Privacy Policy

Last updated: 2026-02-08

1. Introduction

Kendrai ("we", "our", "us") provides an AI-powered Recruitment Intelligence platform designed to support hiring and recruitment decision-making.

This Privacy Policy explains how we collect, use, store, and protect personal data when you use our website and services.

By using Kendrai, you agree to the practices described in this policy.

2. Data We Collect

We may collect and process the following categories of data:

a) Account Information

  • Name
  • Email address
  • Company name (if provided)
  • Authentication data (via Supabase)

b) Usage Data

  • Features used (Analyze, JD Studio, Ask Kendrai, exports)
  • Credit usage
  • Timestamps and interaction metadata

c) Uploaded Content

  • Job Descriptions
  • CVs / resumes
  • Text inputs provided by the user

Important:

We do not verify the accuracy of uploaded content. All content is provided at the user's responsibility.

3. Purpose of Processing

We process personal data to:

  • Provide and operate the Kendrai platform
  • Authenticate users and manage accounts
  • Track credit usage and subscriptions
  • Improve product performance and reliability
  • Comply with legal and regulatory obligations

We do not sell personal data.

4. Legal Basis (GDPR)

Processing is based on:

  • Performance of a contract (providing the service)
  • Legitimate interest (platform security, analytics)
  • Legal obligations (billing, compliance)

5. Data Storage & Security

  • Data is stored securely using Supabase and cloud infrastructure providers
  • Reasonable technical and organizational measures are applied
  • Access is restricted to authorized systems only

No system is 100% secure. Use the platform accordingly.

6. Data Retention

We retain personal data only as long as necessary to:

  • Provide the service
  • Meet legal requirements
  • Resolve disputes

Users may request deletion at any time (see Section 9).

7. Third-Party Services

We rely on trusted third-party providers:

  • Supabase (auth & database)
  • Stripe (payments)
  • Cloud infrastructure providers
  • AI model providers

These providers process data under strict contractual obligations.

8. International Transfers

Your data may be processed outside the EU.

When applicable, appropriate safeguards are applied in accordance with GDPR.

9. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Data portability

Requests can be sent to: kendrai@link4flex.nl

10. Changes

We may update this policy from time to time.

Material changes will be communicated through the platform.

Questions? Contact us at kendrai@link4flex.nl