Legal

Privacy Policy

Effective date: January 1, 2026

Kryon ("we", "us", or "our") operates the Kryon platform and website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our platform.

1. Information We Collect

We collect information you provide directly to us when you:

• Create an account or request a demo
• Use the Kryon platform and its features
• Contact us for support or other inquiries
• Subscribe to marketing communications

The types of information we collect include: name, email address, company name, job title, phone number, billing information, and any other information you choose to provide.

We also automatically collect certain information when you use our services, including: IP address, browser type and version, operating system, referring URLs, pages viewed, and time spent on pages. This information is collected through cookies, web beacons, and similar tracking technologies.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Process transactions and send related information, including purchase confirmations and invoices
• Send administrative information such as changes to our terms, conditions, and policies
• Respond to comments, questions, and requests, and provide customer service
• Send promotional communications, such as information about products, services, and events, where you have opted in to receive such communications
• Monitor and analyse trends, usage, and activities in connection with our services
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Comply with legal obligations

3. Sharing of Information

We may share your personal information in the following situations:

• Service Providers: We may share your information with third-party vendors and service providers that perform services on our behalf, such as payment processing, data analytics, email delivery, hosting services, customer service, and marketing assistance.
• Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
• Legal Requirements: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
• With Your Consent: We may disclose your personal information for any other purpose with your consent.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4. Data Retention

We retain personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your personal information, we will securely delete or anonymise it.

For active accounts, we retain your data for the duration of your account plus 90 days following account closure to allow for any billing disputes or service recovery requests.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our services and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier.

We use the following types of cookies:

• Essential Cookies: Required for the operation of our services. They include, for example, cookies that enable you to log into secure areas.
• Analytics Cookies: Allow us to recognise and count the number of visitors and to see how visitors move around our services when they are using it.
• Functional Cookies: Used to recognise you when you return to our services and enable us to personalise our content for you.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our services.

6. Security

We use administrative, technical, and physical security measures to help protect your personal information. Our platform employs AES-256 encryption for data at rest, TLS 1.3 for data in transit, and we maintain SOC 2 Type II certification with annual third-party audits.

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

7. Your GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR):

• Right to Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Data Portability: You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.
• Right to Object: You have the right to object to our processing of your personal data, under certain conditions.

We also comply with the California Consumer Privacy Act (CCPA). California residents have the right to know what personal information we collect, the right to delete personal information, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, please contact us at hello@kryonai.com.

8. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located in the EEA, we ensure that any transfers of your personal data to countries outside the EEA are carried out in accordance with applicable data protection laws, using mechanisms such as Standard Contractual Clauses. We maintain EU data in isolated regional infrastructure to support GDPR compliance.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the effective date. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• By email: hello@kryonai.com
• By visiting our contact page: Book a demo / Contact us