top of page

Khenda, Inc. Privacy Policy

Khenda Inc. Privacy Policy 

 

Last Updated: 29.03.2023  

 

This Privacy Policy (“Privacy Policy”) describes how your personal information is collected, used, and shared by Khenda Inc. (“Khenda”) when you visit or make a purchase from www.khenda.com (the “Site”) or use our services (“Services”). 

 

WHAT INFORMATION DO WE COLLECT?  

Khenda collects many kinds of information to offer you quality products and services. We may collect information about you when you visit the Site or subscribe for purchase or otherwise use our Service on the various available platforms. The information collected may range from simple business contact information you provide to us on a web form when establishing an account or requesting a demo or a free trial, to analytical and other information we collect through technological means such as cookies and web logging. We may also receive information from third parties, such as our Partners. The specific information we collect in any situation depends on the platform we use, the reason for the collection, and the technology involved. More  

 

Information Collected by Use of the Services: When you use our Site as a Member Khenda may automatically collect and store certain information about your usage of and interaction with the Service such as server information (hardware settings and statistics, network information, system activity, server configuration, alerts, utilization, appliance version, browser details) Logs, uploaded or recorded pictures and videos, IP address, server details, endpoint type and version, heat map, device type and type and version of the operating system, browser type, version, and language. In addition, Khanda may collect certain endpoint information (such as hardware statistics, network information, application settings, log files, error reports, and usage).  

 

Khenda may also collect, through third parties or by technical means, anonymized technical analytics information about the way users interact with and use our Service.  

 

To provide direct technical support, we may need to receive and analyze information on user log files and system databases which contain the information of the type described in this Privacy Policy.  

 

In the course of providing online or direct technical support, with your permission, we may sometimes be granted access to data that is visible on your screen. The relevant administrator may also grant us access to other data of your organization. This data may contain information about you, your organization’s employees, customers, partners, or suppliers. Any such access to information not relevant to the problem being resolved is not recorded or retained by Khenda.  

 

Cookies: Khenda may use both session and persistent cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use the Service and to provide features of the Service to you to help Khenda give you more personal, convenient website visits. Due to Cookies Khenda remembers you, your website logins, information, and more. By using the Service, if you accept that we can use cookies following the terms described in this section. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the Site and can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser.  

You may accept/reject all cookies or choose the optional cookies when you first enter the website. You can also reset your web browser to refuse, disable or delete cookies or to indicate when a cookie is being sent. However, some features of the Services may not function properly if the ability to accept cookies is disabled. You can find out more information about how to change your browser cookie settings at www.allaboutcookies.org.  

 

Log file Information: Log file information is automatically reported by your browser each time you access a web page or an app. When you use our Service, our servers automatically record certain log file information regarding keeping the activity on a web page or an app. With the help of Log files, Khenda improves its product lines, fixes bugs, and creates new and relevant features for its members. These server logs may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed and other such information.  

 

HOW DO WE USE THE INFORMATION YOU COLLECT?  

 

To Provide Products and Services: We use the information we collect to provide you with our products and services (including the Service) and in connection with our ongoing customer relationship. We also use the collected information to evaluate and improve our products and services. Some information collected assists us in operating and evaluating the Site as well as customizing and improving our activities.  

 

Legal Requirements: We are committed to protecting the Users’ privacy and only produce user data to governments in response to valid and lawful requests from the governments and relevant legal policies. We use collected information to comply with legal or governmental requirements or demands.  

 

Communications: Khenda uses the information we collect to communicate with you about Khenda’s products and services, to respond to your requests for information, and to keep Members informed of important matters, such as software and security updates and changes to our terms and conditions. We also use it to process orders and administer the financial and other aspects of our relationship.  

 

Sales Activities: Khenda uses the information it collects as part of its sales activities for processing orders, sending leads to our Partners, keeping you informed of special offers and changes in available products and services, and general marketing activities.  

 

Data Analytics: Khenda collects various kinds of statistical and analytical information in connection with the operation of the Site, the furnishing and operation of Khenda products and services, and the operation of our activities. Data we collect from these activities, such as log files and traffic information, are used to evaluate the performance of Khenda’s products and services, as well as to better understand usage patterns and the needs and interests of our current and potential Members. This assists Khenda in improving its product lines, fixing bugs, and creating new and relevant features for its members. We also sometimes contract with outside suppliers to conduct some data analytics, particularly on websites.  

 

WHERE IS THE INFORMATION WE COLLECT STORED?  

 

Electronic information collected by Khenda is kept on servers that are operated by Khenda's contracted suppliers or Partners. These servers are primarily located in the suppliers’ server locations Our server footprint will eventually include other countries as our service expands.  

 

USERS OUTSIDE OF THE UNITED STATES 

Khenda is an incorporation organized under the laws of the United States. Those who access or use the Service from other jurisdictions do so at their own choice and risk and are solely responsible for compliance with local law. Khenda is also compliant with Turkish Data Protection Law, California Consumer Privacy Act (“CCPA”), and General Data Protection Regulation (“GDPR”). Please note that the information you submit using the Services may be transferred to, collected, processed, stored, and used in, the suppliers’ server locations and other countries, so that we can provide the Service to you as outlined in this Privacy Policy. Legal and technical protection of the data is covered by Turkish Data Protection Law, CCPA, and GDPR. Please note that the level of legal protection provided in the United States, European Union, and Turkey may not be relevant to other non-European countries in which you may access the Service or otherwise use the Service may not be as stringent as that under the privacy standards or the privacy laws of some other countries, possibly including your home jurisdiction. You acknowledge and agree that we may collect, transfer, process, store, and use your information outside your home jurisdiction, and that we may transfer to, and collect, process, store, and use your information in the United States and elsewhere.  

 

WITH WHOM DO WE SHARE INFORMATION?  

 

Khenda does not share any kind of information to third parties, without your consent; except for the parties listed below. 

 

Khenda may share your information as provided in this Section.  

We do not share your information with any 3rd parties who intend to use it in targeted advertising.  

 

Administrative Access: Your organization’s general administrator (each such person, an “Administrator”) will have access to the Member Account and activity information stored via the Service (including email address and other data to the extent included). 

 

Third-Party Providers: We may share your information with third-party business partners, consultants, resellers, distributors, value-added resellers, and other service providers that perform services on our behalf to provide the Service to you. Those business partners will be given limited access to your information that is reasonably necessary to deliver the Service.  

 

Sale, Acquisition, Merger, Divestiture: We may buy or sell, divest Khenda, or any combination of its products, services, assets, and/or businesses. Your information related to the Service (as described herein) will likely be among the items transferred in these types of transactions. We may also sell, transfer or assign such information in the course of corporate divestitures, reorganizations, mergers, acquisitions, bankruptcies, dissolutions, liquidations, or similar transactions or proceedings involving all or a portion of Khenda.  

 

Legal Disclosure: We will disclose your information where required to do so by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement or governmental entity; (b) to enforce our Privacy Policy, or to protect the security or integrity of our Service; and/or (c) to exercise or protect the rights, property, and personal safety of Khenda, our employees, users, participating businesses and others.  

 

Aggregated Information: We may also share information with others in an aggregated and anonymous form that does not reasonably identify you directly as an individual for any purpose, including for research and marketing purposes, and our disclosure of such information is not subject to restriction.  

 

Khenda uses all the information collected from you to develop artificial intelligence within the company without sharing it with third parties. 

 

HOW DO WE PROTECT YOUR INFORMATION?  

 

Khenda uses commercially reasonable physical, administrative, and technical safeguards to preserve the integrity and security of your information in our or our Partners’ premises/databases in our possession. We use similar safeguards in deleting or disposing of your information. However, since the internet is not a 100% secure environment, despite these efforts we cannot but do our best to ensure or warrant the security of your information.  

You are responsible for maintaining the secrecy of your unique password and account information and for controlling access to your email communications at all times.  

When different users log in from the same account on the Khenda, minor data losses may occur if the transactions are in the same module. 

 

HOW LONG DO WE KEEP YOUR INFORMATION?  

 

Khenda will retain your information, whether or not your account is active, for as long as it believes is necessary to fulfill Khenda's business purposes or to comply with applicable law, audit requirements, regulatory requests, or orders from competent courts.  

 

WHAT ABOUT LINKS TO OTHER WEBSITES AND SERVICES?  

 

Khenda websites and email messages you receive from us may link to websites, applications, or other digital properties that have privacy provisions different than the provisions of this Privacy Policy. We recommend that you review such other privacy provisions carefully to assure your privacy is protected. Khenda is not responsible for the practices employed by such linked third-party websites, applications, or other digital properties, nor the information or content contained therein.  

 

WHAT ARE CALIFORNIA PRIVACY RIGHTS?  

Under California’s “Shine the Light” law, California residents who provide “personal information” (as defined in the law) in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the personal information we shared, if any, with other businesses for their direct marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g. requests made in 2015 will receive information about 2014). To obtain this information please write to us. Please include your full name and address. 

WHAT ARE GDPR RIGHTS?  

On 25 May 2018, GDPR came into force and replaced the “95/46/EC Directive on Data Protection” of 24 October 1995. GDPR lays out specific requirements for businesses and organizations that are established in Europe; who serve users in Europe or to1 European citizens. Khenda as a data controller, give importance to the personal data protection of the Members and its employees is handled following GDPR. The GDPR embodies the well-recognized privacy principles of transparency, fairness, and accountability. The GDPR requires that data controllers only use data processors that process personal data on the data controller’s behalf and provide adequate guarantees to meet specific requirements of the GDPR. 

 

International Data Transfer Under GDPR: Khenda has designed its privacy and security programs to ensure an appropriate level of data protection and has outlined the supplemental measures and safeguards for transfers of personal data outside of the European Union and European Economic Area. The GDPR provides for several mechanisms to facilitate transfers of personal data outside of the European Union and European Economic Area. These mechanisms are aimed at confirming an adequate level of protection or ensuring the implementation of appropriate safeguards when personal data is transferred to a third country. Where personal data will be transferred outside of the EU to third countries not covered by adequacy decisions, we commit under our data processing agreements to maintain a mechanism that will facilitate these transfers as required by the GDPR. 

If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. 

Additionally, if you are a European resident we note that we are processing your information to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States. 

 

User Rights under GDPR: The rights of the Users’ are the right to be informed, right to access, right to rectification, right to erasure/to be forgotten, right to restrict processing, right to data portability, right to object and rights about automated decision making and profiling. 

Right of confirmation: You shall have the right granted by the European legislator to obtain from the data controller the confirmation as to whether or not personal data concerning you are being processed. If you wish to avail yourself of this right of confirmation, you may, at any time, contact any employee of the data controller. 

Right of access: You shall have the right granted by the European legislator to obtain from the data controller free information about your data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant you access to the following information: 

  • the purposes of the processing; 

  • the categories of personal data concerned; 

  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; 

  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; 

  • the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning you, or to object to such processing; 

  • the existence of the right to complain with a supervisory authority; 

  • where the personal data are not collected from you, any available information as to their source; 

  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for you. Furthermore, you shall have a right to obtain information as to whether personal data are transferred to a third country or an international organization. Where this is the case, you shall have the right to be informed of the appropriate safeguards relating to the transfer. 

If you wish to avail yourself of this right of access, you may, at any time, contact any employee of the data controller. 

Right to rectification: You shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including using providing a supplementary statement. 

If you wish to exercise this right to rectification, you may, at any time, contact any employee of the controller. 

Right to erasure (Right to be forgotten): You shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning you without undue delay, and the data controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary: 

  • Personal data are no longer necessary for the purposes for which they were collected or otherwise processed. 

  • You withdraw consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing. 

  • You object to the processing under Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing according to Article 21(2) of the GDPR. 

  • Personal data have been unlawfully processed. 

  • The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject. 

  • Personal data have been collected concerning the offer of information society services referred to in Article 8(1) of the GDPR. 

If one of the aforementioned reasons applies, and you wish to request the erasure of personal data stored by the data controller, you may, at any time, contact any employee of the data controller. An employee of the data controller shall promptly ensure that the erasure request is complied with immediately. 

Where the controller has made personal data public and is obliged according to Article 17(1) to erase the personal data, the data controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that you have requested the erasure by such data controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. An employee of the data controller will arrange the necessary measures in individual cases. 

Right of restriction of processing: You shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies: 

  • The accuracy of the personal data is contested by you, for a period enabling the controller to verify the accuracy of the personal data. 

  • The processing is unlawful and you oppose the erasure of the personal data and requests instead of the restriction of their use instead. 

  • The controller no longer needs the personal data for the processing, but they are required by you for the establishment, exercise, or defense of legal claims. 

  • You have objected to processing according to Article 21(1) of the GDPR pending the verification of whether the legitimate grounds of the controller override those of you. 

If one of the aforementioned conditions is met, and you wish to request the restriction of the processing of personal data stored by the data controller, you may at any time contact any employee of the data controller. The employee of the data controller will arrange the restriction of the processing. 

Right to data portability: You shall have the right granted by the European legislator, to receive the personal data concerning you, which was provided to a data controller, in a structured, commonly used, and machine-readable format. You shall have the right to transmit those data to another data controller without hindrance from the data controller to which the personal data have been provided, as long as the processing is based on consent according to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract according to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or the exercise of official authority vested in the controller. 

Furthermore, in exercising your right to data portability according to Article 20(1) of the GDPR, you shall have the right to have personal data transmitted directly from one data controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others. 

To assert the right to data portability, you may at any time contact any employee of the data controller. 

Right to object: You shall have the right granted by the European legislator to object, on grounds relating to your particular situation, at any time, to the processing of personal data concerning you, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions. 

The data controller shall no longer process the personal data in the event of the objection unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of you, or for the establishment, exercise, or defense of legal claims. 

If the data controller processes personal data for direct marketing purposes, you shall have the right to object at any time to the processing of personal data concerning you for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If you object to the data controller processing for direct marketing purposes, the data controller will no longer process the personal data for these purposes. 

In addition, you have the right, on grounds relating to your particular situation, to object to the processing of personal data concerning you by the data controller for scientific or historical research purposes, or statistical purposes according to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest. 

To exercise the right to object, you may contact any employee of the data controller. In addition, you are free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use your right to object by automated means using technical specifications. 

Automated individual decision-making, including profiling: You shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between you and a data controller, or (2) is not authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is not based on your explicit consent. 

If the decision (1) is necessary for entering into, or the performance of, a contract between you and a data controller, or (2) it is based on your explicit consent, the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and contest the decision. 

If you wish to exercise the rights concerning automated individual decision-making, you may, at any time, contact any employee of the data controller. 

Right to withdraw data protection consent: You shall have the right granted by the European legislator to withdraw your consent to the processing of your data at any time. 

If you wish to exercise the right to withdraw the consent, you may, at any time, contact any employee of Khenda. 

 

We may update this privacy policy from time to time to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@khenda.com

bottom of page