Privacy Policy | Kairos Digital Growth LLC

1. Introduction

Kairos Digital Growth LLC ("Kairos Digital," "we," "our," or "us") is a digital marketing agency headquartered at 1209 Mountain Road PL NE, Suite R, Albuquerque, NM 87110, United States. We specialize in course launches, social media management, paid advertising, and email marketing for businesses seeking measurable growth.

This Privacy Policy describes how we collect, use, disclose, and protect personal information when you visit our website at kairos-digital.net, interact with our social media profiles, engage our marketing services, or otherwise communicate with us. It applies to all visitors, clients, prospective clients, and any individuals whose data we may process in the course of delivering our services.

We are committed to protecting your privacy and processing your personal data in compliance with applicable laws, including the General Data Protection Regulation (GDPR) for individuals located in the European Economic Area (EEA) and the United Kingdom, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for California residents, and other relevant federal and state privacy legislation in the United States.

By accessing our website or providing personal information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please discontinue use of our website and services.

2. Information We Collect

We collect personal information through several channels to provide and improve our services. The categories of information we collect depend on how you interact with us.

2.1 Information You Provide Directly

When you fill out contact forms, request a consultation, sign up for newsletters, or engage our services, you may provide the following:

Identity Information: Full name, job title, and company or organization name.
Contact Information: Email address, phone number, and mailing address.
Project Details: Business objectives, marketing budgets, campaign briefs, target audiences, and brand assets you share with us during onboarding or project delivery.
Account Credentials: Login credentials for advertising or social media platforms that you voluntarily grant us access to for the purpose of managing campaigns on your behalf.
Payment Information: Billing address and payment method details when processed through our third-party payment processor. We do not store full credit card numbers on our servers.
Communications: Any messages, feedback, reviews, or correspondence you send to us via email, forms, chat, or other channels.

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical and usage data through cookies, server logs, and similar technologies:

Device Information: IP address, browser type and version, operating system, screen resolution, and device identifiers.
Usage Data: Pages visited, time spent on each page, referring URL, click paths, scroll depth, and interactions with site elements.
Location Data: Approximate geographic location derived from your IP address (city/region level, not precise GPS coordinates).
Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies as described in Section 6 of this policy.

2.3 Information from Third Parties

We may receive personal information about you from third-party sources, including:

Social Media Platforms: When you interact with our profiles on platforms such as Facebook, Instagram, LinkedIn, or TikTok, those platforms may share certain profile information with us in accordance with their privacy settings and policies.
Advertising Networks: We may receive aggregated or pseudonymized audience data from advertising partners such as Google Ads, Meta Ads, and TikTok Ads to measure campaign effectiveness and optimize targeting.
Referral Partners: Business partners or affiliated professionals may share your contact information with your consent to facilitate an introduction to our services.
Publicly Available Sources: We may supplement your information with data from publicly available professional directories, company websites, or social media profiles for business development purposes.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Providing Marketing Services

We process your data to deliver the services you have engaged us for, including managing advertising campaigns, creating social media content, launching digital courses on your behalf, executing email marketing campaigns, and providing analytics reports on campaign performance.

3.2 Communication and Client Support

We use your contact information to respond to inquiries, provide project updates, schedule meetings, deliver proposals and invoices, and maintain ongoing communication throughout our working relationship.

3.3 Analytics and Service Improvement

We analyze usage data and website interactions to understand how visitors engage with our site, identify areas for improvement, optimize user experience, and develop new service offerings that better meet market demands.

3.4 Advertising and Retargeting

With your consent where required, we use cookies and tracking technologies to serve targeted advertisements to website visitors across third-party platforms, measure the effectiveness of our advertising, and retarget individuals who have previously visited our site or expressed interest in our services.

3.5 Marketing Communications

We may send newsletters, promotional materials, case studies, industry insights, and information about our services to individuals who have opted in to receive such communications. You can unsubscribe at any time as described in Section 13.

3.6 Legal Compliance and Protection

We may process personal data as necessary to comply with applicable laws and regulations, respond to lawful requests from public authorities, enforce our terms of service, protect our rights and property, and prevent or investigate fraud or security issues.

4. Legal Basis for Processing (GDPR)

For individuals located in the European Economic Area (EEA), the United Kingdom, or other jurisdictions that require a legal basis for processing personal data, we rely on the following grounds:

Consent: Where you have provided explicit consent for specific processing activities, such as subscribing to our newsletter, accepting non-essential cookies, or opting in to receive marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Performance of a Contract: Processing that is necessary to fulfill our contractual obligations to you, including delivering marketing services, communicating about project progress, and processing payments for services rendered.
Legitimate Interest: Processing that serves our legitimate business interests, provided those interests are not overridden by your fundamental rights and freedoms. This includes direct marketing to existing clients, improving our website and services, ensuring network and information security, and conducting business analytics.
Legal Obligation: Processing that is necessary to comply with legal obligations to which we are subject, such as tax reporting, financial regulations, or responding to valid legal process.

Where we rely on legitimate interest, we conduct a balancing test to ensure that our interests do not unfairly override your rights. You have the right to object to processing based on legitimate interest at any time.

5. Sharing Your Information

We do not sell, rent, or trade your personal information to third parties. We share your data only in the following circumstances and with the following categories of recipients:

5.1 Service Providers and Technology Partners

We engage trusted third-party companies to help us operate our business and deliver services. These partners process data on our behalf under contractual agreements that require them to maintain confidentiality and implement appropriate security measures. Our key technology partners include:

Google Analytics: Website traffic analysis, audience demographics, and user behavior tracking to improve site performance and understand visitor patterns.
Meta (Facebook/Instagram) Ads: Campaign management, audience targeting, conversion tracking, and performance measurement for social media advertising.
TikTok Ads: Video advertising campaign management, audience segmentation, and conversion attribution on the TikTok platform.
Google Ads: Search and display advertising management, keyword targeting, remarketing, and conversion tracking across the Google ecosystem.
Email Marketing Platforms (e.g., Mailchimp, ActiveCampaign): Email list management, newsletter distribution, automated email sequences, and engagement analytics.
Web Hosting and Cloud Infrastructure: Secure hosting, data storage, content delivery, and website performance optimization.
Payment Processors: Secure processing of financial transactions related to our services.
CRM and Project Management Tools: Client relationship management, project coordination, and internal workflow optimization.

5.2 Legal and Regulatory Disclosures

We may disclose personal information when we believe in good faith that disclosure is necessary to comply with applicable laws, regulations, or legal process; respond to requests from government or law enforcement authorities; protect the rights, privacy, safety, or property of Kairos Digital Growth LLC, our clients, or the public; or enforce our terms and conditions.

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, asset sale, or bankruptcy, your personal information may be transferred as part of the business transaction. We will notify you of any such change and any choices you may have regarding your information.

We do NOT sell your personal data. Kairos Digital Growth LLC does not sell personal information to third parties for their own marketing purposes. This commitment applies to all users, including California residents under the CCPA/CPRA.

6. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience, analyze site usage, and support our marketing activities. This section explains what cookies are, the types we use, and how you can manage your preferences.

6.1 What Are Cookies?

Cookies are small text files placed on your device (computer, tablet, or smartphone) when you visit a website. They help the website recognize your device, remember your preferences, and collect information about your interaction with the site. Some cookies are placed by us (first-party cookies), while others are placed by third-party services we use (third-party cookies).

6.2 Types of Cookies We Use

Category	Purpose	Duration
Essential	Required for basic site functionality, security, and navigation. These cookies cannot be disabled.	Session / up to 1 year
Analytics	Help us understand how visitors interact with our website by collecting anonymized usage data (e.g., Google Analytics). Used to improve site performance and content.	Up to 2 years
Marketing	Used to deliver relevant advertisements, track ad performance, and build audience profiles across platforms (e.g., Meta Pixel, TikTok Pixel, Google Ads tags).	Up to 2 years
Functionality	Remember your preferences such as language, region, cookie consent choices, and other settings to provide a personalized experience.	Up to 1 year

6.3 Managing Your Cookie Preferences

When you first visit our website, a cookie consent banner allows you to accept or customize your cookie preferences. You can modify your choices at any time by clicking the cookie settings link in the footer of our main website or by visiting kairos-digital.net and accessing the cookie preferences panel.

Additionally, you can manage cookies through your browser settings. Most browsers allow you to block or delete cookies, though doing so may affect the functionality of our website. Here are links to cookie management instructions for common browsers:

6.4 Opt-Out of Interest-Based Advertising

You may opt out of interest-based advertising by visiting the following industry opt-out pages:

Please note that opting out does not prevent you from seeing advertisements; it means the ads you see may be less relevant to your interests.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods depend on the type of data and the context of our relationship with you:

Client Project Data: We retain client files, campaign data, and project records for up to three (3) years after the conclusion of our business relationship, unless a longer retention period is required by law or agreed upon in our service contract.
Contact Form Submissions: Inquiries and consultation requests are retained for up to two (2) years from the date of submission, or until you request deletion.
Email Marketing Data: Subscriber information is retained for as long as you remain subscribed to our mailing list. Upon unsubscription, we retain a record of your email address on our suppression list to honor your opt-out preference.
Financial Records: Invoices, payment records, and tax-related documents are retained for seven (7) years in accordance with IRS guidelines and applicable tax law.
Website Analytics Data: Aggregated and anonymized analytics data may be retained indefinitely for trend analysis. Individual-level analytics data tied to identifiable cookies is retained in accordance with the cookie durations specified in Section 6.
Legal and Compliance Records: Data required for legal proceedings, regulatory compliance, or dispute resolution is retained for the duration of the relevant matter plus any applicable statute of limitations period.

When personal data is no longer needed for any legitimate purpose, we will securely delete or anonymize it. Where complete deletion is not immediately feasible (for example, data stored in backup archives), we will isolate the data and apply protective measures until deletion is possible.

8. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information. We are committed to honoring these rights promptly and transparently.

8.1 Rights Under the GDPR (EEA and UK Residents)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:

Right of Access: You may request a copy of the personal data we hold about you, including information about how it is processed and with whom it is shared.
Right to Rectification: You may request correction of inaccurate or incomplete personal data.
Right to Erasure ("Right to Be Forgotten"): You may request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, you withdraw consent, or there is no overriding legitimate ground for processing.
Right to Data Portability: You may request a copy of your data in a structured, commonly used, machine-readable format, and have the right to transmit that data to another controller.
Right to Restriction of Processing: You may request that we limit the processing of your data in certain circumstances, such as when you contest the accuracy of the data or object to processing based on legitimate interest.
Right to Object: You may object to the processing of your personal data based on legitimate interest or for direct marketing purposes. Upon objection, we will cease processing unless we demonstrate compelling legitimate grounds.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your member state if you believe our processing of your personal data violates the GDPR.

8.2 Rights Under the CCPA/CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act) grants you the following rights:

Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share your data.
Right to Delete: You may request that we delete personal information we have collected from you, subject to certain legal exceptions.
Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. As stated in this policy, we do not sell your personal data.
Right to Limit Use of Sensitive Personal Information: You may direct us to limit the use and disclosure of sensitive personal information to purposes necessary to perform our services.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will not receive different pricing, quality, or service levels as a result of exercising your rights.

8.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us using one of the following methods:

Email: Send a request to privacy@kairos-digital.net
Mail: Kairos Digital Growth LLC, Attn: Privacy Team, 1209 Mountain Road PL NE, Suite R, Albuquerque, NM 87110

We will verify your identity before processing your request and respond within the timeframes required by applicable law (generally within 30 days for GDPR requests and 45 days for CCPA requests). If we need additional time, we will inform you of the extension and the reasons for the delay. There is no fee for exercising your rights, unless a request is manifestly unfounded or excessive.

9. International Data Transfers

Kairos Digital Growth LLC is based in the United States. If you are accessing our website or providing personal information from outside the United States, including the European Economic Area, the United Kingdom, or other international jurisdictions, please be aware that your data will be transferred to, stored, and processed in the United States.

The United States may not provide the same level of data protection as your home jurisdiction. When we transfer personal data from the EEA or UK to the United States, we implement appropriate safeguards to ensure your data is protected in accordance with applicable law, including:

Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses with our service providers and partners to provide adequate data protection for international transfers.
EU-U.S. Data Privacy Framework: Where applicable, we work with service providers that participate in the EU-U.S. Data Privacy Framework to ensure adequate protection for personal data transferred from the EEA.
Supplementary Measures: Where necessary, we implement additional technical and organizational measures, such as encryption and access controls, to supplement the protections provided by the transfer mechanisms above.

By providing your personal information, you acknowledge that it will be processed in the United States, subject to the protections described in this Privacy Policy.

10. Data Security

We take the security of your personal information seriously and implement a combination of technical and organizational measures designed to protect your data against unauthorized access, alteration, disclosure, or destruction.

10.1 Technical Measures

Encryption: Data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). Sensitive data at rest is encrypted using industry-standard encryption algorithms.
Firewalls and Intrusion Detection: Our hosting infrastructure is protected by firewalls, intrusion detection systems, and DDoS mitigation technologies.
Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, using role-based access controls and multi-factor authentication.
Secure Infrastructure: We use reputable cloud hosting providers that maintain SOC 2, ISO 27001, or equivalent security certifications for their data centers.

10.2 Organizational Measures

Employee Training: Team members who handle personal data receive training on data protection principles, security best practices, and incident response procedures.
Vendor Assessment: We evaluate the security practices of third-party service providers before engaging them and require contractual commitments to data protection.
Data Minimization: We collect only the personal information that is necessary for the specified purposes and avoid excessive data collection.
Regular Reviews: We periodically review and update our security practices to address emerging threats and vulnerabilities.

10.3 Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by the GDPR. If the breach is likely to result in a high risk to your rights, we will also notify affected individuals without undue delay. For California residents, we will provide breach notifications as required by California Civil Code Section 1798.82.

While we implement robust security measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents and continuously improving our defenses.

11. Children's Privacy

Our website and services are not directed at individuals under the age of sixteen (16). We do not knowingly collect, solicit, or process personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at privacy@kairos-digital.net.

Upon verification, we will promptly delete the child's personal information from our records. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that information and, where required, notify the appropriate supervisory authority.

12. Third-Party Links

Our website may contain links to third-party websites, social media platforms, and external services, including but not limited to Facebook, Instagram, LinkedIn, TikTok, YouTube, and various advertising and analytics platforms. These links are provided for your convenience and informational purposes.

We are not responsible for the privacy practices, content, or security of third-party websites. Each third-party site operates under its own privacy policy and terms of service. We encourage you to review the privacy policies of any third-party site you visit before providing personal information.

The inclusion of a link to a third-party website does not imply endorsement, sponsorship, or affiliation with that site or its operators.

13. Marketing Communications

We may send you marketing communications, including newsletters, industry insights, case studies, promotional offers, and updates about our services, if you have opted in to receive such communications or if we have a legitimate interest in contacting you as an existing client.

13.1 Consent and Opt-In

We obtain your consent before adding you to our marketing mailing list. Consent is typically collected through explicit opt-in checkboxes on our website forms, verbal or written agreement during client onboarding, or direct subscription requests. We maintain records of consent, including the date, method, and scope of consent given.

13.2 Unsubscribe and Opt-Out

You may unsubscribe from our marketing communications at any time by:

Clicking the "Unsubscribe" link included in the footer of every marketing email we send.
Sending an email to privacy@kairos-digital.net with the subject line "Unsubscribe."
Contacting us by phone or mail using the details in Section 15.

We will process your unsubscribe request within ten (10) business days. Please note that even after unsubscribing from marketing communications, we may still send you transactional or service-related messages, such as project updates, invoices, and contractual notices.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will take appropriate steps to inform you, including:

Posting the updated policy on this page with a revised "Last Updated" date.
Displaying a prominent notice on our website announcing the change.
Sending an email notification to individuals in our contact database when the changes significantly affect how we process personal data.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website or services after any changes to this policy constitutes your acknowledgment of the updated terms.

For significant changes that affect your rights or our obligations, we will provide at least thirty (30) days' notice before the changes take effect, where practicable.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, we encourage you to reach out to us. We are committed to addressing your inquiries promptly and thoroughly.

Company Kairos Digital Growth LLC

Privacy Inquiries privacy@kairos-digital.net

General Contact info@kairos-digital.net

Mailing Address 1209 Mountain Road PL NE, Suite R
Albuquerque, NM 87110
United States

Data Protection Point of Contact

Although we are not legally required to appoint a Data Protection Officer (DPO) under the GDPR, we have designated a privacy point of contact responsible for overseeing our data protection strategy and compliance. All privacy-related inquiries should be directed to privacy@kairos-digital.net.

Right to Lodge a Complaint

If you are located in the EEA or UK and believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, work, or where the alleged infringement occurred. A list of EEA supervisory authorities is available at edpb.europa.eu.

If you are a California resident and wish to learn more about your CCPA/CPRA rights, you may contact the California Attorney General's office at oag.ca.gov/privacy.

We always appreciate the opportunity to address your concerns directly before you escalate to a regulatory authority, and we are committed to working with you to reach a fair resolution.