Skip to content

Privacy Notice

Last revised June 25, 2024.

This Privacy Notice (referred to as “Privacy Notice” or “Privacy Policy”) will become effective as of July 1, 2024.

This Privacy Notice discloses the information practices for Kumanu, Inc. (“Kumanu”) when you use or interact with us through Purposeful and/or Insightful (hereafter, the “Kumanu apps”). When this Privacy Notice refers to “you,” “your,” or similar words, it means the individual to whom the personal information belongs.

At Kumanu, we believe your data belongs to you and only you. Whether you use the Kumanu apps, participate in a PurposeCast, or interact with Kumanu in some other way (collectively, the “Services”), we don’t share your personal data with anyone — not advertisers, not your employer, not your health insurer — unless we explicitly tell you ahead of time, including through this Privacy Notice.Personal data refers to data that is capable of identifying you. The data you provide through Kumanu apps or through other interactions with Kumanu may also be de-identified and then aggregated (combined) with other people’s data to provide general insights into organizational and population needs, interests, and dynamics. De-identified and aggregated data is no longer capable of identifying you. Kumanu may use and share de-identified and aggregated data for any lawful purpose.You must consent to this Privacy Notice in order to use or access the Kumanu apps or the Services. If you do not consent to this Privacy Notice, you may not use or access the Kumanu apps or the Services. By consenting to Kumanu’s Privacy Notice (this document), you are consenting to Kumanu storing and processing any data you provide, including data from third-party devices.

The Personal Data Kumanu Collects

The Kumanu apps collect the following personal data from you when you create or register your account (including if you use a third party such as Google to sign on): email address and name. You can also provide your phone number if you want to receive information via text message. We might ask for more specific demographic information about you, but providing this information is optional. Such data will be collected and processed in accordance with this Privacy Notice. We collect this information as part of learning more about you so we can provide you with more relevant information and personalized support. Through your use of and interactions with the Kumanu apps and Services, you may also submit to us personal data of a sensitive nature. Such data is self-reported and entered by you on an optional basis. Examples of personal data include:
  • Your personal best self traits;
  • Your personal purpose;
  • Actions you select, rate or mark as complete to help improve your best self, purpose alignment or wellbeing;
  • How aligned you are at any point in time with your best self traits, purpose, or wellbeing goals;
  • Your daily intention, focus or other self-improvement goals;
  • Your responses to reflection or other self-rating questions;
  • Your responses to assessment, pulse survey or other questions collected inside or outside of the app; which may include questions about your health-related activities and behaviors;
  • Resources you select, rate, or mark as complete in order to view and access resource offerings; and
  • Your history of in-app searches of app content.
There are also optional opportunities in the Kumanu apps and Services to enter text in free form data fields, and if you choose to submit such personal data, you do so at your own discretion. You can decline to provide any or all self-reported data. If you decline to provide data when using the Kumanu apps and Services, it may affect the quality of the content you get and the scope of your experience. Kumanu apps and some of the other tools that we use to provide our Services also automatically collect data about how you use the Kumanu apps and Services, and the devices on which you use the Kumanu apps. The data collected consists of:
  • Device information including model, operating system, browser, and Internet connection — this is important to ensure the app works properly; and
  • Usage details including the date and time you used the app and the features of the app you utilized — this helps us improve the app.
Finally, if you provide your information through a sales or marketing channel, such as a trade show, livestream or website demo request, we may include you in future marketing outreach but we promise not to sell your information to any other organization. If, after you’ve provided personal data to Kumanu, you decide that you do not want us to continue to collect the information described in this section, you may request to remove personal information you entered previously. See the section on “Data retention and storage” below.

How Kumanu Uses Your Personal Data

When you use the Kumanu apps, the information you provide is used to help you identify needs, explore resources for meeting those needs, form new habits, and/or try out new ideas for living purposefully. We apply statistical machine learning techniques to the data you submit to produce de-identified aggregate analyses of our users. Based on the information you provide, we share normative or comparative data with you and provide specific suggestions regarding resources that may be helpful to you. We do not use your data to make automated decisions on your behalf, but our machine learning and/or (if enabled) generative AI algorithms may make suggestions to you based on some of your responses. We use the information you provide to personalize your experience in our app and to communicate with you, including via emails to the addresses you or your sponsoring organization provide, or texts to a phone number that you provide us. For example, we might email or text you with information on how to download and use our apps. We share data that has been de-identified (i.e., cannot be traced back to any specific user) and aggregated (i.e., combined responses from many people) with users of our PurposeCloud platform (which includes Purposeful, our emotional wellbeing app, and Insightful, our organizational dashboard) and others. We use de-identified and aggregated data to better understand organizational and population dynamics and needs. We also use de-identified and aggregated data to understand how users engage with our app in order to evaluate and improve the effectiveness of our service and to improve your experience.

How Kumanu Shares Your Personal Data

Kumanu does not share your personal data except as described in this Privacy Notice. We do not share any of your personal data with advertisers, advertising networks, or data brokers, for any purposes. We do not track your activity across apps and websites owned by other companies. We do use cookies or similar methods in a limited fashion, to enhance the user’s app experience (for example, to allow a user to resume a session, to keep a user logged in, to display first time user information only once, or to cache calls when the device is offline or otherwise unable to make them). Data including your app usage, such as whether or not you access specific features or content and how frequently, and the individual responses that you provide to survey, pulse survey, or assessment questions will be shared in aggregate form only with your sponsoring organization. This means your de-identified responses are grouped together with other respondents so numbers are reported as a sum or average for a group or for the whole organization. Examples of such data include questions in Purposeful which ask you to rate your day or select your best self qualities. We will not share individually identifiable data with your sponsoring organization, health plan, or other third party without first asking your consent.

Sharing Data With Service Providers

Kumanu does work with a small number of third parties and service providers (“Third Parties”) who support delivery of the Kumanu apps and Services. Kumanu may share personal data to such Third Parties in order to provide the Kumanu apps and Services to you. In all cases, the Third Parties are contractually obligated to adhere to security and privacy standards similar to what we have described to you in this Privacy Notice. Third Parties are only permitted to process your personal data for specified purposes and in accordance with our instructions. Please see the following Table for a list of Third Parties Kumanu uses, for what purpose, and the data that are shared. Kumanu may update this list periodically and reflect those changes during general updates to this Privacy Notice.

Third Parties

Provider
Purpose
Data shared
Amazon Web Services (AWS)

The Kumanu apps are hosted on Amazon Web Services in the us-east-1 region (aws.amazon.com)

Personnel at AWS do not have the ability to access individualized user data.

ActiveCampaign (activecampaign.com)

We use ActiveCampaign (activecampaign.com) to transmit emails.

We send your email address and name to ActiveCampaign’s system and use that system for the purpose of contacting you via email.

Alchemer (Alchemer.com)

We utilize Alchemer (formerly SurveyGizmo) (alchemer.com) to collect bug reports and feedback within our apps, and for other surveys.

No personally identifiable information from you is stored in Alchemer unless you provide it as part of a specific survey (e.g., if you give us your email address to contact you about a bug that you report). Any such personally identifiable information that you provide in this context will only be used for the purpose that is stated.

Twilio (twilio.com)

We utilize Twilio (twilio.com) to support a text-based onboarding process that your sponsoring organization may optionally use to provide you access to one of our apps.

If you request the application by this mechanism, we will not use your phone number for any purpose other than providing you access to the application, unless we specifically ask for your consent. Twilio logs of your interaction with us are deleted after 48 hrs; they do not maintain any of your information.

Zendesk

We utilize Zendesk (zendesk.com) to help us provide end user support. The information in Zendesk is only used for the purposes of supporting you.

If you contact us through support@kumanu.com, submit feedback through our Feedback Form or submit a request through the Help Center, your information, such as email address, is logged in Zendesk. Your information is not used for any other purpose than providing you with support.

Status Page (statuspage.io)

We utilize Status Page (statuspage.io) to provide real-time information on the status of Purposeful and Insightful at https://status.kumanu.com/.

If you subscribe to updates via Status Page, your email address will be stored by Atlassian (the makers of Status Page) and used for the purpose of keeping you informed about any incidents that might arise. Your information will not be used for any other purpose.

Poll Everywhere (polleverywhere.com)

We may use Poll Everywhere to conduct audience polls during presentations we organize.

If you provide information as part of these polls, it will be de-identified and then aggregated with other people’s data to provide audience insights during the presentation and may also be combined with data from other events to generate additional insights into a population. These de-identified insights may be used in future presentations and may help us improve our products and services.

Stripe (Stripe.com)

In some instances where there is no sponsoring organization providing access, we may offer Purposeful for a fee to individuals. In those cases, we use Stripe (stripe.com) to process payments.

We do not maintain any credit card or other payment information in our system but instead use Stripe as a PCI-compliant partner for these transactions. If you pay to subscribe to Purposeful you will enter your payment information directly into Stripe via their interface. The email address you provide to Stripe will be transferred to us so that we can send you a recovery link to use in case there is any problem with completing your account signup.

Firebase

We use Firebase for onboarding links, sending notifications to your device or browser and for crash reporting.

We share device IDs with Firebase for the purpose of sending push notifications and for mobile app crash reports.

Zoom Webinar

We use Zoom Webinar for Livestream events such as our PurposeCasts.

If you participate in a Livestream event you will need to register with a name and email address. We may add your registration information to Active Campaign so that we can mail you feedback surveys, invite you to future events or send you recordings from the events.

Azure OpenAI Service

We utilize the Azure OpenAI Service for our optional generative AI powered coach features in Purposeful. Azure OpenAI makes it possible to provide you with individualized advice and insights.

You are not required to use our generative AI coaching features to use the Purposeful product.

If your organization has requested that we enable our generative AI coaching features and if you specifically turn on these features for your account, your de-identified information will be sent to the Azure OpenAI Service. If you enable these features and then decide you no longer want them, you can disable them via the Settings page in Purposeful.

Microsoft hosts the OpenAI models in Microsoft’s Azure environment and the Service does NOT interact with any services operated by OpenAI (e.g. ChatGPT, or the OpenAI API). Your information will not be used by either Azure or OpenAI for model training. Azure will delete all prompts and responses associated with your use of the AI Coach features in Purposeful automatically within 30 days.

Graphics East/Inland Press

We utilize Graphics East to fulfill orders of the Purposeful Workbook

If your sponsoring organization provides the optional physical Purposeful Workbook we will share the name and the shipping address you provide to Graphics East so that they can mail the workbook to you.

Data Security

The security of your personal data is very important to Kumanu. We employ a number of organizational, technical, and physical safeguards designed to protect the personal data we collect. Security risk is inherent in all information technologies and we cannot guarantee the absolute security of your personal information. However, Kumanu’s systems and applications that support Purposeful and Insightful have earned Certified status for information security by HITRUST, which validates Kumanu’s commitment to protecting your information.

Data Retention And Storage

Our apps and the other third-party tools that we use to provide services to you are hosted in the United States. This means that all data you enter into the apps or otherwise provide to Kumanu is transferred to and processed in the United States regardless of your citizenship status or your location at the time you entered the data into the app. It is important to understand that data protection laws in some jurisdictions may not be as strong as those in your country. When you consent to this Privacy Notice you are also consenting to the transferring and processing of your personal data in the United States. If, after you’ve provided personal data to Kumanu, you decide that you do not want us to continue to collect the personal information described in this Privacy Notice, you should stop using the Kumanu apps and Services. If you accessed the apps or Services via the internet, log out of the application on the web. If you installed one of the Kumanu apps on a device (such as a mobile phone), remove the app(s) from your device. We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for your information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we process your information and whether we can achieve those purposes through other means, and the applicable legal requirements. You may request to have any personal data removed; in that case, no data would be associated with you in any way. Any request to have your personal data removed should be submitted to our Data Protection Officer (see the Contact Information section). If you request that your personal data be removed, any information that makes the data attributable to you will be removed, unless a legal, accounting, or reporting obligation requires us to retain the personal data longer. However, the de-identified data is retained indefinitely to improve the body of information in the system and power our algorithms.

Choices Regarding Your Personal Data

You may have certain rights under applicable law concerning your personal data. When applicable law provides you with rights regarding your personal data, Kumanu will comply with your requests to exercise those rights consistent with applicable law.

Residents of California, Connecticut, Colorado, Utah, or Virginia

If you are a California, Connecticut, Colorado, Utah, or Virginia resident, the following applies to you:
  • Access and Data Portability. You have the right to request that we disclose certain information to you about our collection, use and disclosure of your personal data over the past 12 months. Once we receive your request and verify your identity, we will disclose to you: (1) the categories of personal data we collected about you; (2) the categories of sources for the personal data; (3) our business or commercial purpose for collecting or disclosing that personal data; (4) the categories of third parties with whom we shared that personal data; and (5) the specific pieces of personal data we collected about you in the preceding 12 months. You may also request to receive a copy of your Personal Information in a reasonably portable format.
  • Correction and Deletion. You have the right to request that we correct or delete any of your personal data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your request and verify your identity, we will correct or permanently delete your personal data from our records, unless a legal exception applies.
  • Non-Discrimination. We will not discriminate against you for exercising any of your rights by: (1) denying you goods or services; (2) charging you different prices or rates for goods or services; (3) providing you a different level or quality of goods or services; or (4) suggest that you may receive a different price, rate, or level of quality for goods or services.
  • Right to Limit the Use of Sensitive Personal Data. You have the right to request that we limit the use of your sensitive personal data to only the processing that is necessary to provide the Kumanu apps or Services to you. We currently do not collect or process sensitive personal data for any other purposes other than providing the Kumanu apps or Services.
  • Right to Opt-Out by Using Preference Signals. You have the right to request that your Personal Information not be sold or shared through the use of an opt-out preference signal. We do not sell personal data or make it available to third parties for their marketing purposes.
  • Authorizing an Agent. You may designate an authorized agent to submit your consumer request on your behalf, so long as the authorized agent has your written permission to do so and you have taken steps to verify your identity directly with us.
To exercise the rights outlined above, please submit a verifiable request to us by contacting us at support@kumanu.com. You may designate an authorized agent to submit the request on your behalf, so long as the authorized agent has your written permission and you have taken steps to verify your identity directly with us. If we cannot verify your identity or authority to make a request, then we will not be able to respond to your request. We may ask for additional information, including personal data, for purposes of verifying your identity or authority to make a request. You may only make two (2) verifiable requests with us within a twelve (12) month period.

California Shine The Light Law

Under California law, California residents have the right to request in writing from businesses with whom they have an established business relationship certain information pertaining to third parties to which the business discloses personal information for marketing purposes. We do not sell Personal Information collected on our Site to third parties for their direct marketing purposes. We do not disclose Personal Information to third parties for their direct marketing purposes. To learn more, please contact us using the information below.

Residents Of The EEA And United Kingdom

Controller. The organization collecting your information is Kumanu and Kumanu is the data controller in respect of your personal data. Supervisory Authority. Should you wish to report a complaint or if you feel that we have not addressed your request in a satisfactory manner, you may contact the relevant supervisory authority where you work, normally live or where any alleged infringement of data protection laws occurred. Purposes and Legal Bases for Data Processing. Our purposes and legal bases for processing your personal data are described in this Privacy Notice. Automated Decision-Making and Profiling. Kumanu does not conduct automated decision-making, including profiling, using personal data. International Transfers. Kumanu may conduct international transfers of personal data as described below in this Privacy Notice.
Your RightsResidents of the EEA and United Kingdom are entitled to the following rights:
  • Access. You have the right to request copies of your personal data. We may charge you a small fee for this service.
  • Rectification. You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
  • Erasure. You have the right to request that we erase your personal data, under certain conditions.
  • Restrict Processing. You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Object to Processing. You have the right to object to our processing of your personal data, under certain conditions.
  • Data Portability. You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • Withdraw Consent. You have the right to withdraw your consent to our processing of your personal data at any time.
If you would like to exercise any of these rights, please contact us using the information below. We will respond to your request in accordance with applicable law.

Residents Of Australia, Brazil, Brunei Darussalam, Canada, Cayman Islands, Chile, China, Hong Kong, India, Japan, Malaysia, Mexico, Saudi Arabia, Singapore, South Africa, South Korea, Taiwan, Thailand, and United Arab Emirates

To the extent required by applicable law, Kumanu makes the following disclosures.
  1. The purposes of the processing for which the personal data are intended are as stated in this Privacy Notice.
  2. The legal bases for processing are as stated in this Privacy Notice.
  3. The recipients or categories of recipients of the personal data are as stated in this Privacy Notice.
  4. The period for which the personal data will be stored is as described in this Privacy Notice.
  5. You have the right to request from Kumanu access to, and rectification or erasure of, personal data, or restriction of processing concerning your personal data or to object to processing, as well as the right to data portability.
  6. Except as otherwise stated in applicable law, you have the right to withdraw consent for the processing of your personal data at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  7. You have the right to lodge a complaint with a supervisory authority in your home country.
  8. Your provision of personal data is not a contractual requirement unless and until you or your organization enter into a software license or service agreement with Kumanu, in which case the provision of enough personal data to permit Kumanu to perform under the contract will be necessary (usually name, e-mail address, and other business contact information necessary for user license credentialing and management and information necessary to provide technical and other support). In such cases, failure to provide the required personal data will result in limitation or prevention of Kumanu’s ability to provide goods, services, or software to you or your organization.
  9. Kumanu does not conduct automated decision-making, including profiling, using personal data.
  10. Kumanu may conduct international transfers of your personal data as described below in this Privacy Notice.

Residents Of Other Jurisdictions

To the extent applicable law provides you with the right to review, correct, update, or delete personal data that you previously have provided to us, please contact us using our contact information below should you wish to do so. Kumanu will respond to your request consistent with applicable law.

International Transfers

Kumanu is based in the United States. When you provide personal data to us by using or submitting information on the Kumanu apps or Services and consent to our Privacy Notice, you expressly consent to the transfer of your personal data to our location(s) in the United States. The laws of the United States may not provide legal protection that is equivalent to the data protection laws in your home country. We will employ reasonable technical, administrative, and physical safeguards to protect the personal data you provide to us, in addition to safeguarding your personal data as provided by this Privacy Notice and applicable data protection laws. To the extent we transfer your personal data to another country outside of your home country, we will conduct such transfer in accordance with binding corporate rules, any recognized treaty or trade mechanism, through Standard Contractual Clauses, with your express consent, and/or otherwise in compliance with applicable law. If you would like more information about international transfers, please contact us using the information below.

Changes To The Privacy Notice

We reserve the right to make any changes, modifications, additions, or deletions to this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you and ask for your consent again. Further, your continued use of the Kumanu apps or Services following any changes to this Privacy Notice constitutes your consent to such changes. If you do not agree with any changes to this Privacy Notice, you may not continue to use or access the Kumanu apps or Services.

Contact Information

Kumanu has appointed an internal Data Protection Officer for you to contact if you have any questions or concerns about Kumanu’s personal data policies or practices. Kumanu’s Data Protection Officer can be contacted as follows: Data Protection Officer, P.O. Box 3432, Ann Arbor, MI, USA 48106 or DPO@kumanu.com.

This website uses cookies to ensure you get the best experience on our website. By continuing to use our site, we assume you're OK with that.

ok