Privacy Policy

This Privacy Policy explains how Kybern.ai collects, uses, stores, and shares personal data when you use kybern.ai, the Kybern.ai platform, related applications, APIs, and support services.

This policy is intended to provide a general explanation of Kybern.ai's data handling practices. Additional contractual terms, data processing agreements, or product-specific notices may apply depending on how your organization uses the service.

Kybern.ai may collect personal data directly from you, from your organization, from usage of the service, and from third-party integrations you choose to connect.

Depending on how the platform is used, the categories of data may include account details, profile information, contact details, workspace membership information, authentication data, billing details, communications, uploaded files, prompts, generated outputs, support requests, device information, usage logs, analytics events, integration metadata, file metadata, and service records associated with the features enabled for the relevant workspace.

Kybern.ai uses personal data to provide, secure, maintain, and improve the service; authenticate users; manage accounts and subscriptions; respond to support requests; operate AI-assisted features; monitor reliability and performance; prevent abuse; comply with legal obligations; and communicate service-related information.

Where permitted by law, Kybern.ai may also use limited service and usage information to develop, troubleshoot, and enhance platform functionality, security, and user experience.

Kybern.ai processes customer-submitted data, files, messages, prompts, and documents in order to provide the requested platform functionality. This may include transmission, indexing, transformation, summarization, classification, generation of outputs through AI-assisted tools, and the creation or maintenance of service records associated with those activities.

Depending on workspace configuration, customer-uploaded business files and assets may be stored in AWS S3 or comparable object storage configured for the relevant customer or company workspace. Kybern.ai may also store related metadata and service records reasonably necessary to index, secure, retrieve, display, administer, support, and manage those files and the associated services.

Where applicable features are enabled, those records may include file indexes, message content, support records, HR conversation archives, AI call records, notifications, and audit events. Not all features are enabled in every workspace. You and your organization remain responsible for determining whether the data you submit to Kybern.ai is appropriate for processing and whether additional notices, consents, contracts, or legal safeguards are required for your specific use case.

Where applicable data protection law requires a legal basis, Kybern.ai generally relies on one or more of the following: performance of a contract, legitimate interests in operating and securing the service, compliance with legal obligations, and consent where consent is specifically required.

If Kybern.ai relies on consent for a particular processing activity, you may withdraw that consent subject to applicable law.

Kybern.ai may share personal data with subprocessors, infrastructure providers, analytics providers, customer support tools, communication providers, payment providers, and other service providers that help operate the platform.

This may include cloud and object storage providers, database providers, email or messaging providers, AI providers, telephony providers, and other technical vendors needed to provide the specific services enabled in your workspace.

Kybern.ai may also share data when required by law, to enforce rights, to protect users or the public, in connection with a corporate transaction, or where you or your organization instructs Kybern.ai to connect with a third-party integration or customer-controlled storage destination.

Kybern.ai may process or store personal data in countries other than the country where the data was collected. When cross-border transfers occur, Kybern.ai aims to use appropriate safeguards required by applicable law, which may include contractual protections or equivalent transfer mechanisms.

Kybern.ai retains personal data for as long as needed to provide the service, comply with contractual and legal obligations, resolve disputes, enforce agreements, and maintain appropriate security and backup practices.

Retention periods may vary depending on account status, the type of data involved, customer instructions, configured storage destinations, enabled features, technical requirements, and legal obligations. Where customer files or assets are stored in customer-configured AWS S3 or comparable object storage, retention may also depend on that storage configuration, lifecycle policies, and deletion practices.

Kybern.ai uses technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure. However, no service can guarantee absolute security, and you should also take appropriate steps to secure your own accounts, devices, and internal access controls.

Depending on your location and applicable law, you may have rights to request access to personal data, correction of inaccurate data, deletion, restriction of processing, portability, objection to certain processing, or withdrawal of consent.

If your personal data is controlled by an organization that uses Kybern.ai, you may need to contact that organization first. Kybern.ai may require reasonable verification before fulfilling direct privacy requests.

Kybern.ai may use cookies, local storage, session identifiers, and similar technologies to keep users signed in, remember preferences, maintain security, analyze performance, and improve usability.

You can manage certain browser-based storage controls through your browser settings, though disabling some technologies may affect functionality.

Kybern.ai is intended for business and organizational use and is not directed to children. If Kybern.ai becomes aware that personal data has been collected from a child in violation of applicable law, Kybern.ai will take reasonable steps to delete that information.

Kybern.ai may update this Privacy Policy from time to time to reflect legal, technical, or product developments. When changes are material, Kybern.ai will post the updated version on this page and may provide additional notice through the service or by other reasonable means.

If you have questions about this Privacy Policy or would like to submit a privacy-related request, please contact the Kybern.ai team through the support channel available in your workspace or through the contact options published on kybern.ai.