Kronos AI
Last Updated: May 22, 2026
This Privacy Policy explains how Kronos AI ("Kronos," "we," "us") collects, uses, shares, and protects information when a company or authorized user ("Customer") accesses and uses our platform, website, and related services (the "Service").
Important (business use): Kronos is a platform designed for businesses. When a Customer connects messaging channels (for example, Instagram, Messenger, WhatsApp, Telegram, voice) or connected applications (for example, Gmail, Shopify), the Customer typically acts as the data controller for its end customers/contacts, and Kronos acts as a data processor on the Customer's documented instructions. A Data Processing Addendum (DPA) reflecting this controller / processor relationship is available upon request to [email protected].
This Policy applies to:
This Policy does not apply to third-party services the Customer connects, which are governed by their own privacy policies. Where Kronos delegates specific functions to sub-processors (listed in Section 6), those sub-processors handle data on Kronos' documented instructions and under written agreements that mirror this Policy.
Depending on how the Service is used, we may collect and process the categories below. Each category is paired with a retention rule in Section 7.
When the Customer integrates a channel (messaging) or a connected application (e-commerce, productivity), we may process:
When the Customer connects a third-party platform that holds personal data of the Customer's own end customers (for example, the order and customer records inside the Customer's Shopify store), Kronos' AI agents may read that data on the Customer's instruction to answer inquiries or execute actions the Customer authorized. Specific handling rules for this category:
We may use cookies or similar technologies to:
We use information to:
We do not sell personal data. We do not use message content for advertising. We do not train external AI models on the Customer's data; AI provider configurations are set to disable training where the provider offers a data-controller opt-out.
Kronos offers automation and AI-assisted features, including generating responses, analyzing content, and executing tool calls against connected applications. To provide these features it is necessary to process information provided by the Customer (messages, context, account data, and payloads returned by connected applications) to:
Where AI providers are involved, we limit shared information to what is necessary to deliver the requested functionality, consistent with Customer configuration. AI provider sub-processors are listed in Section 6.
Where required by data protection laws (including the EU GDPR, the UK GDPR, the California Consumer Privacy Act, and Mexico's Federal Law on the Protection of Personal Data Held by Private Parties — LFPDPPP), we process information based on:
Controller / processor model: For data the Customer feeds into the Service or connects through a third-party platform, the Customer is the controller and Kronos is the processor. For data Kronos collects about its authorized users directly (sign-up information, billing, security telemetry), Kronos is the controller. Under the LFPDPPP (effective March 21, 2025), processors are within the explicit scope of the law; Kronos honors the ARCO rights of data subjects accordingly (see Section 9).
We use third-party sub-processors to deliver the Service. Each sub-processor is contractually required to protect information and use it only to deliver services to Kronos. The current list is published below and is kept up to date; material additions are reflected here.
When the Customer connects an upstream platform (for example, the Customer's Shopify store, a Customer's Gmail mailbox), data exchange may occur based on the Customer's configuration and the third party's rules. Those upstream platforms are not sub-processors of Kronos; they are the Customer's own controllers or counterparties, and Kronos does not control their privacy practices.
We may disclose information if reasonably necessary to:
If we are involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction, subject to reasonable safeguards and notice where required by law.
Retention is set per data category. Items not listed here follow the default rule: kept while the account is active, purged on cancellation, except where a legal obligation requires retention.
| Category | Retention |
|---|---|
| Account and workspace records | While the account is active. Purged on plan cancellation; certain billing-history rows are retained for legal and tax purposes. |
| Conversation transcripts and attachments | While the account is active. Purged on cancellation alongside the rest of operational data. |
| Tool-execution audit log (Composio actions) | Up to 30 days, then purged. Stores metadata only (tool name, success status, timing) — no request or response payloads. |
| OAuth access tokens for connected applications | Stored by Composio (the OAuth broker) while the connection is active; revoked on disconnect or on account cancellation. Kronos references the token indirectly via an opaque connection identifier. |
| KYC documents (voice number provisioning) | Maximum 30 days after the Twilio regulatory decision; deleted by a daily automated job. |
| Voice transcripts and call summaries | While the account is active. Purged on cancellation. Audio is not recorded. |
| Billing usage and AI-cost metrics | Retained beyond cancellation as billing history. |
| Security logs and audit trails | Retained while necessary for security investigations and legal compliance. |
When information is no longer needed, we delete or anonymize it using reasonable measures, subject to technical and legal limitations and to the backup cycle described in Section 10.
Kronos implements technical and organizational measures designed to meet or exceed the requirements of Shopify's Level 2 protected customer data program. These include:
No system is completely secure. Customers are responsible for protecting credentials, configuring access controls, training their own personnel, and maintaining appropriate internal security practices.
Depending on your jurisdiction, you may have the following rights with respect to personal data Kronos processes about you as a controller:
For data subjects in Mexico the LFPDPPP recognizes these as the ARCO rights (Acceso, Rectificación, Cancelación, Oposición). For data subjects in the European Economic Area, the United Kingdom, or California, equivalent rights are recognized under the GDPR, the UK GDPR, and the CCPA respectively.
Requests: Contact us using the details in Section 13. If you are an authorized user under a Customer account, or an end customer who interacted with a business that uses Kronos, please first contact the Customer that holds the account; Kronos will act on the Customer's instructions where it is the processor. We will respond to verifiable requests within 30 days, subject to identity verification and any extension permitted by law.
Kronos maintains a dedicated page with instructions for deleting data, including requests received through integration providers' mandatory data-deletion webhooks (Meta, Shopify, others). The page covers automated handling, manual request channels, timing, and backup-rotation expectations.
Data Deletion Page: https://www.kronos.com.mx/data-deletion
Kronos operates from Mexico. Production infrastructure and most sub-processors are US-hosted. Where personal data of individuals in the European Economic Area or the United Kingdom is transferred, we rely on:
Customers operating with strict data-residency requirements (for example, EU public-sector or EU AI Act high-risk classifications) should evaluate this transfer model in advance.
The Service is intended for business use and is not designed for use by children under the age of majority in their jurisdiction. We do not knowingly collect personal data from children.
For questions, requests, or DPA requests under this Privacy Policy:
Kronos AI — Privacy
Privacy / Data Protection Officer: [email protected]
Legal and DPA: [email protected]
Security incidents: [email protected]
Support: [email protected]
When a Customer connects a Shopify store, Kronos requests access to a defined set of Shopify Admin API scopes that map to the conversational use-cases the Customer's AI agents support (catalog questions, inventory checks, order status inquiries, discount management, fulfillment status, file management). Access is requested only to the minimum amount of data required to deliver this functionality.
One of the scopes requested, read_customers, is classified by Shopify as protected customer data and includes fields such as customer name, email, phone, and address. Kronos commits to Shopify's Level 1 and Level 2 program requirements when handling that data, as set out in Section 8 above (encryption in transit and at rest, backup encryption, environment separation, data-loss-prevention strategy, access controls, strong authentication, access logs, and incident response).
Kronos honors the three mandatory compliance webhooks defined by Shopify for apps that touch customer data:
customers/data_request — when an end customer of the merchant submits a data-access request through Shopify, Kronos receives the request, locates the data it holds associated with that customer's identifier across conversation transcripts and audit entries, and delivers it to the merchant within 30 days.customers/redact — when an end customer requests deletion, Kronos scrubs the corresponding identifier from conversation messages, redacts any quoted data attributable to that customer where reasonably feasible, and removes related audit entries. The action is completed within 30 days.shop/redact — 48 hours after the merchant uninstalls the Kronos app, Shopify notifies Kronos to delete all data for that shop. Kronos removes the integration record, the linked conversations and messages, the audit entries, and revokes the Composio connection. The action is completed within 30 days.All three endpoints verify the Shopify HMAC-SHA256 signature on the incoming request and return a 401 Unauthorized status if the signature is invalid. They return a 200 series status on successful receipt. Implementation details are reflected in our Data Deletion page.
Kronos discloses which Shopify scopes are requested, why each scope is needed, and which sub-processor (Composio) brokers the OAuth and the API traffic. The Customer remains the controller of its own end-customer data; Kronos acts as a processor on the Customer's documented instructions. A written Data Protection Addendum is available on request.
When you activate the voice channel for any AI agent, the following data flows through Kronos:
conversations row associated with the call. Retained while you are an active customer; deleted on plan cancel via the operational-data purge.messages rows with message_type='voice_transcript'.The voice channel requires three external service providers, each acting as a data processor for the specific function listed below:
Every voice call begins with an automated disclosure where the agent identifies itself as an AI and informs the caller that the conversation is transcribed. This disclosure is mandatory and cannot be removed by the operator. It is intended to comply with US and EU AI-transparency expectations (FTC AI guidance, EU AI Act Article 50 on AI-system transparency).
Functional voice data (conversation rows, transcripts, summaries) follows the same retention rules as the rest of your inbox: kept while you are an active customer, then purged on plan cancellation alongside other operational data. KYC documents follow a stricter 30-day cap regardless of subscription state. Billing-related metrics (number of calls, minutes used, billing-period rollups) are retained beyond cancellation as billing history, separately from the operational purge.
Twilio-side retention is separate from Kronos. Twilio acts as an independent processor for PSTN connectivity, and the terms you accepted when creating your Twilio account govern how long Twilio retains call data on its own infrastructure (up to a maximum of 3 years per Twilio's policy). Kronos cannot delete those Twilio-side records on your behalf — for end-of-life deletion of data Twilio holds, you must contact Twilio directly.
© 2026 Kronos AI. All rights reserved.