Privacy Policy

Last updated:
9/10/2024

1. Introduction

This Privacy Policy provides a comprehensive description of how Spekit Inc. collects, uses, and discloses information about you (“Personal Data”), as well as your rights and choices regarding such Personal Data. For purposes of this Privacy Policy, “Spekit”, “we”, “our”, and “us” refers to Spekit Inc. and its affiliates, and “you” or “your” refers to the individual interacting with us.

2. Applicability of this Privacy Policy

This Privacy Policy applies to (a) our software platform, including the associated technology we provide for access and use of those services (e.g., app.spekit.com, our browser extension, and any application integrations) (collectively, the “Services”), (b) www.spekit.com (the “Website”), and (c) our emails, advertisements and any other location, online or offline, where you interact with our business (e.g., conferences or third party social media and networking sites) (collectively, with the Services and Website, the “Business”).

Data protection laws distinguish between entities that control the purposes and means of processing information and entities that process information on behalf of other entities. The Spekit Services Agreement or another written agreement (the “Agreement”) governs our provision of Services to a business customer (a “Customer”). When Spekit processes Personal Data on behalf of a Customer to provide contracted Services, we do so in accordance with the terms of the Agreement and the Customer’s instructions, not this Privacy Policy. If you wish to exercise your rights regarding Personal Data we are processing on behalf of a Customer, you should contact the applicable Customer for assistance, and Spekit may forward communications we receive from you to the Customer for resolution. We are not responsible for the privacy practices of our business customers, which may differ from those in our Privacy Policy.

Moreover, this Privacy Policy does not apply to any third-party applications or services that are used in connection with our Services, or any other products, services or accounts provided by other entities under their own terms of service and privacy policy (collectively, “Third-Party Services”). If you do not agree with this Privacy Policy, then do not access or use the Services, Website or any other aspect of our Business.

3. Information Spekit Processes

Spekit processes information through the operation of our Services and Websites, and through other interactions with our Business. If you provide us with information about another individual, you represent you have the authority to do so and have delivered any required notices and obtained all necessary rights and consents to provide such information to us for processing in accordance with this Privacy Policy. If you believe information has been provided to us improperly, please notify us in accordance with the “Contact Us” section below.

A. Data Provided to Spekit

We receive information when you submit it to our Business:

  • Contact Information, including your first name, last name, email address, phone number, employer, job title and address.
  • Communications, including when contacting sales or support, asking a question, providing product feedback or corresponding with our business teams.
  • Content, including any documentation, files or information you provide, as further described below.
  • Authorized User Data, including your Contact Information, login credentials, and other information used by your Company to invite and manage business customers and their employees and other authorized users (“Authorized Users”).
  • Third-Party Information, including information you provide about any co-workers, contractors, vendors or potential referrals, such as their Contact Information.
  • Connected system instance and user information: In order to use the Services you may be required to connect to a Customer Relationship Management (CRM) system (e.g. Salesforce), in which event Spekit is given permission to access the CRM system in order to provide the Services.

Content may include information, messages, text and other data which is collected, stored, surfaced, and shared through the use of the Services. Your Content and metadata about your Content may be viewed by other users in accordance with your settings on the Service. Unless Content is made viewable in accordance with your settings on the Service, then neither Spekit, Spekit employees, Spekit contractors nor agents will view your Content except: (i) to maintain, provide or improve the Service; (ii) to help you and respond to your request related to your Content, including support requests; (iii) to review and monitor (if we elect to do so) compliance with our SaaS Agreement or a similar agreement (including our Acceptable Use Policy); (iv) to comply with our legal obligations or to cooperate with law enforcement; or (v) as otherwise described in this Privacy Policy. We have the right to remove any information you post, if deemed to be in violation of our Acceptable Use Policy.

B. Data Generated and Collected by Spekit

We generate, collect and derive information when you use or interact with our Services, Website and other products and services provided or used by our Business:

  • Usage Data, including information and metadata about the pages or content you visit, the features you interact with, the workflows you construct, how much time you spend on a particular Website or using the Services, login and crash data, your preferences or selections, the time of day you browse, and your referring and exiting pages.
  • Device Data, including information about the type of device or browser you use, your device’s operating software and settings, your internet service provider, and device identifiers, such as IP address and advertising identifier.
  • Location Data, including an approximate geolocation derived from your IP address or business information.

We use cookies and other technologies to help us process information:

  • Log Files, which are files that record events that occur in connection with your use of technology services, including the Services and Website.
  • Cookies, which are small data files stored on your device that act as a unique tag to identify your browser. Please see Spekit’s Cookie Policy for further information on how Spekit uses cookies.
  • Pixels (also known as web beacons), which are code embedded in a website, email, application or advertisement that sends information about your use to a server. There are various types of pixels, including image pixels (which are small graphic images) and JavaScript pixels (which contains JavaScript code). When you access technology that contains a pixel, the pixel may permit us or a separate entity to track your interactions. We may incorporate pixels from separate entities that allow us to track our conversions, bring you advertising, and provide you with additional functionality.

You may be able to limit our collection of certain information by changing your device and software settings. However, doing so may affect or limit the features available to you. For further information on how we use tracking technologies for analytics and advertising, and your rights and choices regarding them, see the “Analytics and Advertising” and “Your Rights and Choices” sections below.

C. Data Collected by Spekit from Other Sources

In order to enhance our ability to provide relevant marketing, offers, and Services to you, and update our records, we may obtain information about you from other sources. We may combine such information with other information we have collected about you. This helps us to update, expand and analyze our records, identify new customers, and create more tailored advertising to provide offers and services that may be of interest to you. These sources may include public databases, joint marketing partners, social media platforms, as well as other third-party sources. As an example, if you participate in a Spekit Referral program, we may collect information related to you and/or your referral.

Additionally, Spekit may receive information about you from other third parties whom you have authorized to share your information or who collect information in connection with co-branded offerings. We treat the information obtained from other sources in accordance with any laws or contractual obligations applicable to us.

4. How Spekit Uses Information

We use information for business and commercial purposes in accordance with the practices described in this Privacy Policy. In addition, Spekit uses information to operate our Services, Website, and Business as follows:

  • Providing, maintaining and improving the Services, Website and Business
  • Maintaining and promoting security by tracking use of our Services, verifying accounts and activities, investigating suspicious activity, and enforcing our terms of use and related policies, to the extent necessary to our legitimate interest of promoting security of our Services, and in protecting our rights and the rights of others
  • Providing and delivering the Services you request, processing transactions and sending you related information, including confirmations and invoices
  • Sending you technical notices, updates, security alerts and support and administrative messages
  • Responding to your comments, questions and requests and providing customer service and support
  • Generating aggregate or de-identified information by removing or masking information that could be used to identify you and by aggregating or combining information with other information
  • Identifying customer opportunities to the extent that it is in our legitimate interest to ensure we are meeting our customer’s demands and user experiences
  • Communicating with you about products, services, offers, promotions, rewards, and events offered by Spekit and others, to the extent necessary for our legitimate business interest to market our Services
  • Monitoring and analyzing trends, usage and activities in connection with the Services
  • Personalizing and improving the Services and providing advertisements, content or features that match user profiles or interests
  • Processing and delivering contest entries and rewards
  • Linking or combining with information we receive from others to help understand your needs and provide you with better service
  • Complying with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or if necessary for our legitimate interest in protecting against misuse or abuse of our Services, pursuing remedies available to us, and complying with judicial proceedings or responding to lawful requests
  • As necessary for general business administration, such as but not limited to, accounting, recordkeeping, and legal functions to meet our business obligations
  • Carrying out any other purpose for which the information was collected, and which is necessarily contemplated by the collection of such information or is otherwise explicitly mentioned in the process of collection

Notwithstanding the above, we may use information that does not identify you for any purpose permitted by law or contractual obligation applicable to us. For information on your rights and choices regarding how we use your Personal Data, please see the “Your Rights and Choices” section below.

5. How Spekit Shares Information

The following entities may receive the information that we collect:

  • Our subsidiaries
  • Our sub-processors
  • Our trading partners

We use sub-processors to assist in providing the Services. By using the Services or Website, you consent to Spekit engaging its current sub-processors.

In addition, we may share data about you as follows or as otherwise described in this Privacy Policy:

  • With affiliates, vendors, consultants, and other service providers who need access to that information to carry out work on our behalf
  • With vendors, platforms, analytics providers and other parties for marketing and advertising related purposes. For more information on our online advertising practices, see the “Analytics and Advertising” section below.
  • In connection with a joint marketing campaign, seminar, Spekit product offering or other product or service offered by Spekit in conjunction with a third party, we may share your information with any third parties participating in such offering and such parties may use this information for their direct marketing purposes
  • In response to a request for information if we are required by, or believe disclosure is required by, any applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities
  • In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company
  • With your consent or at your direction, including if we notify you through the Services that the information you provide will be shared in a particular manner and you provide such information

Notwithstanding the above, we may disclose information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by law or contractual obligation applicable to us. For information on your rights and choices regarding how we share information about you, please see the “Your Rights and Choices” section below.

6. Analytics and Advertising

Where permitted under laws applicable to our Business, we use analytics services, such as Google Analytics, to help us understand how users access and use the Website and other aspects of our Business. In addition, we work with agencies, advertisers, ad networks, and other technology services to place advertisements on our behalf on other websites and services. For example, we may place ads through Google, LinkedIn and social media platforms that you may view on their platforms as well as on other websites and services.

As part of this process, we may use tracking technologies (including incorporating them into our Website and emails), as well as incorporating into our ads displayed on other websites and services. Some of these tracking technologies may track your activities across time and services for purposes of associating the different devices you use, and delivering relevant ads and/or other content to you (“Interest-based Advertising”).

For further information on the types of tracking technologies we use and your rights and choices regarding analytics and Interest-based Advertising, please see the “Your Rights and Choices” section below. You will continue to see advertising, including potentially from us, even if you opt out of personalized advertising.

7. Data Transfer

Our Business is operated from the United States. Any of your Personal Data we collect may be transferred to, processed, used, handled, and stored in the United States and other jurisdictions. Data protection laws in the United States and other jurisdictions may differ from those of your country of residence.

For personal data transferred from the European Economic Area, Switzerland or the United Kingdom, we will provide appropriate safeguards, such as through the use of the relevant standard contractual clauses. For further information on these transfers and the relevant appropriate safeguards, please see the “Additional Disclosures for Data Subjects in the European Economic Area, Switzerland and the United Kingdom” section below.

8. Additional Information

Security. We are committed to taking appropriate measures designed to keep your Personal Data secure. Our technical, administrative and physical procedures are designed to protect Personal Data from loss, theft, misuse and accidental, unlawful or unauthorized access, disclosure, alteration, use and destruction. We follow generally accepted industry standards to protect the data submitted to us, both during transmission and once it is received. If you have any questions about the security of your data, you can contact us at [email protected].

Use by Minors. We do not direct any of our Services or other aspects of our Business to children. We do not knowingly collect personal data (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children under 13. We also do not knowingly “share” or “sell,” as those terms are defined under the California Privacy Rights Act, the personal data of minors under 16 who are California residents. If you are a parent or guardian and believe we have violated this provision, contact us at [email protected].

Changes to this Policy. We may change this Privacy Policy at any time or substitute this Privacy Policy at our sole discretion. If we make changes, we will notify you by revising the date at the top of the policy and, in some cases, we may provide you with additional notice (such as by adding a statement to our website homepages or sending you an email notification) or otherwise seek additional consent in accordance with applicable law. You should check regularly for the most up-to-date version of this Privacy Policy whenever you access the Services.

9. Your Rights and Choices

Region-Specific Rights. In addition to these rights and choices, you may have additional rights based on your region. For region-specific terms, please see the bottom of this Privacy Policy.

Spekit Account. Spekit Services are intended for use by business customers, and you may only use a Spekit Account if you are an employee or other Authorized User of a Company that has opened a Spekit Account. The information in a Company’s Spekit Account is governed by our Agreement with the business customer. You should direct questions about Personal Data we are processing on behalf of a Company to that Company’s administrators. If you are an Authorized User, you may also be able to access, update, or delete certain information within your Company’s Spekit Account through the Services, provided that the Company and its administrators are responsible for determining how that data is processed.

Tracking Technology Choices.

  • Cookies and Pixels. Most browsers and devices accept cookies by default. You can instruct your browser or device, by changing its settings, to decline or delete cookies. If you use multiple browsers or devices, you may need to instruct each separately. Your ability to limit cookies is subject to your settings and limitations. For additional information, please visit our Cookie Policy.
  • Do Not Track. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com. Note that if you are a California resident, you may exercise your right to opt-out of sales or sharing through preference signals. Please visit the “Additional Disclosures for California Residents” section below for details.

Please be aware that if you disable or remove tracking technologies some parts of our Services, Website and Business may not function correctly.

Analytics and Advertising. Google provides tools to allow you to opt out of the use of certain information collected by Google Analytics at https://tools.google.com/dlpage/gaoptout and by Google Analytics for Display Advertising or the Google Display Network at https://www.google.com/settings/ads/onweb.

The companies we work with to provide you with targeted ads in connection with our Business are required to give you the choice to opt out of receiving targeted ads. Most of these companies are participants of the Digital Advertising Alliance (“DAA”) and/or the Network Advertising Initiative (“NAI”). To learn more about the targeted ads provided by these companies, and how to opt out of receiving certain targeted ads from them, please visit: (i) for website targeted ads from DAA participants, https://www.aboutads.info/choices; and (ii) for targeted ads from NAI participants, https://www.networkadvertising.org/choices. Opting out only means that the selected participants should no longer deliver certain targeted ads to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., in connection with the participants’ other customers or from other technology services). Any such targeted advertising will only be carried out to the extent that it is permitted by applicable law.

Please note that if you opt out using any of these methods, the opt out will only apply to the specific browser or device from which you opt out. Except as required by applicable law, we are not responsible for the effectiveness of, or compliance with, any opt-out options or programs, or the accuracy of any other entities’ statements regarding their opt-out options or programs.

You can opt out of receiving promotional emails from us at any time by following the instructions as provided in emails to click on the unsubscribe link. Please note that you cannot opt-out of non-promotional emails, such as those about your Company’s Spekit Account, transactions, servicing, or our ongoing business relations.

10. Use of Google Workspace APIs and AI/ML Model Development Policy

Compliance with Google Workspace API Usage. We affirm that the Google Workspace APIs accessed through the Services are not used for developing, improving, or training generalized artificial intelligence (AI) or machine learning (ML) models.

Purpose of API Usage. Our use of Google Workspace APIs is strictly limited to enhancing the user experience and functionality of our Services as explicitly described in our documentation and does not extend to any form of AI or ML model training.

Data Handling and Processing. All data accessed via Google Workspace APIs is processed in accordance with our privacy policy, strictly adhering to the intended purpose as specified and not for the training of generalized AI or ML technologies.

Restrictions on Data Use. We ensure that no data obtained from Google Workspace APIs will be used to train, calibrate, or improve the capabilities of AI or ML algorithms or models.

Transparency and Disclosure. We are committed to maintaining full transparency about our use of data obtained from Google Workspace APIs and will continuously provide clear disclosures about the specific purposes for which this data is used.

Privacy and Security Measures. Robust privacy and security measures are implemented to protect the data accessed via Google Workspace APIs, ensuring it is handled in compliance with all applicable laws and regulations, including GDPR, CRPA, and others.

Third-Party Data Sharing and Access. There is no sharing of data obtained through Google Workspace APIs with any third parties for the purpose of AI or ML model training.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

[email protected]
Spekit Inc.
3301 Lawrence Street Suite #1
Denver, CO. 80205

12. Additional Disclosures for Nevada Residents

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal data that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal data for monetary consideration by the business to a third party for the third party to license or sell the personal data to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please refer to the “Contact Us” section above.

13. Additional Disclosures for California Residents

These additional disclosures apply only to California residents and only to the extent applicable.

Notice of Collection.

The California Consumer Privacy Act as amended by the California Privacy Rights Act (“CPRA“) provides additional rights and requires businesses collecting or disclosing personal data to provide notices and means to exercise rights. In the past 12 months, we have collected the following categories of personal data enumerated in the CPRA:

  • Identifiers, including name, postal address, email address, and online identifiers (such as IP address).
  • Customer records, including phone number, billing address, bank account information.
  • Internet activity, including browsing history, search history, and interactions with a website, email, application, or advertisement.
  • Non-Precise Geolocation data.

For further details on personal data we collect, including the sources from which we receive information, review the “Information that Spekit Collects” section above. We collect and use these categories of personal data for the business purposes described in the “How We Use Information” section above. We disclose the personal data to the categories of persons set out in the “Disclosure of Information” section above. Please visit those sections for further details.

Right to Know, Correct and Delete.

You have the right to know certain details about our data practices. In particular, you may request the following from us:

  • The categories of personal data we have collected about you;
  • The categories of sources from which the personal data was collected;
  • The categories of personal data about you we disclosed for a business purpose or sold or shared;
  • The categories of persons to whom the personal data was disclosed for a business purpose or sold or shared;
  • The business or commercial purpose for collecting or selling or sharing the personal data; and
  • The specific pieces of personal data we have collected about you.

In addition, subject to exceptions, you have the right to correct or delete the personal data we have collected from you.

To exercise any of your rights, please submit a request to [email protected]. We will confirm receipt of your request and respond to your request within the time limits prescribed by law. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests.

If personal data about you has been processed by us as a service provider on behalf of a business customer, please inquire with the business customer directly to exercise your rights. If you wish to make your request directly to us, please provide the name of our business customer on whose behalf we processed your personal data. We will refer your request to that business customer, and will support them to the extent required by applicable law in responding to your request.

Additional Notice and Opt-Out.

Our business model is providing software services to business customers, not selling personal data. However, under the CPRA, some marketing practices, like the disclosure of Website visitor data to obtain targeted ads and analytics to advertise our products on third party sites, may be considered a “share” or “sale” even if no money is exchanged. A “share” is broadly defined under the CPRA to include a disclosure for cross-context behavioral advertising, and a “sale” is broadly defined under the CPRA to include a disclosure for something of value. Under these definitions, we may collect, share, or sell the following categories of personal data for commercial purposes: identifiers, commercial or transaction information, internet activity, non-precise geolocation data. The categories of third parties to whom we “share” or “sell” personal data include, where applicable, vendors and other parties involved in cross-context targeted advertising. To the extent our marketing practices constitute a “share” or “sale” of your personal data, you have the right to opt out. You can exercise this right by modifying your cookie preferences for our Website or enabling Global Privacy Control on your browser or extension. These settings enable you to communicate an opt out that is specific to your browser or device, as applicable, so you will need to instruct each separately.

Retention.

We retain each category of personal data for the length of time that is reasonably necessary for the purpose for which it was collected, and as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

Authorized Agent.

You can designate an authorized agent to submit requests on your behalf. However, we may require signed proof of the agent’s permission to do so and verify your identity directly. Requests must be submitted through the designated methods listed above.

Right to Non-Discrimination.

You have the right not to receive discriminatory treatment by us for the exercise of any of your rights.

14. Additional Disclosures for Virginia Residents

Virginia provides additional rights to Virginia residents through the Virginia Consumer Data Protection Act (“VCDPA”). This section addresses those rights and applies only to Virginia residents acting in an individual or household context.

You have the following rights under the VCDPA:

  • To confirm whether or not we are processing your personal data
  • To access your personal data
  • To correct inaccuracies in your personal data
  • To delete your personal data
  • To obtain a copy of your personal data that you previously provided to us in a portable and readily usable format
  • To opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you

To exercise any of these rights, please send an email to [email protected]. We will respond to your request within the time limits prescribed by law. We may require specific information from you to help us confirm your identity and process your request. If personal data about you has been processed by us as a processor on behalf of a business customer and you wish to exercise any rights you have with such personal data, please inquire with the business customer directly.If you wish to make your request directly to us, please provide the name of the business customer on whose behalf we processed your personal data. We will refer your request to that business customer, and will support them to the extent required by applicable law in responding to your request.

15. Additional Disclosures for Data Subjects in the European Economic Area, Switzerland and the United Kingdom

Roles.

Spekit may process personal data in accordance with the instructions of or on behalf of a business customer, including when providing Services to a Company under an Agreement. In this context, Spekit acts as a processor and the business customer acts as a controller. Spekit may also act as a controller when directly determining the processing of personal data in other Business contexts set out in this Privacy Policy, like complying with regulatory obligations applicable to our Business.

Lawful Basis for Processing.

Data protection laws in Europe require a “lawful basis” for processing personal data. Our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our service providers, partners, or business customers; (b) processing is necessary for the performance of a contract; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.

International Transfers.

We may transfer your personal data to our operations in the United States or to our service providers or other third parties in the United States or in other countries – this may involve the transfer of your personal data to countries which have different data protection standards to those which apply in the European Economic Area, Switzerland or the United Kingdom.

Some of these countries are subject to a European Commission and/or UK government adequacy decision. For other countries, Spekit has put in place the relevant European Commission or UK government-approved standard contractual clauses with the relevant third parties to ensure that your personal data is protected with appropriate safeguards. We may also rely on other permitted data transfer mechanisms.

Your Data Subject Rights.

You may have certain statutory rights relating to your personal data. Subject to applicable law, you may have the right to access and rectify your personal data, to require us to erase your personal data or to transfer it to other organizations, and to object to the processing of your personal data. Where we process your personal data because we have a legitimate interest in doing so (as explained above), you may have a right to object to this. You may also have the right to restrict processing of your personal data in certain circumstances. These rights may be limited in some situations, for example, where we can demonstrate that we have legitimate grounds to process your personal data. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different from those for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any processing of your personal data which we do based on consent you have provided to us.

To exercise any of these rights, please send an email to [email protected]. We will respond to your request within the time limits prescribed by law. We may require specific information from you to help us confirm your identity and process your request. If your personal data has been processed by us as a processor on behalf of a business customer and you wish to exercise any rights you have with such personal data, please inquire with our business customer directly. If you wish to make your request directly to us, please provide the name of our business customer on whose behalf we processed your personal data. We will refer your request to that business customer, and will support them to the extent required by applicable law in responding to your request.

Retention of your Personal Data.

Please note that we retain personal data for as long as necessary to fulfill the purposes for which it was collected from you and/or our business customers, and may continue to retain and use your personal data for purposes of our legitimate interests and/or as necessary to comply (or demonstrate compliance with) with our legal/regulatory obligations, resolve disputes, prevent fraud, and enforce our rights.

We hope that we can satisfy any queries that you may have about the way we process your personal data. However, if you have any issues with our compliance, you may contact us at [email protected]. You also have the right to lodge a complaint with the data protection regulator in your jurisdiction if you have any unresolved concerns. You can lodge the complaint in the country where you reside, where you work or where any alleged infringement of data protection law occurred.