Privacy Policy
Last updated: February 1, 2026
Information We Collect
Account Information: Name, email address, company name, and role when you register. Manufacturing Data: Metrics, sensor readings, and operational data transmitted through connectors you configure. Usage Data: Browser type, access times, pages viewed, and interactions with the platform for analytics and improvement.
How We Use Your Data
We use your data to provide, operate, and maintain the KaizenFlow AI platform; generate AI-powered insights and suggestions for your facilities; improve and personalize your experience; send service notifications and security alerts; and comply with legal obligations.
Data Isolation & Multi-Tenancy
KaizenFlow AI is a multi-tenant platform with strict tenant isolation. Your manufacturing data is logically separated and never accessible to other organizations. All database queries are scoped by tenant ID. We conduct regular security audits to verify isolation boundaries.
Data Security
Encryption in transit via TLS 1.3. Encryption at rest via AES-256. Connector credentials encrypted with Fernet symmetric encryption. JWT-based authentication with configurable token lifetimes. Role-based access control (Admin, Manager, Engineer, Viewer). Rate limiting on sensitive endpoints.
Data Retention
Manufacturing metrics are retained for the duration configured in your organization settings (default: 12 months). Audit logs are retained for 24 months. Upon account termination, all data is permanently deleted within 30 days after a data export window.
Third-Party Services
We may use third-party services for infrastructure (cloud hosting), AI model providers (OpenAI, Anthropic), and analytics. These providers process data under strict contractual obligations and are selected for their security practices. We do not sell your data to third parties.
Cookies
We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Analytics cookies are used only with your consent and can be disabled in your browser settings.
Your Rights
Depending on your jurisdiction, you may have the right to access personal data we hold, request correction of inaccurate data, request deletion, export your data in a machine-readable format, object to processing, and withdraw consent at any time.
International Transfers
Data may be processed in regions where our infrastructure is deployed. Enterprise customers can specify data residency requirements. We comply with applicable data transfer frameworks and regulations.
Changes to This Policy
We will notify you of material changes via email or in-app notification at least 30 days before they take effect. The "Last updated" date at the top reflects the most recent revision.
Contact
For privacy-related inquiries, contact our Data Protection Officer at privacy@kaizenflow.us or through our contact page.