Privacy Policy

Last modified: April 20, 2023

Introduction

Before using our Service, which includes the Website, Widget, and API (collectively referred to as the "Service"), please take a moment to review this Privacy Policy. This policy outlines the types of information and data we collect and how we use and share this information. Your access to and use of the Service is subject to your agreement to the Terms of Service, which can be found at Terms and conditions ("Terms of Service"), including the terms of the Privacy Policy set forth below. The Service is operated by Kalmia d.o.o. ("Company" or “We”), located at Kapucinski trg 7, 4220 Škofja Loka, Slovenia. We use your data to provide and improve the Service, and by using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used herein have the same meanings as in our Terms of Service.

Definitions

These are the definitions for key terms used in this Privacy Policy:

.
API: The murai application programming interface designed for integration with the User's software.
.
Cookies: Small files stored on the User's Device, which refers to either a computer or mobile device.
.
Device: A computer or mobile device.
.
Data Controller: A natural or legal person who determines the purposes and manner in which any personal data are processed. For the purposes of this Privacy Policy, we are the Data Controller of your data.
.
Data Processors (or Service Providers): Natural or legal persons who process data on behalf of the Data Controller. We may use the services of various Service Providers to process your data more effectively.
.
Data Subject: Any living individual who is the subject of Personal Data.
.
Personal Data: Data about a living individual that can identify them, either on its own or in conjunction with other information in our possession or likely to come into our possession.
.
Service: The Website, Widget, and/or API (depending on the scope designated for the specific User).
.
Usage Data: Data collected automatically, generated either by the use of the Service or by the Service infrastructure itself, such as the duration of a page visit.
.
User: The individual using our Service and the Data Subject of the Personal Data being processed.
.
Website: Web pages located at murai.ai.
.
Widget: A murai widget that may be implemented on the User's website.

The Data Controller

The Data Controller for your Personal Data is Kalmia d.o.o. ("Company"), located at Kapucinski trg 7, 4220 Škofja Loka, Slovenia.

Information Collection and Use

At murai, we collect various types of information to enhance and provide better Service to you.

Types of Data Collected
1. Personal Data
When you use the Service, request information using our Service or contact us directly, We may collect personally identifiable information about you that you provide Us, such as your name, surname, email address, Cookies and Usage Data.
If you wish to delete your personal information that we received from you, please send an email to support@kalmia.si, and we will delete your personal information from our database.
2. Usage Data
We may also collect Usage Data that is automatically generated when you visit our Service or access it through a Device that is necessary for you to use the Service, and for us to maintain and analyze its functioning, as well as to provide you with personalized experience. This data includes your Device's IP address, browser type, browser version, the pages you visit on our Service, time and date of your visit, time spent on those pages, and unique Device identifiers. When you access our Service through a Device, Usage Data also includes your Device's unique ID, operating system, type of internet browser you use, and other diagnostic data.
Although some of this information (such as your IP address) may uniquely identify your device, it does not personally identify you. However, some legislation, such as US and EU law, may consider information that uniquely identifies your device as personal information.
3. Tracking Cookies Data
We use cookies and similar tracking technologies such as beacons, tags, and scripts to track your activity on our Service and collect certain information. Cookies are small files with a unique identifier that are sent to your browser from a website and stored on your Device. You may refuse all cookies or indicate when a cookie is being sent. However, some portions of our Service may not work correctly if you do not accept cookies. We use various types of cookies, including Session, Preference, Security, and Advertising Cookies. Preference Cookies remember your preferences and settings, Security Cookies are used for security purposes, and Advertising Cookies serve you with relevant ads based on your interests.
You can find more information about cookies and related technologies in our "Cookie Policy". Your browser may have settings that allow you to automatically send a "Do Not Track" signal to Websites you visit. However, there is no industry-wide agreement on how Website and apps should respond to these signals. As a result, we do not monitor or take any specific action in response to "Do Not Track" signals or other similar mechanisms. For more information about "Do Not Track," please visit https://www.allaboutdnt.com.

Legal bases

We process your information lawfully in accordance with the legal bases set out under EEA, UK, and Brazil data protection legislation. The legal bases we rely on include:

.
Contractual Necessity:This covers information that we process to provide you with the service you have requested from us, to improve our services, and to process your information in relation to online contests.
.
Legitimate Interests:This covers information that we process to pursue our legitimate interests, such as ensuring you have the best experience when using our websites and services, keeping your information secure, and providing our services free of charge or at a low cost. We always take into account your data protection rights and make sure they are not overridden by our legitimate interests. We rely on our legitimate interests for data processing for analytics and research and, for our own promotional purposes.
.
Consent:We will ask for your consent to use your data for a specific purpose, such as sending you newsletters with promotional updates, and we will make it clear at the point of collection how you can withdraw your consent. We will also ask for your consent before conducting any surveys.
.
Legal Obligation::This covers information that we process to comply with a legal obligation.

Use of Data

The Company utilizes the collected Personal Data for various purposes as follows:

.
To provide and maintain our Service, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To notify you about changes to our Service, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To allow you to participate in interactive features of our Service when you choose to do so, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To provide customer support, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To gather analysis or valuable information for improving our Service, including the collection of email address, first name and last name, Cookies and Usage Data. This serves the legitimate interests of the Data Controller.
.
To monitor the usage of our Service, including the collection of email address, first name and last name, Cookies and Usage Data. This serves the legitimate interests of the Data Controller.
.
To detect, prevent and address technical issues, including the collection of email address, first name and last name, Cookies and Usage Data. This serves the legitimate interests of the Data Controller.
.
To fulfill any other purpose for which you provide it, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc., including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.
.
To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about, unless you have opted not to receive such information. This requires your consent, and the type of Personal Data collected includes email address, first name and last name, Cookies and Usage Data.
.
In any other way we may describe when you provide the information, including the collection of email address, first name and last name, Cookies and Usage Data. This is necessary for the performance of a contract to which you are a party.

Retention of Data

We keep your personal information for as long as it is necessary to provide you with our Service. We may keep information for a longer period of time, but we will ensure that it cannot be traced back to you. Once we no longer need your information, we delete it.

.
For EEA, UK and Brazil: We store your personal information for as long as we need it to provide our services. We delete traffic information when we no longer need it for transmission purposes. We store cookies and value-added services information, including traffic information used for these purposes, for as long as we need them to provide these services or until you opt out. We keep other information for as long as we believe it is necessary to provide our services. This section does not affect our ability to store or access information for technical reasons, such as the transmission of communication or to provide the service you requested.
.
For the US and the rest of the world: We keep your information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless applicable legislation requires or permits us to keep it for a longer period. We store information for providing, improving, or personalizing our services. Once we no longer need your information, we will delete it using reasonable measures to prevent unauthorized access or use.

Transfer and disclosure of Data
In order to operate the Service successfully, we may need to engage third-party service providers, including analytics providers and other partners. We may share information, including personally identifiable information, with these Partners to support the delivery of the Services, and conduct analysis and research. Please note that we may share information that can be used to personally identify your device, such as your IP address. In certain circumstances, we may also be required by law to disclose your information. Additionally, we may disclose your information in an anonymous and aggregated manner that does not personally identify you.
We may share such information to:
.
Third-party analytics providers: We may use third-party web analysis service for our Website to deliver our services and conduct analysis and research. They may collect your IP address and user agent for a short period of time before anonymizing it. This data is stored and encrypted on servers located in the EEA. Thir party web analysis service provider may analyze your use of our Website to compile reports about website activities for us and to perform other services connected with the use of the Website. It may also send this information to third parties if required by law or if third parties process this data on behalf of it.
.
Our cloud service providers: We store information we collect from you on servers provided by our third party cloud service providers such as Google Cloud Platform.
.
Our other service providers: We use third party service providers to send you Newsletters, where we have your consent to do so, and to measure open, click through and read rates and allow us to improve our emailing campaigns.
.
to our subsidiaries, affiliates, and employees;
.
in other cases with your consent.
We reserve the right to engage with additional partners or modify existing partnerships in the future to provide Service. We will update these promptly if there are significant modifications to our data processing practices. We may disclose your information, including personally identifiable information, in response to law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence. We may also disclose information about you if we determine that it is necessary or appropriate for national security, law enforcement, or other issues of public importance. We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or to protect our operations, users, or user experience. Furthermore, in the event of a reorganization, merger, or sale, we may transfer all the information we collect, including personally identifiable information, to the relevant third party.
We operate globally, which means we may need to transfer your personal information to our affiliated entities and/or to other third-party service providers across borders, from your country to other countries around the world. Please note that not all of these countries may have the same data protection laws as your own country. However, we take appropriate technical and organizational measures to safeguard the privacy of your personal information. We will transfer your personal information outside the EEA/UK only when one of the following safeguards is in place:
.
To a country with adequate data protection laws in accordance with EEA/UK data protection legislation;
.
Based on standard contractual clauses that are adopted by the European Union Commission in accordance with EEA/UK data protection legislation and deemed to offer sufficient safeguards with respect to the protection of your privacy and fundamental rights and freedoms. You can obtain a copy of these clauses by contacting us via support@kalmia.si
.
Our other service providers: We use third party service providers to send you Newsletters, where we have your consent to do so, and to measure open, click through and read rates and allow us to improve our emailing campaigns.
.
Based on an approved certification mechanism pursuant to EEA data protection legislation. We will transfer your personal information to our Partner outside the EEA if our Partner is certified by an approved certification mechanism.

We do not sell or share your Personal Data except as outlined in this Privacy Policy

How our partners may use your information
  • We make every effort to ensure Our partners adhere to industry best practices for collecting and using information. We require partners to use information only for the services they provide us, or for anonymized and aggregated purposes. However, we cannot guarantee that partners will always comply with these obligations. Partners may use their own tracking technologies to collect anonymous information about visitors to our Website, which may be shared with their clients in anonymized and aggregated form. Our partners' information gathering practices, including their use of cookies and other tracking technologies, are governed by their own privacy policies.

    • Security of Data
  • We understand the importance of keeping your data secure, however, please note that no method of transmission or storage over the Internet can be completely secure. To protect the Personal Data you provide us against any accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use, we implement appropriate administrative, technical, and physical measures. This includes maintaining backup copies of your data and limiting access to your Personal Data only to authorized personnel. However, please note that no security measures can guarantee absolute security, and we cannot guarantee that your information will always remain secure. Despite our best efforts, there is always a risk that unauthorized third parties may gain access to your information.

    • Your Data Protection Rights
    We strive to take reasonable measures to enable you to correct, modify, delete, or limit the use of your Personal Data. Your data protection rights include:
    .
    The right to access your Personal Data by requesting that we share and/or provide a copy of all Personal Data processed by us
    .
    The right to request the correction of inaccurate Personal Data by specifying the data that requires rectification.
    .
    The right to request the erasure of your Personal Data; we reserve the right to refuse erasure in specific circumstances provided by law.
    .
    The right to request the restriction of processing of your Personal Data by specifying the data that should be restricted.
    .
    The right to object to the processing of your Personal Data conducted based on grounds relating to your specific situation.
    .
    The right to withdraw your consent to process your Personal Data at any time. Withdrawal of consent is possible only with respect to processing based on consent. We are authorized to process your Personal Data after you withdraw consent if we have a legal basis for such processing, for the purposes defined by that legal basis.
    .
    The right to file a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement if you believe that the processing of Personal Data relating to you infringes GDPR.

    If you wish to execute any of these rights, please email us at support@kalmia.si. Please note that we may ask you to verify your identity before responding to such requests. Additionally, please be aware that we may not be able to provide the Service without some necessary data.

    Service Providers
  • We may engage Service Providers, which are third-party companies and individuals, to aid in providing, facilitating, and analyzing the use of our Service. These Service Providers have access to your Personal Data solely to perform the specific tasks that we request and are contractually obligated not to disclose or use your information for any other purposes.

    • Payments

    Google Analytics

    To monitor and analyze the use of our Service, we may utilize third-party Service Providers. One such Service Provider we use is Google Analytics, which is a web analytics service provided by Google. Google Analytics collects data on website traffic and provides reports on its usage. The data collected is shared with other Google services and may be used to personalize ads. For more information on how Google handles your data, please visit their Privacy Terms page at https://policies.google.com/privacy?hl=en . Additionally, we recommend reviewing Google's policy on data protection at https://support.google.com/analytics/answer/6004245

    Analytics

    If you choose to purchase our products or services, we may use third-party payment processors to handle the payment processing. This means that we will not store or collect your payment card details. Instead, this information will be provided directly to our third-party payment processors, whose use of your personal information is governed by their own privacy policies. These payment processors comply with the standards set by the PCI Security Standards Council, which is a joint effort of brands like Visa and Mastercard, to ensure the secure handling of payment information. Currently, we work with Stripe as our payment processor. You can view Stripe's privacy policy at https://stripe.com/us/privacy

    Third Party Privacy policies
  • Please be aware that when using our Service, you may be subject to third party terms and conditions and privacy policies, including those of application stores, mobile software platforms, social networking services, statistics services providers, and payment providers.
  • Additionally, our Service may provide links to websites that are not operated by us. Clicking on a third-party link will direct you to that website. We suggest you review the Privacy Policy of every website you visit. We do not have control over the content, privacy policies, or practices of any third-party websites or services, and we are not responsible for them.
  • Service might incorporate the GPT API, which is owned by OpenAI. By using the Service, you acknowledge that your use of the GPT API is subject to OpenAI's terms of service (https://openai.com/terms/) and privacy policy (https://openai.com/privacy/).

    • Children's Privacy

    We do not knowingly collect personal information from children under 16 or under the age of digital consent according to EEA, UK, Brazil, and some US states' data protection legislation. If we learn that we have collected personal information of a child under the age of 16 or under the age of digital consent according to EEA, UK, Brazil, and some US states' data protection legislation, we will take all reasonable steps to delete the information as soon as possible. If you become aware that your child has provided us with personal information without your consent, please contact us at support@kalmia.si

    Changes to This Privacy Policy

    We may make changes to our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "effective date" at the top of this page, unless we are required by law to provide a different type of notice. We advise you to review this Privacy Policy periodically for any updates. The changes to this Privacy Policy become effective when we post them on this page. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy or notified you if applicable, you consent to the revised Privacy Policy and practices described in it.

    Contact Us

    If you have any questions about this Privacy Policy, please contact us at support@kalmia.si

    Privacy Policy Addendum
    This is an addendum to our Privacy Policy for different countries. Please note that in case of any conflict between this addendum and the Privacy Policy, the provisions in this addendum shall prevail.
    Addendum to Privacy Policy for Canada
    Personal data that is processed and maintained by our affiliates and third-party service providers in foreign jurisdictions, including the U.S., may be disclosed in response to a lawful access request by foreign courts or government authorities. We will not share your information with third parties for marketing purposes unless you give your prior consent. If you have any questions or concerns about how we handle your personal information, please contact us using the information provided in the "Contact Us" section.
    Addendum to Privacy Policy for Mexico
    To the extent Mexican privacy laws or regulations apply, the following additional Mexico-specific provisions apply and shall prevail over conflicting provisions in the Privacy Policy.
    How We Use the Information We Obtain In addition, we may use your Personal Data for the other purposes listed in the “Use of Data” section of the Privacy Policy, which may be considered secondary purposes under Mexican law. We do not use or share personal payment or financial information except in connection with the processing of payments or where there is another legal basis. You may withdraw your consent to our processing of your Personal Data by contacting us as indicated in the “How to Contact Us” section of the Privacy Policy. If you withdraw your consent for us to process your Personal Data for one of the primary purposes indicated above, then in some situations we may not be able to provide the service, though we may still engage in certain processing authorized by law. The Company may also use data and related data analysis in other Company products and services.
    Information We Share We may share your Personal Data as provided in the Privacy Policy, but to the extent permitted by law, you may withdraw your consent to this sharing by contacting us as indicated in the “How to Contact Us” section of the Privacy Policy. We also share the related information we obtain with our customers, partners, affiliates, and joint marketing partners. These entities, which collectively are referred to here as the “Business Partners” may use the information for the purposes described in this Privacy Policy. We may also share the information with our Business Partners and other third parties for warranty, troubleshooting or maintenance purposes, or for improving the design and performance of their products and services.
    Requests for Access, Correction, Cancellation, Objection or Consent Withdrawal In addition to any rights granted in the Privacy Policy, you may ask us to cancel your Personal Data to the extent permitted by law by contacting us as indicated in the “How to Contact Us” section of the Privacy Policy. Following a valid cancellation request, we may hold the Personal Data for the duration and purposes permitted by law before deleting it. We will answer your requests to access, correct or cancel your Personal Data or to object or withdraw your consent to our processing of your Personal Data within 20 business days from the date we receive your complete request or as provided by law. To be considered complete, your request must include your full name and contact address, and a clear and detailed description of your request.
    Addendum to Privacy Policy for Japan
    The Company complies with Japanese laws and regulations, including the Act on the Protection of Personal Information. The Company is primarily responsible for the management of the Personal Data that is jointly used with our affiliates or third parties. We will not provide your information to third parties for marketing purposes without your prior consent.
    Addendum to Privacy Policy for Republic of Korea
    Except as otherwise required by law, consumer Personal Data is securely disposed of without delay when (i) the consumer revokes his or her consent for our use of the information, (ii) the purpose of our collection and use of the Personal Data has been accomplished or (iii) the legal retention period has expired. If applicable law requires the preservation of Personal Data that otherwise would be disposed of, the Personal Data is transferred to a separate database and then disposed of after the period determined by the applicable law. Personal Data is disposed of using a method that is reasonably likely to prevent the Personal Data from being restored or reused. We will not provide your Personal Data to third parties in violation of law (such as without your consent, where consent is required). For the purposes stated in the Privacy Policy, Company or our affiliates are responsible for the handling of Personal Data with respect to services provided in Republic of Korea.

    An answer for every question

    Does AI make you scratch your head? Dive into details of murai and AI.
    Demo