Kardio Logo
Login

Privacy Policy

1. Who We Are

Kardio ("we," "us," or "our") provides real-time web analytics software that helps businesses understand their site sessions, users, and revenue. We operate the Kardio marketing website (the "Site") and the Kardio analytics platform (the "Service").

For questions about this policy, contact us here or reach us on X (@KardioAnalytics).


2. Scope of This Policy

This policy explains how we collect, use, and protect personal data in two contexts:

  • This website — the Kardio marketing and brochure site you are currently reading.
  • The Kardio Service — the analytics platform that our customers embed on their own websites to measure visitor behavior.


3. Information We Collect

3a. On This Website

Contact and newsletter sign-ups
When you subscribe to our newsletter via the form in our footer, we collect your email address. We store this in our database.

Analytics and cookies (Google Tag Manager)
Our site uses Google Tag Manager to load analytics scripts. These tools may collect:

  • Pages you visit and time spent on each
  • Browser type, operating system, and device type
  • Referring URL and general geographic location (country/region)
  • Anonymized IP address

Google may set cookies on your device. Please refer to Google's Privacy Policy for details on how they handle this data.

No account required
You do not need to create an account to browse this website.


3b. Through the Kardio Analytics Service

Kardio is a tool that our customers (website operators) embed on their own sites. In that context:

  • Kardio is a data processor. Our customers are the data controllers, and they determine what data is collected and how.
  • We process on behalf of our customers: session events, page view paths, referrer sources, and revenue event values.
  • We do not collect names, email addresses, or other directly identifying information from end users of our customers' websites unless the customer explicitly passes that data to us.
  • End users of websites using Kardio should consult the privacy policy of the website they are visiting.


4. How We Use Your Information

Email address (newsletter):

Sending product updates, new features, and company news


GTM / analytics data:

Understanding how visitors use our marketing site, improving content and UX


Service analytics data:

Providing the Kardio analytics product to our customers


We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling that produces legal effects.


5. Legal Basis for Processing (EEA / UK Users)

If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases:

  • Consent — for newsletter subscriptions and non-essential cookies. You can withdraw consent at any time.
  • Legitimate interests — for website analytics that help us improve our product and marketing site.
  • Contract — when processing data to deliver the Kardio Service to customers under a subscription agreement.
  • Legal obligation — where required by applicable law.

6. Cookies

This Website

GTM / GA cookies (_ga, _gid, etc.)

You can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on or by adjusting your browser's cookie settings.


The Kardio Service

GTM / GA cookies (_ga, _gid, etc.)

Kardio may set a first-party session cookie on websites where it is embedded. Our customers' privacy policies govern cookie use on their websites.

Kardio first-party session cookies are set to expire after 30 minutes of activity on a connected website.


7. Data Sharing and Third-Party Services

We do not sell or rent personal data. We may share data with:

  • Google (via GTM) — for website analytics. Google Privacy Policy.
  • MongoDB — our database provider, which stores form submissions and CMS content.
  • Vercel — our hosting and infrastructure provider. Vercel may store data in their global edge network. Vercel Privacy Policy.
  • Vercel Blob — for media file storage associated with our website content.
  • Legal authorities — where required to comply with a court order, legal obligation, or governmental request.


8. Data Retention

Newsletter email subscriptions: Until you unsubscribe or request deletion

GTM / analytics data: Per Google's retention settings (default 14 months)

Kardio Service data: We retain data from users' connected sites for 8 days. After this, data is automatically deleted from our database.


9. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your data ("right to be forgotten")
  • Restrict or object to how we process your data
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, please fill out our contact form.


10. Data Security

We use industry-standard measures to protect your data, including:

  • Encrypted connections (HTTPS/TLS) across all pages
  • Hashed and salted passwords for user accounts
  • Access controls limiting who can view stored form submissions


11. International Transfers

Kardio operates from the United Kingdom.


12. Links to Third-Party Sites

Our site may contain links to external websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.


13. Changes to This Policy

We may update this policy from time to time. We will post the revised version here with an updated effective date. For material changes, we will notify newsletter subscribers by email.


14. Contact Us

Kardio
Contact form: Here
X: @KardioAnalytics
LinkedIn: Kardio