Privacy Policy

Guarantee of a lawful and safe process of personal data

Every customer can be assured that his personal data will be processed in a fair and lawfully manner. This means that the data will only be processed for the legitimate purposes that have been described above. We guarantee moreover that such processing will always be sufficient, proportionate and not excessive.

We will never store your personal data any longer than strictly necessary. We will however keep an archive of your data as long as your account is active or as long as your personal data appears necessary to offer you a certain service.

We've taken sufficient technical and organizational measures to guarantee a safe processing of your personal data. These measures are consistent with the nature of the personal data and proportional to the potential severity of the risk.

The risks of an accidental or unauthorized destruction, loss, alteration of or access to, and any other unauthorized processing of the data are reduced to a minimum. Sadly though, no risk can be completely removed. In case of breach of our IT-system, we will immediately take all possible measures to limit the damages and/or thefts to a minimum.

Right to object

Each customer can oppose the processing of his personal data. This right to object exists only if there are sufficient legitimate and weighty grounds relating to his particular situation. The exceptions provided in article 5, (b) and (c) of the Privacy Act are also applicable to this right to object. The customer may at any time, free of charge and without further ado oppose the proposed processing of your personal data if those data were obtained for the purpose of direct marketing.

You are also entitled to obtain the removal and/or the ban on the use of all your personal data which have been obtained and which are incomplete or irrelevant, regarded from the view of the purpose of the processing. This is also applicable to any personal data of which the registration, disclosure, and retention are prohibited, or personal data preserved after expiry of the authorized period. This right can be used at any time, free of charge and without further justification.

The customer shall exercise his right through a signed, written request to Kanuu, by registered letter to Kanuu. We undertake the appropriate action following a request within fifteen (15) working days.

Right to access

Each customer who proves his identity has a right of access to all information regarding the processing of his personal data by Kanuu, as defined in the Privacy Act. This includes information on the purposes of the processing, the categories of information processed and relate the categories of recipients to whom the data are provided. This Privacy Policy is a first indication.

The customer shall exercise his right through a signed, written request to Kanuu, by registered letter to Kanuu. Kanuu undertakes the appropriate action following a request within fifteen (15) working days.

Right to correct

We attach a great importance to an accurate data collection. Inaccurate or incomplete personal data can therefore always be improved or even obliterated.

Because it is impossible for us to continuously be aware of any mistakes, incompleteness or falseness of your personal data, it is up to you as a customer to report inaccuracies or omissions and to perform the necessary adjustments regarding ones registration details.

If your personal actions seem not enough, feel free to contact us using a signed, written and registered request directed to the address of Kanuu. We perform the necessary actions within fifteen (15) working days by making additions, correcting or deleting the personal data. The removal is mainly related to the visibility, so it is possible that the deleted personal data remains temporarily stored.

Right to forget

Similar to your right to correct, you also have a right to forget. You can ask us to delete all information related to your account & activity from our system.

Only the data we need to keep for legal & tax reasons will be kept.

Payment service providers

Payment processing services enable Kanuu to process payments by credit card, bank transfer or other means. To ensure greater security, Kanuu shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction.

Some of these services may also enable the sending of timed messages to the user, such as emails containing invoices or notifications concerning the payment.

Data is transmitted to Paddle based on Art. 6 (1)(a) (Consent) and Art. 6 (1)(b) DSGVO (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.

Paddle.com UK (Paddle.com Market Ltd) and Paddle.com Ireland (Paddle Payments Ltd)

Our order processing is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns. Paddle is operated by Paddle.com Market Ltd., 15 Bermondsey Square, SE1 3UN London, United Kingdom and Paddle Payments Ltd, Core B, Block 71, The Plaza, Park West, Dublin 12, Ireland.

Further information about handling user data can be found in Paddle's privacy policy at https://paddle.com/privacy.