Trust, along with Kindness, is the core of what we are as a business and who we are as people.  

Trust is foundational to our core values and a part of every decision and action we make.  We know that you are trusting us when you use our products, and we take that trust very seriously.  

Trust is acting with integrity and prioritizing confidentiality and protection of data in all that we do.  We encourage you to learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe.  Prioritizing the protection of your data is a critical way we live our values every day.

We protect your data. 

Confidentiality is our top goal of our information security team. We utilize Google Datastore, a NoSQL document database built to enable encryption at rest, scalability, and high performance. All data is encrypted before being written and decrypted when requested by an authorized user. We maintain a number of policies and practices to ensure privacy and confidentiality at all times such as access control policies and regular access reviews, need-to-know restrictions, Google Monitoring, NDAs, and separation of duties.

Trust is acting with integrity and prioritizing confidentiality and protection of data in all that we do.  We encourage you to learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe.  Prioritizing the protection of your data is a critical way we live our values every day.

We transfer data only by necessity

Data will only be transferred where strictly necessary for effective business purposes.  Data will never be sold to third parties.  Data is only transferred to KindWorks.AI for the benefit of the customer and end user in the KindWorks.AI system such as bringing a more personalized Kindness journey. Examples of those customizations include the time of day (based on time zone, office location, etc), type of Kindness exercises (based on job title, level, etc), and personalized suggestions for an individual by name (e.g. ‘schedule a coffee with Joe Smith’). 

We monitor constantly. 

All product systems are scanned regularly (annually at a minimum) for vulnerabilities.  All vulnerability findings are reported tagged and tracked to resolution and records of findings are retained for at least 5 years.  KindWorks.AI uses automated Drata security agent installed on all employee’s machines and the Google Cloud Security Scanner to scan and identify vulnerabilities in real time.  Additional periodic security scans of all KindWorks.AI systems are done through OWASP Zap, a open-source web-application vulnerability testing tool.       

We are open and honest with our customers. 

Transparency is another key KindWorks.AI value that we operate by always. To date, we have never had a data breach or vulnerability issue.  We operate proactively according to our vulnerability management policy and incident response plan to maintain controls to ensure the detection of security vulnerabilities and incidents as well as quick reaction and response to security breaches.    

Interested in learning more?

You can always visit our Privacy Policy and our Privacy & Security FAQ.  Our additional relevant policies are available upon email request to Privacy@KindWorks.AI.  (Acceptable Use Policy, Asset Management Policy, Backup Policy, Business Continuity Plan, Code of Conduct, Data Classification Policy, Data Deletion Policy, Data Protection Policy, Disaster Recovery Plan, Encryption Policy, Incident Response Plan, Information Security Policy, Password Policy, Physical Security Policy, Responsible Disclosure policy, Risk Assessment Policy, Software Development Life Cycle Policy, System Access Control Policy, Vendor management Policy, Vulnerability Management Policy).

If at any time you find a security vulnerability, please email Security@KindWorks.AI and we will review and address asap.

Thank you for trusting us to be your partner!