Privacy Policy

Website visitors

Prospective and current clients

Project stakeholders and end-users

Newsletter subscribers and contact form users

General Data Protection Regulation (GDPR) - for EU/UK users

California Consumer Privacy Act (CCPA) - for California residents

Other applicable data protection laws

Contact Information: Name, email address, phone number, company name

Business Information: Job title, company size, industry sector

Project Information: Project requirements, specifications, briefs

Payment Information: Billing address, payment method details (processed securely by third parties)

Communication Records: Messages, emails, consultation notes

Account Information: Username, password (encrypted), preferences

Technical Data: IP address, browser type, device information, operating system

Usage Data: Pages visited, time spent on pages, click patterns, referral sources

Location Data: General geographic location based on IP address

Cookie Data: Information stored through cookies and similar technologies

Google Analytics: Website traffic, user behavior, demographics

PostHog Cloud: Product analytics, user journeys, feature usage

Firebase: App performance, crash reporting, user engagement

Other analytics tools: As needed for specific projects

Business partners and referral sources

Public databases and social media platforms

Payment processors (transaction confirmation)

Professional networking sites (LinkedIn, etc.)

Providing and managing our software development services

Communicating about projects, deliverables, and updates

Responding to inquiries and support requests

Processing payments and maintaining financial records

Delivering completed work and project documentation

Managing client relationships and accounts

Improving our services and user experience

Conducting internal research and development

Maintaining security and preventing fraud

Complying with legal and regulatory requirements

Sending newsletters and service updates (with consent)

Sharing relevant industry insights and company news

Promoting new services or features

Conducting customer satisfaction surveys

Understanding how visitors use our website

Identifying popular features and content

Improving website performance and functionality

Detecting and preventing technical issues

Processing necessary to fulfill our service agreements

Delivering projects and maintaining client relationships

Improving our services and user experience

Preventing fraud and ensuring security

Direct marketing to existing clients (with opt-out option)

Business analytics and optimization

Using cookies and tracking technologies

Sending marketing communications to new contacts

Processing special categories of data (if applicable)

Complying with tax and accounting requirements

Responding to legal requests and court orders

Meeting regulatory compliance obligations

Payment Processors: PayPal, Stripe, banking institutions

Cloud Services: Hosting and data storage providers

Analytics Tools: Google Analytics, PostHog, Firebase

Communication Tools: Email services, project management platforms

Development Tools: Version control, testing platforms

In response to subpoenas, court orders, or legal processes

To protect our rights, property, or safety

To prevent fraud or illegal activities

To comply with regulatory investigations

Locally in secure file systems with encryption

With reputable cloud service providers (details provided upon request)

In jurisdictions with adequate data protection standards

Encryption in transit (SSL/TLS) and at rest

Regular security audits and vulnerability assessments

Access controls and authentication requirements

Secure backup and disaster recovery procedures

Employee training on data protection practices

Confidentiality agreements with all staff and contractors

Active client data: Duration of relationship plus legal requirements

Project files: As agreed in project contracts

Financial records: Minimum legal retention period (typically 6-7 years)

Marketing data: Until you opt out or we no longer have legitimate use

Analytics data: Typically 12-26 months

Access: Request a copy of your personal data

Correction: Update inaccurate or incomplete information

Deletion: Request deletion of your data (subject to legal obligations)

Objection: Object to certain processing activities

Portability: Receive your data in a machine-readable format

Right to restriction of processing

Right to withdraw consent at any time

Right to lodge a complaint with a supervisory authority

Right to detailed information about processing activities

Right to know what personal information is collected

Right to know if personal information is sold or disclosed

Right to opt out of sale of personal information (we don't sell data)

Right to non-discrimination for exercising your rights

Email us at: info@kyneticsbsd.com

Subject line: "Privacy Rights Request - [Your Right]"

Include: Your name, contact details, and specific request

We will respond within 30 days (or as required by law)

Enable basic website functionality

Remember your preferences and settings

Maintain security and prevent fraud

Google Analytics: Track website usage and performance

PostHog: Analyze user behavior and feature usage

Firebase: Monitor app performance and crashes

Social media platforms (if you share content)

Embedded content providers

Analytics and advertising partners

Browser settings (most browsers allow blocking or deleting cookies)

Privacy settings on our website (when implemented)

Third-party opt-out tools

We do not knowingly collect personal information from children

Our services require users to be 18+ (individuals) or represent a business

If we discover we have collected data from a child, we will delete it promptly

Standard Contractual Clauses (SCCs) approved by regulatory authorities

Adequacy decisions by the EU Commission

Binding corporate rules where applicable

Explicit consent for specific transfers when required

Where your data is transferred

What safeguards are in place

How to exercise your rights regarding transfers

We will investigate the breach immediately

Take steps to contain and mitigate the breach

Assess the risk to your rights and freedoms

Notify relevant supervisory authorities within 72 hours (if required)

The breach poses a high risk to your rights and freedoms

Required by applicable law

Notification would help protect your interests

Nature of the breach and data affected

Likely consequences and potential risks

Steps we're taking to address the breach

Recommendations for protecting yourself

Contact information for questions

We are not responsible for the privacy practices of third parties

Third-party sites have their own privacy policies

We encourage you to review their policies before providing information

We will inform you of any data sharing

You remain responsible for your own privacy policy

We recommend reviewing third-party terms and policies

Those platforms have their own privacy policies

Interactions on those platforms are governed by their terms

We may collect publicly available information from social media

You are the data controller; we are the data processor

We process data only according to your instructions

A Data Processing Agreement (DPA) will govern this processing

You are responsible for your own privacy policy and user consent

Ensure you have legal basis to collect and share data with us

Provide necessary privacy notices to your users

Obtain required consents for data processing

Inform us of any data subject requests affecting project data

Process data only as instructed

Implement appropriate security measures

Assist with data subject requests

Notify you of any data breaches

Delete or return data upon project completion (unless legally required to retain)

Changes in our practices or services

Legal or regulatory requirements

Technological developments

User feedback and best practices

Posting the updated policy on our website

Updating the "Last Updated" date

Email notification for material changes (to registered users)

Prominent website notice for significant changes

UK: Information Commissioner's Office (ICO) - ico.org.uk

EU: Your national data protection authority

30 days for general inquiries

1 month for GDPR requests (extendable to 3 months for complex requests)

As required by applicable law for other jurisdictions

You have read and understood this Privacy Policy

You consent to the collection, use, and disclosure of your information as described

You understand your rights and how to exercise them

For business users: You have authority to provide data and consent on behalf of your organization