Book a Demo

See how your team performs under real pressure. In this demo, we’ll walk you through the 72-hour simulation, show you the report, and answer your questions on how PulseCheck strengthens human resilience.

Privacy Policy

Effective date: [insert date]

Controller: Kyba AI Ltd (Company No. 12961490)

1. Purpose

This Privacy Policy explains how Kyba AI Ltd (“we”, “us”, “our”) collects, uses, stores, and protects personal data through **kyba.ai**, **portal.kyba.ai**, and **journal.kyba.ai** in compliance with the **UK GDPR**, **EU GDPR**, and the **Data Protection Act 2018**.

2. Data We Collect

2.1 Information you provide
  • Registration details (name, email, organisation, role).
  • Decision-journal entries, comments, or uploaded materials.
  • Support queries or contact-form submissions.
2.2 Information we collect automatically
  • Log data (IP address, browser, device, timestamps).
  • Usage analytics for security and performance monitoring.
  • Cookies or similar technologies (see Cookie Notice).
2.3 Information from clients

When organisations engage our services, they may supply delegate lists or business data for onboarding. Kyba AI Ltd processes this solely to deliver contracted services.

3. Lawful Basis for Processing

We process personal data under one or more of the following legal bases:

  • Contractual necessity – to deliver our training or portal services.
  • Legitimate interests – to improve performance, security, and client outcomes.
  • Legal obligation*– to comply with statutory or accounting duties.
  • Consent – for specific optional features or marketing.

4. How We Use Your Data

  • Deliver and manage simulations, audits, and portal access.
  • Analyse performance and generate anonymised insights.
  • Provide client support and account administration.
  • Send service or policy updates.
  • Conduct optional marketing (only with prior consent).

5. Data Sharing

We do **not** sell personal data.

We may share limited data with:

  • Service providers under contract (hosting, analytics, authentication).
  • Professional advisers or regulators if required by law.

 All third parties are bound by data-processing agreements ensuring GDPR compliance.

6. International Transfers

If data is transferred outside the UK / EEA, Kyba AI Ltd ensures an adequate protection mechanism (Adequacy Decision, Standard Contractual Clauses, or equivalent safeguards).

7. Data Retention

Personal data is retained only for as long as necessary to:

  • Deliver services and maintain records of simulations.
  • Meet legal or contractual obligations.

 Data is anonymised or securely deleted once no longer required.

8. Data Security

We implement technical and organisational measures including:

  • * Encrypted transmission (HTTPS/TLS).
  • * Access controls and authentication.
  • * Regular penetration testing and data-minimisation practices.

9. Your Rights (UK & EU GDPR)

You have the right to:

  • Access your personal data.
  • Request correction or deletion.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent (for marketing or optional processing).

 Requests can be made via [privacy@kyba.ai](mailto:privacy@kyba.ai).

 We will respond within one month.

10. Cookies and Analytics

Our Sites use essential cookies for security and optional analytics cookies with consent.

Full details appear in our separate **Cookie Notice**.

11. Children’s Data

Our Services are designed for professionals and are **not intended for children under 18**.

12. Data Protection Officer / Representative

For GDPR compliance enquiries:

  • Data Protection Officer

Kyba AI Ltd

📧 [privacy@kyba.ai](mailto:privacy@kyba.ai)

13. Complaints

If you believe your data has been misused, you can contact us directly or lodge a complaint with:

Information Commissioner’s Office (ICO) – [www.ico.org.uk](http://www.ico.org.uk)

14. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be posted on kyba.ai with the date of effect shown above.