Privacy & data governance

Effective Date: 25 May 2021

Maintaining your data secure is our top priority!
Our goal is to ensure a safe environment for our users while providing an impeccable performance of our platform.

Compliance

Krock.io is hosted entirely on Digital Ocean PaaS, an American cloud infrastructure provider headquartered in New York City with data centers worldwide.

Digital Ocean provides end-to-end security and privacy features built-in, while our team takes additional precautions and proactive measures to guarantee data protection for our customers. For more specific details on Digital Ocean Cloud security measures, please visit https://www.digitalocean.com/trust/

Our hosting server is AICPA SOC 2 Type II certified. By achieving compliance with this globally recognized information security controls framework, DigitalOcean has demonstrated a commitment to protecting sensitive customer and company information.

In case you would like to access Digital Ocean´s SOC 2 report, please reach out to them via privacy@digitalocean.com to request a copy.

 

Additionally, DigitalOcean has achieved Cloud Security Alliance (CSA) STAR Level 1, which addresses fundamental security principles across 16 domains to help cloud customers assess the overall security risk of a cloud service.

Retention Policy

Krock.io collects and retains the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected – provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. Please, visit our Privacy Policy to know more about:

  • what type of Information Krock.io collects;
  • how Krock.io uses cookies;
  • which Information will be publicly visible on the Service;
  • how Krock.io uses Personal Information to provide You with the Service;
  • how Krock.io uses Personal Information for marketing purposes;
  • how long Krock.io stores Personal Information.

Archiving Policy

Krock.io may process your Personal Information for archiving purposes unless You request not to do so by contacting us through legal@krock.io.

If you are a European Union resident, under GDPR, Krock.io can process your Personal Information for archiving purposes beyond the stated retention period if doing so is in the public interest or for historical, scientific, or statistical purposes. We ensure that archiving does not contravene the rights and freedoms of data subjects and that appropriate technical and organizational safeguards are in place, such as data minimization, pseudonymization, or encryption.

Destruction Policy

In case you would like Krock.io to delete your Personal Information, and if the erasure of that Personal Information does not interfere with Krock.io providing the Services, you may place such a request through legal@krock.io. We will process such requests in accordance with the applicable laws of your country of residence. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

Moreover, if you are a resident of California state, US, in accordance with the California Consumer Privacy Act of 2018 (“CCPA”), you may have the right to request the erasure of Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise this right, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

If you are a resident of Virginia state, US, in accordance with the SB 1392 Consumer Data Protection Act, you may have the right to request the erasure of Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise this right, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

If you are a European Union resident, you have the right to request the erasure of Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise this right, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

Data governance policy

In case you would like to: (i) request confirmation of whether Krock.io is processing your Personal Information; (ii) obtain access to or a copy of your Personal Information; (iii) receive an electronic copy of Personal Information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) restrict our uses of your Personal Information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Information; and if such request does not interfere with Krock.io providing the Service you may place such a request through legal@krock.io. We will process such requests in accordance with the applicable laws of your country of residence. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

Moreover, if you are a resident of California state, US, in accordance with the California Consumer Privacy Act of 2018 (“CCPA”), you may have the right to: request confirmation of whether we are processing your Personal Information; (ii) obtain access to or a copy of your Personal Information; (iii) receive an electronic copy of Personal Information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) restrict our uses of your Personal Information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise any of these rights, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

If you are a resident of Virginia state, US, in accordance with the SB 1392 Consumer Data Protection Act, you may have the right to: (i) request confirmation of whether we are processing your Personal Information; (ii) obtain access to or a copy of your Personal Information; (iii) receive an electronic copy of Personal Information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) restrict our uses of your Personal Information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise any of these rights, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

If you are a European Union resident, you have the right to: (i) obtain access to or a copy of your Personal Information; (ii) restrict our uses of your Personal Information; (iii) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Information held about you by Krock.io, subject to certain exceptions prescribed by law. If you would like to exercise any of these rights, please contact us at legal@krock.io. We will process such requests in accordance with applicable laws. To protect your privacy, Krock.io may take steps to verify your identity before fulfilling your request.

Data storage policy

Personal Information that Krock.io collects about you may be transferred to, stored at, and processed by Krock.io and other third parties outside the country in which you reside, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using Krock.io, you agree to this transfer, storing, or processing. Krock.io will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy. Your project, your team’s project, and task data will never be transferred to third parties. The only data Krock.io may share with third parties is for analytics, error tracking, and marketing.

Krock.io uses infrastructure and storage services from Third-Party to provide you with the Services. Krock.io uses DigitalOcean Infrastructure as a Service (IaaS) for processing, data storage, and other additional services as needed.

Moreover, Krock.io employs appropriate technical and organizational security measures to prevent unauthorized access to the collected Personal Information. You can learn more about the security measures provided by DigitalOcean IaaS here.