Agent efficiency, automation, and operational insights
Last Updated: July 2023
Your privacy is important to us, and so is being transparent about how we collect, use, share, and secure your Personal Data (defined below). This Privacy Notice is intended to help you understand what Personal Data we collect, how we use, share, retain, and transfer it, and your rights regarding your Personal Data.
This Privacy Notice (or, “Notice”) describes how Khoros collects, uses, shares, and secures your Personal Data when you access this website (https://khoros.com) and/or Khoros’s Community (https://community.khoros.com/) (together, this “Site”), use our Services (defined below), or otherwise interact with us. It also explains your rights regarding our use of your Personal Data and your options concerning how we communicate with you. If you do not agree with this Privacy Notice, do not access our Site, use our Services, or interact with any other part of our business.
When we say “Personal Data” (or “information” interchangeably throughout this Notice), we mean any data that could directly or indirectly be used to identify you or your household. Personal Data can be anything ranging from your name and email address, to the IP address of your device, and the location from which you access this website.
When we refer to “Khoros,” “we,” and “us,” we mean Khoros, LLC and its wholly owned subsidiaries.
When we refer to our “Services,” we mean our digital customer engagement platform, our products, and the other services we provide to our Customers. Khoros provides a variety of products via our digital customer engagement platform, which helps our customers (“Customers”) create the best user experience for their end users and customers (“End Users”). These products include:
2. Care; and
Please note when we are providing Sevices to our Customers, this Privacy Notice does not apply to the extent that we are acting as a Customer’s data processor or service provider. If you want to know more about how we process Personal Data on behalf of a Customer, you should consult that Customer’s privacy notice and/or contact that customer directly.
If you have any questions or concerns regarding the information contained in this Notice, you can contact us by sending your queries to the addresses listed in the “How to Contact Us” section below.
We collect a minimal amount of information to make our Site, Services, and business function. We collect information about you when you provide it to us, when you visit our Site, when you use our Services, and when other sources provide it to us. You can read more about the information we collect about you and why in the sections below.
Personal Data You Provide Directly to Us. We collect Personal Data from you when you provide it to us directly – for example, when you post it in our Community or apply for a job at Khoros. This information can include your name, email address, phone number, company title, and social media account information. We collect this information from you when you provide it to us in the following contexts:
|Context||Type||Legal Basis for Processing|
|Marketing Communications||We receive user-submitted information from you when you want to receive additional promotional information about our Services. This can include your name, phone number, company, title, and email address.||We collect this information to serve our legitimate interest of communicating effectively with you and our Customers. Our processing may also be based on your consent.|
|Employment Applications||We receive information from job applicants as part of our recruiting activities. This information includes anything that you choose to provide, such as information on a resume. As part of this process, we also collect gender, race, and military status to assist us in our equal employment opportunity compliance and related statistical tracking to help our diversity efforts. Prior to hiring, we will also request information needed to conduct a background check.||Information collected from job applicants is needed to help us adhere to our legitimate interest of creating an efficient workforce and complying with relevant laws.|
|Account Registration on Our Community||We collect information from you when you create an account on our Community, called “Atlas.”||We have a legitimate interest in providing account-related functionalities to our users. Information from account registration on Atlas is collected for this purpose.|
|Information Posted in Atlas||We collect information provided by you and stored in Atlas.||Information shared on Atlas is processed only with your consent.|
|Ethics and Compliance Hotline||We retain a third party to maintain our Ethics and Compliance hotline. If you report a complaint via our Ethics and Compliance Hotline (“Hotline”), we collect any information that the Hotline captures. This can include your name and contact information (unless you opt to report anonymously), along with the details of your report.||Our legal basis for collecting information from our Hotline is to ensure our compliance with certain laws. Information collected from our Hotline enables us to receive, investigate, and resolve ethics and compliance reports, concerns, and questions.|
|Office Visits||If you visit any of our offices, we collect your name, phone number, company, title, and email address.||We have a legitimate interest in collecting this information for record retaining purposes.|
|Event Attendance||We collect information such as your name, phone number, company, title, and email address when you register for and/or attend our events.||We have a legitimate interest in collecting this information to maintain accurate records of individuals who attend our events.|
Personal Data Collected From Our Services. We collect Personal Data from our Customers (via their authorized users) and their End Users when we provide our Services. We share this information with our service providers to deliver our Services to our Customers and as needed for our own legitimate business and operational purposes (for example, to do the things we need to do to function as a business). Among other things, service providers help us to administer our Site, conduct surveys, provide technical support, process payments, and assist in the fulfillment of orders.
When we collect Personal Data on behalf of our Customers, we do so as our Customers’ processor or service provider in accordance with their specific instructions. As such, if you are a Customer’s End User with questions about how your Personal Data is being handled, please reach out directly to that Customer. Our Customers maintain their own policies concerning the collection, use, and storage of the Personal Data of their End Users.
You can read more information about what information we collect from our Services and why in the table below. And, a comprehensive list of the Personal Data that we collect from our Customers and their End Users can also be found here.
|Context||Type||Legal Basis for Processing|
|Information from Customers||We collect information from our Customers and their employees with whom we may interact, which allows them to log onto our platform and use our Services. This data consists of the Personal Data of their authorized users, company information and configuration, content, internal communications, and notes.||Our legitimate interest for collecting this information is to provide our Services effectively to our Customers.|
|Cookies and First-Party Tracking||We may place tracking technology on our Site that collects analytics, records how you interact with our Site, or allows us to participate in behavior-based advertising. This means that a third party uses technology (e.g., a cookie) to collect information about your use of our Site so that they can report analytics to us or provide advertising about products and services tailored to your interests. That third party might also collect information over time and across different websites in order to serve advertisements on our website or other websites. Please refer to our Khoros Cookies Datasheet for more information.||Where required by law, we base the use of third-party cookies upon consent.|
|Account Registration||Our Customers can create accounts through our Services. For certain Services, like our Community product, End Users can also create accounts through our Services.||We collect this information to serve our legitimate interest in providing account-related functionalities to our Customers and End Users. Accounts can also be used for easy checkouts and to save preferences and transaction history.|
|Information Posted to a Customer’s Community||Customers and their End Users can post information in our Customers’ Communities.||We process this information based upon consent.|
|Single Sign-On Information||You can log in to our Services using single sign-on services, such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain your information with us pre-populate our sign-up form. Services like Facebook Connect give you the option to post shareable information about your activities through our Services to your network.||Collecting information from single sign-on services upholds our legitimate interest in ensuring that our Customers and End Users can connect to our Services.|
|Social Media||We collect information about End Users that is made available to us and other third parties by social media networks such as Twitter, Facebook, Instagram, Pinterest, YouTube, Google, and others through APIs or social media monitoring technology. This data includes names, user IDs, social media handles, gender, and other information that you choose to make publicly available on these sites. We also monitor the public activities of individuals on social media networks, including their posts, blogs, tweets, and profile information, and messages directed at our Customers.||Our collection and use of information from third party social media networks allows us to fulfill our legitimate business interests of providing Services to our Customers, assisting our Customers to provide better Services to their End Users, and maintaining the privacy of individuals.|
|Mobile Applications||Information collected through our mobile appications can be used for analytical and non-analytical purposes. For analytical purposes, we collect behavioral data through analytics tools to understand how End Users interact with our mobile applications. This includes information about the screens End Users visit, the duration of their sessions, and the actions they take within the application. For non-analytical purposes, we may collect additional data to facilitate general application functionality. The includes features such as the ability to upload and share photos, videos, and documents from the End User’s device to our servers. In some cases, we may request sensitive information with your consent.||Our legitimate business interest in collecting this data is to analyze and improve the functionality, usability, and overall user experience of our mobile applications. The data can also be used to troubleshoot and resolve issues.|
Please note that any direct or indirect use of any social media network or other third-party site through our Services is subject to your consent of the legal terms and conditions of that site. Your continued use of our Services and of those social media networks constitutes your acceptance of both this Privacy Notice and the legal terms and conditions of those social media networks. To read these third party terms and conditions, please refer to the “Other Important Privacy Information” section of this Privacy Notice.
Personal Data From Third Parties. We collect information from partners and other websites pertaining to visitors of our Site and our Customers‘ websites. For example, we will ask or engage these third parties to tell us additional information about their visitors, such as how they respond to our communications or promotions. We do so because we have a legitimate interest in learning more about how our users respond to communications and promotions.
We collect information from several different sources, and where we collect the information from dictates how we use it. Below are high-level descriptions of some of the purposes for which we use the information we collect about you.
Provide, Maintain and Improve the Site and Our Services. We collect information about you to ensure optimal functionality of our Site and Services. For example, for our social media management Services (e.g. our Marketing product), information taken from social media helps us to provide context to a brand, such as information about an individual’s interactions with that brand. We can also use information collected from social media to measures a brand’s influence on those platforms. Brands can then use this information to provide better support and service to their customers, since this information helps them better understand what their customers want.
Additionally, we use information gathered from other sources to respond to requests for additional information about our Services, to develop and enhance our Services, and to fulfill our legal obligations as needed. We may use a user's email address to send promotional or marketing materials on related Services, such as updates on the product line. This is only the case when a user is a Customer, a Service is requested by the user, or we have some other pre-existing business relationship with the user. We use your IP address and browser-type information in the general administration of our Site.
Please be advised that for our Care product, Khoros’s use and transfer of information received from Google’s APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Please refer to that policy for additional information.
Marketing and Personalized Advertising. We process your Personal Data to send you marketing information, product recommendations, and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us, our affiliates, and partners. These can include information about our products, promotions, or events as necessary.
We also process your Personal Data to conduct marketing research, advertise to you, and provide personalized information about us, both on and off our Site. Further, we use your Personal Data to provide personalized content based upon your activities and interests to the extent necessary for us to achieve our advertising goals.
You can read more about your rights when it comes to marketing and advertising in the “Your Rights and Options Regarding Your Data” section below.
Measure Performance. We are always looking for ways to make our Services smarter, faster, more secure, and useful. To do this, we use information and collective learnings for analytics and measurements to understand how our Services are being used. When this data is aggregated and analyzed, it allows us to troubleshoot, improve, and track trends across our platform.
Communicate with You. We use your contact information to send communications via email and within the Services, such as updates and changes. We also provide tailored communications based on your activity and interactions with us.
For Safety and Security. We use information about you and your Service use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent, or illegal activity.
For Employment Evaluations. Information collected during the recruitment process is used to help us evaluate your candidacy for employment. This information is disclosed to our private equity sponsor. You can read more about this in the “How We Share Your Personal Data” section below.
For Legal Compliance. If we have a legal obligation to process your information, we will do so in cooperation with public and government authorities, courts, or regulators. This is done to protect our rights or as necessary to protect against misuse or abuse of our websites. We will also cooperate with legal authorities to: 1) protect personal property, 2) ensure our safety, 3) pursue all remedies available to us and limit our damages, 4) comply with judicial proceedings, court orders, or legal processes, or 5) respond to lawful requests.
For Other Purposes. Please note that we may use your information in these additional scenarios: in accordance with your consent, to complete a merger or sale of assets, to allow social sharing functionality on our Site and through our Services, to manage our contests or promotions, to register visitors to our office, and to protect you, our Customers, and the public.
Khoros operates on a global scale. As a result, we may have to transfer your information to our affiliates, contractors, service providers, and other third parties in various countries and jurisdictions around the world. When this happens, we utilize the appropriate safeguards to make sure your information remains protected. The way we safeguard your information is highlighted below.
Transfers from the EEA, UK, and Switzerland. To facilitate our global operations, we may transfer information worldwide. If you are located in the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, some of the countries that we transfer, store, and process information in may not have privacy and data protection laws that are equivalent to the laws of the country where you are located. When this is the case, we utilize the European Commission Standard Contractual Data Protection Clauses and the United Kingdom Standard Contractual Data Protection Clauses to safeguard the transfer of information we collect from the EEA, the UK, and Switzerland.
Transfers to Other Countries. When we transfer your information to third parties located in countries outside the EEA, the UK, or Switzerland, we comply with the applicable cross-border transfer rules of those countries. For our Customers, we do this by entering into a written agreement with each Customer that meets the data protection requirements of these countries.
Additionally, when we collect information about you as part of our Services, it may be transferred, stored, and/or processed in the United States. In these instances, we ensure that the appropriate organizational, contractual, and technical safeguards are in place so that your information is always protected.
We will retain your Personal Data for as long as your account is active or as needed to provide our Services to you. We may also retain the Personal Data in an encrypted format for disaster recovery purposes for up to 90 days following the termination or expiration of an agreement, pending routine erasure cycles. Log files held for security reasons may also be retained for up to 12 months. In general, other types of information, like information obtained from your use of this Site or from employment applications, will be retained for the period prescribed by applicable law.
For further information on our Personal Data retention practices and policies as it relates to our Services, please see our Data Retention and Media Destruction Policy for Customer Data. If you have any additional questions on this topic, you may contact us using the information contained in the “Contact Us” section below. You may also request us to stop the use of your Personal Data to provide Services at any time.
We take information security and privacy of Personal Data very seriously. We fully support and abide by the data privacy principals established in the EU Directive on Data Protection as well as all other applicable local privacy laws and regulations. Our security controls and mechanisms are based on the ISO 27001 global security management standard, and we conduct external security audits and independent security testing on an annual basis. You can read more about our security measures here.
Please note that no service is completely secure. While we strive to protect your Personal Data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur. If we are required by law to inform you of a breach to your information, we may notify you electronically, in writing, or by telephone.
You are afforded certain rights when it comes to your information. Below is a summary of those rights, how to exercise them, and any limitations.
Your Rights. You have the right to know: what Personal Data of yours we process; to request a copy of your information in a structured, electronic format; to object to our use of your information; or to request deletion or restriction of your information. Additionally, you may request that: we update, correct, or supplement any information that we hold about you; we limit how we process your Personal Data; or we provide information about the consequences of denying consent to processing. You can submit any such requests via this form.
You may opt-out of online tracking based targeted advertising (e.g., cookies) by clicking the preference link listed at the bottom of each page on this Site. Please note that if you change browsers or computers, or if you clear your browser’s cache, you may need to click the link again to apply your preference. You may also opt-out of other forms of targeted advertising by submitting a request as described below.
If you choose, you may opt-out of having your information used for certain purposes, such as receiving promotional or marketing materials from us. If you no longer wish to receive these updates, you can opt-out by following the instructions listed in the mailer or by emailing us at firstname.lastname@example.org (please include the term OPT-OUT in the subject line followed by your email address if you choose the latter).
Where we collect or process your personal information based upon consent, you may revoke consent. Please note, if you revoke your consent for the processing of personal information then we may no longer be able to provide you services.
There are certain circumstances where your requests may be limited. For example, if honoring your request would reveal information about another individual, or if you request us to delete information which we are permitted by law or our legitimate interests to keep, we reserve the right to deny your request.
Please note that, as required by law, we will require you to prove your identity whenever you make a request. Depending on the type of request, we will ask for information such as your name, email, or social media profiles. We may also request that you sign a declaration confirming your identity. Once we confirm your identity, we will use reasonable efforts to supply, correct, or delete your information from our files.
In some circumstances, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf. We will require verification that you provided the authorized agent permission to make a request on your behalf and of your own identity. If you are a business submitting the request, we will require proof that you are registered with the Secretary of State to conduct business in California. If we do not receive both pieces of information, the request will be denied.
We may change this Notice from time to time. With that in mind, we ask that you continue to review it for any new updates. If we make any material changes to this Notice, we will either contact you via email to the email address specified in your account or place a conspicuous notice on our Site prior to implementation. This Notice also includes an “effective” and “last updated” date, so you can see when this version took effect and when this version was last modified, respectively. We have also included a table of “Key Changes” at the end of this Notice for your reference.
If you have any questions about this Privacy Notice, the practices of this Site, your dealings with this Site, or if you need to access this Privacy Notice in an alternative format due to having a disability, you can call us at 1 (800) 235-0187, email us at email@example.com, or write us at the following address:
7300 Ranch Road 2222, Building 3, Suite 150
Austin, TX 78730
If you’d like to exercise any of your rights, as described in this Privacy Notice, or if you either have an unresolved privacy or data use concern that we have not addressed satisfactorily or you disagree with our denial of a request and would like to appeal, please contact our Data Protection Officer:
Telephone: (512) 201-4090
You may also contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
If you are located in the EEA and feel that we have not able to address your complaint or concern satisfactorily, you have the right to lodge a complaint with the supervisory authority that oversees Personal Data rules in your jurisdiction. For example, in the United Kingdom, your complaint should be directed to the Information Commissioner’s Office.
Right to Non-Discrimination. We will not discriminate against individuals who exercise their privacy rights under applicable law.
Collection of Personal Data from Children. Our Site is not directed at children. We do not knowingly collect Personal Data from children under the age of 16.
If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us by using the information in the “How to Contact Us” section so we can take steps to delete such Personal Data from our systems.
Do Not Track. We do not currently recognize automated browser signals, which may include “Do Not Track” instructions.
Please note that, in addition to the normal procedure for deleting stored data under YouTube's Terms of Service, users can revoke access to their data via the Google security settings page, located here.
Social Media Widgets. Our Site includes social media features, such as buttons and widgets. These features may collect your IP address, which page you are visiting on our site, and set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy notice of the company providing it.
Accessibility. This Policy can be accessed using your browser’s audio reader capabilities.
Testimonials, Comment, Idea, and Survey Submissions. We display personal testimonials from satisfied Customers and other endorsements on our Site. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us at firstname.lastname@example.org.
We consider answers to surveys, comments, ideas, and suggestions to be non-personal and do not classify them as Personal Data. Except as otherwise provided by applicable contracts with our Customers or a third party, we are free to disclose and use such data or information without any obligation.
Residents of California have additional rights available to them under the California Consumer Protection Act (“CCPA”) and the California Privacy Rights Act (“CPRA”). California law requires organizations to disclose whether certain categories of information are collected, sold, or transferred for an organization’s business purpose. You can find a list of the categories of information that we collect and share here. Please note that this list is comprehensive and may refer to types of information that we share about people other than yourself.
Sensitive Information Disclosure. In general, we do not collect the sensitive personal information, as defined under California law. Additionally, we do not “sell” sensitive personal information for purposes of cross-context behavioral advertising.
Exercising Your Rights Under the CCPA and CPRA. The CCPA and CPRA also require us to share information on how to exercise your rights, such as the right to deletion and the right to request access to the categories of information we have collected about you. For more information on which rights are available to you, how to exercise your rights, and how long your data is retained for, please refer to the sections called “Your Rights and Options Regarding Your Personal Data” and “How Long We Keep Your Personal Data in this Notice.
Sharing Your Personal Data. We do not sell your Personal Data. We do, however, share your Personal Data with others as described in the “How We Share Your Personal Data” section of this Notice. This Notice further highlights the legitimate business purposes for which we collect or share your information and the categories of third parties with whom we share it.
California Shine the Light. If you would like more information concerning the categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing, please submit a written request to us using the information in the Contact Information section above.We do not discriminate against California residents who exercise any of their rights described in this Notice.
|Category of Information||Purpose(s) for Collecting and Disclosing||Recipients of Disclosures for Business Purposes||Recipients of “Sharing”|
|Identifiers, which may include your name, alias, postal address, email addresses, account names, unique personal, online, and other similar identifiers|
|Commercial information, which may include information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies|
|Internet or other electronic network activity information, such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement|
|Professional or employment information, such as job title, company name, company domain|
|Geolocation data, such as your approximate location, IP address, time zone|
|Visual information, such as photos or avatars||N/A|
|Inferences, which are based on other personal information we collect, such as preferences, interests, user behavior data|
|Additional categories of personal information, which are described in the California Customer Records Statute||N/A||N/A||N/A|
We do not collect information from or about government-issued identification, characteristics of protected classifications (such as age and sex), biometric information, and non-public education information (as that term is defined in the Family Educational Rights and Privacy Act, Cal. Civ. Code § 1798.80(e)).
We collect and process sensitive information as defined in PIPA § 2, art. 3 and pursuant to § 1, art. 17 (2). We collect and process the information for the purposes described above in “What Personal Data We Collect” and “How We Use Your Personal Data.”
We generally do not collect or process sensitive information as defined by PIPL Ch. 2 § 2, art. 28.
This Notice was updated on July 20, 2023 to include information about data collected through mobile applications and information for residents of California, China, and Korea.
Click here to download a PDF version of this Notice.
Effective Date: July 20, 2023