Privacy & Cookie Policy


Why does Keri Systems have a Privacy Policy?
At a time when businesses face an almost daily barrage of junk mail, junk faxes, spam, and unsolicited calls, Keri does not want to become more noise in the system. If you are not interested in our products at this time, we do not want to bother you. However, if you find you are interested in Keri’s products, we look forward to working with you.

Who are we?
This website is run and maintained by Keri Systems (www.kerisys.com) whose registered address is [302 Enzo Dr Suite 190, San Jose, CA 95138, United States].  We are committed to protecting and preserving the privacy of our visitors when visiting our site or communicating electronically with us. The policy below indicates and sets out how we process any personal data that we collect from you through our website. We can confirm that we will always keep your personal information and data secure and that we comply with all data protection legislation from your local governing authority. Please read the following carefully to understand what happens to the personal data that we collect from you when you visit and use our website. By visiting www.kerisys.com you are accepting and consenting to all practices described in this document. 

What personal data do we collect and why do we collect it?
We may collect, store, and use the following information and data about individuals who visit and use our website:

Information you supply to us
You may supply us with information about yourself, your company, or your clients by filling out various forms throughout our website. This includes information you provide to us when you submit an inquiry, sign up for membership login, request an RMA, become an installer form, database conversion/upload form, etc. These forms may contain information including your name, address (personal or company), your phone number, and email address, as well as information on your client site that mimics the outlined above. 

The information our website automatically collects about you
With regards to each of our visitors to our website we automatically collect data on the following metrics:

Technical information
Including your IP address, browser type, operating system, and platform.  

Information about your visit
Standard data will be collected, including the web pages you visit, how long you are on the site, how you were directed to the site, page response times, the length of your visit, the links that you clicked on (only on kerisys.com and domains relating to it), and the documents/software downloaded. Kerisys.com also uses Hotjar, which allows us to collect further data on users, including mouse movement, website heatmaps, and usage recordings to better enhance our customer’s user experience and understand the flow of traffic through our website.  

User Experience & Security
IP Address: For blocking malicious requests.
Device Identifier: Such as mobile, desktop, tablet. Allows the website to scale for your device.
Location: Country the visitor is visiting from. Used to serve geoinformation, such as phone numbers.
Operating System: Operating system in use; this is for UX Monitoring.
Browser: Browser visiting for User Experience, and bug tracking.
Resolution: To see what the average user’s resolution is and what is displayed on the page for their resolution size.

How does Keri Systems get my contact information?
Links at various points throughout the website connect you with forms that allow you to enter the contact information you wish to give us. These forms allow you to send us your comments, request a call, report problems, or sign-up for our marketing or technical bulletins.

What information does Keri Systems collect?
We only collect basic contact information: name, company, street address, telephone number, and email address.

Data collected when registering on downloads.kerisys.com
We store information on name, company, street address, and email address. These are used to create your individual user profile so that Keri Systems can verify your business information and affiliation to a legitimate access control company before being granted access to our download portal.
If you create an account to access our downloads center, the fields you complete when registering will be kept within a database and will associate them to your specific account and email registered address.

Specific to downloads.kerisys.com registrations
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, if you add a profile picture this may be visible to the public in the context of your profile.

Use by children
Our services are not intended to be used by individuals under the age of 16 and we do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at privacy@kerisys.com.

Cookies
Our website uses cookies to distinguish you from other users on our website. This helps us provide you with the best user experience possible while you browse our website.

“Cookies” are small pieces of information that your browser stores on your computer on behalf of a website that you have visited. Cookies may be used in order to complete transactions on our site. You can always choose not to accept cookies with the settings of your web browser, however, you may not be able to complete these transactions if you do not accept cookies.

Most browsers allow you to reject all cookies, whilst some browsers allow you to reject only third-party cookies. You can find out more about how cookies work and how to manage them at allaboutcookies.org.

The cookies used on our website are grouped into the following categories:

The list below details the cookies used on our website.

CookieDescription
Necessary
__cfduidThe cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
JSESSIONIDUsed by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
ASP.NET_SessionIdThis cookie is used in sites developed with Microsoft.Net. When a user start browsing a unique session ID is created, which keeps track of all the information regarding that session.This information is stored in the web server and it is identified via a GUID.The GUID is essential for any ASP.NET site to function properly.
viewed_cookie_policyThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
cookielawinfo-checkbox-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
Non Necessary
test_cookieThis cookie is set by doubleclick.net. The purpose of the cookie is to determine if the users' browser supports cookies.
Other
ls_smartpushThis cookie allows the Litespeed plugin to store server settings to help with performance.
crmcsrPurpose: Zoho is the CRM (Customer Relationship Management) database that we use to store customer information. When you enter your details into our website the data, the data is sent securely to Zoho. www.zoho.eu/cookiepolicy.html
a64cedc0bfZoho Cookie. CRM-campaign-platform. Session Only
_zcsr_tmpZoho Forms & CRM Integration, Cookie used when using contact forms or ASAP Widget.
zfccnZoho Forms - Forms integrated across the websites. Cookies: [csr* / *csr* / *csr, zmpncc, zfccn] Purpose: Website security
383aeadb58Zoho Forms www.zoho.eu/cookiepolicy.html
SFWEB_SRVNAMECitrix Sharefile, Cookie used with integration to Citrix sharefile for file downloading or uploading
Advertisement
NIDThis cookie is used to a profile based on user's interest and display personalized ads to the users.
VISITOR_INFO1_LIVEThis cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
IDEUsed by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
Analytics
GPSThis cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location
Performance
YSCThis cookies is set by Youtube and is used to track the views of embedded videos.
Functionality
crmcsrPurpose: Zoho is the CRM (Customer Relationship Management) database that we use to store customer information. When you enter your details into our website the data, the data is sent securely to Zoho. www.zoho.eu/cookiepolicy.html
a64cedc0bfZoho Cookie. CRM-campaign-platform. Session Only
_zcsr_tmpZoho Forms & CRM Integration, Cookie used when using contact forms or ASAP Widget.
383aeadb58Zoho Forms www.zoho.eu/cookiepolicy.html
Security
wfCBLBypassWhat it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking. Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking. How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.
wf_loginalerted_(hash)What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location. Who gets this cookie: This is only set for administrators. How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.
wfwaf-authcookie-(hash)What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded. Who gets this cookie: This is only set for users that are able to log into WordPress. How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.
zfccnZoho Forms - Forms integrated across the websites. Cookies: [csr* / *csr* / *csr, zmpncc, zfccn] Purpose: Website security

Contact forms
Kerisys.com uses forms generated by Zoho through a web plugin. When you submit a form through our website you consent and agree to the use and storage of information by Zoho and its suite of applications. When submitting a form on our website, the data that we collect from you is stored indefinitely on our Zoho platform. These forms contain all information outlined in the “information you supply to us” section. The information that we collect is used to ensure an enhanced customer experience and may be used for marketing materials to keep you up to date on the latest products and services that we feel would be of interest to you or your clients. If you leave a comment on our site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Using our contact forms
If you use our contact forms, the content of the form is sent via Zoho through a Keri Systems generic mailer address, which is then forwarded to the relevant department to answer your query. By using the contact form you are accepting the risks associated with passing on the information provided between email addresses and any liabilities that may occur during transmission. All emails on the Keri Systems website require acceptance of our TOS & Privacy Policy before sending.

Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as on the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Google Analytics
Data Used: We use Google Analytics to analyze the use of our website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store and use this information. Google’s privacy policy is available at www.google.com/privacypolicy.html.

Please refer to the appropriate Google Analytics documentation for the specific type of data it collects. For more information on Google Analytics privacy policy please see https://policies.google.com/privacy

Activity Tracked: This feature sends page view events (and potentially video play events) over to Google Analytics for consumption. By default, WordPress does not share any personal data with anyone.

Hotjar: As outlined above under “What personal data do we collect and why do we collect it”, it explains why Hotjar is used and how we use it. For more information on Hotjar’s privacy policy please visit: https://www.hotjar.com/legal/policies/privacy/  

How long do we retain your data?
As mentioned above in our “Contact forms” section kerisys.com uses Zoho integration to display forms on our website, as well as store information regarding users who have submitted any form through this domain. All data submitted through Zoho forms on our website is stored indefinitely. For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (with the exception of changing their username). Website administrators can also see and edit that information. If you have an account on this site or have submitted any forms, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. To contact us about your data please see the contact information in the below section titled “Our contact information”.

Where do we send your data?
As mentioned above we will always protect your data under any localized legislation or government law. Kerisys.com will only send your data to our Zoho Customer Relations platform for the use of storing your information securely. For more information on why we use Zoho forms please visit the above section “Contact forms”. If you would like to learn more about Zoho and how they store data please visit: https://www.zoho.com/privacy.html

If you create an account to access our downloads center, the fields you complete when registering will be kept within a database and will associate them to your specific account and email registered address.

How does Keri Systems use this information?
The information that you choose to provide directs us in how to contact you. We will respond to your comments and questions and, if requested, we will sign you up for our newsletters.

Does Keri Systems share information with any third parties?
Keri Systems only shares your contact information within the Keri family of dealers and distributors (the dealer or distributor that is best able to meet your needs). Keri does not share your contact information with any parties outside of the Keri family of dealers and distributors.

Our contact information
If you have any questions or concerns pertaining to our privacy policy, you may contact us through the following methods:
By post: 302 Enzo Dr Suite 190, San Jose, CA 95138, United States
By email: webmaster@kerisys.com
By phone: +18002605265

To opt-out of email blasts, or to remove the information collected via submitting our webforms, please visit this page:
https://kerisys.com/unsubscribe/

We also offer the option to unsubscribe from any marketing/promotional emails, within the footer on our marketing campaign emails. To unsubscribe, open an email from Keri Systems and press the ‘Unsubscribe’ link located at the bottom of the email.

We protect your data and the processing of your personal data at www.kerisys.com in line with the applicable data protection legislation of your localization or governing body. With this Privacy Statement, we wish to inform you of how your personal data is processed when you visit our website.

Data breach procedures
In the event of a data breach, Keri Systems will inform any affected persons or registered users of kerisys.com within a 48 hour period of the breach being discovered.
In the event that the policy is changed at any time, the date and nature of the change will be clearly indicated in this document. In the event that the change has a material impact on the handling of your personal information, we will contact you to inform you of the changes where appropriate.

For questions regarding our data protection policy, please contact: Dave Miller
You can use our contact form here.

Source: Hotjar
We use Hotjar in order to better understand our users’ needs and to optimize service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc). This enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see the ‘About Hotjar’ section of Hotjar’s support site.

To see which cookies are used visit: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies

Source: Zoho Inc Source: LiteSpeed-cache
This site utilizes caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary.

Jetpack Integration Activity
This feature only records the activities of a site’s registered users and the retention duration of activity data will depend on the site’s plan and activity type.
Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com, and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. The retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).
Data Synced: Successful and failed login attempts, which will include the actor’s IP address and user agent.

Contact form
Data Used: If Akismet is enabled on the site, the contact form submission data (IP address, user agent, name, email address, website, and message) is submitted to the Akismet service (also owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message.
Data Synced: Post and post metadata associated with a user’s contact form submission. If Akismet is enabled on the site, the IP address and user agent originally submitted with the comment are synced as well, as they are stored in post meta.

Jetpack Comments Mobile Theme
Data Used: A visitor’s preference for viewing the mobile version of a site.
Activity Tracked: A cookie (akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. 

Protect
Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. 
Data Synced: Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Search
Data Used: Any of the visitor-chosen search filters and query data in order to process a search request on the WordPress.com servers.
Sharing Data Used: When official sharing buttons are active on the site, each button loads content directly from its service in order to display the button as well as information and tools for the sharing party. As a result, each service can in turn collect information about the sharing party. When a non-official Facebook or a Pinterest sharing button is active on the site, information such as the sharing party’s IP address as well as the page URL will be available for each service, so sharing counts can be displayed next to the button. When sharing content via email (this option is only available if Akismet is active on the site), the following information is used: sharing party’s name and email address (if the user is logged in, this information will be pulled directly from their account), IP address (for spam checking), user agent (for spam checking), and email body/content. This content will be sent to Akismet (also owned by Automattic) so that a spam check can be performed. Additionally, if reCAPTCHA (by Google) is enabled by the site owner, the sharing party’s IP address will be shared with that service. You can find Google’s privacy policy here.
WhatsApp Button Block Activity Tracked: We don’t track any activity. For details of what WhatsApp tracks, refer to their Privacy Policy.

WordPress.com Secure Sign On
This feature is only accessible to registered users of the site with WordPress.com accounts.
Data Used: User ID (local site and WordPress.com), role (e.g. administrator), email address, username and display name. Additionally, for activity tracking (see below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: The following usage events are recorded: starting the login process, completing the login process, failing the login process, successfully being redirected after login, and failing to be redirected after login. Several functionality cookies are also set, and these are detailed explicitly in our Cookie documentation.
Data Synced: The user ID and role of any user who successfully signed in via this feature.

To see further information regarding Jetpacks Privacy Policy please visit: https://jetpack.com/support/privacy/

Borealis

Borealis is our cloud based access control system.  Keri Systems UK is the provider of the Borealis system to our clients in the UK and Europe:  our clients are the Controllers for this processing and Keri Systems UK act as their Processor.

This section provides some useful information about the processing of personal data by Borealis, however if you are an individual seeking to invoke your rights under GDPR/UK GDPR then you should contact the Controller for this processing directly.

Subject Matter of Processing

Provision of the Borealis cloud based access control system, including hosting of all associated data, to enable our client, the Controller, to manage site security and access records.

Duration of the Processing

Until such time as the contract with our client for the provision of service ends.

Type of Personal Data

User account credentials and administrator permissions, classification of user (Owner, Operator User, Systems Operators), unique identifier of access control fobs and name of associated individual, site access records, customer created custom fields

User credentials for the Controller’s staff

Special Categories of Personal Data

No special categories of personal data are processed by default, however our client has the ability to create custom fields.

International Transfers

The transfers of data to and from the Processor, Keri Systems UK,  are enabled by the UK deemed to be an adequate nation for data protection by the EU

Technical and Organisational Measures

We implement the following appropriate measures by default to preserve the security of the data collected:

  • No copies of data are to be held by us without the Controller’s permission
  • Any such copies data will be held in secure, password protected IT systems
  • Multi factor authentication shall be enabled on any systems where it is available
  • We ensure that our IT systems use modern software that is kept up-to-date
  • When personal data is deleted this will be done safely such that the data is irrecoverable
  • Appropriate back-up and disaster recovery solutions are in place
  • All data will be encrypted in transit
  • All UK/EU customers are contracted to Keri Systems UK and an additional Data Processing Addendum applies to that processing to comply with GDPR/UK GDPR.

Sub-Processors

List of Sub-Processors used by us to deliver the Borealis service

Name of Sub-Processor Address Nature of processing activity
Keri Systems Inc

302 Enzo Dr Suite 190, San Jose, California 95138, USA.

 

International transfer facilitated by International Data Transfer Agreement in place with Sub-Processor

Consent
We ask for consent on our contact forms, however, if the box is unticked, and you continue to submit we will assume your acceptance.
By continuing to use this website, you signify you understand and agree with this Privacy Policy.