KAS Codes KAS Codes
Terms of Service Sign In

Privacy Policy

How we collect, use, and protect your information

Effective Date: February 15, 2026 Last Updated: February 15, 2026

This Privacy Policy describes how KAS Codes LLC ("we," "us," or "our") collects, uses, and discloses your personal information when you use our services, including our custom-built Client Portal, project management tools, and support systems.

As a provider of enterprise software solutions, we are committed to maintaining the highest standards of data integrity and confidentiality, particularly regarding the sensitive infrastructure and credential data shared during the development lifecycle.

1 Information We Collect

We collect information to provide a seamless development experience and to manage the licensing and support of our products.

Identity & Contact Data

Name, business email address, physical business address, and phone number.

Account & Portal Data

Usernames, encrypted passwords, and profile settings for the Client Portal.

Transaction & Billing Data

Details about licenses, subscriptions, service plans, billing history, and payment identifiers (processed via secure, PCI-DSS compliant third parties).

Technical Project Data

We may collect repository access tokens, API keys, or server configurations necessary for the deployment of your specific software solution.

Credentials Vault Data

Specifically for our "Credentials Vault" feature, we store encrypted access credentials you provide. These are protected with industry-standard encryption and are only accessible by authorized personnel assigned to your project.

2 How We Use Your Information

Your data is used strictly for the following purposes:

Service Delivery: Managing your software licenses, deploying updates, and providing technical support.
Communication: Sending project milestones, security alerts, and billing notifications.
Feature Requests: Processing your feedback and requests for new features within the Client Portal.
Security & Compliance: To prevent unauthorized access to our systems and to comply with legal obligations.

3 Data Protection & The "Credentials Vault"

Security is the core of our enterprise philosophy.

Encryption

All sensitive data, including passwords stored in our Credentials Vault, is encrypted at rest using AES-256 and in transit via industry-standard encryption protocols (such as TLS 1.2 or higher).

Access Control

We implement Role-Based Access Control (RBAC). Only developers and project managers explicitly assigned to your account have access to your environment-specific data.

Infrastructure

Our portals are hosted on secure, containerized environments with continuous monitoring to detect and mitigate threats.

4 Data Sharing and Disclosure

We do not sell your personal or project data. We only share information with:

Sub-processors: Essential third-party services (e.g., cloud hosting providers, payment processors) that have passed our rigorous security assessments.
Legal Requirements: If required by law, we may disclose information to comply with a subpoena or similar legal process.

5 Data Retention Periods

We retain your data only for as long as necessary to fulfill the purposes described in this policy, or as required by law:

Account Data

Retained for the duration of your account plus 30 days after deletion request.

Billing & Transaction Data

Retained for 7 years as required by tax and accounting regulations.

Support Tickets

Retained for 3 years after resolution.

Credentials Vault Data

Deleted within 30 days of project completion or account termination.

Server Logs

Retained for 90 days for security monitoring.

6 Cookies and Tracking Technologies

Our services use the following types of cookies:

Session Cookies: Essential for login and portal functionality (strictly necessary).
CSRF Cookies: Security cookies to prevent cross-site request forgery.
Preference Cookies: Store your display preferences (e.g., dark/light mode).

We do not use third-party advertising or analytics tracking cookies. You can manage cookie preferences through your browser settings.

7 Lawful Basis for Processing

We process your personal data on the following legal bases:

Contract Performance: Processing necessary to provide the services you've contracted.
Legitimate Interest: Security monitoring, fraud prevention, and service improvements.
Legal Obligation: Tax records, regulatory compliance, and legal hold requirements.
Consent: Marketing communications (where applicable), which you can withdraw at any time.

8 Your Rights and Choices

Depending on your jurisdiction (such as GDPR or CCPA/CPRA), you may have the following rights:

Access

Request a copy of the personal data we hold about you.

Rectification

Correct inaccurate or incomplete data.

Deletion

Request the deletion of your account and associated data, subject to contractual or legal retention requirements.

Portability

Export your data in a structured, machine-readable format.

Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority in your jurisdiction if you believe our processing of your personal data violates applicable law.

9 International Data Transfers

If you are accessing our services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the U.S., where our primary servers are located.

For transfers of personal data from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognized transfer mechanisms, to ensure your data receives an adequate level of protection.

10 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users without unreasonable delay and no later than 72 hours after becoming aware of the breach, in accordance with GDPR requirements.

Notification will include: the nature of the breach, categories of data affected, likely consequences, and measures taken to address the breach.

We will also notify the relevant supervisory authority where required by law.

11 Changes to This Policy

We may update this policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new policy on the Client Portal and updating the "Last Updated" date.

12 Contact Us

For questions regarding this Privacy Policy or to exercise your data rights, please contact our Data Privacy Officer at:

KAS Codes LLC

Palm Beach, Florida, USA

[email protected]