Purpose

The purpose of this Privacy Policy is to define KYXStart’s approach to collecting, using, storing, and sharing personal information in connection with our products, services, and websites. The goal is to ensure transparency, safeguard user privacy, comply with applicable laws, and maintain customer trust in KYXStart’s handling of personal data.

Scope

This policy applies to all KYXStart employees, contractors, systems, and processes that collect, process, store, or share personal information, including but not limited to:

  • The KYXStart website (https://www.kyxstart.com) and any linked pages
  • Cloud-based services and applications
  • Marketing, sales, and customer engagement activities
  • Third-party integrations and service providers handling user data

Policy

Privacy Program Ownership

KYXStart maintains a centrally managed Privacy Program overseen by the designated Privacy Officer or equivalent role. The Privacy Policy is reviewed at least annually and upon significant changes in legal, business, or technological environments. The program aligns with KYXStart’s risk tolerance, business objectives, and legal obligations such as GDPR, CCPA, and other applicable regulations.

Privacy Objectives

ObjectiveTarget
TransparencyClear and accessible information about data practices
User ControlMechanisms for users to review, update, or delete data
Legal ComplianceMeet or exceed applicable privacy and data protection laws
Data SecurityProtect personal data using appropriate technical safeguards

Privacy Strategy

KYXStart’s approach to privacy includes:

  • Data Minimization: Collect only personal information necessary for defined purposes
  • Consent Management: Obtain user consent where required and maintain records of consent
  • User Rights Enablement: Provide mechanisms for data access, correction, deletion, and portability
  • Third-Party Risk Management: Evaluate vendor privacy practices during onboarding and reassess periodically
  • Data Security: Use industry-standard security controls to protect personal information against unauthorized access, disclosure, or loss
  • Incident Response Integration: Coordinate data breach response with KYXStart’s Incident Response Plan to ensure prompt notification and remediation when required

Key Privacy Procedures

  • Notice and Transparency: Publish and maintain an up-to-date Privacy Notice at https://www.kyxstart.com, describing how and why KYXStart collects, uses, stores, and shares personal information
  • Consent Management: Allow users to grant or withdraw consent for marketing and other processing where required
  • User Access Requests: Enable users to submit data subject access requests via privacy@kyxstart.com to review, update, or delete their personal information
  • Data Sharing: Share personal information only with authorized service providers under contract, or as required by law
  • Data Retention: Retain personal information only as long as necessary for business, legal, or regulatory purposes
  • Do-Not-Track and Opt-Out Controls: Honor browser or system-level settings where feasible and provide opt-out mechanisms for marketing communications
  • Cookie Management: Provide a Cookie Notice describing use of cookies and similar technologies, with user controls over preferences

SMS / Text Messaging

KYXStart uses SMS text messaging solely to support identity verification. When you provide your mobile phone number during signup or onboarding, we use it to send you one-time passcodes (OTP) needed to verify your identity and complete the verification process. We do not use SMS for marketing or promotional purposes.

Information we collect for messaging. We collect your mobile phone number for the sole purpose of delivering verification codes via SMS. We do not collect or store the content of these messages beyond what is required to operate and secure the service.

Message frequency and rates. Message frequency varies based on your verification activity. Message and data rates may apply.

Opting out. You can opt out of SMS messages at any time by replying STOP to any message. For assistance, reply HELP. After opting out, you will no longer receive verification codes by SMS, which may prevent you from completing identity verification.

No sharing of mobile information. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Information sharing to subcontractors in support services, such as customer service, is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Roles and Responsibilities

  • CEO: Provides executive oversight for the Privacy Program
  • Privacy Officer / Cybersecurity Risk Owner: Manages and executes the Privacy Program, maintains this policy, ensures compliance
  • IT and Engineering Teams: Implement technical safeguards, support data access and deletion requests, maintain secure systems
  • Marketing and Business Teams: Ensure transparency in data collection practices and respect user preferences
  • All Employees: Handle personal data in compliance with this policy, attend privacy training as required

Policy Compliance

All KYXStart employees, contractors, and third-party providers handling personal information must comply with this policy. Non-compliance may result in disciplinary action up to and including termination of employment or contract.

Review and Updates

This policy is reviewed at least annually, or upon significant changes in business operations, legal requirements, or technology infrastructure. Updates are approved by the CEO and communicated to all relevant stakeholders.

Revision History

DateResponsibleSummary of Change
June 2025Privacy OfficerInitial Version of Privacy Policy

Contact Information

If you have questions or concerns about this policy, contact:
privacy@kyxstart.com