Honest about how we handle your data
KAI is built for enterprise key account management. We know your data and your clients' data is sensitive. Here is exactly what we collect, how we use it, and what we do not do.
What KAI stores about your accounts
KAI collects four categories of data, each with a distinct source and purpose. We do not collect more than is needed to deliver the intelligence service.
| Category | What it includes | Source |
|---|---|---|
| Public intelligence | News articles, press releases, financial filings, regulatory submissions, job postings, and other publicly available information about your accounts and their markets. | Public web, gathered by KAI's monitoring agents |
| Account context | Strategic notes, engagement priorities, relationship history, account plans, and any other context your team enters directly into KAI to personalise its intelligence. | Entered by your team within KAI |
| CRM data | Contact records, opportunity data, and activity history — only if you choose to connect your CRM. No integration is required to use KAI. | Your CRM, via optional integration |
| Contact details | Professional contact information for key stakeholders at your accounts, enriched via third-party data providers where configured. | Third-party professional data providers |
What happens to the data we hold
Data you provide to KAI is used exclusively to deliver and improve your intelligence service. It is not sold, shared with third parties for commercial purposes, or used to train models shared with other customers.
Your account context — strategy notes, account plans, relationship history, engagement priorities — is used to personalise the relevance scoring and recommended actions KAI delivers to your team. This context is visible only to users within your own KAI environment.
Public intelligence gathered by KAI's agents is processed, scored, and stored per your configured retention settings. You control how long findings are retained and can request deletion at any time.
Hosting and data isolation
KAI is deployed on multi-region cloud infrastructure. Data residency preferences — including EU-only or UK-only hosting — can be discussed as part of your deployment configuration. Please contact us if specific data residency is a requirement for your organisation.
Customer environments are logically isolated from one another on shared infrastructure. Your accounts, contacts, strategic context, and intelligence findings are not accessible to other KAI customers. Logical isolation is enforced at the data layer through separate databases and access controls per customer environment.
GDPR
KAI processes personal data — specifically, professional contact details for stakeholders at your accounts. That means GDPR applies, and we take that seriously.
Here is what we have done to support compliant deployment:
| Data minimisation | We collect only what is needed to deliver the intelligence service. Contact details are limited to professional information relevant to your monitored accounts. |
| Purpose limitation | Data collected for intelligence monitoring is used only for that purpose. It is not repurposed for advertising, profiling, or shared with third parties for their own use. |
| Access controls | Your account data is logically isolated. Only users in your KAI environment can access your account context, strategic plans, and intelligence findings. |
| Retention controls | Retention periods are configurable. You can request deletion of your data at any time, and all data is deleted within 30 days of subscription termination. |
| Data processing agreements | We will provide a signed DPA on request. All third-party providers used by KAI operate under their own DPAs. |
Your organisation is responsible for establishing the correct lawful basis for processing, issuing appropriate privacy notices to any individuals whose data is processed, and maintaining your own compliance records. KAI gives you the architecture — governance remains with you.
If you have specific regulatory, sectoral, or jurisdictional requirements, contact us before deploying. We would rather work through those questions upfront than have a compliance issue surface later.
Access, correction, and deletion
You have the right to access the data KAI holds, request corrections, and request deletion. These rights apply to data you have provided directly — including account context, strategic plans, and CRM data — as well as contact details sourced via enrichment integrations.
To exercise any of these rights, contact us at the address below. We will respond within 30 days.
KAI does not make automated decisions about individuals that produce legal or similarly significant effects. All intelligence and recommendations are advisory — decisions remain entirely with your team.
How long we keep your data
Intelligence findings are retained for the duration of your active subscription plus a 90-day wind-down period to allow for data export. Account context, strategic plans, and CRM data you have provided are deleted within 30 days of subscription termination unless you request earlier deletion.
Retention periods are configurable within your KAI environment. If your organisation requires shorter or custom retention schedules for compliance reasons, this can be configured as part of your deployment.
Third-party services
KAI uses a small number of third-party services to deliver its intelligence capability. Where data is shared with these providers, it is limited to what is strictly necessary for the service to function, and all providers operate under data processing agreements.
| Service type | Purpose | Data involved |
|---|---|---|
| Contact enrichment | Professional contact and stakeholder data for your monitored accounts | Company names and domains used for look-up |
| News & web intelligence | Monitoring and processing of publicly available news, announcements, and web content | Account names and search parameters derived from your monitored accounts |
| AI analysis | Scoring, summarisation, and recommendation generation from gathered intelligence | Processed intelligence findings and account context — no raw personal data |
We do not use any third-party services for advertising, behavioural tracking, or purposes beyond service delivery. We will update this section if our third-party providers change materially.
Questions about your data
If you have a question about this policy, want to exercise a data right, or have a compliance requirement to discuss, please get in touch. We aim to respond to all data-related enquiries within 5 business days.
Data & privacy enquiries
Send us your question and we will respond within 5 business days.
Contact us →This policy was last updated March 2026. We will notify active customers of any material changes.