This Privacy Notice (“Notice”) describes the information we gather on or through the SimpleKPI Service, how we use and disclose such information, and the steps we take to protect such information. This Notice is incorporated into and is subject to the SimpleKPI Terms of Service.
Definitions
“Visitor” refers to any individual who accesses the Public Area of the SimpleKPI website but does not hold a User account or access the Restricted Area.
“Service” refers to the SimpleKPI Services as defined in the Terms of Service, including the platform, features, and any associated tools provided by SimpleKPI.
“Restricted Area” refers to secure sections of the SimpleKPI platform that are accessible only to Users and require valid login credentials for entry.
“Public Area” refers to sections of the SimpleKPI website that are accessible to both Users and Visitors without requiring login credentials.
“Personal Data” refers to any information that pertains to an identified or identifiable individual, such as names, contact details, or any data that can be linked to a specific person.
1. SimpleKPI Roles and Responsibilities
This section outlines SimpleKPI’s roles and responsibilities concerning the processing of Personal Data:
1.1 SimpleKPI as a Data Controller
SimpleKPI acts as a data controller when determining the purposes and means of processing your Personal Data. This includes data collected directly (e.g., when creating an Account or interacting with our Service) and automatically (e.g., via cookies or third-party sources). As a data controller, SimpleKPI ensures lawful, fair, and transparent data processing while safeguarding your rights.
1.2 SimpleKPI as a Data Processor
When processing data on behalf of Clients, SimpleKPI operates as a data processor. SimpleKPI does not control or own Client Data and accesses it only as authorized or necessary to deliver the Service.
1.3 Responsibilities of Data Subjects and Clients
If you are a data subject seeking to exercise your rights (e.g., access, correction, or deletion of Personal Data), please contact the Client directly. The Client, as the data controller, manages such requests under data protection laws. SimpleKPI processes Client Data solely based on Client instructions and does not access it unless explicitly authorized.
For further details or inquiries, please contact our Data Protection Officer at privacy@simplekpi.com.
2. The Information We Collect
2.1 Information Provided Directly to SimpleKPI
Account Signup:
When creating an Account to access our Service, we collect essential information like your name and business email address to complete the signup process. Optionally, you can provide additional details such as your photo, time zone, and language preferences for account customization; however, these are not required to create an Account.
Payment Processing:
When making a purchase, we collect your name, contact details, and payment information (e.g., credit card or other payment account details). We store the cardholder’s name, address, expiration date, and the last four digits of the card number, but we do not store the full credit card number. With your consent, we may securely store your payment information in encrypted form via our Payment Gateway Service Providers for faster future transactions.
Testimonials:
If you authorize us, we may feature testimonials about our Service on our website, which can include your name and other Personal Data. You will have the opportunity to review and approve the testimonial before it is posted. To update or remove your testimonial, contact us at privacy@simplekpi.com.
2.2 Information Collected Automatically
Information from Browsers, Devices, and Servers:
When you visit our Website, we collect information that web browsers, mobile devices, and servers provide, such as IP address, browser type, language preference, time zone, referring URL, access date and time, operating system, mobile device manufacturer, and mobile network details. This data is logged to better understand Website Visitors and tailor the Website experience to their needs.
Information from Cookies and Tracking Technologies:
We use temporary and permanent cookies to identify Visitors and Users, enhancing their experience. Unique identifiers embedded in our downloadable products help us track product usage. Additionally, we utilize cookies, beacons, tags, scripts, and similar technologies to monitor Website navigation, gather demographic information, measure email campaign effectiveness, and target engagement.
Information from Application Logs and Mobile Analytics:
We collect data from application logs and in-house analytics tools to understand your and your end-users’ interactions with our Service. This includes information on clicks, scrolls, features accessed, access times and frequency, errors, performance metrics, storage utilization, user settings, configurations, and devices and locations used to access the Service. This data helps us enhance the functionality and relevance of our offerings.
2.3 Information Collected from Third Parties
Signups Using Federated Authentication Providers:
You can log in to the Service using federated authentication providers, such as LinkedIn, Microsoft, and Google. These services authenticate your identity and may share certain Personal Data, such as your name and email address, with us solely for the purpose of authentication and account setup. Check your privacy settings on these services to manage what information is shared and review their terms and privacy notices before connecting them to our Service.
Information from Social Media and Public Sources:
If you engage with us on social media platforms (e.g., Facebook, X (Twitter), LinkedIn) or leave feedback or reviews on marketplaces or review sites, we may collect publicly available information, such as profile details and comments. This data helps us improve our Service, understand user reactions, and, where appropriate, reproduce and publish your feedback on our Website. Note that such information may remain with us even if removed from the original platform. We may also update your profile information using other publicly available sources.
Information from Third-Party Integrations:
When you integrate third-party services with your SimpleKPI Account, those integrations may request permissions to access data or exchange information with your Account. This includes integrations with Google services, specifically Google Analytics and Google Sheets. You are responsible for reviewing the permissions you grant to these third-party applications, as they may have access to view, store, and potentially modify data according to their terms and privacy policies. We are not responsible for their practices, so please carefully evaluate the permissions granted. Specific limits apply to data accessed via Google APIs, as detailed in Section 3.6.
Information from Resellers, Partners, and Service Providers:
Resellers, partners, or service providers may share your information, such as name, email address, and company name, with us if you express interest in our Service (e.g., via a form or event registration). Event organizers for sponsored events may also share attendee information. Additionally, if you comment on a review of our Service, or if third-party providers help market our Service, we may receive information about you from those sources.
3. How We Use the Information We Collect
3.1 Operations
We use the information to set up and maintain your Account and facilitate our Service, including collaboration features, website hosting, data processing, and data backup and restoration. We also use this information to provide customer support and improve interactions with Clients and Users, as well as to detect and prevent fraudulent transactions, illegal activities, and spam, protecting the rights and interests of SimpleKPI, its Clients, Users, and the public.
3.2 Improvements
We analyze how Users interact with our Service to troubleshoot issues, monitor usage trends, and improve functionality. We also track visitor behavior on our Website to enhance the user experience. Client Data processed for these purposes is anonymized or aggregated whenever possible. Data obtained via Google APIs (specifically Google Analytics and Google Sheets data, see Section 3.6) is used only for providing and improving the specific integration features within the Service itself (e.g., displaying analytics data, importing/exporting sheet data), in accordance with Google's policies.
3.3 Communications
We use your contact information to inform you about products, services, or materials you’ve signed up for, as well as to notify you of changes to this Notice, the Terms of Service, or other important updates. Additionally, we may use your information to keep you updated on new features, events, promotions, and offers that may interest you, or to request feedback and invite you to participate in surveys to improve our Service.
3.4 Analytics
We update, expand, and analyze records to identify new customers and recommend relevant products or services. We enhance marketing campaigns by retargeting Users interested in our Service, finding similar high-value audiences, and ensuring relevant advertising for existing Clients. Data obtained via Google APIs (Google Analytics and Google Sheets data, see Section 3.6) is explicitly excluded from these general analytics and marketing activities, beyond what is necessary to provide the integrated feature itself.
3.5 Legal Bases for Processing Personal Data (UK, EEA, and Other Relevant Jurisdictions)
We process your Personal Data only when legally permitted, such as:
- To provide our Service: For operations, support, and personalized features, including integrated functionalities.
- For legitimate interests: To ensure security, conduct research, improve marketing, and protect legal rights (without overriding your data protection rights).
- With your consent: For specific purposes where you’ve granted permission (e.g., connecting your Google account to integrate Analytics or Sheets data).
- To meet legal obligations: When compliance with applicable law is required.
You have the right to object to processing based on legitimate interests or direct marketing. If you withdraw consent for a specific integration or processing activity, we will stop processing your information for that purpose unless legally required or permitted to continue.
3.6 Additional Limits on Use of Your Google User Data
Notwithstanding anything else in this Privacy Notice, if you provide SimpleKPI access to your Google data via our integrations with Google Analytics and/or Google Sheets, SimpleKPI's use of that data will be subject to these additional restrictions:
-
Permitted Use: SimpleKPI will only access, use, store, or share Google user data obtained through the Google Analytics API or Google Sheets API to provide or improve the user-facing integration features that are prominent in the SimpleKPI user interface. For example:
- Accessing Google Analytics data to display metrics and reports within your SimpleKPI dashboard.
- Accessing Google Sheets data to allow you to import data into SimpleKPI or export data from SimpleKPI to a specific Sheet you authorize.
- Prohibited Advertising Use: Google user data obtained via these APIs will never be used for serving advertisements, including personalized, re-targeted, or interest-based advertising.
- Prohibited Sale: We will never sell Google user data obtained via these APIs.
-
Limited Transfer: We will not transfer Google user data obtained via these APIs to others unless doing so is:
- Necessary to provide or improve the specific user-facing integration features described above.
- Necessary to comply with applicable laws or regulations.
- Necessary for security purposes (e.g., investigating abuse).
- Part of a merger, acquisition, or sale of assets of SimpleKPI (you will be notified).
- In response to your explicit consent for a specific purpose directly related to the integration.
-
Limited Human Access: SimpleKPI personnel will not read your Google user data (e.g., specific cell content in Google Sheets or detailed analytics data) unless:
- We have your affirmative agreement for specific data access (e.g., for support purposes related to the integration).
- It is necessary for security purposes, such as investigating potential abuse related to the integration.
- It is necessary to comply with applicable law.
- The data has been aggregated and anonymized and is used solely for internal operations aimed at improving the integration features or overall Service performance (e.g., analyzing aggregated usage patterns of the integration).
SimpleKPI's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
4. To Whom We Disclose Information
4.1 Unrestricted Information
Any information you choose to include in a Public Area of the Service (e.g., community forums, support materials, or blogs) is publicly available to Visitors and Users. This includes profile information or posts that remain even after your account is terminated. Be cautious about sharing sensitive information in these areas. Upon request, we can remove or correct posted content, but certain information may not be removable.
4.2 Other Users in Your Company Account
Information about your Service use is accessible to your Account Administrator(s) and may also be visible to other Users based on the account settings.
4.3 Service Providers
We work with third-party providers to support our Website, hosting, security, fraud detection, payment processing, and other essential services. These providers may access Personal Data (including potentially Google user data obtained via Analytics/Sheets APIs, strictly under the limitations described in Section 3.6) as required to perform their functions for SimpleKPI but are contractually obligated to maintain the confidentiality and security of this information and are prohibited from using it for any other purpose.
4.4 Social Media
Our Website integrates social media features (e.g., Facebook "like" buttons, LinkedIn sharing, or X (Twitter) widgets). These features may share your activities on our Website with your social media profile, subject to the respective platform’s privacy policies. Interactions with such features are governed by the privacy notices of the social media providers.
4.5 Partners
We may share data with trusted partners who assist us with specific functions like analytics, technical support, or infrastructure provision. These partners help us operate and improve our Service. We do not permit partners to use shared data to directly contact our Clients for their own sales or marketing purposes. You can inquire about our partners by contacting us at partners@simplekpi.com.
4.6 Non-Personally Identifiable Information
We may share aggregated or non-personally identifiable information with third parties for business purposes, such as understanding user behavior, complying with legal obligations, or marketing analysis. This data does not identify individuals. Aggregated data derived from Google user data will only be shared externally if it is fully anonymized and complies with the Google API Services User Data Policy.
4.7 Law Enforcement, Legal Process, and Compliance
We may disclose Personal Data, including Google user data obtained via Analytics/Sheets APIs, if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, respond to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose information when we believe, in good faith, it is appropriate or necessary to prevent liability, protect against fraudulent, abusive, or unlawful uses or activity, protect the security or integrity of our Service, or protect our rights, property, or safety or those of others.
4.8 Change of Ownership
In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of SimpleKPI’s assets, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities, Personal Data, including Google user data subject to the limitations herein, may be shared or transferred, subject to standard confidentiality arrangements and compliance with the Google API Services User Data Policy.
5. Data Security
At SimpleKPI, we prioritize the security of your data by implementing robust administrative, technical, and physical safeguards designed to prevent unauthorized access, use, modification, disclosure, or destruction of the information you entrust to us. These measures are regularly reviewed and updated. However, no security system is impenetrable, and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. You are responsible for maintaining the secrecy of your unique password and account information and for controlling access to your email communications at all times. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us by contacting us at privacy@simplekpi.com.
6. Data Retention
We retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including providing the Service, complying with our legal obligations, resolving disputes, maintaining business records, and enforcing our agreements. Once we no longer have a legitimate business need to process your information, we will either delete or anonymize it. If deletion is not immediately possible (for example, because your information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.
- The contents of closed Accounts are generally deleted within 90 days of closure.
- The contents of closed Free Trial Accounts are generally deleted within 60 days of closure.
- Server archival backups containing Personal Data are retained for a limited period (e.g., 120 days) before being securely deleted.
- Clients may request alternative retention arrangements upon account cancellation, subject to agreement. Data flagged by the Client not to be deleted may be retained for up to 6 months before permanent deletion, unless otherwise required by law or agreement.
7. Your Choices
7.1 Your Rights with Respect to Information We Hold About You as a Controller
Depending on your location and applicable law, you may have the following rights regarding your Personal Data:
- Right to Access: Request access to the Personal Data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete Personal Data.
- Right to Erasure (Deletion): Request deletion of your Personal Data under certain conditions.
- Right to Restrict Processing: Request restriction of how we use your data under certain conditions.
- Right to Data Portability: Request transfer of your Personal Data to another entity in a structured, machine-readable format where technically feasible.
- Right to Object: Object to our processing of your data based on legitimate interests or for direct marketing.
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent (this does not affect lawfulness of processing before withdrawal).
- Right to Lodge a Complaint: File a complaint with your local data protection authority.
You can exercise many of these rights through your Account settings or by contacting us at privacy@simplekpi.com. We will respond to requests in accordance with applicable data protection laws.
- Account Information: You can update, correct, or delete profile information in your Account settings.
- Declining Information: You may decline to share certain information, but this may limit access to some Service features.
7.2 Opting Out
We provide various options for opting out of data processing activities:
- Marketing Communications: You can opt out of receiving promotional emails by using the "unsubscribe" link in the email or contacting us. You will still receive essential service-related communications.
- Cookies: Manage cookie preferences via the cookie settings tool on our Website.
- Analytics: Opt out of Google Analytics tracking on our website using their browser add-on. Disabling cookies in your browser may also limit tracking. (Note: This relates to tracking on the SimpleKPI website, not the Google Analytics data you might integrate into SimpleKPI).
- Google Account Access: You can revoke SimpleKPI's access to your Google account (for Google Analytics or Google Sheets integration) at any time via your Google account security settings page (https://myaccount.google.com/permissions). Revoking access will disable the related integration features in SimpleKPI.
Contact privacy@simplekpi.com for assistance with opt-out requests.
7.3 Information Processed on Behalf of Clients
SimpleKPI processes data provided by our Clients (acting as a data processor). If your data has been submitted to the Service by a SimpleKPI Client and you wish to exercise your data subject rights, please contact the relevant Client (the data controller) directly. SimpleKPI Clients can manage data within the application or contact support@simplekpi.com for assistance.
8. Updates to This Privacy Notice
This Privacy Notice may be revised periodically to reflect changes in our practices, services, or legal requirements. We will post any adjustments on this page, and the revised version will be effective when it is posted. If we make significant changes, we will provide more prominent notice (e.g., through the Service interface or via email). We encourage you to review this Notice periodically. Your continued use of the Service after the revised Notice has become effective indicates that you have read, understood, and agreed to the current version.
9. Contacting Us
If you have any questions, comments, or concerns about this Privacy Notice, your Personal Data, our use and disclosure practices, or your consent choices, please contact us at privacy@simplekpi.com.
You can also contact our Data Protection Officer directly at dpo@simplekpi.com.