Privacy

This marketing site is informational. When you self-host KernelWork, your organization typically acts as controller for workplace data; your privacy notice and subprocessors list should name the hosts you operate (database, object storage, media SFU, edge TLS, optional push providers).

When you use KernelWork cloud or a footprint we operate for you, map our processing to your ROPA: identify which regions store chat content, attachments, recordings, and calendar metadata. A formal DPA for managed tiers should be linked here before you run production client data through our tenancy.

Subprocessors. Typical candidates include hosting for the API and web tier, managed Postgres, object storage, LiveKit cells, and optional notification delivery (for example FCM) when mobile push is enabled. Your order form should enumerate the actual legal entities and regions — do not rely on this page as an exhaustive subprocessor register.

Data residency. Self-hosted deployments follow whatever region your infrastructure runs in. Managed offerings should document the primary region per environment; buyers with banking or public-sector clients should confirm residency in writing before migration.

Optional mobile push may involve third-party delivery (for example FCM) as documented in product docs — enable only when your DPIA covers it.

This page is not legal advice. Add a full privacy policy and cookie notice before you run analytics or hosted trials under your brand.