Privacy Policy
Date: October 17th, 2023
Welcome! At Drift, we believe that protecting your Personal Data is very important. In this Privacy Policy we want to explain to you what we do with the Personal Data that Drift Consult and all its affiliates (hereafter referred to as “Rack”, or “we” or “us” or “our”) receives or collects. If you are a Customer, this Privacy Policy is incorporated by reference into the Drift Service Legal Agreement between you and Drift Consult, as is our data processing agreement, (the “Data Processing Agreement”).
I. Interpretation
This privacy policy applies only to the following persons (collectively “you” or “your”):
Visitors
Means any person who contacts Drift Consult, speaks with a Drift sales representative, or provides feedback (e.g. responds to a survey), any person who visits www.rack.business, as well as any other Drift Consult applications or websites that Drift Consult uses and where a link to this Privacy Policy is included, such as websites created for contests or promotional purposes (the “Websites”);
Customers
Means any business owner or business that subscribes to the Drift Consult Software services or otherwise purchases services from Drift Consult (the “Services”), either through a paid subscription or a trial; and
Partners
Means Drift Consult’s third-party business partners, including their employees and representatives.
Definition of Personal Data
Personal Data means any information that relates to an identified or identifiable natural person. This includes data such as name, home address, email address and phone number, as well as IP-address and data specific to the physical, physiological, genetic, economic, cultural or social identity of natural persons. Information about a business, such as its name or physical address, is not Personal Data.
Third-Party Websites and applications
This Privacy Policy does not apply to any third-party websites, applications or services, even if these are accessible through Drift Consult’s Websites or Services. The linking to a third-party website, service or application is subject to the terms and conditions of the third-party website, service or application.
Responsibility of our Customers
Customers are responsible for complying with all applicable laws and regulations concerning the Personal Data of their own customers and employees (the “End-Users”) they process when using our Services. Such processing is governed by the applicable agreement and privacy policy between the Customer and its End-Users. Unless End-Users interact with us directly (e.g. respond to an in-app survey about our products, submit feedback), we only process Personal Data of End-Users on behalf of and at the direction of our Customers.
Customers are responsible for addressing any privacy requests from their End-Users.
II. Information that we collect from you
A. Personal Data that we collect directly from you
When you use our Websites or mobile applications, request a trial or ask for any other information, you will be asked to provide contact details which we will then use to deliver the requested information and/or service.
When you contact customer support or speak with a sales representative, we may record the call for training purposes and to improve our service.
If you are using or accessing our Services, whether in connection with a paid subscription, a free trial or purchased service, we may ask for specific information, such as your name, address, e-mail address and phone number for us to be able to perform our obligations under the terms of these Services. In addition, we collect your payment details to be able to process the payment of your subscription fee or purchase price.
Customers may provide Personal Data of End-Users and other third parties by inputting that Personal Data into the Services, for example, when they process a transaction. This Personal Data is collected and used in accordance with the Customer’s privacy policy.
B. Information that Drift Consult may collect about you through our Websites and Applications
Technologies Used by us
As part of our Websites, including applications, and Services, we use various technologies such as “session” and “persistent” cookies (small data files that we transfer to your computer), web beacons (tiny image files on web pages that communicate information about the page viewer to the beacon owner), log data, and third-party analytics services, such as Google Analytics, to collect and analyze information about Visitors, Customers, and Partners. Technology is, by its nature, dynamic and ever-changing; the technological tools used today by Drift Consult are therefore subject to modification and replacement in the future.
Session Cookies
We use “session” cookies to keep you logged in while you use our Services, to better understand how you interact with our Services, and to monitor aggregate usage and web traffic information on our Services.
Persistent Cookies
We use “persistent” cookies to recognize you each time you return to our Websites or Services. For example, we create a persistent cookie that includes some basic information about you, like your most recent search. We use this persistent cookie to remember your preferences and, if you create an account, to make your user experience consistent.
Tracking Technologies
Web beacons, tags and scripts may be used on our Websites, our Services, in e-mails or other electronic communications we send to you. These technologies help us in understanding how our Websites and Services are used, what other websites our visitors have visited and when an email is being opened and acted upon so that we can improve our Services.
Log Data
Our servers automatically record information created by your use of the Websites or Services (“Log Data”). Log Data includes information such as your IP address, browser type, operating system, the referring web page, web pages visited, location, your mobile carrier, your computer or mobile device type, search terms and cookie information. We receive Log Data when you interact with our Websites or Services, for example, when you visit our Websites, sign into our Services, or interact with our email notifications.
C. Information that we receive from Third Parties
We may sometimes obtain Personal Data about you from third parties (e.g., Facebook, Twitter, Google) and use it to improve or re-market our Services, or to provide a more tailored experience with our Services.
III. How we Use the Information that we Collect
A. Why do we collect your Personal Data?
Purposes for data processing
We collect your Personal Data for the following purposes:
- To send you communications or documents you have requested (such as offers, demonstrations, whitepapers, newsletters and marketing materials);
- To contact you to ask you if you have any questions about the Services or information that you have requested from us;
- To communicate with you via email, telephone, text (SMS), postal services, social media and websites regarding Drift Consult-related news and inform you about Services that may be of interest to you, if you allow us to do so;
- To respond to your questions or requests for additional information;
- To set up a trial or regular account for our Services;
- To provide our Services to you;
- To share and exchange reports and information with credit reporting agencies, credit bureaus and/or any other entity connected with the use of our payments processing services; and to use other third party databases (including registries, licensing authorities, identification services, telecom providers) or references provided by you to obtain or verify information about your financial circumstances, background and to identify and detect fraud;
- To manage our relationship with you and to provide you with customer support;
- To provide training and quality assurance;
- To process payments to us or remit payments to you;
- To get a better understanding of how you browse our Websites so that we can optimize your experience;
- To research and analyze your use of or interest in our Services and those products and services offered by others;
- To analyze the effectiveness of our Services;
- To improve the functionality of our Websites and Services;
- To help you find the most relevant information by customizing our Services to optimize your experience;
- To verify your eligibility and deliver prizes in connection with promotions, contests and sweepstakes;
- To perform any additional purposes explicitly described to you at the time of collection and for which we receive your consent;
- In connection with a dispute or an investigation in which we are or may become involved either directly with you or with a third party;
- To manage and protect the security and resilience of the systems, networks and applications that we use to provide our Websites and Services.
B. Do we disclose your Personal Data?
We will only share your Personal Data in accordance with this Privacy Policy. In the following circumstances, we may share your Personal Data with third parties.
Information that we share with affiliated companies
Drift Consult is a regional company with affiliates all over the region. To do business globally and help improve the Services provided, Drift Consult may share Visitor, Partner, and Customer Personal Data with its affiliates. In this case, Lightspeed will ensure an adequate level of protection for the Personal Data transferred.
Information that we share with third parties
Service providers: We engage third-party service providers (companies operating on our behalf) to help us administer, provide and improve the Services and the Websites. We share Personal Data with these third-party service providers to enable them to provide these services for us. Due to our continuous efforts to improve our Websites and Services, our third-party service providers may change periodically. As an example, we engage with third parties who provide data storage solutions, data security tools, and information management services. Some of these third-party service providers may be located outside Africa. If this is the case, we will provide for an adequate level of protection regarding Personal Data. Otherwise, we will only share Personal Data at your direction and according to this Privacy Policy.
Integration Partners: Customers may choose to connect the Services to the services of one of our many integration Partners for added functionality. By setting up these connections, you allow Drift Consult to share certain information with these integration Partners.
Linking third parties: If you arrived at our Website via a link from a third-party website or application (“Linking Third Party”), we may collect a unique code related to that Linking Third Party. This will help us identify how you arrived at our Website. Once on our Website, if you become a Customer or submit Personal Data to us for another reason (i.e. for marketing purposes, to sign up for a product trial or demo), we may inform the Linking Third Party that a Visitor originating on their website or application has become a Drift Consult lead (Customer or potential Customer). Any collection or use of your Personal Data by the Linking Third-Party is subject to the privacy policy of the Linking Third Party.
Non-Personally Identifiable Information
In order to provide and improve our Services, we may use and disclose to third parties (for example, our service providers and analytics Partners) non-personally identifiable information which we collect, including cookie data and Log Data. This may include Personal Data which has been aggregated and de-identified in such a way that the data cannot be reidentified. We retain the right to use, at our reasonable discretion, any information, in any form, about more than one individual where the identity of the individuals is not known and cannot be inferred.
Social Network Sharing
When you use any social network sharing function in connection with the Services (for example, sharing on Facebook), your sharing activity will be processed through a third party’s site or service. These third-party privacy policies, not ours, govern the collection and use of the information collected on those sites or networks, including Personal Data.
User-Generated Content (UGC) and Feedback
Some parts of our Websites and Services may allow Visitors and Customers to submit and view UGC. UGC includes such things as posting a question, an answer or a blog post. When you post UGC, other Visitors or Customers will be able to see certain information about you, such as your username or handle. You should be aware that any Personal Data you submit in UGC can be read, collected, distributed or used by other Visitors or Customers and could be used by third parties to send you unsolicited messages. We are not responsible for the Personal Data you choose to include in the UGC you provide through the Websites or Services.
If you complete surveys or provide us with feedback in any other form, we may use this information for our own business purposes, including for marketing and to improve our products and Services.
Protecting Ourselves and our Customers
We may release Personal Data when we believe that doing so is appropriate to comply with applicable laws, regulations or legal requests; to enforce or apply our policies and guidelines; to initiate, render, bill, and collect amounts owed to us; to protect our rights or property; to protect the safety of our Customers; to address fraud, security or technical issues; to prevent or stop activity that we consider to be illegal or unethical; or if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay. Without limiting the generality of the foregoing, we may also be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Sale/Merger
Information about our Customers and Partners is a business asset of Drift Consult. Consequently, information about our Customers and Partners, including Personal Data, may be disclosed as part of any merger or acquisition involving Drift Consult, the creation of a separate business to provide some or all of the Services, the sale or pledge of Drift Consult’s assets, as well as in the event of an insolvency, bankruptcy or receivership.
IV. How do we Protect your Personal Data?
We treat your Personal Data as private, confidential information and we strive to ensure that Personal Data under our control, regardless of format, is protected and kept secure at all times. Please be aware, however, that no method of transmitting information over the Internet or of storing information is completely secure. Accordingly, we cannot absolutely guarantee the protection of any information shared with us. In the event of an unauthorized loss or disclosure of Personal Data, Visitors, Partners, and Customers may be subject to a risk of harm resulting from such loss or disclosure. Depending on various factors, such as the type and amount of Personal Data disclosed, consequences for individuals could include changes to their credit bureau rating or financial situation or identity theft. Drift Consult will at all times comply with applicable laws concerning data breach notification requirements and will endeavor to mitigate any risks of residual harm to the affected individuals.
A. Location of Personal Data
Your Personal Data may be stored on servers located in a country other than where you reside or do business. Personal Data may be subject to the local laws of the jurisdictions within which it is collected, used, disclosed and/or stored, and may be accessed by governmental authorities and law enforcement agencies in those jurisdictions.
B. Retention of Personal Data
Drift Consult retains your Personal Data for as long as it is reasonably needed to deliver the Services. The retention terms can be longer if we are required to keep Personal Data longer on the basis of applicable law or to administer our business. Where you have the right to request deletion, we will delete your Personal Data in accordance with and upon receipt of written instructions from you to this effect, unless we are legally required to keep it. You may choose to do this in the event you terminate your agreement for the Services. If deletion is not possible, we will de-identify it in a way that cannot be reversed. If de-identification is not possible (for example, because your Personal Data 9 has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
V. Your Rights in Relation to your Personal Data
A. What are my Rights?
Right to Access, Rectify, or Transfer your Personal Data
You have the right to access your Personal Data at any time and to receive a copy of the Personal Data undergoing processing. You can require us to correct or complete your Personal Data if it is not correct or complete. You can also ask us to provide your data in a commonly used electronic form.
Right to Object to Further Processing of your Personal Data
If we are processing your Personal Data on the basis of a legitimate interest, you may object to the processing activity. Upon receipt of an objection we will cease the processing activity for the future unless we can demonstrate a legitimate ground which overrides your interests, or that the processing is necessary for the establishment, exercise or defense of legal claims. Please note that your exercise of this right may result in Drift Consult being unable to continue providing all or part of the Services to you.
Right to Deletion and to Restrict Processing of your Personal Data
If there is no longer a reason for us to process your Personal Data or if we don’t have a legal ground for the processing, you can require us to delete your Personal Data. We will take steps to delete your information as soon as is practicable, but some information may remain in archived/backup copies for our records or as otherwise required by law. In addition, we may choose to de-identify your Personal Data instead of deleting it, provided we have a legitimate business reason for doing so. You can also require us to restrict the processing of your data if such processing is unlawful or if there is a dispute about the accuracy of the data.
Right to Non-Discrimination for Exercising your Rights
In the event you exercise one of the rights outlined in this section, Drift Consult will not discriminate against you for having done so. In particular, we will not deny you any goods or services, charge you different prices for goods or services, or provide you with different quality levels of goods or services.
B. How can I invoke my Rights?
If you wish to invoke any of your rights in relation to your Personal Data, you may do so using one of the following methods.
Online Privacy Request. You may submit a request to exercise any of your data rights (a “Privacy Request”) by filling out our website online form.
Phone Number. You may reach out to one of our Support agents by dialing or contact a local helpdesk. Our Support agents will assist you in submitting your Privacy Request.
In order for us to verify your identity and honour your request, we may require that you provide identifying documentation such as a copy of your government-issued identification card. As an added level of security, we may also verify your identity by contacting you at the email address or phone number we have on file. We will only consider your Privacy Request validly received after we have successfully identified you.
VI. General Matters
A. Changes to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our information practices. Any changes we make will become effective when we post a modified version of the Policy on this webpage. The “Effective Date” at the top of the Policy indicates when it was last updated. If we make material changes to the Policy, we will post a notice on our Websites or in our Services. Your continued use of our Websites or Services after the modified version of the policy is posted constitutes your acceptance of those changes to the policy, as well as any additional applicable requirements. If you do not agree to the changes to our policy, it is your sole responsibility to stop using our Websites or Services. You are required to ensure that you read, understand and agree to the latest version of the Policy.
B. Contacting us
If you have any questions or suggestions regarding our Privacy Policy, please do not hesitate to contact us. You can email our Privacy Officer at info@drift.co.ke