determined that we have failed to comply with the principles of the DPF, follow up procedures for verifying the assertions made by us are true and the and that privacy practices have been implemented will be administered. At a minimum we will be obligated to remedy problems arising out of the failure to comply with the principles of the DPF and may be subject to sanctions under the enforcement powers of the FTC.

If we were to become subject to a court order that is based on non-compliance or an order from the FTC we shall make public any relevant EU-U.S. DPF-related sections of any compliance or assessment report submitted to the court or U.S. statutory body to the extent consistent with confidentiality requirements. The FTC has established a dedicated point of contact for DPAs for any problems of compliance by participating organizations. The FTC will give priority consideration to referrals of non-compliance with the Principles from the Department and EU Member State authorities, and will exchange information regarding referrals with the referring state authorities on a timely basis, subject to existing confidentiality restrictions.

13.0 Limits of Our Policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

14.0 Changes to This Policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

15.0 Contact Us

In compliance with the DPF Principles, KJT Group, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact KJT Group, Inc. at:

Dan Wasserman
compliance@kjtgroup.com
KJT Contact Form
777 Canal View Blvd Suite 1400
Rochester, NY 14623

KJT Group, Inc. has further committed to refer unresolved privacy complaints under the DPF Principles to the INSIGHTS ASSOCIATION DPF SERVICES PROGRAM, a non-profit alternative dispute resolution provider located in the United States and operated by the Insights Association. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.insightsassociation.org/Resources/Data-Privacy-Framework/Information-for-EU-Swiss-Citizens-to-file-a-complaint for more information and to file a complaint. These dispute resolution services are provided at no cost to you.

For individuals that do not reside within the EU, please also contact Dan Wasserman (compliance@kjtgroup.com) or complete the KJT Contact Form.