KONOS AI PRIVACY POLICY

KONOS AI PRIVACY POLICY AND DATA PROTECTION STATEMENTLast Updated: November 5, 2025
Version: 1.01. INTRODUCTION AND SCOPE1.1 About This Policy
("KONOS," "we," "us," "our," or "Provider"), is committed to protecting your privacy and
ensuring transparency about how we collect, use, and safeguard your personal information.This Privacy Policy explains our data practices and your rights under applicable privacy
laws, including:
- The General Data Protection Regulation (GDPR) - European Union
- Other applicable privacy laws in your jurisdiction1.2 ScopeThis Privacy Policy applies to:
- Clients who purchase KONOS services
- Employees and contractors of Client organizations
- Visitors to our website (usekonos.com)
- Any individual whose personal information we collect or process1.3 Data ControllerKONOS AI is the data controller responsible for your personal information.
For data protection inquiries, contact:Email: [email protected]
---2. PERSONAL INFORMATION WE COLLECT2.1 Information You Provide DirectlyWe collect personal information that you voluntarily provide to us, including:Contact Information:
- Full name
- Email address
- Phone number
- Business address
- Job title and roleBusiness Information:
- Company name and registration number
- Business type and industry
- Company size and structure
- Business objectives and goals
- Current onboarding processes and workflowsFinancial Information:
- Billing address
- Payment method details (processed securely by Paddle)
- Invoice and transaction history
- Tax identification number (for business clients)Communication Records:
- Email correspondence
- Chat messages and support tickets
- Meeting notes and recordings (with consent)
- Feedback and survey responses
- Consent forms and agreementsBrand and Operational Data:
- Brand guidelines and brand assets
- Client lists and contact information
- Marketing materials
- Business processes and workflows
- Tool integrations and API credentials
- Automation requirements and specifications2.2 Information Collected AutomaticallyWhen you interact with our website and services, we automatically collect:Usage Data:
- Pages visited and time spent on each page
- Links clicked and actions taken
- Device type and operating system
- Browser type and version
- IP address and location data
- Referral sourceTechnical Data:
- Cookies and similar tracking technologies
- Log files from server access
- Performance metrics and error reports
- Analytics dataCommunication Data:
- Email open rates and click-through rates
- Meeting attendance and duration
- Support ticket interactions2.3 Information from Third PartiesWe may receive personal information about you from:
- Payment processors (Paddle) - payment information
- Email service providers - engagement metrics
- Analytics platforms - usage data
- Publicly available sources - business information
- Referral sources - contact information2.4 Sensitive Personal InformationWe do not intentionally collect sensitive personal information (racial or ethnic origin,
political opinions, religious beliefs, trade union membership, genetic data, biometric
data, health data, or criminal records). If you provide such information, we will handle
it with appropriate safeguards and only with your explicit consent.---3. LEGAL BASIS FOR DATA PROCESSING3.1 Why We Collect Your DataWe process your personal information based on the following legal grounds:Contract Performance (GDPR Article 6(1)(b), POPIA Section 11(1)(a)):
- To deliver KONOS services as outlined in our Terms of Service
- To manage billing, invoicing, and payment collection
- To provide customer support and technical assistance
- To fulfill contractual obligationsLegitimate Interests (GDPR Article 6(1)(f), POPIA Section 11(1)(d)):
- To improve and optimize our services
- To conduct business analytics and performance monitoring
- To prevent fraud and ensure security
- To maintain accurate business records
- To communicate service updates and important notices
- To develop new features and servicesLegal Obligation (GDPR Article 6(1)(c), POPIA Section 11(1)(c)):
- To comply with tax and accounting requirements
- To comply with data protection regulations
- To respond to legal requests and court orders
- To maintain audit trails for regulatory complianceConsent (GDPR Article 6(1)(a), POPIA Section 11(1)(e)):
- To send marketing communications (you can opt-out anytime)
- To use cookies and tracking technologies
- To record meetings or calls
- To use data for case studies or testimonialsVital Interests (GDPR Article 6(1)(d)):
- To protect the safety and security of our services and users---4. HOW WE USE YOUR INFORMATION4.1 Service DeliveryWe use your personal information to:
- Deliver KONOS onboarding automation services
- Customize solutions to your specific business needs
- Implement and configure automation workflows
- Integrate with your existing tools and systems
- Provide training and implementation support
- Monitor service performance and quality
- Troubleshoot technical issues
- Provide ongoing customer support4.2 Communication and SupportWe use your information to:
- Respond to your inquiries and support requests
- Send service updates, maintenance notices, and important announcements
- Provide billing and payment notifications
- Send password resets and security alerts
- Conduct customer satisfaction surveys
- Follow up on feedback and complaints4.3 Business OperationsWe use your information to:
- Manage contracts, billing, and invoicing
- Process payments and collect fees
- Maintain financial and accounting records
- Conduct business analytics and performance monitoring
- Prevent fraud and unauthorized access
- Ensure security and integrity of our services
- Comply with legal and regulatory obligations4.4 Service Improvement and DevelopmentWe use your information to:
- Analyze usage patterns and service performance
- Identify areas for improvement
- Develop new features and services
- Conduct research and testing
- Create anonymized insights and benchmarks
- Train machine learning models (with appropriate safeguards)4.5 Marketing and Business DevelopmentWe use your information to:
- Send marketing communications (only with your consent)
- Promote new services and features
- Conduct market research and surveys
- Create case studies and testimonials (with your permission)
- Identify potential business opportunities4.6 Legal and ComplianceWe use your information to:
- Comply with legal obligations and court orders
- Enforce our Terms of Service and other agreements
- Protect against fraud and security threats
- Maintain audit trails and compliance records
- Respond to regulatory inquiries---5. WHO WE SHARE YOUR INFORMATION WITH5.1 Data Sharing PolicyWe do NOT share your personal information with third parties without your explicit
consent, except as necessary to deliver services or as required by law.5.2 Service Providers and Data ProcessorsWe may share your information with trusted service providers who process data on our
behalf under strict data processing agreements:Payment Processing:
- Paddle (payment processor) - for payment processing and fraud prevention
- Your bank or payment provider - for transaction processingCommunication and Email:
- Email service providers - for sending communications
- Communication platforms - for support and collaborationAnalytics and Performance:
- Analytics platforms - for usage analysis and performance monitoring
- Cloud hosting providers - for data storage and infrastructureIntegration Partners:
- Make.com - for automation workflow integration (only with your authorization)
- HubSpot, Asana, and other tools - for integration purposes (only with your authorization)Legal and Compliance:
- Accountants and tax advisors - for tax and accounting purposes
- Legal counsel - for legal advice and compliance
- Government agencies - as required by law5.3 Data ProcessorsAll service providers who access your data are bound by data processing agreements
that require them to:
- Process data only as instructed
- Maintain data security and confidentiality
- Implement appropriate technical and organizational safeguards
- Not disclose data to unauthorized parties
- Assist with your data subject rights requests5.4 Sub-ProcessorsWe maintain a list of sub-processors who may access your data. You can request
this list by contacting [email protected].5.5 Legal DisclosuresWe may disclose your information if required by law, including:
- Court orders or legal process
- Government or regulatory requests
- Law enforcement inquiries
- Protection of legal rights and safety5.6 Business TransfersIf KONOS is acquired, merged, or undergoes a change of control, your information
may be transferred as part of that transaction. We will notify you of any such change
and any choices you may have regarding your information.5.7 Anonymized and Aggregated DataWe may use anonymized and aggregated data (data that cannot identify you) for:
- Business analytics and benchmarking
- Service improvement and development
- Marketing and promotional purposes
- Research and statistical analysis---6. DATA RETENTION AND DELETION6.1 Retention PeriodsWe retain your personal information only as long as necessary for the purposes outlined
in this Privacy Policy:| Data Category | Retention Period | Reason |
|---------------|-----------------|--------|
| Client contact information | Duration of contract + 3 years | Legal/tax obligations |
| Financial and billing records | 7 years | Tax and accounting requirements |
| Communication records | 2 years | Legal and dispute resolution |
| Usage and analytics data | 12 months | Service improvement |
| Support tickets and inquiries | 2 years | Customer service and disputes |
| Marketing consent records | Until withdrawn | Compliance with consent |
| Cookies and tracking data | Per cookie policy | User preference |6.2 Data DeletionUpon termination of our services, we will:
- Delete or anonymize your personal information within 30 days
- Retain only information required by law or for legitimate business purposes
- Provide you with a copy of your data upon request6.3 Your Right to ErasureYou have the right to request deletion of your personal information in certain
circumstances (see Section 8 - Your Rights).---7. DATA SECURITY AND PROTECTION7.1 Security MeasuresWe implement industry-standard technical and organizational measures to protect
your personal information against unauthorized access, alteration, disclosure, or loss:Technical Safeguards:
- Encryption of data in transit (HTTPS/TLS)
- Encryption of sensitive data at rest
- Secure password hashing and storage
- Access controls and authentication
- Regular security audits and vulnerability assessments
- Intrusion detection and prevention systems
- Firewalls and network securityOrganizational Safeguards:
- Limited access to personal information (need-to-know basis)
- Employee data protection training
- Confidentiality agreements with staff
- Incident response and breach notification procedures
- Regular backups and disaster recovery plans
- Secure data disposal procedures7.2 Data Breach NotificationIn the event of a data breach that compromises your personal information, we will:
- Notify affected individuals without undue delay
- Notify relevant data protection authorities as required by law
- Provide information about the breach and steps you can take
- Cooperate with investigations7.3 LimitationsWhile we implement strong security measures, no method of transmission or storage is
100% secure. We cannot guarantee absolute security, but we are committed to protecting
your information to the best of our ability.---8. YOUR PRIVACY RIGHTS AND CHOICES8.1 Rights Under GDPR (for EU Residents)If you are located in the European Union, you have the following rights:Right of Access (Article 15):
You have the right to request access to your personal information and receive a copy
of the data we hold about you.Right to Rectification (Article 16):
You have the right to request correction of inaccurate or incomplete personal information.Right to Erasure (Article 17):
You have the right to request deletion of your personal information in certain
circumstances (e.g., if it's no longer necessary for the original purpose).Right to Restrict Processing (Article 18):
You have the right to request that we limit how we use your personal information
while we verify its accuracy or consider your other rights.Right to Data Portability (Article 20):
You have the right to request your personal information in a portable format and
to transmit it to another controller.Right to Object (Article 21):
You have the right to object to processing of your personal information for marketing,
profiling, or other purposes.Right to Withdraw Consent:
If we process your data based on consent, you have the right to withdraw that consent
at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.Right to Lodge a Complaint:
You have the right to lodge a complaint with your local data protection authority
if you believe your rights have been violated.8.2 Rights Under POPIA (for South African Residents)If you are located in South Africa, you have the following rights:Right of Access:
You have the right to request confirmation of whether we hold your personal information
and to receive a copy of that information.Right to Correction:
You have the right to request correction of inaccurate, incomplete, or outdated
personal information.Right to Erasure:
You have the right to request deletion of your personal information in certain
circumstances.Right to Restrict Processing:
You have the right to request that we limit how we process your personal information.Right to Object:
You have the right to object to processing of your personal information for certain
purposes, including direct marketing.8.3 How to Exercise Your RightsTo exercise any of these rights, please contact us at:Email: [email protected]We will respond to your request within 30 days (or as required by law). We may request
verification of your identity to protect your privacy.8.4 Marketing CommunicationsYou have the right to opt-out of marketing communications at any time by:
- Clicking the "unsubscribe" link in any marketing email
- Contacting us at [email protected]
- Updating your communication preferences in your account8.5 Cookies and TrackingYou can control cookies and tracking technologies through:
- Browser settings (most browsers allow you to refuse cookies)
- Cookie consent tools on our website
- Opt-out mechanisms provided by analytics providers---9. COOKIES AND TRACKING TECHNOLOGIES9.1 What Are Cookies?Cookies are small files stored on your device that contain information about your
browsing activity. We use cookies to enhance your experience and analyze how you use
our website.9.2 Types of Cookies We UseEssential Cookies:
- Session management
- Security and fraud prevention
- User preferencesAnalytics Cookies:
- Google Analytics - to understand how you use our website
- Hotjar - to analyze user behavior and improve UXMarketing Cookies:
- Facebook Pixel - for retargeting and advertising
- LinkedIn Insight Tag - for professional audience analysisThird-Party Cookies:
- Cookies from our partners and service providers9.3 Cookie ManagementYou can control cookies through:
- Your browser settings (most browsers have cookie controls)
- Our cookie consent banner on