Privacy Policy

Kernel Flow - Business Operations & AI Automation Services

Effective: 1 March 2026 | Last Updated: 17 March 2026

1. Introduction

Kernel Flow (trading as a sole trader in Victoria, Australia) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, contact us, or engage our services.

This policy is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are located in the European Union, additional protections may apply. Please read this policy carefully. If you do not agree with our practices, please do not use our services.

2. Information We Collect

We collect information through two main channels:

A. Contact Form Data (Website Visitors)

When you submit our contact form, we collect:

  • Name
  • Email address
  • Company name
  • Any additional information you voluntarily provide

B. Client Business Data (Engagements)

If you engage Kernel Flow for services, we may collect:

  • Business metrics, operational processes, and workflow information
  • System credentials, API keys, and account access information (if required for implementation)
  • Communication records and project documentation
  • Any data you provide for audit and optimization purposes

C. Prospect/Lead Data (Future)

During service delivery, if you provide sample customer or prospect data for testing automations and AI integrations, we collect:

  • Limited prospect or customer information (names, emails, contact details)
  • This data is used ONLY for testing and configuration purposes
  • You can provide anonymized or sample data instead if you prefer not to share real prospect information

D. Automatic Information (Website Visitors)

When you visit our website:

  • We may collect tracking data via Meta Pixel and Google Ads Pixel (conversion and behavior tracking)
  • This allows us to understand which ads brought you to our site and what actions you take
  • We do NOT currently use cookies, but may implement essential cookies in future

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your contact form inquiries and provide information about our services
  • To deliver and improve our business operations and AI automation services
  • To conduct operational audits and implement automated workflows for client businesses
  • To test and configure AI agents, automations, and integrations
  • To optimize our website performance and advertising campaigns
  • To communicate with you about your engagement, updates, or service changes
  • To comply with legal obligations

4. Third-Party Information Sharing

We share your information with the following third parties:

Email & Automation Platforms

Contact form email addresses may be shared with email sending and automation platforms to help us respond to your inquiry. These platforms are bound by confidentiality agreements and cannot use your data for other purposes.

Advertising Partners

We use Meta Pixel and Google Ads Pixel on our website. These platforms receive information about your interactions with our site to optimize our advertising campaigns. You can opt out of tracking in your browser settings or through platform privacy settings.

No Unauthorized Sharing

We do NOT sell, trade, or rent your personal information to unrelated third parties. We do not share client business data, credentials, or sensitive information with any third party except as described above or with your explicit consent.

5. Sensitive Information & Credentials

If you provide Kernel Flow with system credentials, API keys, or account login information:

  • This information is stored in secure, encrypted format
  • Access is restricted to authorized Kernel Flow team members only
  • Credentials are deleted within 30 days of project completion (unless you request extended retention)
  • You can request immediate deletion of credentials at any time

We implement industry-standard security practices to protect this sensitive data from loss, theft, misuse, and unauthorized access. However, no system is 100% secure.

6. Prospect & Test Data

During service delivery, we may request sample customer or prospect data to test automations and AI integrations.

  • This data is used ONLY for testing and configuration purposes
  • It is deleted within 30 days of project completion
  • It is never shared with third parties
  • You can provide anonymized or sample data instead of real customer information

Alternatively, you may provide sample data in a format that does not identify real individuals (e.g., "John Doe", "jane.doe@example.com") for testing purposes.

7. Data Retention

We retain your information for the following periods:

Contact Form Data: Retained for 6 months from submission date, then deleted

Client Business Data: Retained for 30 days after project or retainer engagement ends, then permanently deleted

Test/Prospect Data: Retained for 30 days after testing/project completion, then permanently deleted

System Credentials: Retained for 30 days after project completion or until requested deletion, whichever is sooner

You are responsible for maintaining your own data backups. Kernel Flow is not liable for data loss after the retention periods specified above.

8. Cookies & Website Technologies

Current Status: Kernel Flow does not currently use cookies on our website.

Future Implementation: As Kernel Flow scales, we may implement cookies in the future. Any cookies we use will be:

  • Essential cookies only (technical functionality, no tracking)
  • Marketing/tracking cookies will only be added with your explicit consent
  • We will update this Privacy Policy before implementing any cookies

9. Your Privacy Rights & Data Access

Under the Privacy Act 1988 (Cth), you have the following rights:

Right to Access: You can request to see what personal information we hold about you

Right to Deletion (Right to Erasure): You can request we delete your personal information at any time

Right to Correct: You can request we correct inaccurate information

Right to Opt Out: You can request we stop processing your data for specific purposes

To exercise these rights, contact us at: contact@kernelflow.io

We will respond to your request within 30 days. You will not be charged for making a request, and we will not discriminate against you for exercising your rights.

10. Third-Party Tools & Services

We use industry-standard third-party tools and platforms to deliver our services. These tools may process your data according to their own privacy policies:

  • Email sending and automation platforms
  • Customer relationship management (CRM) systems
  • Payment processing providers
  • Web hosting and infrastructure providers
  • Advertising and conversion tracking platforms (Meta Pixel, Google Ads)
  • Project management and collaboration tools

You can request a detailed list of our current third-party tools at any time by contacting contact@kernelflow.io

11. International Users & GDPR

For Users in the European Union:

If you are located in the EU or United Kingdom, please note that Australia's Privacy Act 1988 may not provide the same level of data protection as the European Union's General Data Protection Regulation (GDPR). If Kernel Flow engages clients or processes data from the EU, we will implement appropriate safeguards, including Data Processing Agreements (DPAs), to comply with GDPR requirements.

EU residents may have additional rights under GDPR. Contact us to discuss your specific situation.

12. Contact Form & Data Collection Updates

As Kernel Flow scales, we may expand the fields in our contact form (e.g., adding phone number, industry, business size) to better serve clients.

We will update this Privacy Policy before implementing any new data collection methods and notify users of changes. Continued use of our services indicates acceptance of updated terms.

13. Policy Updates & Changes

Kernel Flow reserves the right to update this Privacy Policy at any time. Changes will be effective upon posting to this page, and the 'Last Updated' date will reflect the change.

We will notify you of significant changes via email or a prominent notice on our website.

14. Contact Us

If you have questions about this Privacy Policy, your personal information, or how we handle your data, please contact us at:

Email: contact@kernelflow.io

We will respond to your inquiry within 30 days.