Privacy Notice 

This Privacy Notice explains how Kraken Technologies Limited and its affiliates (“Kraken”, “we”, “our”, and “us”) collects, uses, discloses and otherwise processes your personal information (also known as personal data) in connection with the use of Kraken websites and applications, including software, that link to this Privacy Notice (collectively, the “Sites” and individually, “Websites” or “Applications”), our data processing platform products and services (the “Platform Services”) and in the usual course of business (collectively, with Sites and Platform Services, “Services”). It also contains information about your choices and privacy rights.

Section A of this Privacy Notice explains how Kraken, as a service provider, processes personal data on behalf of its clients. When we do this, under applicable data protection law, we play the role of  a “data processor”, whereby our clients act as a “data controller”. When processing data on behalf of our clients, we must do so in accordance with their instructions. If you have questions about how your supplier processes your personal data, including through the use of Kraken’s systems, we recommend reaching out to your supplier first.

Section B of this Privacy Notice explains how we collect and process personal data when we act as a data controller in respect of our Services, such as when you contact us through our website, platforms or mobile app, or if you are a business user of our products and services.

For further information on our privacy and security measures, please refer to our Trust Center.

This Privacy Notice was last updated on 07/24/2025.

Who are we?

Our full group details are:

Parent company name: Kraken Technologies Limited

Parent company registration: Registered in England and Wales (Company number: 12014731)

Parent company registered office: UK House, 4th Floor, 164 -182 Oxford Street, London, W1D 1NN

Email address: dpo@kraken.tech

Kraken Technologies Limited is the ultimate data controller for the personal data processed on this website. Otherwise, the data controller will be the Kraken group member that you have an engagement with. You can find out more about our Kraken group here.

You can contact us at the above address should you have any questions about this Privacy Notice, or if you would like to exercise any of your rights under applicable data protection laws, which we set out below.

Changes to our Privacy Notice 

We regularly review our Privacy Notice to ensure it remains up to date. Any future changes will be posted on our website and, where appropriate, communicated directly to you. We encourage you to check back periodically for updates.

Section A: Kraken as Data Processor 

Processing personal data on behalf of our clients

With respect to any personal data shared with us through your use of the Services, Kraken acts as a data processor under applicable data protection laws. This is because we process such data solely on your instructions, do not determine the purposes of the processing, and you retain full control over the personal information at all times.

EDPB Guidelines 07/2020 emphasise that companies are likely to act as data processors when (i) they can only access data in order to provide the support/services the other has procured and the company cannot process personal data for other purposes, and (ii) where it is inevitable that a company accesses personal data when performing the service even though this is not the main objective of the service.

Across all of Kraken’s Services (e.g. Kraken Customer, InfraFlex, SmartFlex, KrakenField, KrakenFlow etc.), Kraken only processes personal information on the instructions of the underlying data controller (and not for its own purposes). 

If you are a customer of one of our clients, for information on the particulars of the processing, please review the relevant client’s privacy notice.

As a data processor, our key obligations are to implement security measures, follow contractual obligations (i.e. we will act only on your instructions with respect to why and how any personal data you share with us is processed), notify you in the event of a data breach, and provide you with assistance as required.

Sharing client data 

Kraken may share personal data with affiliates and external third parties to assist with the provision of our Services (“subprocessors”). To the extent Kraken engages subprocessors, we require they maintain appropriate levels of data protection and security. We remain fully responsible for their compliance with applicable data protection obligations. To the extent we share or transfer client’s data outside of the United Kingdom and European Union to subprocessors based in other countries, we implement appropriate protections with respect to such data. 

Security 

We implement security measures to protect personal data we process on behalf of our clients from accidental loss, unauthorized access, use, alteration, or disclosure.

We restrict access to your personal data, so that only individuals who have a need to know the information can access it. We regularly review and continually improve our technical and organisational security measures, including the use of encryption for data both at rest and in transit, following industry standards and best practices.

Kraken Customer, Generation Flex, and Residential Flex products are SOC 1 Type 2 and SOC 2 Type 2 certified, with regular audits of security controls and processes. Kraken’s security processes and controls are designed to meet the ISO27001 standards.

Retention of client personal data

Our clients determine the retention periods for the personal data that we process on their behalf as their data processor. We generally only process personal data as a data processor for as long as our clients use our Services, unless otherwise required by law, or as otherwise communicated to our clients.

Rights 

Our clients are responsible for disclosing information about rights available under data protection laws and for helping their end-customers exercise them. If you are an end-customer of one of our clients, further information and advice about these rights should be obtained from them directly.

Section B: Kraken as Data Controller  

What personal data we process

We may collect and process the following personal data related to your use of our services:

  • Identity, Contact and Account Information about you including first name, last name, username or similar identifier, contact information, password and email addresses.

  • Company Information, including your company’s name, industry, country, and your role.

  • Technical and Usage Information, including (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access our Services; and information about how you use and interact with our Services. 

  • Marketing and Communications Information, including your preferences to receive marketing from us and our third parties, your communication preferences, tracking pixels to determine marketing effectiveness etc.

  • Commercial Information, including records of your history of past purchases and transactions with us.

  • Financial Information, including your information about your designated payment method(s), which may be collected directly by our Services or by our third-party payment and billing service providers.

We collect and use this personal data to provide our Services to you. If you do not provide the personal data we ask for, it may delay or prevent us from providing our Services.

De-Identified, Anonymized, and Aggregated Information

We may de-identify or anonymize information we collect so that it can no longer reasonably identify you or your device, or we may receive information that is already in a de-identified or anonymized form. We also collect, use, and share aggregated information, such as statistical or demographic data, for any purpose. Aggregated information may be derived from personal data but is not considered personal information under applicable law if it does not directly or indirectly reveal your identity. Except as otherwise required by law, our use and disclosure of de-identified, anonymized, and aggregated information is not subject to the restrictions of this Privacy Notice, and we may use or share such information with others for any purpose, without limitation. However, if we ever combine or connect such information with personal data in a way that could directly or indirectly identify you, we will treat the combined data as personal data in accordance with this Privacy Notice.

How your personal data is collected

We use different methods to collect personal data from and about you including through:

  • Your interactions with us. We collect most of this personal data directly from you, for example by filing in online forms, contacting us, or when you enter into a contract to purchase products or services from us. 

  • Public Content. Certain features of our Services may make it possible for you to post content publicly or viewable by other users. Any information you post openly in these ways will be available for viewing and use by other users of these Services, as well as Kraken, and potentially accessible through third-party search engines. Accordingly, please take care when using these features and do not provide personal information that you would not want made available in these ways.

  • Automated technologies. We use standard automated data collection tools, such as cookies, web beacons, tracking pixels, tags, and similar tools, to collect Internet and device activity information about how people use our Sites and interact with our emails. We may also use the information we collect automatically (for example, IP address, and unique device identifiers) to identify the same unique person across Services to provide a more seamless and personalized experience to you. The types of data collection tools we use may change over time as technology evolves. You can learn more about our use of cookies and similar tools, as well as how to opt out of certain data collection, by reading our Cookies Notice.

  • Information we receive from other sources. We may obtain information about you from third party sources, including resellers, distributors, business partners, event sponsors, security and fraud detection services, social media platforms, and publicly available sources. Examples of information that we receive from third parties include marketing and sales information (such as name, email address, phone number and similar contact information), and purchase, support and other information about your interactions with our Services. We may combine such information with the information we receive and collect from you.

How and why we use your personal data

We only collect and process data about you where we have a reason for doing so and only where that reason is permitted under data protection law. 

Data protection laws require us to have a legal basis for everything that we do with your personal data falling under one of the following categories:

  • Performance of a contract with you: Where we need to perform a contract we are about to enter into or have entered into with you.

  • Legitimate interests: We may use your personal information where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and/or enable us to give you the best user experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

  • Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to.

  • Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose.

  • Vital Interests: We may process your personal data where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential cyber or physical threats. 

We use your personal data in a number of different ways and for different reasons – the tables below set out what we do and why.

Where we have indicated that we rely on legitimate interests for the processing of your personal data, we carry out a ‘balancing’ test to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests before we proceed with such processing.

Purpose/UseRelevant categories of personal dataOur reasons (Legal basis)
To provide our services to you. Identity, Contact and Account Information Technical and Usage Information Marketing and Communications InformationTo perform our contract with you or to take steps at your request before entering into a contract.
Communications with you not related to marketing, including about changes to our terms or policies, changes to the services, or dealing with your requests, complaints, and queries.Identity, Contact and Account InformationTo perform our contract with you.
Necessary for our legitimate interests (to process and respond to your requests and manage our relationship with you).
Marketing our services. Identity, Contact and Account Information Marketing and Communications Information Necessary for our legitimate interests (to promote our services to clients and potential clients).
Consent. You can opt-out of email marketing at any time by using the unsubscribe links contained in any email that we send you or by contacting us using the details above.
To share your personal data with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency.All personal data To comply with our legal and regulatory obligations.
Necessary for our legitimate interests (to protect, realise or grow the value in our business and assets).
Consent. You can opt-out of email marketing at any time by using the unsubscribe links contained in any email that we send you or by contacting us using the details above.
To enforce legal rights or defend or take legal proceedings. Identity, Contact and Account Information To comply with our legal and regulatory obligations.
Necessary for our legitimate interests (to protect our business, interests, and rights).
To administer and protect our business and our services (including testing, maintenance, support and hosting of data). Identity, Contact and Account Information Technical and Usage Information To comply with our legal and regulatory obligations.
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud).
Ensuring business policies are adhered to, e.g., policies covering security and internet use. Identity, Contact and Account Information Technical and Usage Information Necessary for our legitimate interests (to make sure we are following our own internal procedures).
Operational reasons, such as improving efficiency. Identity, Contact and Account Information Technical and Usage Information Necessary for our legitimate interests (to be as efficient as we can so we can deliver the best service to you).
Updating customer records Identity, Contact and Account Information Marketing and Communications Information To perform our contract with you or to take steps at your request before entering into a contract.
Necessary for our legitimate interests (to make sure we can keep in touch with our customers).
To comply with our legal and regulatory obligations.

Sharing your personal data  

Where we share your personal data with third parties we will do so in line with this Privacy Notice and in compliance with data protection laws. We may share personal data that we collect with:

  • Our group companies, where necessary for the provision of our Services. 

  • Vendors and service providers, who perform services on our behalf, including:

    • IT & website hosting, communications and analytics service providers;

    • Professional advisors such as tax or legal advisors (for example, as necessary for the establishment, exercise or defence of legal claims or to protect the rights or safety of the Website, Platform, App or us);

    • Consultants, insurance companies/claim managers and accountants; and

    • Agents, suppliers or sub-contractors and other associated organisations where they are engaged by us to help deliver a service that we have instructed them on.

  • To third parties in the case of a legal requirement (e.g. law enforcement agencies or regulatory bodies), and if disclosure is required by law or in the context of an investigation, regulatory requirement, judicial proceeding, court order or legal process (including to law enforcement or competent authorities like the police/tax authorities).

  • Third-party partners and sponsors: to third party business partners, such as resellers, distributors, and/or referral partners, who are involved in providing content, products or services to our prospects or clients. We may also engage with third party partners who are working with us to organize or sponsor an event to which you have registered to enable them to contact you about the event or their services (but only where we have a lawful basis to do so, such as your consent where required by applicable law);

  • Online advertising partners: to online advertising providers that tailor online ads to your interests based on information they collect about your online activity over time and across different services (known as targeting online advertising);

  • To third parties, in the case of a corporate transaction (e.g. any or all of our business, as part of any merger, sale, transfer of our assets, investment, acquisition, bankruptcy, or similar event, including while engaging with our actual or potential investors).

We may provide anonymous information to analytics and search engine providers to help us improve and optimise our services. We will only share this information in a form that does not directly identify you.

Security 

We have in place security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. These include limiting access to your personal data to those who need it and training our employees about the importance of maintaining the privacy and security of your personal data. 

How long do we retain your personal data for? 

We will only retain your personal data for as long as necessary to fulfil the purpose(s) for which we have collected, including for the purposes of satisfying any legal, regulatory, accounting, or administrative requirements.

To determine the appropriate retention period for the personal data we hold, we consider the amount, nature and sensitivity of the personal data, the risk of harm from unauthorised use or disclosure of your personal data, the reasons why we handle your personal data, the applicable legal requirements and whether we can achieve those purposes through other means.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical analysis, such as looking at email open rates, to improve our Services or to develop new products. In these cases, we may use this information indefinitely without further notice to you.

Sharing your personal data outside of EEA/UK

Kraken Technologies Limited is based in the United Kingdom, but we may sometimes share your personal data with third parties outside of the United Kingdom or European Economic Area (EEA).  In particular, we may transfer your personal information to the United States and other countries where our affiliates, business partners, other group members and services providers are located. These countries may have different data protection laws to the country where you reside. Wherever we process your personal information, we take appropriate steps to ensure it is protected in accordance with this Privacy Notice and applicable data protection laws. The safeguards we use include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information from the EEA or Switzerland between us and our business partners, group members and service providers, and equivalent measures for transfers of personal information from the United Kingdom and other global jurisdictions with similar transfer requirements. You can contact privacy@kraken.tech for details.

Cookies

For more information about the cookies we use and how to change your cookie preferences, please see our Cookies Notice here

What are my rights under data protection laws? 

You have a number of rights under applicable data protection laws, which you can exercise at any time by contacting us — the easiest way is by emailing dpo@kraken.tech. We’ve outlined these rights below for your convenience.

Depending upon your place of residence, you may have rights in relation to your personal information. Depending on applicable data protection laws, those rights may include asking for:

  • Access to, or a copy of, your information (where feasible, in a portable, machine-readable form)

  • Confirmation that we are processing your information.

  • Correction or amendment of your information.

  • Deletion of your information.

  • Transfer of your information to a third party.

  • Restriction or objection to certain uses of your information.

  • The withdrawal of consent to processing your information for certain purposes that were originally based on your consent.

  • Opt out of the processing of your personal information for profiling in furtherance of decisions that produce legal or similarly significant effects, if applicable.

We respond to all privacy rights requests in accordance with applicable laws. To help us verify your identity, Kraken may take steps such as matching your request to information we already hold — for example, your email address or other details associated with your Kraken account. In some cases, we may ask for additional information solely for the purpose of verifying and processing your request. Any such information will only be used to fulfill your request and maintain a record of it.

Depending on the laws that apply to your request, you may have the right to appeal our decision if you are not satisfied with our response. Where applicable, we will include information about how to appeal in our response.

Our Platform Services are designed for use by organizations. When the Services are made available to you through an organization (such as your employer), that organization acts as the administrator and is responsible for managing the accounts and services it controls. Administrators may have the ability to access, modify, or delete information in your account, and may also restrict or terminate your access to the Platform Services. We are not responsible for the privacy or security practices of these organizations, which may differ from this Privacy Notice. For details about how your personal information is handled in such cases, please refer to your organization's privacy policies or contact them directly.

As noted above, we may also process personal data submitted to our Services by or on behalf of our clients. If your personal information was provided to us by a Kraken client and you wish to exercise your privacy rights, please direct your request to the relevant client.

Fee

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Third-Party Materials 

Our Services may contain links to third party websites, applications, services, or social networks (including co-branded websites or products that are maintained by one of our business partners). We may also make available certain features that allow you to sign into our Sites using third party login credentials (such as LinkedIn, Facebook, Twitter and Google+) or access third party services from our Platform Services. Any information that you choose to submit to third party services is not covered by this Privacy Notice. We encourage you to read the terms of use and privacy notices of use of such third party services before disclosing your information with them to understand how your information may be collected and used.

Children’s Data

The Services are not directed to children under 18 years of age and Kraken does not knowingly collect personal information from children under 18. If we learn that we have collected any personal information from children under 18, we will take steps to delete such information. If you are aware that a child has submitted us such information, please contact us using the details provided below.

Information for EU, UK, and Swiss Users

If you are located in the European Economic Area, United Kingdom or Switzerland, the controller of your personal information is Kraken Technologies Limited, UK House, 4th Floor, 164 -182 Oxford Street, London, W1D 1NN.

We only collect your personal information if we have a legal basis for doing so. The legal basis that we rely on depends on the personal information concerned and the specific context in which we collect it. Generally, we collect and process your personal information where:

  • We need it to enter into or perform a contract with you, such as to provide you with the Services, respond to your request, or provide you with customer support;

  • We need to process your personal information to comply with a legal obligation (such as to comply with applicable legal, tax and accounting requirements) or to protect the vital interests of you or other individuals;

  • You give us your consent, such as to receive certain marketing communications; or

  • Where we have a legitimate interest, such as to respond to your requests and inquiries, to ensure the security of the Services, to detect and prevent fraud, to maintain, customize and improve the Services, to promote Kraken and our Services, and to defend our interests and rights.

You have a right to lodge a complaint with your local data protection authority regarding our data processing activities.

Right to complain

You have the right to lodge a complaint with the Information Commissioner's Office, the supervisory authority for data protection issues in the United Kingdom. 

We would always rather you speak to us first if you have any questions about our handling of your personal data, so we can resolve any problems as quickly as possible. If you have any queries, issues or complaints regarding the processing of your personal data, you can contact us via email at dpo@kraken.tech. However, if you are not happy with the way we have handled your data, or would like more information about your rights, you can contact the Information Commissioner’s Office at https://ico.org.uk

Artificial Intelligence 

Kraken may develop its own artificial intelligence (AI) models and systems—including large language models (LLMs)—or partner with third-party providers to make such technologies available. These AI systems may be integrated into Kraken’s Services, such as through chatbots, or offered separately under distinct terms. Any personal data present in public datasets used to train the models  is handled in accordance with our data minimization and retention practices. We do not use customer-specific data (such as user inputs or chat interactions) to train our models unless explicitly agreed to under separate terms.

To support the responsible development and deployment of AI, Kraken has implemented internal governance procedures, technical safeguards, and access controls. These include limiting the retention of logs or interaction data, where appropriate, and applying automated tools to detect and mitigate potential misuse or unexpected behavior.

Kraken is committed to ensuring that its use of AI aligns with applicable privacy laws and industry best practices, including principles of transparency, fairness, and accountability.

Information for United States Residents 

These additional disclosures are required by certain state privacy laws to the extent they apply to your use of Services, and serve as a Notice at Collection under the California Privacy Rights Act. Information about our clients is an important part of our business and we are not in the business of selling our client’s personal information to others. 

Categories of personal information collected

The personal information that we may collect, or may have collected from consumers in the preceding twelve months, fall into the following categories established by the California Privacy Rights Act and other state privacy laws, depending on how you engage with the Services:

  • Identifiers, such as your name, alias, address, phone numbers, or IP address, your account log-in information, or a government-issued identifier (such as a state-issued ID number, which may be required to provide Services to you, or an ID you provide for identity verification, which in some cases may reflect citizenship or immigration status);

  • personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as banking details and payment information;

  • characteristics of protected classifications under California or US federal law, such as your age, gender or gender identity, or race;

  • commercial information, such as purchase activity;

  • internet or other electronic network activity information, including content interaction information;

  • information used to prevent and detect fraud or other unauthorized activity, including informing customers if such activity were to affect them;

  • biometric information, such as your voice or appearance, for example if you choose to participate in a voice recording service;

  • geolocation data, which may in some cases constitute precise geolocation information, such as the location of your device or computer;

  • audio, visual, electronic or other similar information, including when you communicate with us by phone or otherwise;

  • professional or employment-related information, for example data you may provide about your business; and

  • inference data, such as information about your preferences.

We collect this information from you, automatically through your interaction with the Services, or from third parties. See “How and why we use your personal data” section above.

Categories of personal information disclosed for a business purpose

The personal information that we may have disclosed about consumers for a business purpose in the preceding twelve months fall into the following categories established by the California Privacy Rights Act and other state privacy laws, depending on how you engage with the Services:

  • Identifiers, such as your name, address, or phone numbers, for example if we use a third-party carrier to deliver Kraken hardware, or government identifier or certain types of ID you provide for identity verification, which may in some cases reflect your citizenship or immigration status, for example if we use a third-party service to verify your identity;

  • personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as payment information, for example if we use a third-party payment processor;

  • information that may reveal your age, gender or gender identity, race, or other protected classifications under California or US federal law, for example if we conduct analysis using a third-party service provider;

  • commercial information, such as the details of a product or service you purchased if a third-party service provider assists in providing that product or service to you;

  • internet or other electronic network activity information, such as if we use a third-party service provider to help us gather reports for analyzing the health of our devices and services;

  • information relating to our prevention and detection of unauthorized activity, such as attempted fraud;

  • biometric information, for example if you choose to participate in a demonstration of certain Kraken services facilitated by a third-party service provider;

  • geolocation data, which may constitute precise geolocation data;

  • audio, visual, electronic or other similar information, for example if a third-party service provider reviews recordings of customer support phone calls for quality assurance purposes;

  • professional or employment-related information, for example if we provide information to a third-party service provider for verification or registration as part of the Services;

  • inference data, for example if we use a third-party service provider to store information about your preferences.

For more information about the personal information we may disclose for a business purpose, please see “Sharing your personal data” section above.

Advertising

To help ensure you receive more useful and relevant ads on other sites and services and to measure their effectiveness, Kraken shares limited personal information with our advertising partners. We don’t share your name or other information that directly identifies you when we do this. Any personal information Kraken may share for the purpose of cross-context behavioral advertising, as those terms are defined by the California Privacy Rights Act, or processes for the purposes of targeted advertising as that term is defined in other state privacy laws, above falls into the following categories:

  • identifiers such as a cookie, or a hashed value derived from your contact information, such as your email address;

  • internet or other electronic network activity information, such as web browser information, pages viewed, or links clicked, via cookies and similar technologies.

Kraken does not knowingly share personal information about consumers who are under the age of 18.

Your Data Rights

You may have certain data rights under state privacy laws, including to request information about the collection of your personal information by us, to access your personal information in a portable format, and to correct or delete your personal information. If you wish to do any of these things, please contact us at privacy@kraken.tech.

Additionally, you may have the right to opt out of the processing of your personal data for cross-context behavioral advertising (also referred to as targeted advertising under certain state privacy laws). To do so, please click on the Your Privacy Choices link in the footer of the Kraken website that you’re visiting and follow the instructions presented. You may have the right to appeal the denial of any of these rights by submitting a form that will be provided to you if we deny a data request. Depending on your data choices, certain services may be limited or unavailable.

De-identified Data Disclosure. Kraken may use de-identified data in some instances. Kraken either maintains such data without attempting to re-identify it or treats such data as personal data subject to applicable law.

California Privacy Rights Act Sensitive Personal Information Disclosure. The categories of data that we collect and disclose for a business purpose include “sensitive personal information” as defined under the California Privacy Rights Act. We do not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.

California Privacy Rights Act Retention Disclosure. To enable your continued use of Services, we keep your personal information for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as permitted or as may be required by law, or as otherwise communicated to you.

California Privacy Rights Act Non-Discrimination Statement. We will not discriminate against any consumer for exercising their rights under the California Privacy Rights Act.

Colorado Privacy Act and Oregon Privacy Act Profiling Disclosure. We do not engage in profiling of consumers in furtherance of automated decisions that produce legal or similarly significant effects, as those terms are defined under the Colorado Privacy Act or the Oregon Privacy Act.  

Changes to this Privacy Notice

Kraken may update this Privacy Notice from time to time. Any changes will be posted on this page, and if we make material changes, we will provide a more prominent notice — for example, by displaying a message on our website landing page, through the Platform Services login screen, or via email. The effective date of the most recent version will always be indicated below.

If you do not agree with any updates to this Privacy Notice, you should discontinue use of the Services and deactivate your Kraken account.

How to Contact Us

Please contact us at dpo@kraken.tech if you have any questions about our privacy practices or this Privacy Notice. You can also write to us at Kraken Technologies Limited at UK House, 4th Floor, 164 -182 Oxford Street, London, W1D 1NN Attn: Privacy.

If you interact with Kraken through or on behalf of your organization, then your personal information may also be subject to your organization’s privacy practices and you should direct any questions to that organization.