Knovos, LLC (“Knovos”) is a global technology company which provides electronic discovery services, including information governance technology and data analytics services to law firms, corporations and government agencies who are parties to various types of litigations, investigations, commercial, arbitration and regulatory compliance proceedings.
All data collected in the course of Knovos’ activities are kept under strict privacy and confidentiality protocols since much of this information may constitute evidence in litigation and other sensitive proceedings. Indeed, it is Knovos’ practice (and the customary business practice in the industry in which Knovos conducts business) to enter into, with each client, a comprehensive Confidentiality and Non-Disclosure Agreement (C&NDA) as to data received in every engagement undertaken. Moreover, each of Knovos’ employees has executed C&NDAs pertaining to all information that comes into their possession in the course of their employment.
The facility in which Knovos processes (*processing by Knovos consists, typically, of the extraction and formatting of the data for review in a document review system) and stores data maintains extensive physical security features and the network infrastructure upon which data is stored is secured by some of the most advanced data security and disaster recovery technology found in the marketplace.
Much of the data processed and hosted by Knovos does not constitute “personal data” as the term is defined below. However, personal data will, on occasion, enter into the possession of Knovos, the bulk of it contained within the email accounts of individuals in the employ of parties to litigation.
Statement of Policy:
This policy applies to personal data that Knovos has received from the European Union (EU). Personal data refers to data that is (a) transferred to the United States from the EU; (b) is about, or relates to, an identified or identifiable individual; (c) can be linked to that individual, and (d) is recorded. Personal data may include, among other things, an individual’s name, address, phone number, e-mail address, or social security number, health insurance policy number or other like information. However, the term “personal data” does not include data that pertains to a specific individual, but from which that individual cannot reasonably be identified. Personal data also includes “sensitive personal data”, which is defined herein as a subset of personal data that pertains to an individual’s medical, or health condition, racial or ethnic origin, political opinions, religion, union membership, sexual orientation or actual or alleged criminal activity
Knovos’ website incorporates privacy controls which affect how Knovos will process any personal data. Knovos will not use any personal data other than for the purpose for which it was provided. Knovos may process data about your use of our website and services. The legal basis for this processing is consent and our legitimate interests, namely monitoring and improving our website and providing services.
If you have provided any personal data such as your name and email address, Knovos may process this data for communicating with you and taking steps, at your request. Knovos may process information contained in any inquiry you submit to us regarding products and/or services. The data may be processed for the purposes of offering relevant products and/or services to you.
Knovos may process information contained in or relating to any communication that you send to us. The correspondence data may include the communication content and metadata associated with the communication. The legal basis for this processing is consent and our legitimate interests namely the proper administration of our business. You may withdraw your consent by contacting our firstname.lastname@example.org
Regarding International transfers of your personal data, the company has offices across the globe. The NDPA’s have made an “adequacy decision” with respect to the data protection laws of each of these countries or the data will be protected by appropriate safeguards and will never leave the company without express consent. The hosting facilities for our website are situated in the United States of America. The European Commission has made an “adequacy decision” with respect to the data protection laws of the United States of America.
Personal data that Knovos processes for any purpose shall not be kept for longer than is necessary for that purpose. Users can ask for their data to be expunged from our systems should they wish.
Where Knovos is the Data Controller you may instruct us to report/provide/rectify/erase any personal information Knovos hold about you; provision of such information will be subject to the payment of an admin fee; and the supply of appropriate evidence of your identity. Where Knovos is the Data Processor then such requests will need to be directed via the Controller.
This website is owned and operated by KNOVOS: Knovos is registered in England & Wales, France and in Virginia USA et al. You can contact us via our data protection officer email@example.com
EU-U.S. Data Privacy Framework:
The EU-U.S. Data Privacy Framework has been designed to provide companies with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.
Knovos strongly affirms its commitment to the Data Privacy Framework as follows:
Complaint Handling Mechanism:
In compliance with the EU-US Data Privacy Framework program’s Principles, Knovos commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union individuals with DPF inquiries or complaints should first contact
3201 Jermantown Road, Suite 230
Fairfax, VA 22030
Attention: Data Protection Officer
Knovos has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit Process For Consumers (bbbprograms.org)for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See G. Arbitration Procedures (dataprivacyframework.gov)
Adherence to EU-U.S. Data Privacy Framework Principles:
Knovos has adopted the EU – U.S. Data Privacy Framework and hereby adheres to each of the Data Privacy Principles with respect to data received from the EU in reliance on Privacy Shield. These Principles, as adhered to by Knovos, are described below:
Under most circumstances, Knovos does not collect personal data for processing directly from the party in possession but receives the data for processing from counsel under an agreement to hold such data under strict rules of confidentiality and privacy. Therefore, when Knovos receives personal data from the EU for processing purposes and does not control the collection of the personal data, Knovos does not, typically, provide notification to the individuals to which such personal data relates (but, again, is mandated by the client to hold the data in the strictest confidence.). In such event, Knovos reserves the right to process personal data in the course of providing services to its clients without the knowledge of the individuals involved. Knovos never uses data for a purpose other than the purpose for which it was provided to Knovos. Neither does Knovos ever share information with third parties other than when lawfully directed by the client law firm or originating organization (that is, the owner of the data.) When specifically authorized by counsel or client to do so, Knovos will inform affected individuals about the purposes for which it collects and uses personal information about them, how to contact the organization with any inquires or complaints, the types of third parties to which it may disclose the information and any choices and means that Knovos may offer individuals for limiting the data’s use and disclosure.
Since Knovos does not share personal information with third parties, unless required by law or lawfully directed by the client law firm or originating organization to do so, nor does it ever use the data for a purpose incompatible with the purpose for which it was originally collected, there is no need to offer individuals the opportunity to opt out from having data disclosed. However, should the need ever arise, Knovos will provide individuals with reasonable notice and mechanisms to exercise their choice to opt-out from having personal data so disclosed.
- Accountability for Onward Transfer (Transfer to Third Parties)
As mentioned above, Knovos does not share personal information with third parties, unless required by law or lawfully directed by the client law firm or originating organization to do so. However, should the need ever arise, prior to disclosing personal information to third parties, Knovos will utilize the notice and choice principles noted above. If Knovos ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data. Moreover, Knovos will only enter into written contracts with third parties to provide the same level of personal data protection as is maintained by Knovos. Nevertheless, in cases of onward transfer to third parties of data of EU individuals received pursuant to the Privacy Shield, Knovos is potentially liable.
Knovos takes reasonable precautions to protect personal information from loss, misuse, unauthorized access, disclosure, tampering, alteration, and destruction.
- Data Integrity and Purpose Limitation
Knovos uses personal information only in a manner that is compatible with the purpose for which it was collected or subsequently authorized by the individual. Knovos takes reasonable steps to ensure that personal information is reliable for its intended use, and is accurate, complete, and current. We understand that we may also be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. This regulatory compliance will be adhered to under the guidance of our clients and their lawyers since we solely act on their behalf to collect, process and produce such personal information.
- Access and Recourse
Since, under typical circumstances, the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or the rights of persons other than the individuals would be violated or seriously compromised, individuals cannot be provided access to personal information about them in order to correct, amend, or delete the information when inaccurate. However, where appropriate to do so, Knovos will grant individuals reasonable access to personal data that it holds about them and Knovos will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Knovos acknowledges that EU individuals have the right to access the personal information that we maintain about them. An EU individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct the query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
- Enforcement and Liability
Knovos will conduct an annual self-assessment to ensure that this policy is published and disseminated within Knovos and on its website, that it is being adhered to and that it conforms to the seven principles set forth above. In addition, Knovos has deployed internal auditing measures to monitor its compliance with the principles and to address all questions or complaints. Knovos will also self-certify annually with the U.S. Department of Commerce as being in full compliance with the principles.
Individuals may raise any concerns or complaints regarding their personal data directly with Knovos by contacting Knovos at:
3201 Jermantown Road, Suite 230
Fairfax, VA 22030
Attention: Data Protection Officer
If an individual files such a complaint, Knovos will investigate the matter and attempt to resolve all issues to the satisfaction of the complainant. Knovos agrees to cooperate with the dispute resolution system set forth above if the matter cannot be settled.