Privacy Policy

1. Scope and Application

1.1 What This Policy Covers

This Privacy Policy applies to:

• All personal information collected through the Service;
• Personal information collected when you visit our website;
• Personal information collected through our communications with you;
• Personal information collected through our customer support channels;
• Any other personal information we collect in connection with our business operations.

1.2 What This Policy Does Not Cover

This Privacy Policy does not apply to:

• Third-party websites or services linked from our Service;
• LinkedIn's collection and use of your data (governed by LinkedIn's Privacy Policy);
• Information collected by third parties not acting on our behalf;
• Employment-related information collected from job applicants;
• Publicly available information from government records.

1.3 Controller Information

For the purposes of applicable data protection laws, [know] is the data controller responsible for your personal information. Our contact details are:

• Company: [know]
• Email: founders@useknow.io

2. Definitions

In this Privacy Policy, the following terms have the meanings set out below:

• "Personal Information" or "Personal Data" means any information relating to an identified or identifiable natural person, including but not limited to names, email addresses, IP addresses, device identifiers, and any other information that can be used to identify you directly or indirectly.
• "Processing" means any operation performed on personal information, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
• "Data Controller" means the entity that determines the purposes and means of processing personal information.
• "Data Processor" means the entity that processes personal information on behalf of the data controller.
• "Data Subject" means the individual to whom personal information relates.
• "Sensitive Personal Information" means personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation.
• "Session Data" means cookies, authentication tokens, and other technical information used to maintain your authenticated connection to LinkedIn.
• "User Data" means any personal information exported from LinkedIn through the Service.
• "Usage Data" means information collected automatically about how you use the Service.

3. Information We Collect

3.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

3.1.1 Account Information

• Email Address: We collect your email address to identify your export session, communicate with you about your data export status, and provide customer support. Your email address is required to use the Service.
• Communications: When you contact us for support or with inquiries, we collect your name, email address, and the content of your communications.

3.1.2 Authentication Information

• LinkedIn Login: When you log in to LinkedIn through our secure browser environment, your credentials are entered directly into LinkedIn's official login page. We do not store, access, view, or have visibility into your LinkedIn password at any time.
• Session Cookies: After you authenticate with LinkedIn, we store encrypted session cookies that allow us to access LinkedIn on your behalf. These cookies are stored securely and used for archive monitoring and data synchronization.

3.1.3 Feedback and Surveys

If you provide feedback, respond to surveys, or participate in research, we collect the information you provide, which may include your opinions, preferences, and suggestions.

3.2 Information Collected Automatically

When you use the Service, we automatically collect certain information, including:

3.2.1 Technical Information

• IP Address: Your Internet Protocol (IP) address, which may be used to approximate your general geographic location;
• Device Information: Information about the device you use to access the Service, including device type, operating system, browser type and version, and unique device identifiers;
• Browser Information: Details about your web browser, including language preferences and installed plugins;
• Referral Information: Information about how you arrived at our Service, including referral URLs.

3.2.2 Usage Information

• Access Times: The date and time you access the Service;
• Pages Viewed: The pages and features of the Service you visit or use;
• Actions Taken: The actions you take within the Service, such as initiating an export or downloading an archive;
• Session Duration: The amount of time you spend using the Service;
• Error Information: Information about errors or issues you encounter.

3.2.3 Export Session Information

• Session Status: The current status of your data export (e.g., pending, processing, completed);
• Timestamps: When your export was initiated, when it was completed, and when archives were downloaded;
• Check History: Records of when we checked LinkedIn for archive availability;
• Error Logs: Information about any errors encountered during the export process.

3.3 LinkedIn Data

When you use the Service to export your LinkedIn data, we facilitate the download of your LinkedIn data archive. This archive is created by LinkedIn and may include:

• Profile information (name, headline, summary, work history, education);
• Contact information;
• Connections and contacts;
• Messages and InMail communications;
• Posts, comments, and reactions;
• Skills and endorsements;
• Recommendations;
• Job applications and saved jobs;
• Search history;
• Ad preferences and interactions;
• Account settings and preferences;
• Any other data LinkedIn includes in your export.

3.4 Information from Third Parties

We may receive information about you from third parties, including:

• Service Providers: Information from companies that help us provide the Service, such as hosting providers and analytics services;
• Business Partners: Information from partners with whom we have marketing or business relationships;
• Public Sources: Information from publicly available sources.

3.5 Information We Do Not Collect

We want to be clear about information we do NOT collect:

• LinkedIn Passwords: We never store, access, or have visibility into your LinkedIn password;
• Financial Information: We do not collect payment card numbers or bank account information (unless we introduce paid features in the future);
• Sensitive Personal Information: We do not intentionally collect sensitive personal information such as health data, biometric data, or information about your race, ethnicity, political opinions, or religious beliefs;
• Children's Information: We do not knowingly collect information from children under 18.

4. How We Use Your Information

4.1 Primary Service Purposes

We use your information to provide, maintain, and improve the Service:

• Authentication: To facilitate your login to LinkedIn through our secure browser environment;
• Session Management: To store and maintain your authenticated session for ongoing access;
• Archive Requests: To initiate and track data export requests to LinkedIn on your behalf;
• Monitoring: To periodically check LinkedIn for archive availability;
• Data Retrieval: To download completed archives from LinkedIn;
• Data Delivery: To securely store archives for your retrieval;
• Continuous Synchronization: To perform periodic, automated data retrieval to keep your exports current;
• Status Updates: To provide you with updates on your export status.

4.2 Communication Purposes

We use your information to communicate with you:

• Service Notifications: To notify you about your export status, including when your archive is ready for download;
• Technical Alerts: To inform you of technical issues, security incidents, or required actions;
• Customer Support: To respond to your inquiries and provide assistance;
• Service Updates: To inform you about changes to the Service, features, or these policies;
• Legal Communications: To send legally required notices and disclosures.

4.3 Security and Fraud Prevention

We use your information to protect the Service and our users:

• Security Monitoring: To detect, prevent, and address security threats, fraud, and abuse;
• Authentication: To verify your identity and prevent unauthorized access;
• Audit and Compliance: To maintain audit trails and comply with legal obligations;
• Abuse Prevention: To prevent misuse of the Service and enforce our terms.

4.4 Analytics and Improvement

We use information to understand and improve the Service:

• Usage Analytics: To understand how users interact with the Service;
• Performance Monitoring: To monitor and improve Service performance and reliability;
• Feature Development: To develop new features and improve existing ones;
• Error Analysis: To identify and fix bugs, errors, and technical issues;
• Research: To conduct research and analysis to improve our products and services.

4.5 Legal and Compliance Purposes

We use your information for legal and compliance purposes:

• Legal Obligations: To comply with applicable laws, regulations, and legal processes;
• Legal Claims: To establish, exercise, or defend legal claims;
• Rights Protection: To protect our rights, property, and safety, and those of our users and the public;
• Law Enforcement: To respond to lawful requests from law enforcement and government authorities.

4.6 Business Operations

We use your information for general business operations:

• Business Planning: To plan and develop our business strategy;
• Record Keeping: To maintain business records as required;
• Corporate Transactions: In connection with mergers, acquisitions, or asset sales;
• Professional Advice: To obtain legal, accounting, and other professional advice.

4.7 With Your Consent

We may use your information for other purposes with your consent. When we seek your consent, we will clearly explain the purpose and obtain your affirmative agreement.

5. Legal Bases for Processing

We process your personal information based on the following legal grounds under applicable data protection laws:

5.1 Performance of Contract

We process your information as necessary to perform our contract with you (i.e., our Terms of Service), including:

• Providing the Service and its features;
• Managing your account and session;
• Processing your data export requests;
• Communicating with you about the Service;
• Providing customer support.

5.2 Legitimate Interests

We process your information based on our legitimate interests, including:

• Improving and developing our products and services;
• Understanding how users interact with the Service;
• Ensuring the security and integrity of the Service;
• Preventing fraud and abuse;
• Enforcing our terms and policies;
• Conducting business operations and administration;
• Marketing our services (with your right to opt out).

We balance our interests against your rights and only proceed when the processing is proportionate and does not unduly impact your rights.

5.3 Legal Obligations

We process your information to comply with legal obligations, including:

• Responding to lawful requests from authorities;
• Meeting tax and accounting requirements;
• Complying with data protection laws;
• Preserving evidence for potential legal proceedings.

5.4 Consent

Where required by law, we obtain your consent before processing your information. This includes:

• Storing session cookies for ongoing data synchronization;
• Sending marketing communications (where required);
• Any other processing that requires consent under applicable law.

You may withdraw your consent at any time by contacting us, but this will not affect the lawfulness of processing based on consent before its withdrawal.

5.5 Vital Interests

In rare circumstances, we may process your information to protect vital interests of you or another person, such as in emergency situations.

6. Information Sharing and Disclosure

6.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud Hosting: Providers that host our infrastructure and store data;
• Database Services: Providers that operate our databases;
• Analytics: Providers that help us understand Service usage;
• Email Services: Providers that send notifications on our behalf;
• Security Services: Providers that help protect the Service;
• Customer Support: Providers that help us respond to inquiries.

All service providers are contractually bound to:

• Process information only as instructed by us;
• Implement appropriate security measures;
• Not use information for their own purposes;
• Delete or return information upon termination of services;
• Assist us in complying with data protection obligations.

6.2 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with applicable laws, regulations, or legal processes;
• Respond to lawful requests from public authorities, including law enforcement;
• Protect the rights, property, or safety of [know], our users, or the public;
• Detect, prevent, or address fraud, security, or technical issues;
• Enforce our terms, policies, or agreements;
• Protect against legal liability.

6.3 Business Transfers

In connection with a merger, acquisition, reorganization, sale of assets, bankruptcy, or similar transaction, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

6.4 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

6.5 Aggregated and De-Identified Information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This information is not subject to the restrictions of this Privacy Policy.

6.6 Information We Do Not Share

We want to be clear about what we do NOT share:

• We do not sell your personal information;
• We do not share your LinkedIn credentials;
• We do not share the contents of your LinkedIn archive with third parties;
• We do not share your information with data brokers;
• We do not share your information for third-party advertising purposes.

7. Data Retention

7.1 General Retention Principles

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:

• The amount, nature, and sensitivity of the information;
• The potential risk of harm from unauthorized use or disclosure;
• The purposes for which we process the information;
• Whether we can achieve those purposes through other means;
• Applicable legal, regulatory, and contractual requirements.

7.2 Specific Retention Periods

Data Type	Retention Period	Basis
Session Cookies	Duration of account activity; refreshed as needed for continuous synchronization	Service functionality; your ongoing authorization
Downloaded Archives	48 hours after download completion	Allow user retrieval
Email Address	Duration of account activity + 30 days	Service delivery; support
Export Session Metadata	Duration of account activity for synchronization features	Service functionality; audit
Technical Logs	90 days	Security; troubleshooting
Support Communications	2 years after resolution	Quality assurance; legal
Anonymized Analytics	Indefinitely	Product improvement
Legal Hold Data	Duration of legal matter + 1 year	Legal obligations

7.3 Session Retention for Continuous Synchronization

To provide our continuous data synchronization feature, we retain your session credentials for as long as:

• Your account remains active with the Service;
• You continue to authorize the synchronization feature;
• The session remains valid (not expired or revoked by LinkedIn).

You may request session deletion at any time, which will terminate the synchronization feature.

7.4 Deletion Upon Request

You may request deletion of your personal information at any time. Upon receiving a valid deletion request, we will:

• Delete your session cookies and authentication data within 24 hours;
• Delete any stored archives immediately;
• Delete your account information within 30 days;
• Delete associated logs within 90 days;
• Retain only information required by law or for legitimate business purposes (in anonymized form where possible).

7.5 Automatic Deletion

We automatically delete certain data without requiring a request:

• Downloaded archives are permanently deleted 48 hours after download;
• Technical logs are automatically purged after 90 days;
• Inactive accounts may be deleted after 12 months of inactivity.

8. Data Security

8.1 Security Measures

We implement comprehensive technical and organizational security measures to protect your personal information, including:

8.1.1 Encryption

• In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3 with strong cipher suites;
• At Rest: All stored data, including session cookies and archives, is encrypted using AES-256 encryption;
• Key Management: Encryption keys are securely managed with regular rotation and access controls.

8.1.2 Access Controls

• Authentication: Multi-factor authentication for administrative access;
• Authorization: Role-based access controls limiting data access to authorized personnel;
• Least Privilege: Users and systems have only the minimum access necessary;
• Audit Logging: All access to sensitive data is logged and monitored.

8.1.3 Infrastructure Security

• Secure Hosting: Servers hosted in secure data centers with physical security controls;
• Network Security: Firewalls, intrusion detection, and network segmentation;
• DDoS Protection: Protection against distributed denial-of-service attacks;
• Redundancy: Redundant systems and regular backups for data availability.

8.1.4 Application Security

• Secure Development: Security-focused development practices;
• Code Review: Regular code reviews with security focus;
• Vulnerability Testing: Regular security assessments and penetration testing;
• Dependency Management: Regular updates and security patches.

8.1.5 Operational Security

• Security Monitoring: 24/7 monitoring for security incidents;
• Incident Response: Documented incident response procedures;
• Employee Training: Security awareness training for all personnel;
• Background Checks: Background checks for employees with data access.

8.2 Browser Environment Security

Our secure browser environment for LinkedIn authentication is designed with security in mind:

• Isolated browser instances for each user session;
• No access to credentials by our systems (entered directly into LinkedIn);
• Encrypted storage of session cookies;
• Automatic session cleanup and termination;
• No persistent storage of authentication flows.

8.3 Security Limitations

While we implement robust security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for:

• Maintaining the security of your own devices and accounts;
• Using strong, unique passwords;
• Keeping your software updated;
• Reporting any security concerns to us promptly.

8.4 Security Incident Response

In the event of a security incident involving your personal information:

• We will investigate and take appropriate remedial action;
• We will notify affected users as required by applicable law;
• We will notify relevant regulatory authorities as required;
• We will document the incident and our response;
• We will implement measures to prevent recurrence.

9. International Data Transfers

9.1 Location of Processing

Our primary servers and data processing facilities are located in the European Union. By using the Service, your information may be transferred to, stored, and processed in the EU.

9.2 Transfers Outside the EEA

If we transfer personal information outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries with EU adequacy decisions;
• Standard Contractual Clauses: EU-approved standard contractual clauses;
• Binding Corporate Rules: For transfers within corporate groups with approved BCRs;
• Certification Mechanisms: Transfers to certified organizations under approved schemes;
• Derogations: Specific derogations under Article 49 of the GDPR where applicable.

9.3 Your Consent

By using the Service, you consent to the transfer of your information as described in this section. You have the right to obtain details of the safeguards in place for transfers by contacting us.

10. Your Rights and Choices

10.1 Your Privacy Rights

Depending on your jurisdiction and applicable law, you may have the following rights regarding your personal information:

10.1.1 Right of Access

You have the right to request a copy of the personal information we hold about you and to verify we are processing it lawfully.

10.1.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information.

10.1.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal information in certain circumstances, such as when:

• The information is no longer necessary for the purposes collected;
• You withdraw consent (where consent was the legal basis);
• You object to processing and there are no overriding legitimate grounds;
• The information was unlawfully processed;
• Deletion is required by law.

10.1.4 Right to Restriction

You have the right to request restriction of processing in certain circumstances, such as when:

• You contest the accuracy of your information;
• Processing is unlawful but you don't want deletion;
• We no longer need the information but you need it for legal claims;
• You have objected to processing pending verification of legitimate grounds.

10.1.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format and to transmit it to another controller.

10.1.6 Right to Object

You have the right to object to processing based on legitimate interests. We will stop processing unless we demonstrate compelling legitimate grounds that override your interests.

10.1.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

10.1.8 Right Not to be Subject to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently make such automated decisions.

10.2 Exercising Your Rights

To exercise your privacy rights, please contact us at founders@useknow.io. When making a request:

• Include "Privacy Request" in the subject line;
• Specify which right(s) you wish to exercise;
• Provide sufficient information for us to verify your identity;
• Describe your request in detail.

10.3 Response Timeline

We will respond to your request within:

• GDPR: One month (extendable by two months for complex requests);
• CCPA: 45 days (extendable by 45 days for complex requests);
• Other Laws: As required by applicable law.

10.4 Verification

We may need to verify your identity before processing your request. We may ask you to provide additional information to confirm your identity. We will only use this information for verification purposes.

10.5 No Fee

We do not charge a fee for exercising your privacy rights. However, if requests are manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on the request.

10.6 Complaints

If you believe we have not handled your request properly or have violated your privacy rights, you have the right to lodge a complaint with a supervisory authority in your jurisdiction.

10.7 Other Choices

10.7.1 Session Termination

You can terminate your session and stop continuous synchronization at any time by contacting us or changing your LinkedIn password.

10.7.2 Communication Preferences

You can opt out of non-essential communications by contacting us. Note that you cannot opt out of service-related communications necessary for the operation of the Service.

10.7.3 Account Deletion

You can request deletion of your account and all associated data by contacting us.

11. Cookies and Tracking Technologies

11.1 What Are Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work more efficiently and to provide information to website owners.

11.2 Cookies We Use

11.2.1 Essential Cookies

These cookies are necessary for the Service to function and cannot be switched off:

• Session Cookies: To maintain your authenticated session with the Service;
• Security Cookies: To implement security features and prevent fraud;
• Preference Cookies: To remember your settings and preferences.

11.2.2 Analytics Cookies

These cookies help us understand how users interact with the Service:

• Usage Analytics: To understand which features are used and how;
• Performance Analytics: To monitor Service performance;
• Error Tracking: To identify and fix issues.

11.3 LinkedIn Session Cookies

When you authenticate with LinkedIn through our Service, we store LinkedIn's session cookies to:

• Maintain your authenticated connection to LinkedIn;
• Check archive availability on your behalf;
• Download completed archives;
• Perform periodic data synchronization.

These cookies are encrypted and stored securely. They are used solely for the purposes described and are not shared with third parties.

11.4 Other Tracking Technologies

We may use other technologies similar to cookies, including:

• Local Storage: To store data locally on your device;
• Session Storage: To store temporary data during your session;
• Pixel Tags: To track certain actions and communications.

11.5 Your Cookie Choices

You can control cookies through:

• Browser Settings: Most browsers allow you to block or delete cookies;
• Device Settings: Mobile devices often have cookie controls;
• Opt-Out Tools: Industry opt-out tools for advertising cookies.

Note that blocking essential cookies may prevent the Service from functioning properly.

11.6 Do Not Track

Some browsers have a "Do Not Track" feature. We currently do not respond to Do Not Track signals because there is no industry standard for how to respond. We will update this Policy if a standard is established.

12. Children's Privacy

12.1 Age Restrictions

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. By using the Service, you represent that you are at least 18 years old.

12.2 Discovery of Child's Information

If we learn that we have collected personal information from a child under 18, we will:

• Promptly delete the information;
• Terminate any associated account;
• Take steps to prevent future collection.

12.3 Parental Contact

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at founders@useknow.io so we can delete the information.

12.4 COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA) and similar laws protecting children's privacy. We do not knowingly collect information from children under 13 (or under 16 in certain jurisdictions).

13. Third-Party Services

13.1 LinkedIn

The Service interacts with LinkedIn, a third-party platform. Your use of LinkedIn is governed by LinkedIn's own Privacy Policy and Terms of Service. We are not responsible for LinkedIn's privacy practices. Key points:

• LinkedIn determines what data is included in your export;
• LinkedIn may collect information about your use of their platform;
• LinkedIn's privacy policy governs their handling of your data;
• We recommend reviewing LinkedIn's Privacy Policy.

13.2 Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies before providing any personal information.

13.3 Service Providers

We use various third-party service providers. These providers have access to personal information only to perform services on our behalf and are obligated not to disclose or use it for other purposes. Categories include:

• Cloud infrastructure providers;
• Database service providers;
• Email service providers;
• Analytics providers;
• Security service providers.

13.4 Social Features

If we integrate social media features, your interactions with these features are governed by the privacy policies of the social media companies providing them.

14. California Privacy Rights (CCPA/CPRA)

14.1 Applicability

This section applies to California residents and supplements our Privacy Policy with information required by the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

14.2 Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

Category	Examples	Collected
Identifiers	Email address, IP address, device IDs	Yes
Internet Activity	Browsing history, interactions with Service	Yes
Geolocation	Approximate location from IP	Yes
Professional Information	LinkedIn data (only as exported by you)	Yes
Inferences	Preferences based on usage	Limited
Sensitive Personal Information	Account login credentials	Yes (session only)

14.3 Business Purposes for Collection

We collect personal information for the business purposes described in Section 4 of this Policy, including providing services, security, analytics, and legal compliance.

14.4 No Sale or Sharing

We do not "sell" personal information as defined by the CCPA. We do not "share" personal information for cross-context behavioral advertising. Therefore, we do not offer opt-out mechanisms for sale or sharing.

14.5 California Consumer Rights

California residents have the following rights:

• Right to Know: Request disclosure of information collected, used, and disclosed;
• Right to Delete: Request deletion of personal information;
• Right to Correct: Request correction of inaccurate information;
• Right to Limit Use: Limit use of sensitive personal information (we only use it for service provision);
• Right to Non-Discrimination: Not be discriminated against for exercising rights.

14.6 Exercising California Rights

To exercise your California privacy rights, contact us at founders@useknow.io with "California Privacy Request" in the subject line.

14.7 Verification

We will verify your identity using the email address associated with your account. We may ask for additional information if needed.

14.8 Authorized Agents

You may designate an authorized agent to make requests on your behalf. Agents must provide proof of authorization.

14.9 Shine the Light

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing. We do not disclose personal information for direct marketing purposes.

15. European Privacy Rights (GDPR)

15.1 Applicability

This section applies to individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, and supplements our Privacy Policy with information required by the General Data Protection Regulation (GDPR) and similar laws.

15.2 Data Controller

[know] is the data controller for your personal information. Our contact details are provided in Section 17.

15.3 Legal Bases

We process your personal information based on the legal bases described in Section 5 of this Policy: contract performance, legitimate interests, legal obligations, and consent.

15.4 Your GDPR Rights

Under the GDPR, you have the rights described in Section 10, including access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

15.5 International Transfers

Transfers outside the EEA are made with appropriate safeguards as described in Section 9.

15.6 Data Protection Officer

For questions about our privacy practices, contact us at founders@useknow.io.

15.7 Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. If you are in the EU, you can find your local authority at: https://edpb.europa.eu/about-edpb/board/members_en

15.8 UK Specific Rights

If you are in the United Kingdom, your rights are protected under the UK GDPR and Data Protection Act 2018. You may contact the Information Commissioner's Office (ICO) with complaints.

15.9 Swiss Specific Rights

If you are in Switzerland, your rights are protected under the Swiss Federal Act on Data Protection (FADP). You may contact the Federal Data Protection and Information Commissioner (FDPIC) with complaints.

16. Changes to This Policy

16.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

16.2 Notification of Changes

When we make changes to this Policy:

• We will update the "Last updated" date at the top;
• For material changes, we will provide notice through the Service or by email;
• We may provide a summary of key changes;
• We will archive previous versions for reference.

16.3 Your Continued Use

Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy. If you do not agree to the updated Policy, you should discontinue use of the Service.

16.4 Review Recommendation

We encourage you to review this Policy periodically to stay informed about our privacy practices.

17. Contact Us

17.1 Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

• Company: [know]
• Email: founders@useknow.io
• Subject Line: "Privacy Inquiry" for general questions; "Privacy Request" for rights requests

17.2 Response Time

We will respond to inquiries within 5 business days and to formal rights requests within the timeframes required by applicable law.

17.3 Language

We can respond in English. If you need assistance in another language, please let us know and we will make reasonable efforts to accommodate.