Free Trial
Request Demo

Privacy Notice

Effective date:   8 July 2023

Last Updated:  19 August 2024

For the previous version of our Privacy Notice, click here

Table of Contents

Helpshift, Inc (“Helpshift”, “we”, “us” or “our”) is a subsidiary of Keywords Studios Group (“Keywords”, “we”, “us” or “our”). We know that you care about how your Personal Data is used and shared, and we take your privacy seriously. When we reference Personal Data, we mean any information which Keywords has or obtains or which an individual provides to us from which that individual can be directly or indirectly personally identified or as that term (or similar term) is defined under applicable law.

Accordingly, we have implemented this Privacy Notice to inform you of the information that we collect from you when you visit our website, www.keywordsstudios.com, and its sub-domains, including individual websites of Keywords’ studios (the “Website”), or when you engage Keywords directly for its services, applications and/or their related features (the “Services”), what we do with it and how you can exercise your privacy rights. When you use our Services or our Website, your Personal Data will be handled as described in this Privacy Notice. Your use of our Services or Website, and any dispute over privacy is, where permitted under law, subject to our Terms of Use which is available on the Website, including their applicable terms governing limitations on damages and the resolution of disputes.

This Privacy Notice covers how we, at Keywords, treat and manage your Personal Data, why we use your Personal Data and how to contact us. We have identified below which of your Personal Data we collect on our own behalf. Keywords is a global company with customers and offices all around the world. As such, our approach to privacy compliance is a global one. No matter where you are located, whether in the United States, the European Union (EU), the United Kingdom (UK), Latin America, or the Asia-Pacific region, we remain committed to abiding by all applicable data privacy laws. As part of this global approach, we endeavour to adopt consistent approaches to our Personal Data processing to the extent possible however, we have identified certain regions with specific practices and we have supplemented this Privacy Notice with regional specific sections in certain instances and they can be easily accessed through the hyperlinks in the below Table of Contents.

Additionally if you are applying for a role within the Keywords organisation using the application portal on this Website, please refer to the standalone Applicant Privacy Notice. 

If you have a disability, you may access this Privacy Notice in an alternative format by contacting our Privacy Team at [email protected]. Our Privacy Team can also be contacted if you have any questions on this Privacy Notice in general.

1. How We Use Your Personal Data

Categories of Personal Data We Collect

This chart details the categories of Personal Data that we collect in connection with the provision of our Services to our clients. Keywords acts as a data controller with respect to this data.

Category of Personal Data Personal Data We Collect
Profile or Contact Data First and last name, email address, phone number, mailing address, DOB.
Online Identifiers Unique identifiers such as email IDs.
Identifiers Customer number.
Online Presence Information about your active status or presence on a Keywords dashboard / database.
Social Network Data Email, phone number, username on the social network, IP address, Device ID.
Other Identifying Information that You Voluntarily Choose to Provide While using our Services, you may submit or upload certain content, communications, data, attachments or files to our Services for hosting and processing by us at your discretion.

If you are an individual whose Personal Data is being processed by Keywords in connection with a service being provided to you by a third party, then we are acting as a data processor or service provider on behalf of such company and you should contact the company (our customer) that provided you access to the Services to address your rights with respect to such data and they will respond to you accordingly. Our privacy practices in such cases will be governed by the contract that we have in place with the company. We will then endeavour to provide assistance to our customers to address concerns you may have in accordance with the terms of our contract with such customer. A common example of where we process Personal Data in such a manner is in connection with our player support services where an individual may have submitted a support request (which may include Personal Data such as a name, email address, user ID, etc.) to a company that uses our customer support technology or services however in such circumstances, the company should be contacted and we can assist with such communications to the extent possible.

The following chart details the categories of Personal Data that we collect through your usage of our Website or other Keywords’ websites including https://labs.keywordsstudios.com/. Keywords acts as a data controller with respect to this data.

Category of Personal Data Personal Data We Collect
Profile or Contact Data First and last name, email address, phone number, mailing address.
Online Identifiers Unique identifiers such as email IDs.
Device / IP data IP address, device ID, type of device/operating system/browser used to access the Website.
Web Analytics Browsing or search history, web page interactions (including with ads). Referring webpage/source through which you accessed the Website. Non-identifiable request IDs, statistics associated with the interaction between device or browser and the Website pixel tags.
Social Network Data Email, phone number, username on the social network, IP address, Device ID.
Other Identifying Information that You Voluntarily Choose to Provide Identifying information in emails or letters or communications that you send us – when you register for or use an account, participate with Labs at Keywords Studios, request a demo, trial or further information about our Services, subscribe to marketing communications, provide your feedback, seek customer support, post comments on our blog, sign up to our events or webinars, you may provide certain information to us such as your name, email address, contact details, company name, job role, and the nature of your request or communication. We may also collect Personal Data from you offline, such as when you attend one of our events, during phone calls with sales representatives or support staff.

Note: Where you are engaging with Keywords through our studios Player Research and Digital Media Management, more information on how your Personal Data is used can be found on their specific privacy notices that can be accessed through the following links:

Categories of Sources of Personal Data

We collect Personal Data about you from the following categories of sources:

  • You
    • When you provide such information directly to us. This may occur:
      • When you use our interactive tools, this Website, other Websites and/or Services.
      • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.
      • When you send us an email or otherwise contact us.
      • When you use the Website and/or Services and such information is collected automatically, for example:
      • Through Cookies (defined in our Cookie Notice which is available on the Website).
      • If you download one of our mobile applications or use a location-enabled browser, we may receive information about your location and mobile device, as applicable.
      • If you download and install certain applications and software that we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Website and/or Services.
      • Third Parties
        • Social Networks:
          • If you provide your social network account credentials to us or otherwise sign-in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us.

If you are from a region that requires a legal basis for processing personal data (such as the EU or the UK), our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it but we will only process your Personal Data if we have a lawful basis for doing so. In such circumstances, the table below details how Keywords will use your Personal Data for our commercial or business purposes (“Purposes”) and the context for which we use your Personal Data (“Legal Basis”).

Where required for performance of a contract with you
Legal Basis We may obtain, collect and process your Personal Data where necessary to perform a contract or to enter into a contract at your request with Keywords.
Purpose We process your Personal Data for our customers as a matter of “contractual necessity”, meaning that we need to process the data to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.
Where use is for a legitimate purpose of Keywords
Legal Basis We may obtain, collect and process your Personal Data where we have a legitimate interest to do so as the data controller.
Purpose
  • Providing, Customizing and Improving the Website and/or Services
  • Providing you with the products, Services or information you request.
  • Providing Services to our clients.Meeting or fulfilling the reason you provided the information to us.
  • Providing support and assistance for the Website and/or Services and processing transactions and orders.
  • Setting up your online account and sending you administrative or account related information.
  • Improving the Website and/or Services, including testing, research, internal analytics and product development.
  • To manage your account, for customer relationship management, to provide support and other related services.
  • Personalising the Website and/or Services, Website content and communications based on your preferences.
  • To obtain your feedback or user experience.Doing fraud protection, security and debugging.
  • To identify trends and address Service issues.
  • To maintain security and identify any server problems or other IT or network issues.
  • For other legitimate business purposes such as audits, for marketing and customer relationships, record keeping, business planning and management.
  • For business transactions such as a merger, restructuring or a sale.
  • Carrying out other business purposes stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the “CCPA”).
  • Marketing the Services in accordance with your preferences, marketing and selling the Services.
  • Corresponding with YouResponding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Keywords or the Services.
  • Sending emails and other communications according to your preferences or that display content that we think will interest you.
    		•
    For compliance with Keywords’ legal obligations, including:
    Legal Basis We may obtain, collect and process your Personal Data when it is necessary in order to comply with legal obligations imposed under applicable EU Member State, European Union law or UK law.
    Purpose We obtain, collect and process your Personal Data for:
  • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
  • Protecting the rights, property or safety of you, Keywords or another party.
  • Enforcing any agreements with you.Resolving disputes.
    		•
    Where necessary to establish, exercise or defend Keywords legal rights or for the purpose of legal proceedings
    Where you have provided your consent to us using the Personal Data for a particular purpose. If you give consent for Keywords to use your Personal Data for a particular purpose, you have the right at any time to withdraw consent to the future use of that Personal Data for some or all of those purposes by writing to the address specified below. (See Contact Us).

    Where required by applicable data privacy laws, we will only use your Personal Data for the purposes for which we collect it (as outlined above), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for any other reasonable purposes in connection with our engagement with you, the Purpose and Legal Basis for any further processing will be notified in advance from time to time.

    2. How We Share Your Personal Data

    We disclose your Personal Data to the categories of service providers and other parties listed in this section. Depending on state laws that may be applicable to you, some of these disclosures may constitute a “sale” of your Personal Data. For more information, please refer to the state-specific sections below.

    Service Providers

    We will share Personal Data with our service providers or other entities acting as Keywords’ agents or data processors for the purposes of providing services to Keywords and on the understanding that Personal Data will be processed in line with legal obligations imposed. These parties help us to provide the Website and/or Services or to perform business functions on our behalf. They include hosting, technology and communication providers.

    Customers

    We will share Personal Data with our customers to enable them to carry out the obligations under the contract that we have with our customers and other commercial partners where agreed.  Note that we will only share your Personal Data with the specific customer that contracted with Keywords to make the Services available unless otherwise agreed.

    Legal Obligations

    We may share any Personal Data where this is required by law or regulation, or court or administrative order having force of law, or where required by any of Keywords’ regulators.

    Business Transfers

    All of your Personal Data that we collect may be transferred to a different entity, and our legal or other advisors, if we undergo, or evaluate, a merger, acquisition, bankruptcy or other transaction (or proposed transaction) in which that entity assumes control of our business or assets of our business (in whole or in part).

    Data that is Not Personal Data

    We may create aggregated, de-identified or anonymized data from the Personal Data that we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you.

    3. Transfers of Personal Data

    We may create aggregated, de-identified or anonymized data from the Personal Data that we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you.

    Many of the countries will be within the EEA or will be ones which the European Commission has approved and will have data privacy laws which are the same as or broadly equivalent to those in the European Union. However, some transfers may be to countries which do not have equivalent protections, and, in that case, Keywords will use reasonable efforts to implement contractual protections for the Personal Data. While this may not always be possible, any transfers will be done in accordance with applicable data privacy laws, including through the implementation of appropriate or suitable safeguards, including Standard Contractual Clauses approved by the European Commission, in accordance with such applicable data privacy laws. In particular, Keywords is a party to an Intra-Group Data Transfer Agreement which governs the transfer of Personal Data across all members of the Keywords Group in a manner consistent with the requirements of the applicable data privacy laws.

    4. Data Security and Retention

    We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that Personal Data. Although we work to protect the security of your data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

    We retain Personal Data about you for as long as necessary to provide you with our Services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. In general, Keywords (or its service providers on its behalf) will hold this information for a period of seven years after you cease to interact with us, unless we are obliged to hold it for a longer period under law or applicable regulations. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

    5. Automated Decisions

    Automated decisions are defined as decisions about individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals involved. Keywords does not make automated decisions in relation to you or to your Personal Data. If automated decisions are made, the affected persons will be given an opportunity to express their views on the automated decision in question and to object to it.

    6. Third Party Website/Services

    The Website may permit you to link to other websites on the Internet, and other websites may contain links to the Website. These other websites are not under Keywords control, and such links do not constitute an endorsement by Keywords of those other websites or the services offered through them. The privacy and security practices of websites linked to or from the Service are not covered by this Privacy Notice, and Keywords is not responsible for the privacy or security practices or the content of such websites.

    7. Personal Data of Children

    We do not knowingly collect or solicit Personal Data about children under 16 years of age without specifically notifying such data subjects and their guardians that such Personal Data may be collected and processed in a specific instance. In such instances, details regarding the legal basis for such processing and any potential uses of such Personal Data will be provided. If you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn that we have incidentally collected Personal Data from a child under 16 years of age, other than for a specific purpose where they have been information of the purpose and legal basis for collection, we will delete that information as quickly as possible. If you believe that a child under 16 years of age may have provided Personal Data to us, please contact us at [email protected].

    8. Your Rights in relation to Personal Data

    Depending on the laws of the state or country in which you are located or reside, you may have certain rights with respect to your Personal Data, including those set forth below. Residents of certain states or countries may have different or additional rights, which you can find below in the state-specific sections. For more information about these rights, or to submit a request, please email us at [email protected].

    • Access:  You may at any time request a copy of your Personal Data from Keywords. This right can be exercised by writing to us at [email protected].
    • Rectification, Erasure & Restriction:  If you believe that any Personal Data we are holding about you is incorrect or incomplete, you have the right to correct any inaccuracies, and in certain circumstances, to request erasure, or restriction on the use, of your Personal Data, and to object to certain uses of your Personal Data, in each case subject to the restrictions set out in applicable data privacy laws. Further information on these rights, and the circumstances in which they may arise in connection with Keywords’ processing of Personal Data, can be obtained by writing to us at [email protected].
    • Withdrawal of Consent:  If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to change your mind and withdraw your consent to future processing of Personal Data by writing to us at [email protected].
    • Portability:  You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another data controller where technically feasible.
    • Objection:  Where Keywords is relying on a legitimate interest, in order to use and disclose Personal Data, you may to object to such use or disclosure of your Personal Data, and we will cease to use and process the Personal Data for that purpose, unless we can show there are compelling legitimate reasons for processing to continue or we need to use the Personal Data for the purposes of legal claims. 
    • Right to File Complaint:  You have the right to lodge a complaint about Keywords’ practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

    Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

    9. Philippines Residents Rights

    If you are a resident of the Philippines, this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice. If there is any conflict between this section and the remainder of the Privacy Notice, this section shall prevail.

    As a resident of the Philippines, you are entitled to the following rights:

    • Right to be informed: You have the right to be informed whether Personal Data pertaining to you shall be, is being, or has been processed, including the existence of automated decision-making and profiling. 
    • Access:  You may at any time request a copy of your Personal Data from Keywords. This right can be exercised by writing to us at [email protected]. You should be given access to information about, and obtain a copy of your Personal Data that we are processing, including information on the following where applicable: 
    1. Contents of Personal Data and categories of data that were processed;
    2. Sources from which your Personal Data were obtained, if the data was not collected from you;
    3. Purposes of processing;
    4. Identities and addresses of recipients of Personal Data;
    5. Manner by which your Personal Data was processed;
    6. Reasons for the disclosure and purposes for granting access to the recipients of your Personal Data;
    7. Information on automated processing, in case the data was used as the sole basis for any decision that significantly affects or will significantly affect you as a data subject;
    8. Date when your Personal Data was last accessed or modified;
    9. The designation, identity, and address of the data controller and/or data processor other than the Keywords;
    10. Period for which particular categories of information will be stored; and
    11. The designation, name or identity, and address of the Keywords’ data protection officer, if any.
    • Rectification & Restriction:  If you believe that any Personal Data we are holding about you is incorrect or incomplete, you have the right to correct any inaccuracies in, to request completion of incomplete data, and in certain circumstances, to request erasure, or restriction on the use, of your Personal Data, and to object to certain uses of your Personal Data. Further information on these rights, and the circumstances in which they may arise in connection with Keywords’ processing of Personal Data, can be obtained by writing to us at [email protected]. If the Personal Data has been corrected, Keywords shall ensure the accessibility of both the new and the retracted information and the simultaneous receipt of the new and the retracted information by the intended recipients thereof, provided that recipients or other entities who have previously received such processed Personal Data shall be informed of its inaccuracy and its rectification, upon your reasonable request.
    • Erasure or Blocking: You have the right to request the suspension, withdrawal, or order the blocking, removal, deletion, or destruction of your Personal Data from the Keywords’ filing system under certain circumstances, in particular when:
    1. the Personal Data is no longer necessary in relation to the purposes for which it was originally collected or otherwise processed;
    2. you object to the processing of your data and there are no overriding legitimate interests that require continued processing;
    3. you withdraw your consent, where provided, and there is no other legal ground for the processing;
    4. the Personal Data is incomplete, outdated, false, or has been unlawfully processed;
    5. the Personal Data has to be erased in order for Keywords to comply with a legal obligation. You do not have the right to request the deletion of your Personal Data when the processing of your Personal Data is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims;
    6. the Personal Data concerns private information that is prejudicial to you, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;
    7. the processing is unlawful; or
    8. Keywords or the data processor on their behalf violated your rights as a data subject.

    Keywords may notify other entities who have previously received such processed Personal Data.

    • Withdrawal of Consent:  If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right has the right to change your mind and withdraw consent to future processing of Personal Data by writing to us at [email protected]. This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or Services to you. We will advise you if this is the case at the time you withdraw your consent.
    • Portability:  You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another data controller, where technically feasible, in an electronic or structured format that is commonly used and allows for your further use.
    • Objection:  You shall have the right to object to the processing of your Personal Data, including processing for direct marketing, automated processing or profiling. You shall also be notified and given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to you. When you object or withhold consent, Keywords shall no longer process the Personal Data, unless: (a) the Personal Data is needed pursuant to a subpoena; (b) the collection and processing are for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which you are a party, or when necessary or desirable in the context of an employer-employee relationship between you and the collector; or (c) the information is being collected and processed as a result of a legal obligation.
    • Right to File Complaint:  You have the right to lodge a complaint about Keywords’ practices with respect to your Personal Data with the National Privacy Commission through its website: https://www.privacy.gov.ph.
    • Right to damages: You may be entitled to compensation for damages you sustain due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of your Personal Data, taking into account any violation of your rights and freedoms as a data subject.

    10. Indian Residents Rights

    If you are an Indian resident, this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice regardless of how you access the Services or the Website (whether by computer, mobile device, or otherwise) and regardless of whether you are a registered user or a guest. If there is any conflict between this section and the remainder of the Privacy Notice, this section shall prevail. If you have any questions about this section or whether any of the following rights apply to you, please contact us at [email protected].

    By using the Services or the Website, you agree to the Privacy Notice. If you do not agree to the Privacy Notice, you are not authorized to use the Services or the Website as appropriate and you must cease all such use immediately.

    Personal Data of Children

    We do not knowingly collect or solicit Personal Data about or from individuals under 18 years of age in India. If you are an individual under the age of 18, please do not attempt to register for or otherwise use the Services or send us any Personal Data, and you may use the Services or send us any Personal Data only after your parent/guardian have consented to your use of the Services, on your behalf. If we learn we have collected Personal Data from an individual under 18 years of age, without consent of your parent/guardian, we will delete that information as quickly as possible. If you believe that an individual under 18 years of age may have provided Personal Data to us, please contact us at [email protected].

    Data Security

    Apart from the above mentioned Data Security practices under the Data Security and Retention section above, Keywords take all commercially reasonable steps to ensure your information is protected in alignment with all applicable laws and regulations, including by implementing various information security policies applicable to its personnel.

    Consent to Collection of Personal Data

    We will obtain your consent to the collection, use and/or disclosure of your Personal Data. Where there are changes to the Purposes for processing, we will obtain your consent to such changes.

    11. Singapore Residents Rights

    If you are based in Singapore, this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice. If there is any conflict between this section and the remainder of the Privacy Notice, this section shall prevail.

    Consent to Collection of Personal Data

    We will obtain your consent to the collection, use and/or disclosure of your Personal Data. Where there are changes to the Purposes for processing, we will obtain your consent to such changes.

    Personal Data of Children

    We do not knowingly collect or solicit Personal Data about children under 21 years of age in the Philippines. If you are a child under the age of 21, please do not attempt to register for or otherwise use the Services or the Website or send us any Personal Data. If we learn we have collected Personal Data from a child under 21 years of age, we will delete that information as quickly as possible. If you believe that a child under 21 years of age may have provided Personal Data to us, please contact us at [email protected].

    Your Rights in relation to Personal Data

    You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at [email protected].

    • Access:  You have a right of access to the Personal Data we process about you. You may at any time request a copy of your Personal Data from Keywords. You also have a right to information on how we have used or disclosed your Personal Data in the 12 months prior to your request. This right can be exercised by writing to us at [email protected]
    • Rectification:  If you believe that any Personal Data we are holding about you is incorrect or incomplete, you have the right to correct any inaccuracies in your Personal Data free of charge. Further information on this right can be obtained by writing to us at [email protected].
    • Withdrawal of Consent:  If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right has the right to change your mind and withdraw consent to future processing of Personal Data by writing to us at [email protected]. However, depending on the nature of the consent that is withdrawn, you may no longer be able to visit the Website or use the Services. Any withdrawal of your consent will not affect the processing of Personal Data which occurred before you withdrew your consent.
    • Right to File Complaint:  You have the right to lodge a complaint about Keywords’ practices with respect to your Personal Data with the competent data protection authority through its website: https://www.pdpc.gov.sg.

    To exercise the above rights with regard to the processing activities for which we are the data controller, please contact us by e-mail or regular mail (see below for our contact details). Your request should be accompanied by your full contact details and a means of verifying your identity (e.g. a copy of the front of your ID card or driving licence). We may request further information as necessary in order to verify your identity or for security purposes. Where permitted to do so under applicable law, we may charge a reasonable fee for processing your request. We may also reject your requests where permitted to do so by law.

    Data Protection Officer

    Our Data Privacy Officer, as appointed in Singapore, can be contracted by writing to us at [email protected].

    12. Rights under Canadian Privacy Law

    If you are based in Canada, this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice. Depending on your province of residency in Canada, your rights under Canadian privacy legislation may differ. If there is any conflict between this section and the remainder of the Privacy Notice, the relevant part of this section shall prevail.

    12.1 Québec residents

    Québec privacy law regulates the collection and use of Personal Data using technology which allows a person to tracked or profiled. This includes the use of geolocation technology.

    “Profiling” is defined as “the collection and use of personal information to assess certain characteristics of a natural person, in particular for the purpose of analysing that person’s work performance, economic situation, health, personal preferences, interests or behaviour”.

    We do monitor web page interactions and track your location when using the Website, if and when you choose to activate such technologies by accepting cookies on the website. For further information, please consult our Cookies Policy available on our website.

    Consent to Collection of Personal Data

    Generally speaking, we will obtain your consent prior to any collection, use or disclosure of your Personal Data, except where such collection, use or disclosure is authorized or required by applicable law. You are generally not obliged to provide your Personal Data, however, please note that, in certain cases, we may be unable to provide certain Services to you or enable access to the Website if you refuse ‎to provide certain Personal ‎Data.‎ ‎

    You have the right to change your mind and withdraw consent to future ‎processing of Personal Data by writing to us at [email protected]. Please note that ‎such withdrawal may impact our continued ability to provide certain Services or access to the Website to you. Such ‎withdrawal does not affect the lawfulness of any processing which took place prior to such ‎withdrawal, nor does it ‎create an obligation for us to delete Personal Data which we are ‎otherwise ‎allowed or ‎required to retain under applicable law.‎

    Further Processing

    We will only use your Personal Data for the purposes for which we collect it (as outlined above), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, it is clearly to the benefit of the person concerned or is otherwise authorized or required by applicable law. If we need to use your Personal Data for any other reasonable purposes in connection with our engagement with you, the purpose for any further processing will be made known to you in advance. We may ask you to provide additional consent to such processing, if and to the extent required by applicable law.

    If you provide your social network account credentials to us or otherwise sign-in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us. This will be specifically addressed in the relevant app privacy notice or software-specific privacy notice to which you are required to give consent before installing same.

    Sharing Your Personal Data with Other Entities

    We will share Personal Data with our service providers or any other entities acting as Keywords’ agents or data processors for the purposes of providing services to Keywords and on the understanding that Personal Data will only be processed in line with our instructions and in compliance with all applicable legal obligations.  Generally, we may share Personal Data where this is authorized or required by law (including by a court or administrative body having order-making or relevant regulatory power).

    All of your Personal Data that we collect may be transferred to another entity if we undergo a merger, acquisition, bankruptcy or other transaction (or proposed transaction) in which that other entity assumes control of our business (in whole or in part), to the extent necessary to give effect to such transaction. In such instances we will take steps to ensure that the third party has agreed in writing to protect your Personal Data, and that you are notified in writing of the transfer where possible.

    Data Transfer

    Generally, transfers of Personal Data outside Québec will not occur unless and until a data privacy assessment has been undertaken by us and appropriate safeguards have been put in place to protect the Personal Data.

    Data Retention

    We retain Personal Data about you for as long as necessary to provide you with our Services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise authorized or required by applicable law, rule or regulation. In general, Keywords (or its service providers on its behalf) will hold this information for a period of seven years after you cease to interact with us, unless it is obliged to hold it for a longer period under applicable law or regulatory requirements. To the extent permitted by applicable law, we may further retain information in an anonymous or aggregated form where that information would not identify you personally, whether directly or indirectly.

    Your Rights

    You have certain rights with respect to your Personal Data, including those set forth below. 

    • You have the right to request a copy of your Personal Data from Keywords.
    • If you believe that any Personal Data we are holding about you is incorrect or incomplete, you have the right to request correction of any inaccuracies and, in certain circumstances, to request erasure of the Personal Data.
    • You may request, in certain circumstances, that we ‎cease disseminating your Personal Data or to ‎‎de-‎index any hyperlink that allows access to ‎that Personal Data by technological means, ‎‎if ‎such dissemination contravenes applicable ‎law or a court.‎

    Any such access/correction/erasure requests can be made to Keywords’ Québec Data Protection Officer at [email protected].

    12.2 Canadian Residents Outside the Province of Québec:

    Consent to Collection of Personal Data

    Generally speaking, we will obtain your consent prior to any collection, use or disclosure of your Personal Data, except where such collection, use or disclosure is authorized or required by applicable law.

    Further Processing

    We will only use your Personal Data for the purposes for which we collect it (as outlined above), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, clearly to the benefit of the person concerned, or is otherwise authorized or required by applicable law.  If we need to use your Personal Data for any other reasonable purposes in connection with our engagement with you, the purpose and legal basis (if applicable) for any further processing will be made known to you in advance (except in situations where we are authorized by law not to do so).  We may ask you to provide additional consent to such processing, if and to the extent required by applicable law.

    If you provide your social network account credentials to us or otherwise sign-in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us. This will be specifically addressed in the relevant app privacy notice or software-specific privacy notice to which you are required to give consent before installing same.

    Sharing Your Personal Data with Other Entities

    We will share Personal Data with our service providers or any other entities acting as Keywords’ agents or data processors for the purposes of providing services to Keywords and on the understanding that Personal Data will only be processed in line with our instructions and in compliance with all applicable legal obligations. Generally, we may share Personal Data where this sharing is authorized or required by law (including by a court or administrative body having order-making or relevant regulatory power).

    All of your Personal Data that we collect may be transferred to another entity if we undergo a merger, acquisition, bankruptcy or other transaction (or proposed transaction) in which that third party assumes control of our business (in whole or in part), to the extent necessary to give effect to such transaction.  In such instances we will take steps to ensure that the other entity has agreed in writing to protect your Personal Data, and that you are notified in writing of the transfer where possible (if the transaction completes).  

    Data Transfer

    Generally, transfers of Personal Data outside Canada (e.g. for processing by a service provider) will not occur unless and until a due diligence review has been undertaken by us and appropriate safeguards have been put in place to protect the Personal Data.

    Data Retention

    We retain Personal Data about you for as long as necessary to provide you with our Services.  In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, protect our legal position, resolve disputes or collect fees owed, or is otherwise authorized or required by applicable law, rule or regulation.  In general, Keywords (or its service providers on its behalf), will retain this Personal Data for a period of seven years after you cease to interact with us, unless it is obliged to hold it for a longer period under applicable law or regulatory requirements.  To the extent permitted by applicable law, we may further retain information in an anonymous or aggregated form where that information would not identify you personally.

    Your Rights

    You have certain rights with respect to your Personal Data, including those set forth below. 

    • You have the right to request a copy of your Personal Data from Keywords.
    • If you believe that any Personal Data we are holding about you is incorrect or incomplete, you have the right to request correction of any inaccuracies and, in certain circumstances, to request erasure of the Personal Data

    Any such access/correction/erasure requests can be made to Keywords’ Canadian Data Protection Officer at [email protected].

    13. California Privacy Notice

    If you are based in California this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice. If there is any conflict between this section and the remainder of the Privacy Notice, this section shall prevail.

    This California specific part (“CA Notice”) supplements the information contained in our Privacy Notice above and applies to visitors and users of the Website, along with those obtaining Services from Keywords, and others who are residents of certain states with generally applicable data privacy laws (referred to here as “consumers” or “you”). Consumers in these states have certain privacy rights as specified under state law, and this CA Notice ensures we cover state-specific requirements. Any terms defined in the applicable state privacy laws that we use here have the same meaning when used in this CA Notice. Personal Data, as used in this CA Notice, also includes “personal information,” as that term is defined under applicable state privacy laws.

    Information We Collect

    As more fully described above under the How We Use Your Personal Data section above, we collect (and have collected within the last twelve (12) months) the following categories of Personal Data:

    • Identifiers, including name, alias, email, phone number, address, unique personal identifier, online identifier (including social network usernames), IP address, or other similar identifiers.
    • Customer records, including contact information, customer numbers, professional information, and customer business card numbers.
    • Internet or other electronic network activity, including browsing history, clickstream data, search history, and information regarding interactions with our Services, interactions with our advertisements or emails, and other usage data related to your use of any of our Services.
    • Geolocation data, including general location information about a particular individual or device.
    • Audio, electronic, visual, or similar information, including information collected via call recordings if you call our customer service department or if you otherwise call us on a recorded line.
    • Professional Information, including job title, company name, business email, business phone number, and other similar professional and employment-related information.
    • Inferences, including inferences drawn from any of the information described in this section about a consumer (e.g., reflecting the consumer’s preferences, characteristics, and behaviours).

    For purposes of this CA Notice, Personal Data may not include:

    • Publicly available information lawfully made available from government records, or information that we have a reasonable basis to believe was made publicly available by you and not restricted to a specific audience.
    • Information otherwise excluded from the scope of various state privacy laws.
    Disclosure of Personal Data to Third Parties and Other Recipients

    The categories of Personal Data we may have disclosed for a business purpose in the preceding 12 months include: 

    • Identifiers; 
    • Customer records; 
    • Internet or other network activity information; 
    • Geolocation data; 
    • Audio, electronic, visual, or similar information;
    • Professional information; and
    • Inferences; and
    • Protected classifications. 

    The categories of third parties and other recipients to whom we may have disclosed Personal Data for a business purpose may include: 

    • Affiliates and subsidiaries; 
    • Vendors and service providers; 
    • Data analytics and marketing providers; 
    • Internet service providers; and
    • Operating systems and platforms.
    Sources of Personal Data

    We generally collect Personal Data from the following categories of sources: 

    • Directly or indirectly from you; 
    • Affiliates and subsidiaries; 
    • Business customers and clients; 
    • Internet service providers; and
    • Vendors and service providers.
    Purposes of Collecting and Disclosing Personal Data

    As more fully described in the How We Use Personal Data section above, in general, we collect and otherwise process Personal Data for the following business or commercial purposes:

    • Providing, supporting, and improving our Services;
    • Conducting analytics;
    • Product development;
    • Opening and managing user accounts;
    • Communicating with you;
    • Marketing and promotions;
    • Research and surveys;
    • Planning and managing events;
    • Security, fraud detection, and protection of our and others rights; 
    • Compliance and legal process; 
    • Auditing, reporting, and other internal operations; and
    • General business and operational support, including engaging in business sales or acquisitions.

    Sensitive Personal Data. We do not collect, use, or disclose sensitive personal data beyond the purposes authorized by applicable state privacy laws.

    Sales and Sharing of Personal Data

    The CCPA defines “sale” as disclosing or making available Personal Data to a third-party in exchange for monetary or other valuable consideration, and “sharing” as disclosing or making available Personal Data to a third-party for purposes of cross-contextual behavioural advertising. 

    While we do not disclose Personal Data to third parties in exchange for monetary compensation, we may “sell” or “share” the following categories of Personal Data: identifiers and Internet or other electronic network activity information. We may disclose these categories to third-party advertising networks, analytics providers and social networks for purposes of marketing and advertising. We do not sell or share Personal Data about individuals we know are under age sixteen (16).

    Your Privacy Rights and Choices

    California residents may have the following rights regarding their Personal Data, subject to certain exceptions and qualifications:

    • Access and Data Portability: You may have the right to request details about the Personal Data we have collected about you, such as whether we have collected Personal Data about you, the categories of sources, the purposes for which we have collected the Personal Data, the categories of recipients and the specific pieces of Personal Data we have collected. You may also have the right to receive a copy of your Personal Data in a readily usable format.
    • Correction: You may have the right to request we correct incorrect or inaccurate Personal Data, subject to restrictions regarding the determination of accuracy of the existing Personal Data.
    • Deletion: You may have the right to request deletion of your data unless an exception applies. Examples of exceptions include when we need to keep data to continue providing the Services, meet legal obligations, detect fraud and investigate violations of our Terms of Use or to address security issues.
    • Opt-Out of Sale, Sharing, or Targeted Advertising: You have the right to opt-out of “sales” and “sharing” of your Personal Data and to opt-out of the use of your Personal Data for “targeted advertising” as those terms are defined under the CCPA. You have the right and ability to opt-out of “sales” and “sharing” of your Personal Data using an opt-out preference signal. If our Website detects that your browser or device is transmitting an opt-out preference signal, such as the “global privacy control”—or GPC— signal, we will opt that browser or device out of the use of cookies or other tools on our site that result in a “sale” or “sharing” of your Personal Data. If you come to our site from a different device or from a different browser on the same device, or if you clear your cookies, you will need to opt-out again, or use an opt-out preference signal, for that browser and/or device as well.
    • Limit Use and Disclosure: We do not engage in uses of sensitive Personal Data that would trigger a right to limit use and disclosure of sensitive personal information under applicable state privacy law.
    • Non-Discrimination: We will not discriminate against you in terms of price or service level for exercising any of the rights described in this section.
    Exercising Your Privacy Rights

    To exercise your privacy rights as a California resident, please send us a request by emailing [email protected]. You can also contact us at +1 818 729-8508.

    You may designate someone as an authorized agent to submit requests and act on your behalf. For security purposes, authorized agents will be required to provide proof of their authorization in their first communication with us, and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent.

    Unless otherwise permitted by the CCPA, you may only make a request for access or data portability twice within a 12-month period. The request must:

    • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
    • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

    We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Therefore, we will need your first and last name, email address, and, if applicable, customer number. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.

    14. Other U.S. State Privacy Rights

    If you are based in Virginia, Connecticut, Colorado or Utah, this section forms part of the Privacy Notice and should be read together with the other sections of the Privacy Notice. If there is any conflict between this section and the remainder of the Privacy Notice, this section shall prevail.

    Residents of Virginia (as of January 1, 2023), Connecticut and Colorado (as of July 1, 2023), and Utah (as of December 31, 2023) who are users of the Website or recipients of Services and who are not acting in a commercial or employment context in relation to Keywords or its business customers may be entitled to exercise the following rights:

    • Access and Data Portability: You may have the right to request details about the Personal Data we have collected about you. You may also have the right to receive a copy of your Personal Data in a readily usable format.
    • Correction: You may have the right to request we correct incorrect or inaccurate Personal Data, subject to restrictions regarding the determination of accuracy of the existing Personal Data.
    • Deletion. You may have the right to request deletion of your data unless an exception applies. 
    • Opt-Out of Sale, Sharing, or Targeted Advertising.
    • Opt-Out of Profiling with Legal or Significant Effects: You may have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. However, we do not engage in such activities, so there is no need to exercise this right.
    • Right to Appeal (VA, CT, and CO only): If we deny or reject your privacy rights request, you may have a right to appeal our decision if permitted by your state’s privacy law. To appeal our denial or rejection, please contact us at [email protected] and include in the subject line “Request to Appeal Privacy Right Request Decision.” Please provide us sufficient information to locate your privacy right request record, such as any unique number you were provided. Our privacy office will review your appeal request, our original determination, and will inform you of our decision on your appeal.

    15. Changes to this Privacy Notice

    Overall, we’re constantly trying to improve our Services which includes optimising our Website, so we may need to change this Privacy Notice from time to time to reflect changes in technology, law, business operations or any other reason we determine is necessary or appropriate, but we will alert you to any material changes by placing a notice on the Website, by sending you an email and/or by some other means. 

    16. Contact Information

    If you have any questions or queries about this Privacy Notice, the ways in which we collect and use your Personal Data or your choices and rights regarding such collection and use, please do not hesitate to contact us at:

    Features

    Experiences

    Platform

    Services

    Support

    Resources

    Company

    Helpshift Logo
    © 2025 Helpshift. All rights reserved.