GDPR Compliance

What is GDPR ?

The General Data Protection Regulation (“GDPR”; effective May 25, 2018) is a set of laws adopted by the European Union (“EU”) to define and safeguard against online violation of the data protection and privacy rights of individuals within the EU, as well as to ensure better control over the digital footprint of one’s personal data.

Our commitment

Kaspr is fully committed to the principals of the GDPR. Our legal and policy experts have closely analyzed the requirements of the GDPR and continue to monitor new guidance on best practices for implementing the requirements of the GDPR. We have taken these GDPR principals to heart and made changes to our products, contracts and policies to ensure that we are fully aligned with the GDPR. Kaspr services are aligned with the GDPR as of May 25, 2018.

Data Storage

All Kaspr data processor providers have been checked to be all GDPR-compliant. All Kaspr’s data is held on servers hosted in the 🇪🇺 European Union.
We allow every user to remove entirely all its data. It is as easy as contacting us. We will remove every query under 10 days.
We applied all the security measures recommended by GDPR.
Our data has never been compromised. (October 31st, 2020)

Your Rights Regarding Your Personal Information

We respect your privacy rights no matter where you are from and therefore you may contact us at any time and we shall work diligently to respect your choices and requests regarding your Personal Information. The purpose of the list stipulated below is to allow Users and Contacts to exercise their rights under applicable privacy and data protection regulations:

Right of Access: You may request access to your personal information and obtain a copy of your personal information which is being processed by Kaspr. If you wish to find out what personal information is being processed by Kaspr, we will provide you with the following, free of charge: purposes of processing, categories of personal information processed, recipient(s) of personal information, length of time during which the information will be stored; your privacy rights; and information on data transfers. Such requests are made by contacting our Privacy Team (privacy@kaspr.io). Please be sure to provide the relevant details.
Right of Rectification: You may request to change, update or complete any missing data we process about you, by contacting our Privacy Team (privacy@kaspr.io) with your relevant details. Please note that we may rectify, replenish, or remove incomplete or inaccurate information, at any time and at our own discretion.
Right of Erasure: You may at any time request the deletion of your personal information. In this case, if there is no overriding legitimate interest to continue processing your personal information we will erase your data. Such a request will be made by contacting our Privacy Team (privacy@kaspr.io) with your relevant details.
Right of Restriction of Processing: You may request that we restrict processing your personal information if the accuracy of the Personal Information is contested by you. To make such a request, please contact our Privacy Team (privacy@kaspr.io) and provide all relevant information.
Right to Data Portability: You have the right to receive personal information in a structured, commonly used and machine-readable format. To make such a request, please contact our Privacy Team (privacy@kaspr.io) and provide all relevant information.
Right to object to processing Data: You have the right to object to the processing your data. Such a request will be made by contacting our Privacy Team (privacy@kaspr.io) with your relevant details.

However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements
If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.

Retention

Personal Information will be retained by Kaspr for as long as necessary to provide our services, and as necessary to comply with our legal obligations, resolve disputes and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it was collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.
You may request deletion of your personal data, as specified above. Please be notified: If your information is fully deleted from the Kaspr Database, it may be obtained again in the future, if it is collected through public platforms or our business partners. In this case, since we have complied with your deletion request, we will not have records regarding your contact data and your contact information may be reintroduced into the Kaspr Database. We recommend you to periodically check your profile or the Services to ensure that your then-existed profile or account include only the Information you chose to have displayed.

Legal Basis for processing

The biggest myth about the GDPR is that consent is the ONLY way to lawfully process personal information concerning EU data subjects. While consent is one basis for lawful processing, it is not the only one.
Kaspr’s lawful basis for processing is its legitimate interest in providing its services to its users, for more information please contact our Privacy Team (privacy@kaspr.io).

The categories of recipients of the personal data

In order to provide our service, Kaspr may share certain personal data with companies and individuals that subscribe to our service. We may also share personal data with the following recipients: (i) our subsidiaries; (ii) subcontractors and other third-party service providers (e.g. payment processors, advertisers and marketers, hosting services, etc.); (iii) auditors or advisers of our business processes; and (iv) any potential purchasers or investors in Kaspr.

Contact

If you have any additional question on our privacy practices, please feel free to address us at privacy@kaspr.io.
In addition, individuals from the EU may contact our EU representative regarding all requests related to data protection and privacy:

Kaspr
38 rue dunois
75013 PARIS
France

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
PHPSESSID		This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hssc	30 minutes	This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
bcookie	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	This cookie is set by LinkedIn and used for routing.
messagesUtk	1 year 24 days	This cookie is set by hubspot. This cookie is used to recognize the user who have chatted using the messages tool. This cookies is stored if the user leaves before they are added as a contact. If the returning user visits again with this cookie on the browser, the chat history with the user will be loaded.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gcl_au	3 months	This cookie is used by Google Analytics to understand user interaction with the website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_jsuid	1 year	This cookie contains random number which is generated when a visitor visits the website for the first time. This cookie is used to identify the new visitors to the website.
cluid	9 hours	This cookie is used for websites which is having multiple domains to identify the same visitor across multiple domains.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.

Cookie	Duration	Description
_dc_gtm_UA-85207774-5	1 minute	No description
AnalyticsSyncHistory	1 month	No description
eqy_sessionid	1 year	No description available.
eqy_siteid	past	No description available.
li_gc	2 years	No description
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

GDPR

Last updated on October 31st, 2020