Skip to content
Contact us

Kinetic Privacy and Data Protection Policy

Last modified: October 30, 2024

One Million Metrics Corp., d/b/a Kinetic (“Kinetic”, “we," “our," or “us") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, store, protect, and share information through our products and services (collectively, the “services"). By using our services, you agree to the practices outlined in this policy. 
  1. Information We Collect 
We collect limited data types to provide effective and customized services to our customers. Specific services may have further details on how data is collected and used in later sections of this document. 
  • Personal Information: This may include names, work contact details, job titles, and other identifying information provided during the onboarding process and through the use of our services. 
  • Device and Technical Data: Information about devices and networks used to access our services, which may include device IDs, IP addresses, browser types, and log files.
  • Usage and Interaction Data: Data on interactions with our services, such as user inputs in chatbots, feedback within our AI tools, and response times to safety notifications.
  • Device Usage Data: Information about device motion and height/altitude from sensors embedded in Kinetic devices. 
  • Device Diagnostic Data: Logs to monitor the performance of devices in the field. This may include information such as battery state, operating temperature, local IP addresses, device operation logs, and other diagnostic data as needed to support the operation of our services. 
  • Aggregated Injury Data: For some customer programs Kinetic may request anonymized historical data on insurance claims and worker injuries for the purpose of operating our services and making safety recommendations. 
  • Job, Claim, and Work Restrictions Data: Information related to job roles, work assignments, workers compensation claims, and work restrictions status to assist with workers' compensation claim management and return-to-work services. 
  • Customer Uploaded Data: Information uploaded to our services directly by customers, including but not limited to images, data files, and text.
  1. Information We Do Not Collect 
Through the operation of our services we explicitly do not collect the following data. Our services implement various controls to prevent the collection of this data, but any inadvertent collection of this information will be promptly deleted upon detection or notification. 
  • Private Health Information: Our Services do not collect private health information and are not intended for processing such data. Users shall not upload such information to our services. 
  • Biometric Data: Our Services do not collect biometric data. 
  • Real-time worker location: Wearable devices lack GPS and cannot track real-time location. Accessory devices, including but not limited to cellular modems and device charging units, may include GPS modules for diagnostic purposes. 
  • Real-time Audio and Video Data: Kinetic services and devices do not have the ability to collect audio or visual data. Devices do not include microphones or cameras. 
  1. How We Use Information 
We use the information collected to enhance the safety, compliance, and efficiency of our customers' workplaces: 
  • To Deliver and Optimize Our Services: Data will be used as necessary to deliver our services. Data may be accessed internally by Kinetic for quality assurance and control of our services, in compliance with privacy and security standards and policies.
  • To Promote Workplace Safety and Ergonomics: Safety and performance data help identify high-risk tasks, support real-time posture monitoring, and offer guidance to reduce potential injuries. 
  • For AI-Powered Insights and Risk Analysis: User inputs and data submitted to our AI services are used to generate insights, assess risks, and deliver customized solutions. Data submitted for AI analysis is used to train models for improving accuracy. All model training is done on Kinetic internal models used only to enable our services. Customer data is not used to train publicly available models, and is not shared externally or with unauthorized third parties. 
  • For Compliance and Safety Assurance: Data collected may be used to fulfill requirements for regulatory compliance, including OSHA assessments, workplace safety reporting, and internal audits. 
  • To Communicate with Users: To notify users of updates, maintenance, or relevant information necessary for the effective use of our services. 
  1. How We Share Information 
We limit data sharing to purposes essential for business operation, regulatory compliance, and improving our services. We do not share data with unauthorized third parties and adhere to the highest standards for data confidentiality.
  • With Authorized Third-Party Service Providers: We may engage third-party vendors to assist in providing services, such as cloud storage, data processing, and technical support. These vendors are bound by confidentiality agreements and can only use data to perform designated functions or for regulatory compliance. 
  • With Insurers, Legal Authorities, and Regulators: We may share information with insurance partners, legal entities, or regulatory authorities to support compliance, regulatory reporting, or as required by law. 
  • Customer-Authorized Partners: Upon request, data may be shared with designated customer representatives or authorized partners. 
  • In Case of Business Transactions: In the event of a merger, acquisition, or asset transfer, customer data may be included in the transaction but will remain subject to existing privacy commitments. 
  1. Data Protection Principles 

Kinetic adheres to the following data protection principles: 

  • Lawfulness, Fairness, and Transparency: Processing data in a lawful, fair, and transparent manner. 
  • Purpose Limitation: Collecting data for specified, explicit, and legitimate purposes.
  • Data Minimization: Limiting data collection to what is necessary in relation to the purposes for which it is processed. 
  • Accuracy: Ensuring data is accurate and kept up to date. 
  • Storage Limitation: Keeping data no longer than necessary. 
  • Integrity and Confidentiality: Ensuring the security of data through appropriate technical and organizational measures. 
  • Accountability: Demonstrating compliance with the above principles. 
Kinetic is governed by the applicable data protection regulations in the countries in which it operates. These principals seek to ensure general compliance with these regulations. 
  1. Data Security and Storage 
We maintain a written internal IT Security Policy that governs the practices used to secure data and services. Based on this policy, we employ strict security practices to protect user data from unauthorized access, alteration, or misuse: 
  • Data Security Protocols: Our security measures include encryption in transit and at rest, secure access control, industry standard cyber-security protection technologies, and adherence to best practices for data protection. 
  • Data Retention and Disposal: Data is retained only as long as necessary to meet operational, legal, or regulatory obligations. 
  • Incident Response Plan: We maintain an incident response plan for swiftly addressing and mitigating the impact of data security and privacy incidents.
  • Internal Awareness: All employees are expected to be aware of the importance of data privacy and security, including: data protection principles, responsibilities under this program, and how to recognize and report data breaches. 
  • Risk Assessment: Kinetic is committed to identifying and mitigating the risks associated with the collection of data. This includes assessing the effectiveness of existing controls and identifying areas for improvement.These assessments will inform the development and implementation of targeted risk mitigation strategies. 
  1. User Rights and Choices 

We value user control over data and provide options for data management: 

  • Access and Correction: Users may request to access, review, or correct their personal information by contacting us. 
  • Opt-Out of Marketing Communications: Users can opt out of receiving marketing emails, though essential service notifications will still be sent. 
  • Data Deletion and Restriction: Subject to applicable laws, users may request deletion or restriction of data. Please note certain information may be retained for compliance or operational requirements. 
  1. Use of Cookies and Tracking Technologies 
Our website and SaaS applications may use cookies and similar technologies to optimize performance and user experience. Users may manage cookies by adjusting their browser settings. 
  1. Children's Privacy 
Our services are intended for workplace environments and are not directed toward children under 18. We do not knowingly collect information from children, and any inadvertent collection will be promptly deleted upon detection or notification. 
  1. International Data Transfers 
Kinetic operates on a global scale, and data may be processed in different jurisdictions. Where applicable, we implement legal safeguards to ensure data transfers comply with local laws, including international data protection standards. 
  1. Changes to This Privacy Policy 
We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or regulatory obligations. Updates will be posted on this page.
  1. Contact Us 
For questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at: 
Kinetic 
 
Please read this policy carefully. Continued use of our services constitutes acceptance of this Privacy Policy.