Frequently Asked Questions
Konexus, Inc (hereinafter referred to as "we") is committed to being GDPR ready. We have reviewed our business processes and confirm our commitment to compliance, including an individual's right to access their personal data, their right to be forgotten, their right to data portability, and their right to be notified of a breach.
What personal information do we collect from the people that visit our website or app?
- First and Last Name
- Email address(es)
- Cell Phone
- Home Phone
- Work Phone
- Address or Location for public safety and weather notifications
- Preferred language
- Preferred weather severities and event types
When do we collect information?
We collect information from you when you fill out a form or enter information on our website or app, or when you register or sign up for alerts.
When you interact with our mobile app or website, we may also use third-party analytics services to automatically receive and store certain information. This information may include, but is not limited to:
- Device IP Address and/or location
- Length of application session
- Wireless carrier's name
- The device's model name and manufacturer, and its operating system version
- Certain package, class, method, and thread names
- A unique instance identifier
How do we use your information?
This information is used to allow our customers to send users notifications related to weather, emergency events, and community information. In some cases, we use location information to send notifications to users in a specific geo-targeted area. We may also use information collected to better understand how the applications are used so that we can improve our services.
We do not share or sell this information
How do we protect your information?
We never ask for credit card numbers. We use regular Malware and Security Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
How can users request to delete their data and/or cancel their account?
- A formal request can be sent to email@example.com. We will delete the requested data within 120 days upon receiving the request.
- Authorized support team members can remove all or some of the user's personal data based on their request.
- Users may request only their email, cell phone, etc. be removed.
- Users may request all of their data be removed.
Do we use 'cookies'?
If users disable cookies in their browser: If you turn cookies off, some of the features that make your site experience more efficient may not function properly.
Third-party disclosure, links, and tracking
- We do not sell, trade, or otherwise transfer your Personally Identifiable Information to outside parties.
- We do not include or offer third-party products or services on our website or app.
- We do not allow third-party behavioral tracking.
Data retention / destruction policy depends on the type of client.
- Government Clients: All data for government clients is retained by Konexus for ten years after service termination, by government regulation. Data snapshots will be provided to previous government clients upon request. Data snapshots will only be provided to the client, and not to any other party.
- Non-government Clients: Konexus will retain or destroy client data based on the client's preference.
Mobile Application Permissions and Data
Certain features of our mobile apps (iOS, Android) require application permissions, including but not limited to:
- Device storage (read/write): When users want to attach files or photos as part of a message, we request access to device storage.
- Device location (in-app): When users want to include their current location as part of a message, we request access to location. We also request access to location to (optionally) show the device location on a map relative to other location-related messages.
- Device location (background): Some customers use our app to send out geo-targeted messages to their organization's users, which requires the app to periodically request the device's location while the app is not in use. This feature is opt-in only, meaning indvidual users are not required to grant this permission and may do so at their sole discretion.
- Installed applications: On Android, the library that we use for app authentication (AppAuth-Android) retrieves the list of installed apps in order to open the correct browser.
- Device ID: We use the device ID (Android: ANDROID_ID, iOS: identifierForVendor) to uniquely identify the device for push notifications and for analytics purposes.
California Online Privacy Protection Act
COPPA (Children Online Privacy Protection Act) When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under the age of 13 years old.
Fair Information Practices: The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices, we will take the following responsive action should a data breach occur: We will notify you via email within 1 business day. We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.