Kx Advisors Privacy Policy

Last updated: May 15th, 2024

Kx Advisors, LLC (“Company”, “we”, “our”, or “us”) understands that privacy is important to our users. This Privacy Policy describes our practices regarding the collection, use, sharing, and protection of your personal information for our surveys, interviews, or other market research activities that we conduct on behalf of our clients (collectively, the “Activities”). This Privacy Policy also tells you about the rights and choices you have with respect to your personal information, how you can assert those rights, and how you can contact us to get answers to your questions.

Please note that our privacy practices are subject to the applicable laws of the regions in which we operate. Accordingly, some additional region-specific terms will only apply to individuals in those locations, or as required by applicable laws.

  • If you are a resident of California or Texas, please see the section of the Privacy Policy below titled Additional U.S. State Privacy Rights.
  • If you are a resident of the European Economic Area, United Kingdom, or Switzerland, please see the section of the Privacy Policy below titled European Privacy Rights.

For more information about how users with disabilities can access this Privacy Policy in an alternative format, please reach out to us at privacy@kxadvisors.com.

BY TAKING PART IN THE ACTIVITIES, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH OUR POLICIES OR PRACTICES, YOU SHOULD NOT PARTICIPATE IN THE ACTIVITIES OR PROVIDE US WITH ANY PERSONAL INFORMATION.

 

PERSONAL INFORMATION WE COLLECT FROM YOU

This Privacy Policy applies to the personal information that we obtain through the Activities. We use the term “personal information” – also called “personal data” or “personally identifiable information” in the laws of some jurisdictions – to refer to information that reasonably identifies, relates to, describes, or can be associated with you. Data that has been deidentified or that otherwise cannot reasonably be related back to a specific person is not considered personal information.

The following are the categories and types of personal information that we may collect from or about you through your participation in the Activities:

  • Identifiers and contact information, such as your real name and email address;
  • Characteristics and demographics, such as your age;
  • Audio/visual sensory information, such as such as audio and video recordings of you;
  • Professional or employment-related information, such as your employment status, place of employment, employment/educational history, and resume or CV information.
  • Device related information, such as whether you are using a desktop or mobile device; and;
  • Any other personal information that you voluntarily provide us.

 

HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION

We or our service providers may collect personal information that you provide to us directly through your participation in the Activities, or if you contact us via email to ask questions or make service requests. We may also link the personal information you provide to us with personal information that we collect from other sources. Additionally, we may automatically collect information related to the type of device that you are using to participate in the Activities.

 

We may use your personal information for the following purposes:

  • To communicate with you, which may include: contacting you about and providing you with our services; and responding to your direct inquiries, requests, issues or feedback, and providing customer service;
  • To conduct the Activities, which may include: aggregating your survey responses for the purposes of market research and sharing it with our clients; and providing and maintaining the functionality of the Activities, including identifying and repairing errors or problems;
  • For security and fraud prevention, which may include: helping maintain the safety, security, and integrity of our databases and other technology assets; detecting security incidents; and protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
  • To comply with legal obligations, which may include: compliance with legal or regulatory obligations, establishing or exercising our rights, and to defending against a legal claim; responding to law enforcement requests and as required by applicable law, court order, legal process, or governmental regulation; and acting in connection with a bankruptcy proceeding or the sale, merger, or change of control of the Company or the division responsible for the services with which your information is associated;
  • For any additional purposes that you specifically consent to.

We reserve the right to develop and derive aggregate data (meaning information that relates to a group or category of individuals, from which individual identities have been removed) from personal information you provide us during your participation in the Activities. Such aggregate data will be treated as non-personal information and will be provided to the clients for whom we are conducting market research.

 

We also reserve the right to supplement your personal information with information we gather from other sources which may include online and offline sources. We may collect information that is not personal information, including anonymous or aggregate data, or information lawfully made available from federal, state, or local government records. Because non-personal information does not personally identify you, we may collect, use, and disclose such information for any purpose permitted by law. In some instances, we may combine non-personal Information with personal information. If we combine any non-personal information with personal information, the combined information will be treated by us as personal information to the extent that it is capable of personally identifying you.

 

HOW WE DISCLOSE OR SHARE YOUR INFORMATION

In addition to using your personal information ourselves for the reasons stated above (and as otherwise mentioned in this Privacy Policy), we may disclose your personal information to other affiliates and entities in the following instances:

  • Service Providers

We may share your personal information with third-party service providers who may use your information to provide us with services including, but not limited to: website hosting, data analysis, infrastructure provision, information technology services, and anti-fraud monitoring. These service providers may have access to personal information that is necessary to perform their functions, but they are only permitted to do so in connection with performing services for us. They are not authorized by us to use the information for their own benefit.

  • Legal Compliance and to Defend Our Rights

We may disclose personal information and other information as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

  • Business Transfers

We may share your personal information and other information with third parties in connection with a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the assets of the Company, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.

  • Non-Personal Information

We may share non-personal information with unaffiliated third parties, such as the clients whom we are conducting market research on behalf of. We publicly commit to maintain and use the information in de-identified or aggregate form, and not to attempt to re-identify the information.  

Please note that if you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.

 

HOW WE PROTECT YOUR PERSONAL INFORMATION

Personal information is maintained on our servers or those of our vendors, and is accessible by authorized employees, independent contractors, representatives, and agents as necessary for the purposes described in this privacy policy. We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of personal information. However, no method of safeguarding information is completely secure, and we cannot guarantee that our safeguards will be effective or sufficient. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us of the problem by contacting us at privacy@kxadvisors.com.

 

DATA RETENTION

We will retain your personal information for as long as needed to conduct the Activities, and for a reasonable time thereafter in accordance with our standard procedures or as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements. Even if we delete some or all of your information, we may continue to retain and use anonymous or aggregate data, or any other data that constitutes non-personal information. Please note that we will not be liable for disclosures of your data due to errors or unauthorized acts of third parties.

 

CROSS-BORDER DATA TRANSFERS

If you submit personal information to us, that information may be processed in a jurisdiction where privacy laws may be less stringent than those in your country of residence. By submitting your personal information to us, you agree to the transfer, storage, and processing of such information in foreign jurisdictions including, but not limited to, the United States. Where applicable, we may use model clauses approved by the laws of your jurisdiction (such as Standard Contractual Clauses approved by the European Commission) for cross-border data transfers. 

 

CHILDREN’S PRIVACY

We do not knowingly collect personal information from children under the age of 13. When we become aware that personal information (or other information that is protected under applicable law) from a child under 13 has been collected, we will use all reasonable efforts to delete such information from our databases. If you believe we might have any personal information from or about a child under 13, please contact us by using the information the section below titled Contacting Us.

 

CHANGES TO THIS POLICY

We reserve the right, at our discretion, to change, modify, add, or remove portions from this Privacy Policy at any time, provided that any such modifications will only be applied prospectively. We encourage you to periodically review our website at https://kxadvisors.com for the latest information on our privacy practices.

 

CONTACTING US

If you have any questions about our privacy or security practices, you can contact us via email at privacy@kxadvisors.com.

 

ADDITIONAL U.S. STATE PRIVACY RIGHTS

You may have specific rights regarding your personal information under the California Consumer Privacy Act, Texas Data Privacy and Security Act, or similar laws in other U.S. states (collectively, “State Privacy Laws”), if you are a resident of California, Texas, or a state with similar privacy laws (collectively, “Covered States”). This section describes the rights that consumers of Covered States have and explains how to exercise those rights. To be clear, these rights are granted only to the extent that you are considered a consumer of Covered State and we are acting as a “controller” or “business” (as applicable) under State Privacy Laws with respect to your personal information.

The categories of personal information we process, our purposes for processing your personal information, the categories of personal information that we share with third parties, and the categories of third parties with whom we share it are set forth in the terms of the Privacy Policy above.

Information We Collect; How We Collect It; How We Use It

General information regarding our collection, use, and disclosure of personal information is set forth in the Privacy Policy above.

In the past 12 months, we have collected categories of personal information described in the section of the Privacy Policy above titled Personal Information We Collect From You, and we have collected this information from the sources described in the section titled How We Collect and Use Your Personal Information. Depending on your level of interaction with us, we may not have collected your personal information from all of the categories listed in the Privacy Policy above. We collect and use your personal information for the business or commercial purposes described in the section titled How We Collect and Use Your Personal Information, and retain it pursuant to the section titled Data Retention. We only disclose your personal information to service providers who perform business services for us, and do not sell or share your personal information with third parties for their own commercial use. As discussed in the Privacy Policy, we may disclose aggregated information to our clients whom we conduct market research on behalf of, and this aggregated information does not personally identify you.

Rights to Your Information

In addition to the rights set forth in our Privacy Policy, State Privacy Laws may, depending on your state of residence, provide you with the following rights:

  • Right to know. You may have the right to know whether we process your personal information and to access such personal information. You may also have the right to request that we disclose certain information to you about our collection, use, or disclosure of your personal information.
  • Right to data portability. You may have the right to obtain a copy of your personal information that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another business without hindrance, where the processing is carried out by automated means.
  • Right to delete. You may have the right to delete personal information that you have provided by or that we have obtained about you. Please note that we may deny such request if the requested deletion falls under an exception as set forth in the State Privacy Laws.
  • Right to correct. You may have the right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes for which we process it.
  • Right to opt out. Although you have the right to opt out of the processing of your personal information for purposes of (i) targeted advertising, (ii) the sale of personal information, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you; we do not process your personal information for any of these purposes and have no plans to do so.
  • Right to limit the use of your sensitive personal information. If you are a California resident, you have the right to limit the use or disclosure of your sensitive personal information (“SPI”) if we are using it beyond what is reasonable and proportionate to provide the requested goods or services. Although we may collect SPI (specifically, information that reveals your health status, condition, or diagnosis) from you in the context of the activities, we only do so to the perform market research activities that you have provided your voluntary and informed consent to participate in, and for no other purpose. As such, our collection of SPI is not subject to your “right to limit” under California law.
  • Right to nondiscrimination. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. Unless permitted by the State Privacy Laws, we will not:
    • Deny you goods or services;
    • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
    • Provide you a different level or quality of goods or services; or
    • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

How to Exercise Your Rights; Verifying Your Identity

To exercise any of your privacy rights, or if you have any questions about your privacy rights, you may contact us by emailing us at privacy@kxadvisors.com

After submitting a request, we will take steps to verify your identity in order for us to properly respond and confirm that it is not a fraudulent request. In order to verify your identity, we will ask, at a minimum, that you provide your name, email address, and relationship to us, so that we can seek to match this information with the information existing in our systems. When providing us this information, you represent and affirm that all information provided is true and accurate. If we are unable to verify that the consumer submitting the request is the same individual about whom we have collected personal information, we may contact you for more information, or we may not be able to meet your request.

Only you (or for California residents, an agent legally authorized to act on your behalf) may make a verifiable request related to your personal information. If you are making a request as the authorized agent of a California consumer, we will ask you also submit reliable proof that you have been authorized in writing by the consumer to act on such consumer’s behalf. If you are making a request as the parent or legal guardian of a known child regarding the processing of that child’s personal information, we may ask you to submit reliable proof of your identity.

Response Time; Your Right to Appeal

We will make every effort to respond to your request within 45 days from when you contacted us. If you have a complex request, State Privacy Laws allow us up to 90 days to respond. We will contact you within 45 days from when you contacted us to inform you of the need for additional time and the reason for such extension. We may charge you a reasonable fee to cover administrative costs if your requests are manifestly unfounded, excessive, or repetitive.

If we decline to take action on a request that you have submitted, we will inform you of our reasons for doing so, and provide instructions for how to appeal the decision. Depending on your state of residence you may have the right to appeal within a reasonable period of time after you have received our decision. If you have this appeal right, within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, we will provide you with a method for contacting your state attorney general’s office to submit a complaint.

EUROPEAN PRIVACY RIGHTS

IF YOU ARE SITUATED IN THE EUROPEAN ECONOMIC AREA, SWITZERLAND, OR THE UNITED KINGDOM, THIS SECTION APPLIES TO OUR COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL DATA AND ADDITIONAL RIGHTS YOU HAVE UNDER APPLICABLE LAW.

Legal Basis

We will only use your personal data, as that term is defined under the General Data Protection Regulation (“GDPR”), when the law allows us to. We will process your personal data in the context of the Activities based on your consent and as needed perform the contract you have entered into with us. We may otherwise process your personal data where it is necessary for our legitimate interests (or those of a third party) so long as your interests and fundamental rights do not override those interests, or where we need to comply with a legal or regulatory obligation. To the extent that we are processing information that constitutes “special categories of personal data” (namely, data relating to your health status, condition, or diagnosis), we process this information in the context of scientific research pursuant to GDPR Article 89 or otherwise based on your explicit consent. To the extent permitted under applicable laws, we will also process, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary.

Data Controller

Kx Advisors is the data controller of all personal data collected through the Activities. To contact us, please see the section of the Privacy Policy above titled Contacting Us.

If you are situated in the EEA, Switzerland, or the UK and have any complaints regarding our privacy practices, you have the right to make a complaint at any time to your local supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority, so please contact us in the first instance. If you have a complaint, please contact our privacy manager here: privacy@kxadvisors.com.

Provision of personal data and failure to provide personal data

Where we need to collect personal data by law or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this case, we may not be able to provide certain services to you.

Collection of personal data from third-party sources

We may obtain personal data and other information about you public sources and through our third-party partners who help us provide our services.

Withdrawing your consent

If we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time by contacting us at privacy@kxadvisors.com.

 

Data Transfer

We may transfer personal data from the EEA, Switzerland, and the UK to the USA and other countries, some of which have not been determined by the European Commission or the UK Secretary of State to have an adequate level of data protection. Where we use certain vendors, we may use specific contracts approved by the European Commission or the UK Secretary of State which give personal data the same protection it has in Europe. For more information about how we transfer your data, please contact us at privacy@kxadvisors.com.

Data Subject Rights

If you are situated in the European Union, Switzerland, or the UK, under the GDPR, as a data subject, you have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

 

To exercise your rights under the GDPR, please reach out to us using the information in the section of the Privacy Policy above titled Contacting Us. Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.