Legal

Privacy Policy

Last updated: May 9, 2026

1. Who We Are

Kairos Intelligence is a buyer signal intelligence service accessible at kairosintel.co. For the purposes of applicable data protection law, including the EU General Data Protection Regulation (GDPR) and UK GDPR, Kairos Intelligence is the data controller for personal data collected through this website.

Contact: hello@kairosintel.co

2. Scope

This policy applies to:

·Visitors to the kairosintel.co website
·Individuals who submit the contact, sample report request, or newsletter forms
·Business contacts of prospective and current clients

Important: This policy does not cover personal data processed on behalf of clients as part of delivering Signal Intelligence Reports. That processing is governed by a separate Data Processing Agreement (DPA) entered into with each client.

3. Personal Data We Collect

3.1 Data You Provide Directly

·Contact form: Name, work email address, company name, message
·Sample report request: Name, work email, company name, ICP description
·Newsletter sign-up: Work email address only
·Cal.com bookings: Name, email, and any booking form details — these are processed by Cal.com under their own privacy policy

3.2 Data Collected Automatically

·Google Analytics 4 (GA4): Pages visited, session data, device and browser information — activated only after you accept analytics cookies via the consent banner
·Vercel server logs: IP addresses and access timestamps, retained for security and operational purposes per Vercel's data retention policy

3.3 Data We Do Not Collect

We do not collect sensitive personal data as defined in GDPR Article 9, payment card data, or data from individuals under the age of 18. This service is directed exclusively at business professionals.

4. How We Use Your Data

Purpose	Data Used	Lawful Basis (GDPR)
Respond to enquiry	Name, email, message	Legitimate interests Art. 6(1)(f)
Deliver sample report and follow-up	Name, email, company, ICP	Legitimate interests Art. 6(1)(f)
Send newsletter and intelligence updates	Email address	Consent Art. 6(1)(a)
Provide and invoice our service	Contact and billing info	Contract Art. 6(1)(b)
Improve website performance	Aggregated analytics	Consent Art. 6(1)(a)
Comply with legal obligations	As required by law	Legal obligation Art. 6(1)(c)

Where we rely on legitimate interests, we have determined that our interest in responding to business enquiries does not override the fundamental rights and freedoms of data subjects, given the strictly B2B context and the limited nature of the personal data involved.

5. How We Share Your Data

We do not sell personal data. We do not share data with third parties for their own marketing purposes. We use the following sub-processors to operate our service:

·Vercel Inc (USA): Website hosting and serverless compute

·Google LLC (USA) — Google Analytics 4: Website analytics, activated only upon cookie consent and anonymised at collection where possible

·Cal.com Inc (USA): Meeting scheduling, subject to Cal.com's own privacy policy

·Email delivery provider (TBD): Transactional email delivery — this policy will be updated with the confirmed provider name when onboarding is complete

All sub-processors implement appropriate technical and organisational measures to protect personal data. Data may also be disclosed where required by applicable law, court order, or regulatory authority.

6. International Data Transfers

Kairos Intelligence is operated globally. Our sub-processors are primarily based in the United States. For transfers of personal data from the EEA or UK to countries not deemed adequate by the European Commission, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, as incorporated into our sub-processor agreements. Details of these transfer mechanisms are available on request at hello@kairosintel.co.

7. Cookies

A consent banner is displayed on your first visit to this site. Analytics cookies are not activated until you explicitly accept via the banner. You may decline analytics cookies without any impact on site functionality.

Category	Purpose	Consent Required
Strictly Necessary	Cookie consent preference storage	No
Analytics (GA4)	Page views, session data, traffic sources	Yes

Consent can be withdrawn at any time by clearing your browser cookies. No advertising or retargeting cookies are used.

8. Data Retention

·Enquiry and sample report data: 24 months from submission, or earlier upon a verified deletion request
·Newsletter subscribers: Until unsubscribe — every email includes an unsubscribe link
·Client contact data: Duration of the client relationship plus 5 years for contractual and financial recordkeeping
·Analytics data: 14 months in Google Analytics 4, then automatically deleted per GA4 default settings
·Server logs: Per Vercel's data retention policy

9. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

·Access: Obtain a copy of the personal data we hold about you (GDPR Art. 15)
·Rectification: Request correction of inaccurate or incomplete data (GDPR Art. 16)
·Erasure: Request deletion of your personal data in certain circumstances (GDPR Art. 17)
·Restriction: Request that we restrict processing of your data (GDPR Art. 18)
·Portability: Receive your data in a structured, machine-readable format (GDPR Art. 20)
·Object: Object to processing based on legitimate interests — we will cease unless we can demonstrate compelling legitimate grounds (GDPR Art. 21)
·Withdraw consent: Withdraw consent at any time for consent-based processing, without affecting the lawfulness of prior processing

To exercise any of these rights, email hello@kairosintel.co. We will respond within 30 calendar days. Identity verification may be required before we action a request.

EEA and UK residents have the right to lodge a complaint with their national supervisory authority — for example, the Information Commissioner's Office (ICO) in the United Kingdom, or the relevant national Data Protection Authority in EU member states.

10. Data Security

We implement the following technical and organisational measures to protect personal data:

·HTTPS encryption enforced across all pages and API routes
·Environment variable management for all credentials — no credentials stored in source code or repositories
·Access controls limiting data access to those who require it
·SOC 2-certified hosting infrastructure via Vercel

No method of transmission over the internet is 100% secure. In the event of a material personal data breach, we will notify affected individuals and relevant supervisory authorities as required by applicable law.

11. Third-Party Links

This site contains links to third-party services including Cal.com and LinkedIn. Kairos Intelligence is not responsible for the privacy practices or content of those sites. We recommend reviewing their privacy policies independently before providing personal data to them.

12. Children's Privacy

This service is directed exclusively at business professionals and is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe personal data from an under-18 individual has been submitted, please contact us at hello@kairosintel.co and we will delete it promptly.

13. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page will be revised whenever changes are made. For material changes, we will provide a prominent notice on the website and, where applicable, notify newsletter subscribers directly. Continued use of the site following the effective date of any changes constitutes acceptance of the revised policy.

14. Contact Us

For any questions, data subject requests, or concerns about this policy, please contact:

Kairos Intelligence

Attention: Data Privacy

hello@kairosintel.co

We aim to respond to all data privacy enquiries within 30 calendar days of receipt.