Kyroo Privacy Policy
Effective Date: April 2026
Privacy Policy
This Privacy Policy explains how Kyroo collects, uses, and protects your information when you use our B2B ad attribution and intelligence platform at getkyroo.com and app.getkyroo.com. If you have questions contact us at hello@getkyroo.com.
1. Who we are
Kyroo is a B2B SaaS Ad intelligence platform that connects your LinkedIn Ads, Google Ads, and CRMs to show which campaigns are influencing pipeline and revenue. We are based in Northern Ireland, United Kingdom. For the purposes of UK GDPR and EU GDPR, Kyroo acts as both a data controller for account and usage data, and a data processor for the ad and CRM data you connect to the platform.
2. What data we collect
Account data: When you create a Kyroo account we collect your name, work email address, and company name to create and manage your account.
Billing data: Payments are processed by Stripe. We do not store your card details. Stripe's privacy policy applies to payment processing.
Ad platform data: When you connect LinkedIn Ads or Google Ads, we access and store campaign performance data including campaign names, impressions, clicks, spend, and company-level engagement data via the official APIs using OAuth 2.0.
CRM data: When you connect your CRMs, we access and store company records and deal data including company names, domains, deal names, deal values, and deal stages via the private app token you provide.
Usage data: We collect standard usage data including pages visited and features used to help us improve the product.
Notification data: If you connect Slack, we store your Slack webhook URL to send attribution alerts to your chosen channels. We do not access your Slack messages or any other Slack data.
3. How we use your data
We use your data solely to provide the Kyroo service: to create and manage your account, to generate attribution reports, to send email and Slack notifications you have opted into, to process subscription payments, to provide customer support, and to improve the product. We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except as described in this policy.
4. Data we process on your behalf
When you connect your ad platform or CRM accounts, we access and process that data on your behalf to provide the attribution service. This data is used solely to generate your attribution reports and is never shared with third parties or used for any other purpose. You remain the data controller. Kyroo acts as the data processor. You can disconnect any integration at any time from your Connect page. You can request deletion of all stored data by emailing hello@getkyroo.com.
5. How we store and protect your data
All data is stored securely on Supabase PostgreSQL, hosted in the EU, encrypted in transit using HTTPS and encrypted at rest. Row-level security policies ensure you can only access your own organisation's data. Our infrastructure providers are Supabase for database and authentication (EU hosted, SOC2 Type II), Vercel for application hosting (SOC2 Type II), Stripe for payment processing (PCI DSS Level 1), Resend for transactional email, and Slack for notifications where connected.
6. Data retention
We retain your data for as long as your account is active. If you cancel or delete your account, your data is retained for 30 days and then permanently deleted. You can request immediate deletion by emailing hello@getkyroo.com.
7. Your rights under UK GDPR
You have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. To exercise any of these rights email hello@getkyroo.com and we will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office at ico.org.uk.
8. Cookies
Kyroo uses only essential cookies required for authentication and session management. We do not use advertising cookies, tracking cookies, or Google Analytics.
9. Children
Kyroo is a B2B product for business use only. We do not knowingly collect data from anyone under 18.
10. Changes to this policy
We may update this policy from time to time. We will notify you of significant changes by email.
11. Contact