Privacy Policy
Last updated: 5 May 2026
This Privacy Policy explains how Keldio handles personal data when you visit our public website, contact us, request information, join a waitlist, start a checkout or trial flow, or otherwise interact with Keldio before or alongside becoming a customer.
This policy is website-level and general platform-facing. If you become a Keldio customer and use the platform to process personal data about your own contacts, leads, members, customers, or end users, separate platform terms and a Data Processing Agreement may apply. In that situation, you are generally responsible for your own data-controller obligations and Keldio will usually act as a processor for the customer data you upload or process through the platform.
1. Who is responsible
For personal data collected through the public Keldio website and direct commercial interactions, Keldio is responsible for deciding why and how that data is used. You can contact us at info@keldio.com.
2. Personal data we may collect
Depending on how you interact with us, we may collect:
- Contact details: name, email address, company name, role, phone number, and message content when you contact us or submit a form.
- Commercial, account, and workspace information: plan interest, trial or checkout information, subscription status, billing contact details, owner/admin identity, company/workspace details, legal acceptance records, provisioning status, support questions, and communication history.
- Payment-provider and payout-related operational data: provider account identifiers, provider onboarding and status signals, payment method availability signals, payment, refund, dispute, chargeback, payout-readiness, affiliate-compliance, self-billing, tax-profile, provider-risk, fraud-prevention, invoice, credit-note, and accounting metadata where relevant to Keldio's customer relationship or platform operations.
- Technical data: IP address, device and browser information, operating system, referral URL, pages visited, timestamps, and approximate location derived from technical signals.
- Account security and operational data: login and magic-link events, workspace identifiers, audit logs, abuse-prevention signals, support-access records, API or integration metadata, and records needed to operate, secure, troubleshoot, enforce, or evidence the Keldio customer relationship.
- Workflow, automation, and agent-operation metadata: workflow or sequence identifiers, trigger metadata, enrollment status, node execution status, skipped or failed-action reasons, queue/resume timestamps, API/MCP/action metadata, and related operational records used to operate, secure, troubleshoot, evidence, and enforce automated platform activity.
- Support and diagnostic information: messages, screenshots, attachments, app paths, page URLs, user-agent details, environment information, tenant/workspace identifiers, plan/status information, and related account metadata that you or your authorised users or agents provide when requesting Keldio support.
- Account-control and security metadata: Admin User identity, role metadata, tenant membership metadata, team invitation metadata, API-key metadata such as key name, key prefix, scope, status, creation time and last-used time, support-access and impersonation records, audit-log entries, abuse signals, authentication/session metadata, and related operational records.
- Usage and analytics data: how visitors navigate the website, which pages or calls-to-action are used, and whether campaigns or links are effective.
- Cookie and tracking data: identifiers stored through cookies, pixels, local storage, or similar technologies, as described in our Cookie Policy.
3. How we use personal data
We may use personal data to:
- operate, maintain, secure, and improve the website;
- respond to enquiries, support requests, demo requests, partnership messages, or other contact forms;
- provide, manage, investigate, document, and improve Keldio support, including in-app support bubble conversations, support email, billing support, account recovery, abuse reports, security reports, and support requests submitted by authorised agents or MCP/API clients;
- provide product information, trial access, onboarding, or commercial follow-up;
- create, provision, verify, secure, administer, suspend, recover, or terminate Keldio Workspaces and owner/admin access;
- measure website performance, campaign effectiveness, and visitor interest;
- prevent misuse, fraud, spam, security incidents, and unlawful activity;
- authenticate users, administer Workspaces, manage account switching and team invitations, investigate abuse or security issues, enforce our terms, maintain evidence of account-control actions, and secure Keldio services;
- comply with legal, tax, accounting, regulatory, or dispute-resolution obligations;
- send marketing communications where permitted by law and where you have not opted out.
- send Keldio account, security, billing, onboarding, support, legal, product, and service communications to Tenants and Admin Users.
- manage payment-provider integrations, provider onboarding/status checks, checkout risk, fraud prevention, refund and chargeback support, payout-readiness review, affiliate/payment compliance, tax/accounting evidence, provider relationship protection, and payment-related enforcement;
4. Legal bases
Where GDPR or similar law applies, we rely on one or more of the following legal bases:
- Contract or pre-contract steps when we respond to your request, process a checkout, or prepare a customer relationship.
- Legitimate interests in operating, securing, improving, and marketing Keldio, provided those interests are not overridden by your rights.
- Consent for optional cookies, certain marketing communications, or other activities where consent is required.
- Legal obligation when we must keep records or respond to lawful requests.
5. Sharing personal data
We may share personal data with trusted service providers that help us operate Keldio, such as hosting providers, analytics providers, email and communication tools, CRM systems, payment providers, security services, support tools, and professional advisers. These providers may only process data for agreed purposes and must protect it appropriately.
Authentication and identity providers, including Clerk, may process Admin User, Member, role, invitation, tenant-membership, and session metadata as needed to provide login, account switching, team invitations, access control, and member-portal access.
We may also share information if required by law, to protect rights or safety, to investigate misuse, or as part of a business transaction such as a merger, acquisition, restructuring, or asset sale.
6. International transfers
Some providers may process data in countries outside your own. Where required, we use appropriate safeguards such as contractual protections, transfer mechanisms, and provider security commitments.
7. Retention
We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including responding to enquiries, managing commercial relationships, maintaining records, improving the website, preventing misuse, and complying with legal obligations. Retention periods vary depending on the type of data and context.
8. Security
We use technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, and disclosure. No website, transmission, or storage system can be guaranteed to be completely secure.
9. Your rights
Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal data. You may also have the right to withdraw consent where processing is based on consent and to complain to a data-protection authority.
To exercise privacy rights, contact info@keldio.com. We may need to verify your identity before responding.
10. Marketing choices
You can opt out of marketing emails by using the unsubscribe link in the email or by contacting us. We may still send non-marketing messages such as responses to enquiries, transactional notices, or service-related communications.
11. Customer data processed through Keldio
If a customer uses Keldio to store or process personal data about their own contacts, leads, customers, members, or end users, that customer is generally responsible for providing its own privacy notices, obtaining any required permissions, and ensuring that its use of Keldio complies with applicable law. Keldio's processing of that customer data should be governed by platform terms and a Data Processing Agreement.
Messages that a customer sends to its own End-Users through Keldio inbox, email, support, automation, or agent tools are generally processed by Keldio on that customer's instructions under the Platform Terms and DPA. Messages that the customer, its Admin Users, or authorised agents send to Keldio for platform support, billing support, account support, security reporting, abuse reporting, or troubleshooting are Keldio customer-relationship/support records processed by Keldio for the purposes described in this Policy.
When a customer uses Keldio to send email campaigns, sequences, transactional messages, support replies, webinar messages, order messages, or other communications to its own End-Users, that customer determines the recipients, content, purpose, sender identity, and legal basis for those communications. Keldio processes those communications and related delivery, unsubscribe, suppression, open, click, bounce, complaint, and analytics data on behalf of the customer as described in the DPA and Platform Terms. The customer is responsible for providing its own privacy notices and obtaining any required consent for communications and tracking.
When a customer configures workflows, sequences, triggers, webhooks, agent actions, or automated access changes, Keldio generally processes the resulting customer-data operations as processor on the customer's instructions, while Keldio may process operational metadata, abuse signals, security logs, and evidence records as an independent controller where needed to operate, secure, troubleshoot, enforce, or defend the platform relationship.
Keldio also processes certain account, billing, security, audit, legal acceptance, support, and platform-operation records as an independent controller for its own customer relationship with the Tenant. Customer data processed inside a Tenant Workspace remains subject to the Platform Terms and DPA where applicable.
When a Keldio customer uses the platform to publish websites, funnels, landing pages, forms, checkout pages, booking pages, webinar pages, legal pages, or other public surfaces for its own business, that customer determines the content, purpose, audience, lawful basis, notices, cookies, pixels, forms, redirects, tracking, and connected providers for those surfaces. Keldio generally processes personal data collected through those customer-operated surfaces as a processor on the customer's instructions under the Platform Terms and DPA, while Keldio may process limited operational, security, abuse-prevention, legal-evidence, and service-performance metadata as an independent controller where necessary to operate and protect the platform.
When a Keldio customer uses the platform to sell products, services, courses, memberships, subscriptions, trials, payment plans, or other offers to its own End-Users, that customer determines the product, price, tax treatment, discount, trial, renewal, refund, cancellation, invoice, fulfilment, and customer-support terms. Keldio generally processes buyer, order, invoice, subscription, coupon, payment-provider, tax/VAT, refund, chargeback, and checkout metadata on behalf of that customer under the Platform Terms and DPA. Keldio may separately process limited operational, abuse-prevention, security, legal-evidence, tax/accounting, billing-support, and provider-risk records as an independent controller where necessary to operate and protect Keldio and its provider relationships.
12. Updates to this policy
We may update this Privacy Policy from time to time. The version published on this page applies from the date shown above.
13. Contact
If you have questions about privacy at Keldio, contact info@keldio.com.