Privacy Policy

Last updated: May 19, 2026

This Privacy Policy explains how Kingstone Systems ("Kingstone," "we," "us," or "our") collects, uses, discloses, and protects information when you visit kingstonesystems.com, submit forms, create an account, or otherwise interact with our websites and services (the "Services").

1. Information we collect

Depending on how you interact with us, we may collect:

  • Contact and business information — such as name, email, company, role, website, budget, and messages you submit through our contact or waitlist forms.
  • Account information — such as name, email, password hash, partner status, referral metadata, and profile settings when you register for the partner portal.
  • Usage and device information — such as IP address, browser type, pages viewed, referring URL, and interactions with dashboard features.
  • Integration data — if you connect third-party services (for example, LinkedIn or CRM tools), we may store connection credentials, campaign settings, and activity logs needed to operate those features.
  • Communications — records of support requests, emails, and scheduling interactions with our team.

We do not intentionally collect sensitive personal information unless you choose to provide it and we have a lawful basis to process it.

2. How we use information

We use information to:

  • Provide, operate, and improve the Services;
  • Respond to inquiries and evaluate potential client or partner engagements;
  • Authenticate users and maintain account security;
  • Deliver portal features, trials, and membership access;
  • Send service-related notices, security alerts, and administrative messages;
  • Analyze usage to fix bugs, improve performance, and develop new features;
  • Comply with legal obligations and enforce our terms; and
  • Send marketing communications where permitted, with an option to opt out.

3. Legal bases (EEA/UK users)

Where the GDPR or UK GDPR applies, we process personal data based on: performance of a contract; legitimate interests (such as securing our Services and improving products); consent (where required, for example certain marketing); and legal obligations.

4. How we share information

We may share information with:

  • Service providers that help us run the Services, such as hosting, authentication, database, email delivery, analytics, and scheduling providers. These providers process data on our instructions and subject to appropriate safeguards.
  • Certified partners or white-label operators where your account is associated with a partner program and support is routed accordingly.
  • Professional advisors such as lawyers or accountants, under confidentiality obligations.
  • Authorities when required by law or to protect rights, safety, and security.
  • Business transfers in connection with a merger, acquisition, or asset sale, with notice where required by law.

We do not sell your personal information.

5. Cookies and analytics

We and our analytics partners may use cookies, local storage, and similar technologies to remember preferences, maintain sessions, and understand how the Services are used. You can control cookies through your browser settings. Disabling cookies may affect certain features.

We use product analytics (such as PostHog) to understand feature usage. Where required, we will obtain consent before using non-essential cookies or similar technologies.

6. Data retention

We retain information for as long as needed to provide the Services, fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary based on data type and context. Contact form submissions and account data are generally retained while you have an active relationship with us and for a reasonable period thereafter unless deletion is requested and permitted by law.

7. Security

We implement administrative, technical, and organizational measures designed to protect information, including access controls and encryption in transit where supported. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

8. International transfers

We may process information in the United States and other countries where we or our service providers operate. When transferring personal data internationally, we use appropriate safeguards such as standard contractual clauses where required.

9. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing. You may also withdraw consent where processing is consent-based.

California residents may have additional rights under the CCPA/CPRA, including the right to know, delete, and correct personal information, and to opt out of sale or sharing (we do not sell personal information). To exercise rights, email privacy@kingstonesystems.com. We may verify your request before responding.

You may unsubscribe from marketing emails using the link in those messages. Service-related messages may still be sent while you have an account.

10. Children's privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.

11. Third-party links

Our Services may link to third-party websites or tools. Their privacy practices are governed by their own policies, not this one.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

13. Contact us

For privacy questions or requests, contact privacy@kingstonesystems.com or use our contact form.