Privacy Policy
Privacy Policy
Effective Date: July 12, 2026
Kaisaro LLC - Bellevue, Washington, United States
Kaisaro LLC (“Kaisaro,” “Company,” “we,” “our,” or “us”) is committed to protecting the privacy and security of personal information entrusted to us. This Privacy Policy describes how we collect, use, disclose, process, store, and protect information obtained through our website, communications, business interactions, recruiting activities, and related services.
Please read this Privacy Policy carefully. It explains Kaisaro’s practices concerning personal information. Where applicable law requires consent for a particular activity, Kaisaro will request that consent separately and will not treat ordinary use of the website as consent.
No Contract or Waiver. This Privacy Policy is provided for transparency and privacy compliance purposes. It is not a contract, warranty, or representation that any particular law applies in every circumstance. Nothing in this Policy waives, limits, or expands any rights or obligations established by applicable law or by a separate written agreement signed by an authorized representative of Kaisaro.
1. Company Information
Kaisaro LLC
Bellevue, Washington, United States
Email: info@kaisaro.com
Website: https://www.kaisaro.com
2. Scope and Applicability
This Privacy Policy applies to personal information Kaisaro collects through its website, email and other communications, client and prospective-client relationships, supplier and contractor relationships, business-development activities, events, project administration, invoicing, security activities, and related business operations.
This Policy generally concerns information about identifiable individuals. It does not apply to anonymized or deidentified information that cannot reasonably be associated with an identifiable individual. Information concerning a company or other legal entity may nevertheless constitute personal information where it identifies or relates to an individual, such as a company representative, employee, owner, consultant, or business contact.
Kaisaro operates primarily in the United States and provides services to domestic and international clients. Where Kaisaro processes personal data of individuals located in the European Economic Area ("EEA"), the United Kingdom ("UK"), or other jurisdictions with applicable data protection laws, Kaisaro complies with those laws to the extent they apply to the relevant processing.
This Policy does not govern the independent privacy practices of third-party websites, platforms, or services. Where Kaisaro selects a provider to process personal information on Kaisaro’s behalf, however, Kaisaro will address that processing as required by applicable law and the nature of the relationship.
3. Information We Collect
We may collect information directly from individuals, automatically through website usage, and from third-party or publicly available sources where relevant and permitted by applicable law.
A. Information Voluntarily Submitted or Provided
When you or an organization with which you are associated contacts Kaisaro, submits an inquiry, uploads documents, applies for an opportunity, enters or performs a business relationship, attends an event or meeting, or otherwise communicates with Kaisaro, we may collect the following information:
-
Full name.
-
Email address and telephone number.
-
Company or organization name and professional title.
-
Business contact and relationship information, including employer, department, business address, role, authority, professional interests, meeting details, and communication preferences.
-
Client, supplier, contractor, and project information, including statements of work, project contacts, requirements, deliverables, approvals, support requests, and business correspondence.
-
Transaction and billing information, including billing contact details, invoice information, payment status, purchase order information, and limited payment-related records.
-
Payment status, purchase-order information, and limited payment-related records.
-
Due-diligence and compliance information, including information reasonably necessary for sanctions, export-control, fraud-prevention, conflict-of-interest, insurance, qualification, or vendor checks.
-
Event and meeting information, including registrations, attendance, recordings where disclosed, scheduling information, and meeting notes.
-
LinkedIn or professional profile information.
-
Resume, curriculum vitae (CV), portfolio, or other employment-related materials.
-
Uploaded documents, files, or attachments.
-
Any additional information voluntarily provided in correspondence.
B. Automatically Collected Information
When you access or interact with the website, certain technical and usage-related information may be collected automatically, including:
-
IP address and approximate geolocation derived from IP address.
-
Browser type and version; device identifiers and operating system.
-
Referring URLs, pages visited, and navigation patterns.
-
Date, time, and duration of access.
-
Cookies, analytics identifiers, and related technical information (see Section 10).
C. Sensitive, Confidential, and Restricted Information
Kaisaro’s general website forms and ordinary business email channels are not designed to receive highly sensitive personal information or restricted technical information. Unless Kaisaro specifically requests the information and provides an appropriate authorized method for transmission, do not submit:
-
medical, health, genetic, or biometric information;
-
Social Security numbers, passport numbers, driver’s license numbers, or copies of government identification;
-
complete payment card, banking, or financial-account credentials;
-
passwords, authentication credentials, or security keys;
-
classified information, controlled unclassified information, or export-controlled technical data;
-
confidential, proprietary, or trade secret information belonging to an employer, client, government entity, or other third party; or
-
information that you are not authorized to disclose.
If Kaisaro receives information that was not requested or that should not have been submitted through a general channel, Kaisaro may restrict access to it, return it, securely delete it, or take other appropriate action, subject to applicable law, contractual obligations, security requirements, and legal retention needs.
Kaisaro’s website and general business-contact channels are not designed to collect consumer health data. Do not submit medical, health, genetic, biometric, reproductive-health, or similar information unless Kaisaro specifically requests it through an authorized process.
Before transmitting sensitive or restricted information for an authorized project, contact Kaisaro to confirm an appropriate transfer method and any required confidentiality, security, or export-control arrangements.
D. Information from Other Sources
Kaisaro may receive personal information from:
-
clients, prospective clients, suppliers, contractors, business partners, and their representatives;
-
professional networking platforms, company websites, professional directories, publications, patent databases, and other lawful public sources;
-
event organizers, referral sources, and professional contacts;
-
background, credential, sanctions, export-control, fraud-prevention, or compliance providers, where relevant and permitted by law;
-
website, analytics, communications, security, cloud, and IT service providers; and
-
government authorities or other parties where permitted or required by law.
Where required by applicable law, Kaisaro will provide appropriate notice concerning information obtained indirectly.
E. Information Created or Generated by Kaisaro
Kaisaro may create or generate information in connection with its business activities, including communication records, meeting notes, project records, access and security records, transaction status, account or relationship history, internal evaluations, compliance records, and records of decisions, approvals, or actions relating to a business relationship.
4. Purposes for Processing
We collect, use, process, and retain information for the following legitimate business and operational purposes:
-
Responding to communications, inquiries, and requests for information.
-
Evaluating employment, consulting, partnership, investor, supplier, and collaboration opportunities.
-
Providing engineering, research, development, consulting, and related professional services.
-
Operating, maintaining, securing, and improving website functionality and user experience.
-
Detecting, investigating, and preventing fraud, abuse, unauthorized access, or unlawful activity.
-
Maintaining business, financial, legal, and compliance records.
-
Enforcing legal rights, contractual obligations, and internal policies.
-
Complying with applicable laws, regulations, legal processes, and governmental requests.
-
Managing client, prospective-client, supplier, contractor, and business-partner relationships.
-
Preparing proposals, quotations, contracts, statements of work, purchase orders, invoices, and project records.
-
Administering projects, deliverables, access permissions, quality activities, approvals, support, and communications.
-
Performing appropriate client, supplier, sanctions, export-control, anti-fraud, conflict, and other compliance checks.
-
Protecting Kaisaro’s systems, personnel, clients, intellectual property, confidential information, facilities, and legal interests.
-
Establishing, exercising, or defending legal claims.
-
Managing corporate transactions, financing, insurance, audits, restructuring, or a potential sale or transfer of all or part of the business.
Kaisaro does not sell or rent personal information to third parties. Kaisaro will not use personal information for a materially different purpose without providing additional notice or obtaining consent where required by applicable law.
5. Legal Bases for Processing Where the EU GDPR or UK GDPR Applies
Where the EU GDPR or UK GDPR applies, Kaisaro processes personal data under one or more of the legal bases described below.
Processing activity - Purpose | GDPR basis, where applicable
1. Responding to inquiries and business communications - Responding to requests and administering business relationships - Art. 6(1)(b) and/or Art. 6(1)(f).
2. Preparing proposals and entering contracts - Taking requested pre-contractual steps - Art. 6(1)(b).
3. Providing engineering, consulting, and related services - Performing a contract or administering a client relationship - Art. 6(1)(b) and/or Art. 6(1)(f).
4. Managing client, supplier, contractor, and professional contacts - Operating and administering business relationships - Art. 6(1)(f), and Art. 6(1)(b) where the individual is a contracting party.
5. Project, quality, security, and access administration - Delivering services and protecting systems, information, clients, and personnel - Art. 6(1)(b), Art. 6(1)(c), and/or Art. 6(1)(f).
6. Billing, accounting, tax, and corporate records - Compliance with legal obligations and business administration - Art. 6(1)(c) and/or Art. 6(1)(f).
7. Sanctions, export-control, fraud-prevention, qualification, and compliance checks - Compliance with law and protection of legitimate business interests - Art. 6(1)(c) and/or Art. 6(1)(f).
8. Website operation and cybersecurity - Maintaining a secure and functional website and systems - Art. 6(1)(f).
9. Nonessential analytics and similar technologies - Measuring website use where consent is required - Art. 6(1)(a); otherwise Art. 6(1)(f) only where permitted.
10. Legal claims and dispute management - Establishing, exercising, or defending legal claims - Art. 6(1)(f), together with any applicable special-category condition.
11. Governmental, regulatory, and legal requests - Compliance with applicable legal obligations - Art. 6(1)(c).
12. Business transactions, insurance, audits, financing, or restructuring - Legitimate corporate and business administration interests - Art. 6(1)(f), subject to appropriate safeguards.
Where Kaisaro relies on legitimate interests, those interests may include conducting and administering business, responding to communications, providing services, securing systems, preventing fraud, protecting confidential information and intellectual property, maintaining appropriate records, and establishing or defending legal claims. Kaisaro considers the necessity and proportionality of the processing and its possible effect on individuals.
The right to object is not absolute. Kaisaro may continue processing where it demonstrates compelling legitimate grounds or where processing is necessary for the establishment, exercise, or defense of legal claims, as permitted by applicable law.
Where processing is based on consent, an individual may withdraw consent at any time through the available cookie controls or by contacting info@kaisaro.com. Withdrawal does not affect processing lawfully carried out before the withdrawal and does not require Kaisaro to delete information that it is required or permitted to retain under another lawful basis.
6. Data Retention Schedule
Kaisaro retains personal information only for as long as reasonably necessary for the purposes described in this Policy, including service delivery, business administration, security, compliance, contractual obligations, insurance requirements, and the establishment, exercise, or defense of legal claims. The periods below are general guidelines and may be shortened or extended where required or permitted by law, contract, audit requirements, legal hold, insurance obligations, dispute, investigation, or other documented need.
Data category - Retention period | Legal basis
1. Contact form inquiries / general correspondence - Generally up to two years after the last substantive communication, unless the inquiry develops into a business relationship or longer retention is reasonably necessary; legitimate interests; legal compliance.
2. Job applications, CVs, portfolios - Retained in accordance with Kaisaro's Applicant Privacy Notice (generally up to two years after the recruitment process concludes for U.S. applicants); pre-contractual steps; legitimate interests.
3. Business contracts and client records - Generally 7 years after completion or termination of the relationship, or longer where reasonably necessary for contractual, insurance, tax, export-control, quality, audit, or legal-claim purposes; legal obligation (tax/accounting); legitimate interests.
4. Website analytics and usage logs - According to the configured period in the applicable analytics service, generally no longer than reasonably necessary for the stated analytics purpose;
Consent; legitimate interests.
5. Security and access logs - Generally up to 12 months from generation, although shorter or longer periods may apply depending on the system, security incident, investigation, contractual requirement, or legal obligation.;
Legitimate interests; legal obligation.
6. Financial and invoicing records - Generally seven years after the relevant tax year, transaction, or business relationship, or longer where required or reasonably necessary for tax, accounting, audit, contractual, or legal purposes; legal obligation.
7. Legal hold / litigation-related records - Duration of proceedings plus applicable statute of limitations;
Legal obligation; legal claims.
8. Cookie consent records - For as long as reasonably necessary to demonstrate consent, refusal, withdrawal, and compliance, taking into account the applicable legal limitation period; legitimate interests.
Retention periods may be extended where information is required for ongoing litigation, regulatory investigation, audit, or other legal proceeding. Where appropriate and permitted by law, Kaisaro may deidentify or anonymize information instead of deleting it. Pseudonymized information remains personal information where it can be reidentified using additional information.
7. Disclosure of Information
Kaisaro may disclose personal information to the following categories of recipients when reasonably necessary for legitimate business purposes or as required by law:
-
Website hosting and cloud infrastructure providers.
-
IT, cybersecurity, and analytics service providers.
-
Legal, accounting, compliance, and professional advisors.
-
Contractors, consultants, and service providers acting on Kaisaro’s behalf under appropriate confidentiality obligations.
-
Clients and prospective clients where disclosure is reasonably necessary to provide services, administer a project, evaluate qualifications, allocate personnel, or pursue a requested business opportunity.
-
Insurers, auditors, lenders, investors, professional advisers, and transaction counterparties in connection with insurance, financing, audits, due diligence, restructuring, merger, acquisition, investment, or a sale or transfer of assets.
-
A successor, purchaser, affiliated entity, or other party involved in an actual or proposed corporate transaction, subject to applicable law and appropriate confidentiality or data-protection measures.
-
Government authorities, regulators, law enforcement, or judicial bodies when required by applicable law, legal process, or court order.
Kaisaro requires service providers that process personal information on its behalf to maintain appropriate confidentiality, security, and data-protection commitments, taking into account the services, information, risks, and applicable law. These commitments may be contained in data-processing terms, confidentiality provisions, security terms, online service agreements, or other contractual arrangements.
Kaisaro does not presently sell personal information or share personal information for cross-context behavioral advertising as those terms are defined by the CCPA. Kaisaro may disclose personal information to service providers, contractors, clients, advisers, and other recipients for the purposes described in this Policy.
8. International Processing and Data Transfers
Kaisaro is based in the United States. Personal information may be transferred to, accessed from, stored in, or processed in the United States and in other countries where Kaisaro’s clients, contractors, advisors, or service providers operate. The privacy laws of those jurisdictions may differ from those of the country in which the individual is located.
Where applicable law requires a specific transfer mechanism or safeguard, Kaisaro will use an appropriate lawful mechanism before making the relevant restricted transfer. Depending on the circumstances, such mechanisms may include an applicable adequacy decision, approved standard contractual clauses and required addenda, another legally recognized contractual mechanism, or a statutory exception or derogation.
Kaisaro does not represent that a particular transfer mechanism applies unless that mechanism has actually been implemented for the relevant transfer.
Individuals may request information about safeguards applicable to a particular transfer by contacting info@kaisaro.com. Kaisaro may redact confidential, commercial, security-sensitive, or legally protected portions of transfer documentation where permitted by law.
9. Applicant and Recruiting Information
Personal information submitted or collected in connection with employment, internship, consulting, contractor, temporary-worker, or individual advisory opportunities is governed by Kaisaro’s Applicant Privacy Notice, available at https://www.kaisaro.com/applicant-privacy.
If this Privacy Policy and the Applicant Privacy Notice conflict concerning applicant information, the Applicant Privacy Notice governs to the extent of the conflict.
Submission of application materials does not create an employment or contractual relationship or guarantee review, interview, consideration, offer, or engagement.
10. Cookies and Analytics Technologies
This website may use cookies and similar tracking technologies. A “cookie” is a small text file stored on your device that helps websites recognize returning visitors and measure usage.
Additional information about the specific cookies and similar technologies used on this website is provided in Kaisaro’s Cookie Policy, available at https://www.kaisaro.com/cookie-policy. If the Cookie Policy and this Section conflict regarding cookie-specific practices, the Cookie Policy governs to the extent of that conflict.
Categories of Cookies
-
Essential / strictly necessary cookies - required for core website functionality (e.g., security, session management). These do not require consent.
-
Analytics and performance cookies - used to measure website traffic and user behavior (e.g., Google Analytics). These require your prior consent in jurisdictions where consent is legally required.
-
Functionality cookies - used to remember your preferences. May require consent depending on jurisdiction.
-
Marketing and advertising cookies - Kaisaro does not currently use advertising or targeting cookies.
Consent and Control
In jurisdictions where applicable law (including the GDPR and the EU ePrivacy Directive) requires prior consent before non-essential cookies are set, this website uses a cookie consent management tool. Non-essential cookies will not be activated until you have actively accepted them through the consent banner presented upon your first visit. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
Do Not Track and Opt-Out Preference Signals
This website does not currently respond to browser “Do Not Track” signals. Kaisaro will recognize legally applicable opt-out preference signals, including Global Privacy Control, where required by applicable law and technically applicable to Kaisaro’s processing. Kaisaro does not presently sell personal information or share personal information for cross-context behavioral advertising as those terms are defined by the CCPA.
11. Data Security
Kaisaro implements commercially reasonable administrative, technical, and organizational security measures designed to protect personal information against unauthorized access, disclosure, misuse, alteration, destruction, or loss. These measures include, where appropriate, encryption of data in transit, access controls, and vendor security assessments.
No internet transmission or electronic storage system can be guaranteed to be completely secure. Accordingly, Kaisaro cannot guarantee absolute security of information transmitted to or stored through the website, and users should avoid transmitting highly sensitive or restricted information through ordinary email or general website forms and should contact Kaisaro to arrange an appropriate transfer method where necessary.
12. Privacy Rights and Requests
Depending on applicable law and your jurisdiction, you may have rights relating to your personal information. Kaisaro will honor verified requests in accordance with applicable law.
A. General Rights
The following rights may be available under applicable privacy laws:
-
Access - where applicable, request access to personal information Kaisaro holds about you.
-
Correction - where applicable, request correction of inaccurate or incomplete personal information.
-
Deletion - where applicable, request deletion, subject to legal exceptions and Kaisaro’s lawful retention obligations.
-
Restriction - where applicable, request restriction of processing in specified circumstances.
-
Data portability - where applicable, receive certain information in a structured, commonly used, machine-readable format, subject to legal requirements and technical feasibility.
-
Objection - where applicable, object to specified processing based on legitimate interests or certain profiling.
-
Withdrawal of consent - where processing is based on consent, withdraw that consent without affecting processing lawfully carried out before withdrawal.
B. California Residents (CCPA / CPRA)
To the extent Kaisaro is subject to the California Consumer Privacy Act and its implementing regulations for the relevant processing, California residents may have rights to know, access, correct, delete, and limit certain uses of personal information, subject to statutory exceptions.
Where the CCPA applies, this Policy is intended to provide general notice at collection for the categories and purposes described herein. Kaisaro may provide a supplemental notice for a particular interaction where appropriate.
Kaisaro does not sell personal information. Kaisaro does not share personal information for cross-context behavioral advertising purposes as those terms are defined by the CCPA. If Kaisaro becomes legally required to provide a “Do Not Sell or Share My Personal Information” mechanism or recognize an applicable opt-out preference signal, Kaisaro will provide or recognize the required mechanism. Kaisaro will not discriminate against individuals who exercise their California privacy rights.
C. Individuals Whose Information Is Subject to the EU GDPR or UK GDPR
Where the EU GDPR or UK GDPR applies to Kaisaro’s processing, individuals may have the rights described in Section 12.A, subject to the requirements, limitations, and exceptions established by applicable law. In addition:
-
Right to lodge a complaint - you have the right to lodge a complaint with your local supervisory authority at any time. In the UK, this is the Information Commissioner’s Office (ICO). In EU member states, complaints may be lodged with the relevant national data protection authority (DPA). A list of EU supervisory authorities is available through the European Data Protection Board at https://www.edpb.europa.eu/about-edpb/our-members_en.
-
Right not to be subject to solely automated decisions - see Section 15 below.
D. Washington State Residents
Kaisaro processes personal information in accordance with applicable Washington and federal privacy, consumer-protection, security, and breach-notification laws. Washington residents may submit privacy questions or requests to info@kaisaro.com. Kaisaro will evaluate each request under the law applicable to the relevant information and processing.
E. Canadian Individuals (PIPEDA and Provincial Law)
Where PIPEDA or applicable Canadian provincial privacy law governs Kaisaro’s processing, individuals may have rights concerning access, correction, consent, withdrawal of consent, and complaints, subject to applicable exceptions.
Where Quebec privacy law applies, the person exercising the highest authority within Kaisaro serves as the person in charge of the protection of personal information unless that responsibility has been delegated in writing. Privacy questions may be directed to info@kaisaro.com with “Privacy Officer — Quebec” in the subject line.
Where required by Quebec law, Kaisaro conducts an assessment of privacy-related factors before communicating personal information outside Quebec and uses appropriate contractual, organizational, and security measures for the communication.
Kaisaro is responsible for personal information under its control and uses contractual, organizational, and security measures appropriate to the sensitivity of the information and the nature of the processing. Personal information may be processed in the United States or other jurisdictions, where courts, law-enforcement agencies, or regulators may have lawful access under local law.
Where applicable, Canadian law requires consent, Kaisaro will obtain an appropriate form of consent, subject to statutory exceptions. Withdrawal of consent may be subject to legal, contractual, security, recordkeeping, or technical limitations and may affect Kaisaro’s ability to provide a requested service.
Questions, requests, and complaints may be directed to Kaisaro’s privacy contact at info@kaisaro.com with “Privacy Request-Canada” in the subject line. Where applicable law provides a right to complain to a Canadian federal or provincial privacy regulator, Kaisaro will not limit that right.
F. How to Submit a Request
Privacy-related requests may be submitted by email to info@kaisaro.com. Please include your full name, the nature of your request, and sufficient information to allow Kaisaro to identify the personal information concerned.
Kaisaro reserves the right to verify the identity of requestors before processing requests, where legally permitted or required. Requests will be acknowledged within a reasonable time and responded to within the period required by applicable law.
13. Consumer Health Data Submissions
Health Data We Do Not Collect
Kaisaro is a technology and engineering services company. Kaisaro does not intentionally collect, process, or share consumer health data as defined under the WMHMDA through this website. Our website forms are not designed or intended to collect health information.
What to Avoid Submitting
Users should not submit through public website forms:
-
Any medical records, diagnoses, treatment information, or prescription data.
-
Any biometric or genetic data.
-
Any mental or behavioral health information.
-
Any information about reproductive health or pregnancy.
-
Any other information that could be used to infer health or medical status.
If Health Data Is Inadvertently Submitted
If Kaisaro becomes aware that consumer health data was inadvertently submitted through a general website or email channel, Kaisaro may restrict access to the information, return it, securely delete it, or take another appropriate action. Kaisaro will not use or disclose the information except as reasonably necessary to address the submission, protect systems or individuals, comply with law, respond to a legal demand, enforce legal rights, or preserve information subject to a contractual, regulatory, litigation-hold, or other legal obligation.
14. Children’s Privacy
Kaisaro’s website and services are intended for businesses and adults and are not directed to children or minors. Kaisaro does not knowingly collect personal information from children under 13 through the website. Kaisaro also does not intentionally solicit personal information from minors for general business inquiries.
If Kaisaro learns that it collected personal information from a child in circumstances requiring parental consent or other authorization, Kaisaro will take appropriate steps to delete or otherwise address the information as required by applicable law. A parent or legal guardian may contact info@kaisaro.com concerning information submitted by a child.
15. Automated Decision-Making and Profiling
Kaisaro does not presently make decisions producing legal or similarly significant effects solely through automated processing without meaningful human involvement.
Kaisaro may use ordinary website, security, email, search, sorting, analytics, project-management, or administrative tools that assist personnel but do not independently make such decisions.
Before introducing automated decision-making or profiling subject to specific notice, assessment, consent, explanation, objection, or human review requirements, Kaisaro will evaluate and implement applicable legal requirements.
16. Data-Breach Response and Notification
Kaisaro maintains procedures designed to identify, assess, contain, investigate, and respond to suspected security incidents involving personal information.
Where a security incident constitutes a legally reportable personal-data breach, Kaisaro will provide notices to affected individuals, regulators, customers, or other parties within the time and manner required by applicable law.
Under Washington law, where statutory notification requirements apply, notice will be provided within the applicable legal period, subject to permitted law-enforcement delay and other statutory provisions. Where a single breach requires notification to more than 500 Washington residents, Kaisaro will notify the Washington Attorney General within the period required by RCW 19.255.010.
Where the EU GDPR or UK GDPR applies, Kaisaro will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours after becoming aware of a personal-data breach where regulatory notification is legally required. Kaisaro will notify affected individuals where the applicable high-risk threshold is met.
Kaisaro may delay or withhold notice where permitted or required by applicable law, including at the request of law enforcement.
The content of any notification will be determined by the applicable law and the facts reasonably available at the time.
Suspected unauthorized access to information maintained by Kaisaro should be reported promptly to info@kaisaro.com.
17. Third-Party Websites and Services
This website may contain links to third-party websites, platforms, or services. Kaisaro is not responsible for the privacy practices, security measures, content, or operations of any third-party website or service.
Third-party websites and services are governed by their own privacy notices and terms. Users should review those materials before providing personal information to a third party. The presence of a link does not constitute Kaisaro’s endorsement of the linked site.
18. Confidentiality and Submitted Information
General website forms and ordinary business email channels are not intended for confidential, classified, export-controlled, or third-party proprietary information unless Kaisaro has expressly authorized the submission and established appropriate safeguards.
Submission of information through a general public channel does not by itself create a confidentiality, fiduciary, partnership, joint venture, employment, or professional advisory relationship. Any confidentiality obligations must arise from applicable law or a separate written agreement with Kaisaro.
Kaisaro will process personal information contained in submissions as described in this Policy. Separate ownership, licensing, confidentiality, and intellectual-property terms may apply under Kaisaro’s Terms of Service or an applicable written agreement.
19. Modifications to This Privacy Policy
Kaisaro may revise or update this Privacy Policy from time to time to reflect changes in its business practices, services, technology, legal requirements, or handling of personal information.
The updated Privacy Policy will be posted at https://www.kaisaro.com/terms-policy with a revised effective date.
Where required by applicable law, Kaisaro will provide additional notice or obtain consent before a material change takes effect. Kaisaro may also communicate material changes through the website, by email, through a prominent website notice, or by another appropriate method where reasonably practicable.
A change may be considered material where it significantly affects the categories of personal information collected, the purposes for which information is used, the categories of recipients to whom information is disclosed, the use of tracking or automated-decision technologies, international processing practices, or individuals’ privacy rights.
The revised Privacy Policy will apply from the stated effective date. Continued use of the website does not constitute consent to processing for which applicable law requires separate affirmative consent.
If Kaisaro begins collecting consumer health data subject to a law requiring a separate consumer health data privacy policy, Kaisaro will publish the required policy and obtain any consent required by applicable law before beginning the relevant collection, use, or sharing.
20. EU and UK Privacy Contact
Kaisaro is established in the United States and does not maintain an establishment in the EEA or UK. Individuals may contact Kaisaro directly at info@kaisaro.com concerning privacy matters. Where applicable law requires Kaisaro to appoint an EEA or UK representative, Kaisaro will publish the representative’s contact information as required by law.
Individuals may contact Kaisaro directly at info@kaisaro.com concerning privacy matters.
Where applicable law requires Kaisaro to appoint an EEA or UK representative, Kaisaro will make the representative’s contact information available as required by law.
21. Contact Information
For questions, concerns, or requests relating to this Privacy Policy or Kaisaro’s data practices, please contact:
Kaisaro LLC - Privacy Office
Email: info@kaisaro.com
Website: https://www.kaisaro.com
Kaisaro will acknowledge and respond to verified privacy requests within the periods required by applicable law. The applicable period may vary depending on the jurisdiction, request, identity-verification requirements, complexity, and any legally permitted extension.
© 2026 Kaisaro LLC. All rights reserved. This Privacy Policy was last reviewed and updated on July 12, 2026.