Privacy Policy
Effective: July 1, 2026
This Privacy Policy explains how MYH Solutions LLC (“the Company,” “we,” “us”), which operates Kinetic (the “Service”) — a multi-tenant sales-pipeline and light-CRM application with an integrated AI assistant — collects, uses, discloses, and protects information. By using the Service you agree to the practices described here.
1. Who this policy covers
Kinetic is a business-to-business application used by organizations (“Customers”) and their authorized users. Much of the data in Kinetic is entered by a Customer about its own clients and prospects. For that data, the Customer is the controller and the Company acts as a service provider/processor on the Customer's behalf; this policy describes our practices, but the Customer's own privacy notice governs its relationship with its clients.
2. Information we collect
- Account information. When you sign in — with email and password, or through Google or Microsoft sign-in — we receive your name, email address, and a unique account identifier. We do not receive your Google or Microsoft password.
- Workspace and CRM data. Information you and your team enter or upload: contacts and organizations, pipeline records and policy details, notes, tasks, documents, and communication history.
- Usage and device data. Log data such as IP address, browser type, pages accessed, and timestamps, used for security, troubleshooting, and improving reliability.
- Cookies. We use strictly necessary cookies to keep you signed in and to secure your session. We do not use advertising cookies.
3. How we use information
- Provide, operate, secure, and support the Service;
- Authenticate users and maintain workspace isolation between Customers;
- Power AI-assisted features such as drafting outreach and summarizing records (see §5);
- Send service-related communications (for example, security and status notices);
- Detect, investigate, and prevent fraud, abuse, and security incidents; and
- Comply with legal obligations and enforce our agreements.
We do not sell personal information, and we do not use Customer data to train third-party AI models.
4. Tenant isolation
Each Customer's data is stored in an isolated workspace and is accessible only to that Customer's authorized users. We do not share one Customer's data with another.
5. AI-assisted features
Kinetic uses AI models to generate drafts and insights at your request. Text sent to these models is processed to produce a response and is not used to train the model. Before content is sent to a model, our redaction layer tokenizes direct identifiers by default as a defense-in-depth measure. Our AI processing runs through providers bound by confidentiality obligations and, where applicable, a Business Associate Agreement (see §8). AI output can be inaccurate and is intended to assist — not replace — human judgment.
6. How we share information
We share information only as described here:
- Service providers (subprocessors). We use vetted providers to run the Service, including Amazon Web Services (hosting, storage, AI inference, email delivery), Neon (managed database), and Google and Microsoft (authentication when you choose those sign-in options). These providers process data on our behalf under contract.
- Legal and safety. When required by law or to protect rights, safety, and the integrity of the Service.
- Business transfers. In connection with a merger, acquisition, or sale of assets, subject to this policy.
- With your direction. When you ask us to share information or use an integration you enable.
7. Security
We protect information with encryption in transit and at rest, least-privilege access controls, network isolation of the origin, audit logging, and continuous monitoring. No method of transmission or storage is perfectly secure, but we work to protect your information and to notify affected parties of incidents as required by law.
8. Financial and health information
Kinetic is used by insurance agencies, so the data our Customers store may include nonpublic personal information (NPI) of their clients under the Gramm-Leach-Bliley Act (GLBA) and applicable state insurance data-security laws. We handle that information as a service provider to the Customer and maintain administrative, technical, and physical safeguards designed to protect it, consistent with those laws. Separately, where a Customer's use involves protected health information (PHI) as defined by HIPAA, the Company acts as a Business Associate and handles PHI under a Business Associate Agreement (BAA) with that Customer; the AWS and Neon services in our data path are covered by BAAs. Customers should not upload PHI to Kinetic unless a BAA is in place.
9. Data retention
We retain account information for the life of the account. We retain workspace and CRM data for as long as the Customer's account is active or as needed to provide the Service, and afterward only as required to comply with legal, audit, and security obligations (for insurance and health data, retention periods can be several years). A Customer may request export or deletion of its workspace data as described in its agreement with us; we delete or return data on termination subject to those legal retention requirements.
10. Your choices and rights
Depending on your location, you may have rights to access, correct, delete, obtain a copy of, or restrict or object to the use of your personal information, and to appeal a decision on your request. Because much of the data in Kinetic is controlled by a Customer, we will direct requests about that data to the relevant Customer. To exercise a right relating to information we control, or to appeal a decision, contact us at admin@kapsa.ai. We will acknowledge and respond within the time required by applicable law (generally within 45 days, with any extension permitted by law), after verifying your identity. We do not discriminate against you for exercising these rights.
11. Children
Kinetic is a workplace tool intended for adults and is not directed to children under 18.
12. Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the “Effective” date above and, where appropriate, provide additional notice.
13. Contact us
MYH Solutions LLC — admin@kapsa.ai. See also our Terms of Service.