Kelantro

Privacy Policy

Last updated: March 9, 2026

Kelantro ("we", "our", or "us") provides outbound workflow software, including lead generation, contact management, email sequencing, and related automation. This policy explains what data we process, why we process it, and your rights.

1. Information We Process

Account Data

Account profile data includes your name, email address, authentication credentials (stored as secure hashes where applicable), and account settings.

Workspace Data

Workspace data includes contacts, companies, books, templates, sequence content, workflow definitions, verification results, and activity logs generated by your usage.

Messaging and Deliverability Data

We process email metadata and message content needed to send outreach, detect bounces, process forwarded replies, classify replies, apply do-not-contact rules, and maintain global suppression behavior.

Kelantro integrates with Gmail via Google's OAuth authentication system.

When a user connects Gmail, Kelantro requests the following permissions:

  • Send email on behalf of the user.
  • Basic identity scopes needed to authenticate the connected Gmail account.

Kelantro does not read the user's Gmail inbox in v1. Reply handling is performed through replies the user forwards to a Kelantro relay inbox.

Billing and Subscription Data

Payments are processed by Stripe. We store subscription metadata (such as plan, status, and customer ID) but not full card numbers.

Technical and Usage Data

We process technical and usage data such as request metadata, feature usage counters, and operational logs for reliability, abuse prevention, and plan-limit enforcement.

2. How We Use Data

  • Provide and operate the platform features you request.
  • Manage subscriptions, billing, and usage limits.
  • Send transactional messages (for example account, security, and billing notices).
  • Support outreach compliance features such as unsubscribe and suppression handling.
  • Detect abuse, secure accounts, and maintain service quality.
  • Provide support and troubleshoot issues.

3. Legal Bases (EEA/UK)

  • Performance of a contract (providing the service you use).
  • Legitimate interests (security, fraud prevention, service improvement, and compliance tooling).
  • Legal obligations where applicable.
  • Consent where required for optional processing.

4. Data Sharing and Processors

We do not sell personal data. We share data with service providers only as needed to operate the platform, such as:

  • Stripe for subscription and payment processing.
  • Email infrastructure and mailbox providers used for delivery and mailbox integration.
  • AI processing providers for requested AI features.
  • Infrastructure and hosting providers.

We may also disclose data where required by law, court order, or to protect the rights, security, and integrity of Kelantro, users, and recipients.

5. Sensitive Data and Prohibited Data Use

Kelantro is not intended for storing special category or highly sensitive personal data unless you have an explicit lawful basis and required protections in place. You should not upload data that is unnecessary for your outreach workflow.

You remain responsible for the lawfulness, quality, and minimization of data imported to your workspace.

6. Unsubscribe, Suppression, and Outreach Controls

We support unsubscribe and do-not-contact handling, including global suppression behavior, to help users stop future outreach when recipients opt out.

Users are responsible for configuring and using these features lawfully and for ensuring they have a valid basis to contact recipients.

7. Data Retention

We retain data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements.

If you request account deletion, we delete or anonymize data according to our retention obligations and technical constraints.

8. International Transfers

Where data is transferred across borders, we apply appropriate safeguards required by applicable law.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, export, or object to certain processing.

To exercise rights, contact us using the details below. We may need to verify identity before processing requests.

We aim to respond within timelines required by applicable law. For account-owner requests, include your account email and a clear description of the request.

10. Security

We implement technical and organizational safeguards designed to protect data. See our Security pagefor a summary of controls.

11. Cookies

We use cookies and similar technologies for essential functionality and preference storage. See our Cookie Policy.

12. Children's Privacy

Kelantro is not directed to children under 16, and we do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this policy. Material updates will be posted on this page with a new "Last updated" date.

14. Contact and Requests

For privacy requests, data rights requests, or any concern about how data is handled, contact support@kelantro.com.

Subprocessor and data processing agreement (DPA) requests can also be sent to support@kelantro.com.