Privacy Policy

This Privacy Policy explains how Klynda (“we”, “us”) processes personal data when you access or use Klynda.com and our portfolio tracking service. It is intended for users in the UK and EU.

We are the “data controller” for the personal data described in this policy. Our company details and contact information are available on the Contact page.

Account and identity data: name, email address, and authentication identifiers (including information provided via OAuth providers such as Google).

Portfolio data: assets, transactions, holdings, performance inputs, and any information you enter or import into the service.

Usage and device data: IP address, browser/device information, timestamps, and diagnostic logs. Where analytics is enabled, we also collect aggregated usage information.

Support and communications: messages and information you provide when contacting us.

From you: when you register, use the service, or contact support.

From OAuth providers: if you choose to sign in using Google or another provider, we receive basic profile and authentication information from that provider.

From your device: technical data generated when you access the site/app (e.g., IP address, browser type, logs).

To provide and secure the service, authenticate users, and operate core features.

To maintain, improve, and troubleshoot the service (including performance and reliability).

To communicate with you about service messages, security notices, and support requests.

To comply with legal obligations and enforce our Terms of Service.

For analytics and product improvement where you have provided consent (where applicable).

Contract: to provide the service you request, including account access and core functionality.

Legitimate interests: to protect our service and users (security, fraud prevention), maintain service quality, and improve the product (balanced against your rights).

Consent: for non-essential cookies/analytics and marketing communications, where applicable.

Legal obligation: to comply with applicable laws and lawful requests.

We use trusted processors for hosting, storage, monitoring, and optional analytics. They may access data only to provide services to us under contract.

We do not sell your personal data.

We may disclose personal data if required by law, to comply with lawful requests, or to protect the rights, safety, and security of Klynda and our users.

We may share data with professional advisers (e.g., legal, accounting) and in connection with a corporate transaction (e.g., merger, acquisition), subject to appropriate safeguards.

Where data is transferred outside the UK/EU, we use appropriate safeguards such as UK/EU Standard Contractual Clauses or equivalent mechanisms.

We retain personal data for as long as needed to provide the service and meet legal, accounting, and security obligations.

Portfolio data generally remains in your account until you delete it or close your account, after which it is removed or anonymized subject to legal or operational requirements (including limited-duration backups).

You may have rights to access, rectify, erase, restrict processing, object to processing, and data portability.

Where processing is based on consent (e.g., analytics/marketing), you can withdraw consent at any time.

You also have the right to lodge a complaint with a supervisory authority (e.g., the ICO in the UK or your EU data protection authority).

To exercise rights, contact us via the Contact page. We may ask you to verify your identity and provide information needed to process your request.

We use essential cookies (or similar technologies) for core functionality and security.

Non-essential cookies and analytics (e.g., Google Analytics) are used only where you have provided consent, where required by applicable law.

See our Cookie Policy/Preferences page for details and controls.

We implement technical and organizational measures designed to protect personal data. However, no system is completely secure.

Keep your credentials confidential and notify us if you suspect unauthorized access to your account.

The service is not directed to children under 18, and we do not knowingly collect their data.

We may update this Privacy Policy. Material changes will be communicated, and continued use after changes take effect constitutes acceptance.

For questions or to exercise rights, use the Contact page.

You can request deletion of your account and associated personal data, subject to legal and operational requirements (e.g., limited-duration backups). See the Data Deletion & Rights page for details.