Privacy Policy
Effective: July 12, 2026
1. Who we are
Kilden is operated by Freshwork S.p.A. ("Kilden", "we", "us"), based in Chile. This policy explains what personal data we handle and how. Kilden plays two distinct roles:
- Controller — for data about visitors to our websites and holders of Kilden accounts. Sections 2–4 cover this.
- Processor — for the data our customers send to the platform about their own users ("End-User Data"). We process it on the customer's instructions; the customer is the controller. Sections 5–6 cover this.
2. When you visit our websites
kilden.io and docs.kilden.io use no third-party analytics, advertising or tracking services. Our web server logs (IP address, user agent, requested URL) are kept briefly for security and troubleshooting. The only cookies we set are functional:
| Cookie | Purpose | Duration |
|---|---|---|
landing_locale | Remembers your language choice on kilden.io | 1 year |
kilden_session / session cookie | Keeps you signed in to the panel | Session |
XSRF-TOKEN | Protects forms against cross-site request forgery | Session |
remember_* | "Remember me" sign-in, if you choose it | Long-lived |
appearance, sidebar_state | UI preferences (theme, sidebar) | Up to 1 year |
Because we set no tracking cookies, we do not show a cookie banner and there is nothing to opt out of.
3. When you create an account
As the controller of panel accounts, we collect:
- Registration data: name, email address, password (stored hashed), optional company name and workspace name.
- OAuth sign-in (optional): if you sign in with GitHub or Google we receive your name, email and provider account ID. We never receive your password from them.
- Security data: email verification status, two-factor authentication secrets and recovery codes (if enabled), session records including IP address and user agent.
- Communications: emails we exchange with you, and transactional emails we send (verification, password reset, workspace invitations).
4. How we use account data
- to provide, secure and operate the Service (performance of contract);
- to notify you about security issues and material changes to the Service (legitimate interest);
- to comply with legal obligations.
We do not sell personal data, we do not run ads, and we do not use your account data or your Customer Data to train machine-learning models.
5. Data we process on behalf of customers
Customers instrument their own websites and apps with the Kilden SDK or APIs. What is collected is decided and configured by the customer — Kilden stores and processes it on their behalf. Depending on the customer's configuration, End-User Data can include:
- Events and context: page URLs, referrer, device type, screen size, UTM parameters, and custom events and properties the customer defines.
- Identifiers: a random anonymous ID generated in the browser, the user ID the customer assigns (which may be pseudonymous or not), and a session ID.
- Profile traits the customer sets, which may include name, email or plan.
- Session recordings (if the customer enables replay): reconstructions of the page and interactions. Text typed into inputs is masked by default and passwords are always masked; customers can additionally exclude or mask any element.
- Messaging data (if the customer runs campaigns): recipient email address, message content, delivery/open/click/bounce events, and suppression lists.
- Feature flag evaluations: which flags were evaluated for which identifier.
If you are an end user of a site or app that uses Kilden, the operator of that site is the controller of this data. Please direct access, correction or deletion requests to them; we support our customers in fulfilling such requests, and forward any we receive directly.
6. The Kilden SDK in your browser
On customers' sites, the SDK stores identifiers in the browser (keys prefixed
kilden_, such as kilden_anon_id and kilden_session) using
localStorage, or a first-party cookie with a one-year lifetime as fallback. The SDK exposes an
opt-out API that stops all capture and transmission, including session replay; whether and how
it is offered to you is controlled by the site operator.
7. Sharing and subprocessors
We share personal data only with providers that help us run the Service:
| Provider | Purpose |
|---|---|
| Resend | Email delivery (transactional email and customer campaigns) |
| DigitalOcean | Cloud infrastructure (compute, managed databases) |
| S3-compatible object storage | Storage of session replay recordings |
| GitHub / Google | OAuth sign-in, only if you choose it |
We may also disclose data when required by law, and in connection with a merger or acquisition (in which case this policy continues to apply to data collected before the change).
8. International transfers
We are based in Chile and our infrastructure and subprocessors may be located in the United States or the European Union. Where data protection law requires it, we rely on appropriate safeguards such as standard contractual clauses with our providers.
9. Retention
| Data | Retention |
|---|---|
| Account data | While your account is active; deleted within 60 days of account deletion |
| Events and profiles (End-User Data) | While the customer's project is active, or until the customer deletes them |
| Session recordings | 30 days, then deleted automatically |
| Pipeline buffers (message queues) | 3–14 days |
| Email suppression lists | Kept while needed to honor unsubscribe and bounce suppression |
10. Security
Data is encrypted in transit (TLS). Passwords are stored hashed. Server-side write keys are separate from public browser keys, and customer identity assertions can be cryptographically verified. Access to production systems is restricted. No system is perfectly secure; if a breach affects your personal data we will notify you as required by law.
11. Your rights
Depending on where you live (including under the GDPR and Chilean data protection law), you may have the right to access, correct, delete, or receive a copy of your personal data, to object to or restrict processing, and to withdraw consent. To exercise these rights, email [email protected] — we respond within 30 days. You may also lodge a complaint with your local supervisory authority. For End-User Data, contact the site operator (see Section 5).
12. Children
The Service is not directed to children under 16 and we do not knowingly collect their personal data for our own purposes.
13. Changes to this policy
We may update this policy. For material changes we will notify account holders by email or in the panel before they take effect. The effective date at the top always reflects the current version.
14. Contact
Freshwork S.p.A. — [email protected]