Kisara Consulting - Privacy Policy

Privacy Policy Last Updated: July 1, 2025
 
Kisara Development (“we,” “us,” or “our”) is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. This Privacy Policy explains how we collect, process, store, and protect your personal data when you visit our website [Your Website URL], use our services, or interact with us. This policy applies to individuals in the European Union (EU) or European Economic Area (EEA) and others whose personal data we process. By using our services, you acknowledge that you have read and understood this Privacy Policy.
 
1. Data Controller and Contact Information Data Controller: Kisara Development

Address: 1301 York Road, Suite 800 #1120, Lutherville, MD 21093, USA
Email: [email protected] For GDPR-related inquiries or to exercise your data protection rights, contact us at the above email or address. If applicable, you may also contact our Data Protection Officer (DPO) at:
Email: [email protected]
 
2. Personal Data We Collect We collect and process the following categories of personal data. Data You Provide
  • Identity and Contact Data: Name, email address, phone number, mailing address.
  • Account Data: Username, password, or other identifiers when you create an account.
  • Financial Data: Payment details (e.g., credit card information) processed securely via third-party payment providers.
  • User-Provided Data: Information submitted through forms, surveys, or customer support interactions.
b. Data Collected Automatically
  • Technical Data: IP address, browser type, device information, operating system, and browsing behavior (e.g., pages visited, time spent).
  • Cookies and Tracking Data: Data collected via cookies, web beacons, or similar technologies for functionality, analytics, or personalized content.
c. Data from Third Parties
  • Third-Party Data: Information from partners, such as social media platforms or marketing providers, where permitted by their privacy policies and your consent.
3. Lawful Bases for Processing We process your personal data based on the following GDPR lawful bases:
  • Consent (Article 6(1)(a)): For specific purposes, such as marketing emails or non-essential cookies, where you have given explicit consent.
  • Contract (Article 6(1)(b)): To fulfill a contract with you, such as delivering services or processing payments.
  • Legal Obligation (Article 6(1)(c)): To comply with legal requirements, such as tax or regulatory obligations.
  • Legitimate Interests (Article 6(1)(f)): For purposes like improving our services, preventing fraud, or ensuring website security, provided your rights and freedoms are not overridden.
We will inform you of the specific lawful basis for each processing activity at the point of data collection, where required.
 
4. Purposes of Processing We process your personal data for the following purposes:
  • Service Delivery: To provide, operate, and maintain our services (e.g., account management, order fulfillment).
  • Communication: To respond to inquiries, provide customer support, or send service-related updates.
  • Marketing: To send promotional materials or personalized offers, where you have consented or where permitted under GDPR.
  • Analytics and Improvement: To analyze usage patterns and improve our website, services, or user experience.
  • Security: To protect our systems, detect fraud, or ensure the integrity of our services.
  • Legal Compliance: To comply with applicable laws, regulations, or legal processes.
5. Sharing Your Personal DataWe do not sell or rent your personal data. We may share your data with:
  • Data Processors: Third-party vendors (e.g., hosting providers, payment processors, analytics services) acting on our behalf, bound by GDPR-compliant data processing agreements.
  • Legal Authorities: When required by law, such as in response to a court order or regulatory request.
  • Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to a successor entity under GDPR safeguards.
  • With Consent: When you explicitly agree to data sharing.
A list of our key data processors is available upon request by contacting [email protected].
 
6. Cookies and Tracking TechnologiesWe use cookies and similar technologies for:
  • Essential Purposes: Ensuring website functionality (e.g., session management).
  • Analytics: Measuring website performance and user behavior.
  • Personalization: Delivering tailored content or advertisements (with consent).
You can manage your preferences via our Cookie Consent Tool (link to your cookie settings page) or your browser settings. For details, see our Cookie Policy (#) (create and link to a separate Cookie Policy if applicable). Disabling cookies may impact service functionality.
 
7. Data RetentionWe retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or meet legal obligations:
  • Contractual Data: Retained for the duration of the contract and applicable statutory periods (e.g., tax retention periods).
  • Marketing Data: Retained until you withdraw consent or opt out.
  • Technical Data: Retained for analytics purposes, typically anonymized after [specify period, e.g., 12 months].
When data is no longer needed, we securely delete or anonymize it in accordance with GDPR requirements.8. Your GDPR Data Protection Rights As an EU/EEA resident, you have the following rights under GDPR:
  • Right to Access (Article 15): Request a copy of your personal data.
  • Right to Rectification (Article 16): Correct inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) (Article 17): Request deletion of your data, subject to legal exceptions.
  • Right to Restrict Processing (Article 18): Limit how we process your data in certain cases.
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format or have it transferred to another controller.
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent (Article 7): Withdraw consent at any time, without affecting prior processing.
  • Right to Lodge a Complaint (Article 77): File a complaint with a supervisory authority in your EU/EEA country (see EU supervisory authorities).
To exercise these rights, contact us at [email protected]. We will respond within one month (extendable for complex requests) and may verify your identity. No fee is required unless requests are excessive or unfounded.
 
9. International Data TransfersAs Kisara Development is based in the United States, your personal data may be transferred outside the EU/EEA. We ensure GDPR-compliant safeguards, such as:
  • Standard Contractual Clauses (SCCs): EU-approved contracts for data protection.
  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission (note: the U.S. does not currently have an adequacy decision).
  • Binding Corporate Rules (BCRs): For intra-group transfers, if applicable.
Contact us at [email protected] for details on specific safeguards applied to your data.10. Data SecurityWe implement technical and organizational measures to protect your data, including:
  • Encryption of sensitive data (e.g., payment information).
  • Access controls and secure authentication.
  • Regular security assessments and updates.
While we strive to ensure security, no online transmission or storage is 100% secure. We will notify you and relevant authorities of any data breach as required by GDPR (Articles 33/34).
 
11. Third-Party Links Our website or services may link to third-party sites or services. We are not responsible for their privacy practices. Review their policies before sharing personal data.
 
12. Children’s Privacy Our services are not directed to individuals under 16. We do not knowingly collect personal data from children under 16 without verifiable parental consent. If we discover such data, we will delete it promptly.
 
13. Changes to This Privacy Policy We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via our website or by email to [email protected] subscribers. The “Last Updated” date indicates the latest revision.
 
14. Contact Us For questions, GDPR rights requests, or concerns, contact:
 
Kisara Development
1301 York Road, Suite 800 #1120
Lutherville, MD 21093, USA
Email: [email protected]