Privacy Policy
Scope
This Privacy Policy explains how Kix6 ("we", "us", "our") collects, uses, and shares information when you use our websites, products, and services (collectively, the "Services").
Controller: Kix6 Ltd (registered address placeholder). For some integrations, we act as a processor on your behalf. See Sharing and Legal bases.
Definitions
- Personal data: information that identifies or can be used to identify a person.
- Processor/Controller: roles defined under GDPR for handling personal data.
- Product data: domains, DNS records, test inputs/results, and configuration you submit to Kix6.
Data we collect
- Account data: name, email, password hash, company, role.
- Billing data: payment method, billing address (handled by our payment provider).
- Product data: domains, DNS/auth records (e.g., SPF/DKIM/DMARC), seed tests & results, API usage.
- Logs & diagnostics: IP address, device/browser, timestamps, request IDs, error/crash logs.
- Support content: messages and attachments you send us.
- Cookies: essential cookies for auth; optional analytics/marketing cookies with consent.
How we use data
- Provide, maintain, and improve the Services (including audits, tests, and reporting).
- Authenticate users, secure the platform, detect/prevent abuse.
- Process payments and manage subscriptions.
- Respond to requests and provide customer support.
- Measure aggregate usage to inform product decisions.
- Comply with legal obligations and enforce our terms.
Legal bases GDPR/UK GDPR
- Contract: to deliver the Services you request.
- Legitimate interests: to keep Services secure and improve features (balanced against your rights).
- Consent: for optional analytics/marketing (where applicable).
- Legal obligation: for tax, accounting, and compliance.
Retention
We retain personal data only as long as necessary for the purposes above or as required by law.
| Category | Typical retention |
|---|---|
| Account & profile | Life of account + 90 days |
| Billing records | Up to 7 years (legal requirement) |
| Logs/diagnostics | 30–180 days unless needed longer for security |
| Support tickets | Up to 2 years |
International transfers
Your information may be processed outside your country. Where required, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) and supplementary measures.
Security
- Encryption in transit (TLS), hardened environments, and least-privilege access.
- Audit logging, vulnerability management, and regular backups.
- Employee training and access reviews.
No method is 100% secure, but we aim to protect your data to industry standards.
Incident response
If we discover a data incident affecting your personal data, we will investigate and notify you and/or regulators as required by law.
Your rights GDPR/CCPA/CPRA
Depending on your location, you may have rights to access, correct, delete, or export your data, and to object or restrict certain processing. To exercise rights, contact privacy@kix6.com.
- Access/Export · request a copy of your data.
- Delete · ask us to erase personal data we no longer need.
- Correct · update inaccurate information.
- Opt out of sale/share (where applicable) · email privacy@kix6.com.
- Appeal · if we decline a request, you may appeal by replying to our response.
We may ask for information to verify your identity. We respond within applicable timeframes (e.g., 30–45 days).
Children
Our Services are not directed to children under 16, and we do not knowingly collect their personal information.
Changes to this policy
We may update this policy from time to time. We will update the date above and, if changes are significant, notify you by email or in-app.
Contact us
Kix6 Ltd
123 Example Street, City, Country
Email: privacy@kix6.com
If you are in the EEA/UK, you may also lodge a complaint with your local supervisory authority.