← Back to home

Privacy Policy

Last updated: 25 May 2026

This Privacy Policy describes how Kernel AI Labs Ltd. ("Kernel", "we", "us", or "our") collects, uses, and protects information when you visit our website, contact us, or use our services.

1. Who we are

Kernel AI Labs Ltd. provides infrastructure for AI agents. For the purposes of the EU General Data Protection Regulation (GDPR) and equivalent legislation, Kernel acts as the data controller for personal data collected through our website and during the sales process.

You can reach our team regarding privacy matters at dev@onkernel.ai.

2. What information we collect

Information you provide directly

When you book a demo, contact us, or otherwise interact with our website, we may collect:

  • Name and work email address
  • Company name and your role
  • Information about your use case (e.g. agents in production, technical needs)
  • Any other information you choose to share in communications with us

Information collected automatically

When you visit our website, we and our service providers may automatically collect:

  • IP address, browser type, device type, and operating system
  • Pages viewed, time spent on pages, and referring URL
  • Cookies and similar technologies (see our Cookie Policy)

Information about our customers

Kernel's product is designed for business customers. We process data about the customer company (such as account information, usage data, and configuration). We do not collect personal data about end users of our customers' products unless explicitly agreed in a separate Data Processing Agreement.

3. How we use your information

We use the information we collect to:

  • Respond to inquiries and schedule demos or sales calls
  • Provide, maintain, and improve our services
  • Send service-related communications (security alerts, product updates relevant to your account)
  • Send marketing communications, where you have opted in or where permitted by law (you can opt out at any time)
  • Comply with legal obligations and enforce our Terms of Service
  • Detect, prevent, and address fraud, security incidents, and abuse

If you are located in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

  • Contract: to provide services you have requested (e.g. scheduling a demo).
  • Legitimate interests: to operate and improve our business, secure our services, and communicate with prospects in a B2B context.
  • Consent: for marketing communications and non-essential cookies, where required.
  • Legal obligation: to comply with applicable laws.

5. How we share information

We do not sell your personal data. We share information only as follows:

  • Service providers who help us operate our business (e.g. Calendly for scheduling, email providers, hosting providers, analytics providers). These providers are bound by confidentiality and data protection obligations.
  • Legal authorities where required by law, valid legal process, or to protect our rights or the safety of others.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to standard confidentiality protections.

6. Data retention

We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law. In general:

  • Sales and prospect data: up to 24 months after our last interaction.
  • Customer account data: for the duration of the contract plus a reasonable archival period.
  • Website analytics: typically up to 14 months.

7. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict our processing of your data
  • Request data portability
  • Withdraw consent at any time (where processing is based on consent)
  • Lodge a complaint with your local data protection authority. In Spain, this is the Agencia Española de Protección de Datos (AEPD).

To exercise any of these rights, contact us at dev@onkernel.ai. We will respond within 30 days.

8. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

9. International transfers

Some of our service providers are located outside the European Economic Area. When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated by email or through a notice on our website.

11. Contact

If you have questions about this Privacy Policy or our data practices, contact us at:

Kernel AI Labs Ltd.
Email: dev@onkernel.ai