The following Terms & Conditions of Use apply to all users and visitors of this website that Keypixel offers services to. The user confirms agreement of these terms and conditions by visiting this website. These guidelines may sometimes be modified by Keypixel (doing business as "Keypixel") at its exclusive discretion. Keypixel maintains the right to take all available legal and equitable remedies for any breaches of these rules and regulations. All visits to the Keypixel website, both now and in the future, are subject to these terms and conditions.
THIS WEBSITE'S CONTENTS ARE ALL COVERED BY COPYRIGHT PROTECTION. NO PORTION OF THE INFORMATION ON THIS WEB SITE MAY BE REPRODUCED IN ANY FORM, OR BY ANY MEANS, EXCEPT AS EXPRESSLY PERMITTED HEREIN, WITHOUT THE PRIOR WRITTEN CONSENT OF KEYPIXEL VISITORS OR USERS ARE NOT PERMITTED TO MODIFY, DISTRIBUTE, PUBLISH, TRANSMIT OR CREATE DERIVATIVE WORKS OF ANY
Keypixel, "Harnessing Intellectual Capital," and the Keypixel logo are Keypixel trademarks that cannot be used for any reason other than with Keypixel' express written consent.
Despite making an effort to provide factual information on the website, Keypixel disclaims all liability over the information's veracity. The items or programs described by Keypixel are subject to change at any moment without prior notice. Mention of non-Keypixel goods or services is made only for informational reasons and does not imply approval or recommendation.
ALL CONTENT ON THIS WEBSITE IS PROVIDED "AS IS," WITH ALL FAULTS, AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTY OF ANY KIND.
Without limitation, Keypixel and its partners and suppliers are not responsible for any indirect, special, consequential, or incidental damages that may result from the use of or inability to use this website or any Keypixel product, from the use of or reliance on the information provided, even if Keypixel or its partners have been informed of the possibility of such damages.
Links to other websites may be found on this website. The use of any other Internet site that is connected to this one is at the user's own risk, and Keypixel does not guarantee the truthfulness or reliability of any of the content included thereon, including any information, data, views, advice, or claims. These links are just provided by Keypixel as a convenience, and their presence does not indicate support.
Data Privacy Statement
The goal of this policy is to protect the privacy and personal information of Keypixel employees, contractors, vendors, interns, associates, customers, and business partners, as well as to make sure that Keypixel (from now on, "KEYPIXEL" or "the organization") follows all laws and rules that apply to it.
This policy applies to all KEYPIXEL employees, contractors, vendors, interns, associates, customers, and business partners who may receive personal information, have access to personal information that is collected or processed, or give information to the organization.
All partner firms and Third Parties who work with or for KEYPIXEL and have or might have access to personal information will be expected to have read this policy, understand it, and follow it. No one who is not part of the organization and has not signed a confidentiality agreement can see personal information that is kept by the organization.
4. Sticking to the rules
If non-compliance is found, the General Counsel/Data Privacy Officer will look at the reasons for the non-compliance and come up with a plan for fixing it. They will then report this to the Data Privacy Management Committee. Depending on the results of the review, it may be clear that the policy needs to be changed. If a person doesn't follow the rules over and over again, they will be punished according to the KEYPIXEL Disciplinary Policy.
5. Data Privacy Principles
This Policy lists the generally accepted privacy principles (GAPP) that KEYPIXEL follows to protect personal information and make sure it is used correctly. Use, collection, disposal, and transfer of personal information must follow these rules, unless otherwise stated in this Policy or required by law:
Notice: KEYPIXEL must tell the people whose personal information it collects, uses, keeps, and shares how it does so.
Choice and Consent: KEYPIXEL must give data subjects choices about how it collects, uses, and shares their personal information and get their consent.
Individuals will have the right to control their personal information through KEYPIXEL. This includes the right to access, change, delete, restrict, transmit, or object to certain uses of their information, as well as the right to withdraw consent that was previously given.
Collection: KEYPIXEL will only collect personal information from data subjects for the reasons listed in the privacy notice, statement of work, or contract agreements, and only to provide the product or service that was asked for.
Use, Retention, and Disposal: KEYPIXEL will only use personal information that has been collected for the reasons listed in the privacy notice, Statement of Work, or contract agreements, and in accordance with the data subject's consent. KEYPIXEL won't keep personal information for longer than is needed to accomplish the goals for which it was collected and keep good business records. KEYPIXEL will get rid of the personal information when it has served its purpose or when the data subject asks them to.
Access: KEYPIXEL must let data subjects ask about the personal information it has about them and, if necessary, give them access to that information so it can be reviewed and/or changed.
Disclosure to Third Parties: KEYPIXEL will only give personal information to Third Parties/partner firms for the reasons listed in the privacy notice/statement of work/contract agreements. Personal information will be shared by KEYPIXEL in a safe way, with the parties receiving the information promising to keep it safe, and with the data subject's permission if necessary.
Obligations for Sub-processor: When a processor (a vendor or third party working on behalf of KEYPIXEL's data processor) hires another processor (Sub-processor) to carry out specific processing activities on behalf of KEYPIXEL (controller), the same data protection obligations as set out in the contract or other legal act between KEYPIXEL and the processor shall be imposed on the Sub-processor by way of a contract or other legal act under Union or Member State law, in particular providing that the Sub- If the Sub-processor doesn't meet its data protection obligations, the initial processor (the relevant vendor or third party acting on behalf of KEYPIXEL's data processor) will still be fully responsible to KEYPIXEL for the Sub-obligations. processor's
Security to protect privacy: KEYPIXEL will keep personal information safe from unauthorized access, data leaks, and other bad things.
Quality: KEYPIXEL will make sure that the personal information it keeps on file is correct and useful for the reasons it was gathered.
Monitoring and Enforcement: KEYPIXEL will make sure that its privacy policies are followed, both internally and with third parties, and will set up ways to handle questions, complaints, and disagreements.
6. Be aware
Data subjects must be able to easily find and read the notice before or at the time they give out personal information, or it must be given as soon as possible afterward. Notices must be clear and easy to see, and they can be given online (for example, by posting them on an intranet portal, website, or by sending emails, newsletters, etc.) and/or offline (e.g. through posts, couriers, etc.). All the websites, including Intranet portals, and any internal product or service that collects personal information must have a privacy notice.
If personal information is sent across borders, the people whose information is being sent must be notified in advance.
Notices of privacy can say:
The organization's operating areas; third parties involved; business segments and affiliates; lines of business; locations; types of personal information collected; sources of information; who collects personal information and how to reach them;
Why we are asking for personal information;
A promise that the personal information will only be used for the purpose listed in the notice and only if the implicit and/or explicit consent is given, unless a law or regulation says otherwise;
Any choices the person has about how the information can be used or shared; the steps the person must take to make those choices;
How a data subject can change how they want to be contacted and how consent is gained.
Collection process and how the information is collected; how the information is used, including any transfer to third parties;
Processes for keeping and getting rid of personal information; assurance that personal information will only be kept for as long as is needed to fulfill the stated purposes or for as long as is required by law or regulation, after which it will be thrown away safely or made anonymous.
Process for getting access to personal information, costs for getting access to personal information (if any), process for updating or correcting personal information, how disagreements about personal information are settled, and how information is kept from being accessed or used without permission.
How users will find out if the privacy notice changes;
Disclosure process for third parties; assurance that personal information is given to third parties only for the purpose stated; actions to take if third parties misuse personal information;
Security measures in place to keep personal information safe; ways to keep personal information accurate;
Monitoring and enforcement mechanisms in place; a description of the complaint channels available to data subjects; how internal staff, key stakeholders, and customers can contact the company about privacy complaints or breaches; and contact information and/or other ways to report complaints and/or breaches.
What will happen if you don't give the requested information?
7. Choice and permission
Choice refers to the options that people have about how their personal information is collected and used. Consent means that they agree to the collection and use of their information, which is often shown by how they use a choice option.
KEYPIXEL must set up ways to collect and record the consent of data subjects to the collection, processing, and/or transfer of their personal information.
Data subjects must be told what choices they have about how their personal information is collected, used, and shared.
Before or at the time of collecting personal information, or as soon as possible afterward, the data subjects' written or electronic consent must be obtained.
Changes to a person's preferences should be kept track of and written down. Consent or withdrawal of consent should be properly written down.
The choices will be put into action on time and will be respected. If personal information is to be used for a purpose that wasn't listed in the notice, statement of work, or contract at the time it was collected, the new purpose must be written down, the data subject must be informed, and consent must be obtained before the new use or purpose.
The person whose information is being collected must be told if it is going to be used for marketing, advertising, etc.
Before accepting personal information from Third-Party data sources, KEYPIXEL will review the privacy policies and types of consent of Third Parties.
8. Gathering information about people
You can get personal information online or offline. No matter how it is collected, all personal information should have the same privacy protections.
Personal information should not be collected unless one of the following is true:
The data subject has given valid, informed, and free consent; Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject before entering into a contract; Processing is necessary for the organization to meet its legal obligations; Processing is necessary to protect the vital interests of the data subject; or
Processing is needed to carry out a task that is in the public interest.
Data subjects shouldn't have to give more personal information than is needed to give them the product or service they've asked for or agreed to. If a field asks for information that isn't needed to provide a service or product, it should be clearly marked as optional. Personal information should not be collected, or as little as possible should be collected.
When the goals of data collection can be met without personally identifiable information and at a reasonable cost, personal information must be de-identified.
When KEYPIXEL hires third parties to collect personal information on its behalf, it must make sure that the third parties follow the privacy rules set out in this Policy.
At least once a year, KEYPIXEL must review and keep track of the information it collects, the consent it gets, and the notice, SoW, or contract agreement that says what the information is used for.
Before using the new ways to collect personal information electronically, the project team or support function must get approval from the IT Security team.
Before accepting personal information from Third-Party data sources, KEYPIXEL will look at their privacy policies and how they collect information.
9. Use, keeping, and throwing away
Personal information can only be used for the purposes listed in the notice/SOW/contract agreements and with the data subject's permission. Personal information must be kept for as long as it is needed for business purposes listed in the notice/SOW/contract agreements at the time of collection or later authorized by the data subjects.
When using personal information for business purposes is no longer necessary, there should be a way to make sure it is either destroyed in a way that prevents unauthorized access to it or "de-identified" in a way that makes it so it can't be used to find out who it belongs to.
KEYPIXEL must have a documented way to let people who have the right to do so know about changes to the length of time the business needs to keep personal information.
Personal information must be deleted if keeping it violates any of the rules for data protection or if KEYPIXEL or the data subject no longer needs to know it. Also, KEYPIXEL has the right to keep the information about its employees for legal and regulatory purposes, as well as to follow data privacy laws.
10. Get in
KEYPIXEL shall set up a way for data subjects to exercise their rights of access, blocking, erasure, opposition, and rectification, as well as a way to let people know when their personal information has been exposed in a way that isn't right or required by law.
Data subjects have the right to get information about their own personal information when they make a written request. KEYPIXEL will respond to a request within 72 hours of getting a written request.
The people whose personal information is wrong, misleading, old, or missing have the right to ask KEYPIXEL to fix or add to it.
Requests for access to or changes to personal information should be sent to the manager of the projects team or support function responsible for the information, at the data subject's choice.
Members of the compliance team will write down and record each request for access and the action taken in response.
KEYPIXEL must give personal information to people in a way that is clear and easy to understand (not in any code format).
11. Sharing with outsiders
Data Subject shall be informed in the privacy notice/Statement of Work/contract agreement, if personal information shall be shared with Third Parties/partner firms, and it shall be shared only for the purposes described in the privacy notice/Statement of Work/contract agreement and for which the data subject has given consent.
Personal information about data subjects can only be given to Third Parties or partner firms for reasons that are in line with the purposes listed in the notice, Statement of Work, or contract agreements, or for other reasons that are allowed by law.
Before giving personal information to Third Parties or partner firms for a purpose that wasn't listed in the notice, Statement of Work, or contract, KEYPIXEL must let the data subjects know.
KEYPIXEL will let Third Parties/partner firms know about the privacy practices, procedures, and requirements for data privacy and protection.
Before any personal information is given to the Third Parties' partner firms, they must sign an NDA (Non-Disclosure Agreement) with KEYPIXEL. The NDA will have rules about not sharing customer information.
Information security policies and procedures must be written down and put into place to keep personal information collected, stored, used, transferred, and thrown away by KEYPIXEL as safe as possible.
Information asset labeling and handling rules should include controls for how personal information is stored, kept, and moved.
Personal information should be kept safe in both a logical and a physical way, so management should set up procedures to do this.
Management must come up with ways to protect personal information from being accidentally shared because of natural disasters and other environmental risks.
Protocols for handling incidents that involve personal data or privacy practices are set up and kept up to date.
13. The best
KEYPIXEL must make sure that data is accurate, complete, up-to-date, and reliable, based on the purpose for which it was collected and how it will be used.
For this reason, the general counsel and the compliance team should have systems and procedures in place to make sure that the personal information collected is correct and complete for the business purposes it will be used for.
KEYPIXEL will do an annual review of the personal information it has collected to make sure it is accurate, complete, and useful.
14. Keeping watch and enforcing
14.1. Handling disagreements and getting help
KEYPIXEL must come up with and write down an Incident and Breach Management policy that handles incidents and breaches that affect privacy.
Depending on the type and/or severity of the privacy incident or breach, the incident and breach management program has a clear path to the executive management, legal counsel, and the board. It will set up a way to record all incidents, complaints, and questions about data privacy.
KEYPIXEL shall do a periodic review of all complaints about data privacy to make sure that all complaints are resolved in a timely manner and that resolutions are written down and shared with the data subjects.
A step-up process for complaints and disagreements that can't be solved, which will be planned and written down.
All data subjects must be told how to report a privacy incident or breach and where to find the escalation matrix.
14.2: How employees can settle a dispute and take it to the next level
If an employee has questions or concerns about how their personal information is being handled, they should first talk to their immediate supervisor. If an employee doesn't want to talk to their immediate manager about a question or complaint, or if the manager and employee can't figure out how to solve the problem, the employee should talk to the General Counsel.
14.3. Customer/Third Party Dispute Resolution and Escalation Procedure
Customers or third parties who have questions or concerns about how their personal information is being handled should write to the General Counsel. Any disagreements about how personal information about people who are not employees is handled will be settled through arbitration.
14.4. Check for Compliance
At least once a year, the Compliance Team must do an internal audit to make sure that the privacy policies and laws are being followed.
The internal audit will look at the following: personal information collected from data subjects, the reasons for collecting and processing the data, and how the data is actually used.
Information about the reasons for collecting and using the data;
The existence and extent of any data subject's consent to such activities;
Any legal requirements for collecting and handling such data, as well as the scope, adequacy, and status of security measures.
The Compliance team will keep track of all the times privacy policies and procedures aren't followed and let the Data Privacy Management committee know about it.
The General Counsel and the Compliance Team will act on the results of the internal audit and work on suggestions to improve the privacy situation.
All employees, stakeholders, and customers/clients must be told about any changes to the policies.