Privacy Policy

This Privacy Policy explains how K2X Tech handles your personal data and your rights regarding your information.

Home / Privacy Policy

K2X Tech (“we,” “us,” or “our”) is committed to protecting your privacy. This policy covers how we collect, use, and safeguard your data when you interact with our services, including custom application development and proprietary products in Europe and the United States.

1. About K2X Tech

K2X Tech:

  • Develops custom applications for clients in Europe and the United States

  • Creates proprietary software products for European and U.S. markets

  • Provides on-premises deployment services

  • Maintains strict confidentiality of client application flows and designs

2. Information We Collect

Business Contact Data

  • Name, title, and company affiliation

  • Business email addresses and phone numbers

  • Professional correspondence and communication records

Website & Communications Data

  • Website usage data through cookies and similar technologies

  • IP addresses and browser information

  • Communication logs and support ticket information

Technical Data

  • System requirements and technical specifications for development projects

  • Project-related documentation and requirements

  • Performance and usage analytics from our proprietary products (anonymized)

3. How We Use Your Information

We use your information to:

  • Provide custom application development services

  • Deliver and support our proprietary products

  • Communicate about projects, updates, and support

  • Improve our services and products

  • Comply with legal and regulatory requirements

  • Protect our business interests, systems, and intellectual property

4. Data Protection Principles

Confidentiality

  • We maintain strict confidentiality of all client application flows and designs.

  • Client-specific implementations are never shared with third parties.

  • Only anonymized mockup designs or general capabilities may be shown to potential customers.

Data Minimization

  • We collect only the data necessary to provide our services.

  • Personal data is processed only for specified, legitimate purposes.

Security

  • All data is encrypted during development and transmission.

  • We implement industry-standard security measures.

  • Regular security assessments and updates are conducted.

5. Data Sharing and Disclosure

General Policy

We do not sell, trade, or otherwise transfer your personal information to third parties except as described in this policy.

Limited Sharing

We may share data with:

  • Service providers assisting in our operations under strict confidentiality obligations

  • Legal authorities when required by law or to protect our rights

  • Business partners, but only with your explicit consent

Client Data Separation

  • Customer application data remains on customer premises.

  • We do not maintain access to customer data after deployment.

  • Each client’s data is completely isolated from other clients.

6. On-Premises Deployment Model

Customer Control

  • Applications are deployed on customer premises.

  • Customers maintain full control of their data and applications.

  • We provide service support without accessing customer data.

Service Boundaries

  • We maintain strict confidentiality of all client application flows and designs.

  • Client-specific implementations are never shared with third parties.

  • Only anonymized mockup designs or general capabilities may be shown to potential customers.

Service Boundaries

  • Our support services do not require access to customer data.

  • We provide technical assistance and maintenance without data access.

  • Customer data remains under the customer’s exclusive control.

7. International Data Transfers

Cross-Border Operations

As we serve European and U.S. markets, data may be transferred internationally in compliance with:

  • EU General Data Protection Regulation (GDPR)

  • U.S. state privacy laws

  • Other applicable data protection regulations

Transfer Safeguards

Transfers rely on:

  • Standard Contractual Clauses (SCCs) where applicable

  • Adequacy decisions by relevant authorities

  • Other appropriate safeguards required by law

8. Your Rights

GDPR Rights (EU Residents)

  • Right to access your personal data

  • Right to rectification of inaccurate data

  • Right to erasure (“right to be forgotten”)

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

  • Right to withdraw consent

U.S. Privacy Rights

  • Right to know what personal information is collected

  • Right to delete personal information

  • Right to opt-out of the sale of personal information

  • Right to non-discrimination for exercising privacy rights

Exercising Your Rights

To exercise your rights, contact us at privacy@k2x.tech or use the contact information provided below.

9. Data Retention

Retention Periods

  • Business contact information: Retained for legitimate business purposes.

  • Project documentation: Retained as required for contractual obligations.

  • Communication records: Retained for 3 years unless longer retention is legally required.

Deletion

  • Data is securely deleted when no longer needed.

  • Customer data on customer premises is managed by the customer.

  • We maintain deletion logs for compliance purposes.

10. Security Measures

Technical Safeguards

  • End-to-end encryption for data in transit and at rest.

  • Multi-factor authentication for access controls.

  • Regular security audits and penetration testing.

  • Secure development practices and code reviews.

Organizational Safeguards

  • Employee training on data protection.

  • Confidentiality agreements with all personnel.

  • Access controls based on need-to-know principles.

  • Incident response procedures.

11. Compliance

Regulatory Compliance

We comply with:

  • EU General Data Protection Regulation (GDPR)

  • California Consumer Privacy Act (CCPA)

  • Other applicable U.S. state privacy laws

  • Industry-specific regulations as applicable

Certifications and Standards

  • ISO 27001 information security management

  • SOC 2 Type II compliance

  • Regular third-party security assessments

12. Cookies and Tracking

Cookie Usage

We use cookies for:

  • Essential website functionality

  • Analytics and performance monitoring

  • Security and fraud prevention

Cookie Management

You can manage cookie preferences through your browser settings or our website’s cookie preference center.

13. Changes to This Policy

Updates

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.

Notification

  • Material changes will be communicated via email or website notice.

  • Continued use of our services after updates constitutes acceptance of the revised Privacy Policy.

  • We maintain a version history for transparency.

14. Contact Information

Privacy Officer

Email: privacy@k2x.tech
Phone: (+92) 917255 498
Address: Office 7B, 5th Floor, Mall of KPK, Peshawar, Pakistan

Data Protection Authority

EU residents may contact their local data protection authority if they have concerns about our data processing practices.

15. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Processing: Any action performed on personal data, such as collection, storage, or sharing.

  • Controller: The entity that determines the purposes and means of processing personal data.

  • Processor: The entity that processes personal data on behalf of the controller.

This Privacy Policy is designed to comply with GDPR, CCPA, and other applicable privacy regulations. It should be reviewed by legal counsel before implementation and updated regularly to ensure continued compliance.

Contact Us
Contact Us
Scroll to Top