This Privacy Policy outlines our practices regarding the collection, use, and disclosure of personal information when you use our website and services.
Welcome to Konvex. These Terms and Conditions (“Terms”) govern your access to and use of the Konvex Unified API and related services (collectively, the “Services”). By registering for or using any part of the Services, you (“Client” or “you”) agree to be bound by these Terms. If you do not agree, please do not use our Services.
1. Acceptance of Terms
1.1 By accessing or using the Services, you confirm that you have read, understood, and accepted these Terms.
1.2 We may update these Terms at any time by publishing a revised version on our website. Continued use of the Services after changes are published constitutes acceptance of the updated Terms.
2. Description of the Service
2.1 Konvex provides a Unified API that enables clients to integrate multiple ERP systems and third-party applications through a single secure endpoint.
2.2 Key features include:
Token-based authentication and authorization
Automated field mapping and data synchronization
Transaction posting and reconciliation
Monitoring, diagnostics, and error notification
2.3 Konvex does not store financial records or sensitive end-user data; only authentication tokens and metadata necessary to facilitate integrations.
3. Account Registration and Security
3.1 Account creation: Some features require you to register by providing accurate and up-to-date information.
3.2 Credentials: You are solely responsible for safeguarding your username, password, and API tokens. You agree to notify us immediately of any unauthorized use of your account.
4. Client Obligations
4.1 Data compliance: You guarantee that any data or credentials you provide comply with all applicable laws and regulations.
4.2 Proper use: You must not use the Services for illegal, unauthorized, or harmful activities, including overloading our servers, reverse-engineering our API, or creating derivative works.
4.3 ERP credentials: You agree to provide valid credentials and the necessary permissions for each ERP or third-party system you integrate.
4.4 Responsibilities for client data:
4.4.1 Client obligation: The Client is solely responsible for obtaining consent from its own users or customers for the use, storage, monitoring, processing, cleansing, and deletion of their data, in accordance with the Client’s internal policies and applicable law.
4.4.2 Konvex role: Konvex acts solely as a technical query provider. We do not access, store, process, or use client users’ or customers’ information, except as set forth in Section 4.4.3.
4.4.3 Data we retain: Konvex only records API logs and requests for operational and security purposes.
5. Subscription Plans and Billing
5.1 Plans: We offer Monthly and Annual subscription plans. Each plan renews automatically unless canceled at least 7 days prior to the renewal date.
5.2 Payment processing: All fees are processed through Stripe and are non-refundable.
5.3 Authorization: By subscribing, you authorize Konvex to charge all applicable fees and taxes to your chosen payment method.
5.4 Price changes: We may adjust prices with at least 30 days’ notice prior to the next billing cycle.
6. Support and Service Levels
6.1 Support hours: Each plan includes a set number of monthly support hours via email or Slack.
6.2 SLA: We commit to meeting maximum response times described in our Service Level Agreement, available in the dashboard.
6.3 Sandbox access: All Clients receive access to a sandbox environment for up to 60 days.
6.4 Additional services: Extra support or professional services may be purchased separately.
7. Data Analysis and Privacy
7.1 Aggregated information: We may collect and analyze anonymized connection and usage data to improve our AI-driven mapping algorithms.
7.2 Personal data: Any personal information you provide via contact forms (e.g., name, email, company) may be used for marketing and communication but will not be sold or rented without your consent.
7.3 Privacy policy: Our Privacy Policy, available at https://www.getkonvex.com/legal/privacy-policy, governs the handling of personal data and is incorporated herein by reference.
8. Security and Compliance
8.1 Standards: We implement industry-standard security measures, including encryption in transit and at rest, strict access controls, audit logging, and periodic security audits.
8.2 Regulatory compliance: We comply with ISO 27001 standards and applicable financial regulations, including Colombian Circular No. 004 of 2024.
8.3 Data location: Information is stored in cloud infrastructure services provided by Amazon RDS and Azure Database for PostgreSQL, with servers located in the United States. All data is protected under international security standards with redundancy and backup mechanisms.
8.4 Internal procedures: In line with our Information Processing Policy (KV-001PTI), we apply backup, access control, and secure data destruction measures.
9. Data We Collect
9.1 Data provided directly: name, email, company, job title.
9.2 Technical data: IP address, browser, device, usage patterns.
9.3 Client and transaction data: related to ERP integrations.
9.4 Google data obtained via OAuth:
Email and profile name (email, profile), to authenticate the user on the platform.
Basic profile picture (openid), to display user identity within the dashboard
Google Calendar events (https://www.googleapis.com/auth/calendar.events.readonly), to synchronize calendars with ERP systems.
Google Drive files (https://www.googleapis.com/auth/drive.readonly), for reading and syncing documents with accounting systems.
10. Use of Data
10.1 We use the collected information for:
Authentication and secure access
Providing integration services
Data synchronization and API operation
Customer support
Legal and contractual compliance
Improving our services
10.2 Regarding Google data:
Email and basic profile are used solely to identify and authenticate the user in Konvex.
Profile picture is only displayed within the user dashboard.
Calendar events are used exclusively to integrate and synchronize with ERP systems configured by the client.
Drive files are used in read-only mode to import and query documents within integrations.
Google data is never used for advertising or any purpose other than those authorized.
11. Information Sharing with Third Parties
11.1 Konvex may share data with infrastructure providers and authorized subprocessors, in accordance with the DPA.
11.2 Third parties are required to comply with security standards equivalent to Konvex.
11.3 We may share data when required by law or competent authorities.
11.4 Regarding Google data:
We do not share Google data with third parties, except with infrastructure providers strictly necessary for the secure operation of the platform (e.g., cloud storage).
We never sell or transfer Google data to third parties for commercial purposes.
12. Data Retention and Deletion
12.1 We retain data only as long as necessary to fulfill contractual or legal purposes.
12.2 Upon termination of services, authentication tokens and credentials are permanently deleted, unless retention is legally required.
12.3 We apply secure deletion methods (overwriting, cryptographic erasure, device destruction). Deletion is carried out in line with the secure procedures described in Section 8 (Security and Compliance).
12.4 Users may request the deletion of their personal data by emailing support@getkonvex.com.
12.5 Regarding Google data: Users can revoke access at any time from the Google Security Settings page. They may also request immediate deletion of their OAuth-associated data by emailing support@getkonvex.com Konvex will process such deletion requests within a maximum of 30 calendar days
13. User Rights
Users may:
Access their personal data
Rectify inaccurate information
Request deletion or erasure of data
Object to the processing of their data
Request data portability
Requests must be sent to support@getkonvex.com and will be processed within legal timeframes.
14. Compliance with Google API Data Policy
We only request the minimum permissions necessary.
Google data is never used for advertising or marketing.
Google data is not used for AI/ML model training.
We comply with the Google API Services User Data Policy and Google APIs Terms of Service.
15. Intellectual Property and Branding
15.1 Ownership: All software, documentation, trademarks, and logos (“Materials”) are the exclusive property of Konvex.
15.2 License: Subject to these Terms, we grant you a limited, non-exclusive, non-transferable license to use the Materials solely for accessing and using the Services.
15.3 Marketing use: By subscribing, you grant Konvex permission to display your name and logo in marketing materials, provided no confidential information is disclosed.
16. Limitation of Liability
16.1 Disclaimer: The Services are provided “as is” and “as available.” We make no warranties of any kind, express or implied.
16.2 Indirect damages: Konvex shall not be liable under any circumstances for indirect, incidental, special, consequential, or punitive damages.
16.3 Total liability: Our total liability for any claim shall not exceed the fees paid by you during the 12 months prior to the event giving rise to the claim.
17. Indemnification
You agree to defend, indemnify, and hold Konvex harmless from any claim, liability, damage, or expense arising from your breach of these Terms or your use of the Services.
18. Prohibited Activities
You must not:
Use automated systems (robots, spiders, scrapers) to access the API without authorization
Impersonate any person or entity or misrepresent your affiliation
Circumvent measures we use to restrict or limit access
19. Third-Party Links and Content
Our website may contain links to third-party sites. We are not responsible for their content or privacy practices and make no representations regarding them.
20. Account Termination
20.1 Termination: You may cancel your subscription at any time. We may suspend or terminate your access due to breach of these Terms.
20.2 Data deletion: Upon cancellation or termination, we will permanently delete your authentication tokens, credentials, and integration data, in accordance with Section 12. You are responsible for maintaining your own backups.
21. Governing Law and Dispute Resolution
These Terms are governed by the laws of the Republic of Colombia. Any disputes arising under these Terms shall be resolved exclusively in the courts of Bogotá, D.C.
Contact
For questions or support, please email us at gestion@getkonvex.com or visit www.getkonvex.com.
