Privacy Policy

Information We Collect

Information You Provide

• Contact Information: Name, email, phone number, company name when you fill forms or book calls
• Service Inquiry Data: Industry, business challenges, workflow information shared during audits or consultations
• Account Information: If you become a client, login credentials, billing information, authorized user details

Information Collected Automatically

• Usage Data: IP address, browser type, device information, pages visited, time spent
• Communication Records: Emails, call recordings (with consent), chat transcripts

Client Data (For Service Delivery)

When providing services, we may process data on your behalf including:

• Operational workflows and business process data
• System integration data and API credentials (encrypted)
• For Healthcare clients: We implement data handling practices aligned with HIPAA requirements
• For Fiduciary clients: We follow security best practices aligned with regulatory standards

How We Use Your Information

• Service Delivery: Provide audits, build AI agents, deploy automation solutions
• Communication: Respond to inquiries, schedule calls, send service updates
• Improvement: Analyze website usage, improve service offerings, develop case studies (anonymized)
• Compliance: Meet legal obligations, maintain security standards, fulfill contractual duties
• Marketing: Send relevant content about AI automation (you can opt out anytime)

Data Security & Industry-Specific Protections

We implement technical and organizational measures following industry best practices for regulated industries:

Security Measures

• Encrypted data transmission and storage (AES-256)
• Access controls and audit logs
• Multi-factor authentication for system access
• Encrypted communications (TLS 1.3)
• Regular security assessments
• Incident response procedures
• Employee confidentiality agreements

Flexible Data Residency

We understand that data location matters for compliance. We offer flexible deployment options including:

• Cloud hosting in your preferred region (India, EU, USA, or other regions)
• On-premises deployment for organizations requiring local data storage
• Hybrid solutions based on your specific regulatory requirements

Data Retention

• Inquiry/contact data: Until you request deletion or 3 years of inactivity
• Client project data: Per contract terms, typically duration of engagement + 2 years
• Legal compliance data: As required by applicable regulations

Your Rights

Depending on your location, you may have rights to:

• Access: Request what personal data we hold about you
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing for direct marketing purposes
• Withdraw Consent: Opt out of communications or data processing based on consent

To exercise rights: Email legal@kaizenlabs.co.in

Data Sharing & Third Parties

We do not sell your personal data. We share data only with:

• Service Providers: Cloud hosting, communication tools (Calendly), CRM systems - all under data processing agreements
• Sub-processors: For specific client projects, disclosed in advance with contractual protections
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Transfers: In case of merger, acquisition, or asset sale (you'll be notified)

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect data from children.

Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted with a new "Last Updated" date. Material changes will be communicated via email to active clients.

Contact Us