Privacy Policy

Effective Date: May 31, 2026
Last Updated: May 31, 2026

Introduction

KBD Systems ("we," "our," or "us") operates kbdsystems.com and provides productized website services and business operating systems for small businesses. This Privacy Policy explains how we collect, use, disclose, and protect your personal information.

Information We Collect

Information You Provide

  • Account Information: Email address, password (hashed), and optional name when you create an account
  • Business Information: Business name, contact details, and other information you provide when setting up your service
  • Payment Information: Billing address and payment details (credit card information is collected and processed by our payment processor, Authorize.Net, and is not stored on our servers)
  • Communications: Content of messages you send us through contact forms, support tickets, or email

Information Collected Automatically

  • Usage Data: Pages visited, features used, and actions taken within our services (collected via Plausible Analytics)
  • Technical Information: IP address, browser type, device information, and operating system
  • Performance Data: API response times and error rates for service monitoring

How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process payments and manage subscriptions
  • Send transactional emails (account confirmations, invoices, service updates)
  • Respond to your requests and provide customer support
  • Monitor and analyze usage patterns to improve service quality
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our business:

ServicePurposeData Shared
Authorize.NetPayment processingBilling address, payment card details
TaxJarSales tax calculationBilling address, transaction amounts
PostmarkTransactional email deliveryEmail address, name, service-related content
Plausible AnalyticsPrivacy-friendly analyticsAnonymized usage data, no personal identifiers
Neon (Postgres)Database hostingAll data stored in our system
VercelApplication hosting and CDNTechnical data required for service delivery
DigitalOceanDomain and DNS managementDomain registration information

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

Data Retention

  • Active Accounts: We retain your information for as long as your account is active or as needed to provide services
  • Closed Accounts: After account closure, we retain certain information for up to 7 years to comply with legal obligations, resolve disputes, and enforce our agreements
  • Marketing Communications: We retain email addresses for marketing purposes until you unsubscribe

Your Rights

You have the right to:

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information (subject to legal retention requirements)
  • Data Portability: Request your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing emails (transactional emails related to your service cannot be opted out of)

To exercise these rights, contact us at hello@kbdsystems.com.

Security

We implement industry-standard security measures to protect your information:

  • All data transmissions use SSL/TLS encryption
  • Passwords are hashed using bcrypt
  • Payment card data is tokenized and processed by PCI-compliant processors
  • Database access is restricted and logged
  • Regular security audits and monitoring

Despite these measures, no internet transmission is 100% secure. We cannot guarantee absolute security.

Cookies and Tracking

We use minimal cookies:

  • Essential Cookies: Session authentication cookies required for service functionality
  • Analytics: Plausible Analytics uses privacy-friendly tracking that does not use cookies or collect personal identifiers

We do not use third-party advertising cookies or cross-site tracking.

Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect information from children. If you believe we have inadvertently collected information from a child, contact us immediately.

International Data Transfers

Our services are operated in the United States. If you access our services from outside the US, your information will be transferred to and processed in the US. By using our services, you consent to this transfer.

California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to deletion
  • Right to non-discrimination for exercising CCPA rights

To exercise these rights, contact hello@kbdsystems.com.

GDPR Rights (EU Residents)

EU residents have rights under the General Data Protection Regulation:

  • Legal Basis: We process your data based on contract performance, legal obligations, and legitimate interests
  • Data Protection Officer: Contact hello@kbdsystems.com
  • Right to Lodge Complaint: You may file a complaint with your local data protection authority

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Updating the "Last Updated" date
  • Sending an email to your registered address
  • Posting a notice on our website

Contact Us

For privacy-related questions, requests, or concerns:

Email: hello@kbdsystems.com
Address: KBD Systems (privacy inquiries)
Response Time: We respond to privacy requests within 30 days

← Back to Home