Privacy Policy

Last Updated: March 6, 2026

Introduction

Kyth (KYTH LLC, "Kyth," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect personal information when you use our website at kyth.ai (the "Site") and our AI-powered legal recruiting intelligence platform (the "Service" or "Platform").

By accessing or using the Site or Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Site or Service.

Important Note: This Privacy Policy applies to personal information we collect about our customers and website visitors. The Kyth platform also contains publicly available attorney profile data and job posting data that we aggregate from law firm websites and other public sources. That data is addressed separately in Section 2 below.

We collect the following categories of information:

1.1 Information You Provide Directly

Account Information: When you create an account or subscribe to the Service, we collect your name, email address, company/organization name, job title, phone number, and billing information.

Communications: When you contact us (via email, contact forms, or support requests), we collect the information you provide in those communications, including your name, email address, and the content of your message.

User-Generated Content: If you use features such as Kyth Chat or other note-taking or annotation features, we collect and store the content you create, including queries, prompts, notes, and saved searches.

1.2 Information Collected Automatically

Usage Data: When you use the Service, we automatically collect information about your interactions with the Platform, including pages viewed, searches performed, features used, AI queries submitted, links clicked, and time spent on various sections of the Platform.

Device and Technical Information: We collect information about the devices you use to access the Service, including IP address, browser type and version, operating system, device identifiers, and network information.

Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your use of the Site and Service. This includes session cookies (which expire when you close your browser), persistent cookies (which remain until deleted), and analytics cookies. You can control cookies through your browser settings, but disabling cookies may limit your ability to use certain features of the Service.

1.3 Information from Third-Party Sources

Authentication Providers: If you log in using a third-party service (such as Google SSO), we receive basic profile information from that service in accordance with their privacy policies and your privacy settings on those platforms.

Data Sources: Kyth aggregates publicly available professional information about attorneys from law firm websites and other publicly accessible sources. This data includes attorney names, biographies, practice areas, bar admissions, educational background, professional experience, firm affiliations, office locations, contact information, and other information that law firms publicly publish about their attorneys for marketing and business development purposes. We also collect publicly available job postings from law firm career pages.

Purpose: This data is collected and processed to provide recruiting research and market intelligence services to law firms, legal recruiters, and other customers. The data is used to power search, matching, and analysis features within the Kyth platform.

Legal Basis (GDPR): Where GDPR applies, we process this publicly available professional data on the basis of our legitimate interest in providing recruiting intelligence services. Attorneys have published this information publicly for professional and business purposes, and our processing is compatible with those purposes.

Not a Consumer Reporting Agency: Kyth is not a consumer reporting agency as defined by the Fair Credit Reporting Act (FCRA). We aggregate publicly available professional information for recruiting research purposes, not for employment screening or background checks. Customers should use Kyth for candidate sourcing and market research, not as a substitute for proper employment verification or background checks.

Data Subject Rights: If you are an attorney whose profile appears in the Kyth platform and you wish to request correction or removal of your information, please contact us at privacy@kyth.ai. We will evaluate requests on a case-by-case basis, balancing our legitimate business interests with individual privacy rights.

Data Freshness: We refresh attorney profile data daily and job posting data multiple times per day. However, data may be outdated, incomplete, or inaccurate at any given time. We do not warrant the accuracy, completeness, or currency of this data.

We use the information we collect for the following purposes:

Providing the Service: To operate and deliver the Kyth platform, including AI-powered search, candidate matching, natural language query interpretation (IntelliSearch), conversational research (Kyth Chat), and other platform features.

Account Management: To create and manage your account, process payments, provide customer support, and communicate with you about your use of the Service.

Service Improvement: To analyze usage patterns, understand how customers interact with the Platform, improve our algorithms and AI models, develop new features, and enhance overall Service quality.

Security and Fraud Prevention: To protect the security and integrity of the Service, detect and prevent fraud, abuse, or unauthorized access, and comply with our legal and contractual obligations.

Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

Marketing and Communications: To send you product updates, newsletters, promotional materials, and other communications about Kyth (you may opt out of marketing communications at any time by following the unsubscribe instructions in those messages or contacting us at hello@kyth.ai).

Use of AI Technology: Kyth uses artificial intelligence and machine learning technologies throughout the platform, including for semantic search, candidate matching, natural language query interpretation, data extraction and normalization, and conversational AI features (Kyth Chat).

When you use AI-powered features, your queries and inputs may be processed by these third-party providers in accordance with their own privacy policies and terms of service.

No Training on Customer Data: Our agreements with AI model providers contractually prohibit the use of customer data, user queries, or platform inputs to train or improve third-party AI models. Your data is processed solely to provide the Service to you and is not used to train external AI systems.

Internal AI Improvement: We may use aggregated, anonymized usage data and feedback to improve our own AI systems, algorithms, and platform features. This does not include identifiable customer data or specific user queries.

We do not sell your personal information. We share information only in the following circumstances:

These service providers are contractually required to protect your information and use it only for the purposes we specify. A complete list of subprocessors is available in our Trust Center at kyth.ai/trust.

Legal Requirements: We may disclose information if required to do so by law or in response to valid legal process, such as a subpoena, court order, or government request. We may also disclose information when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with law enforcement requests.

Business Transfers: If Kyth is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred to the acquiring entity or successor organization. We will notify you of any such change in ownership or control of your personal information.

With Your Consent: We may share information with third parties when you have given us your explicit consent to do so.

Active Accounts: We retain your personal information for as long as your account is active or as needed to provide you with the Service.

Account Deletion: If you close your account or request deletion of your data, we will delete your personal information from active systems within 30-60 days of your request, except as required to comply with legal obligations, resolve disputes, or enforce our agreements.

Backup Retention: Deleted data may remain in backup systems for up to 90 days before being permanently purged.

Legal and Business Records: We may retain certain information (such as transaction records, billing information, or communications) for longer periods where required by law or necessary for legitimate business purposes such as tax compliance, audit requirements, or dispute resolution.

Kyth takes data security seriously and implements technical, administrative, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, or destruction.

Security Measures: Our security controls include encryption of data in transit (TLS) and at rest (AES-256), role-based access controls, multi-factor authentication for privileged access, logging and monitoring (via PostHog), regular security assessments, and incident response procedures.

Compliance: Kyth is GDPR, SOC 2 Type II, and ISO 27001 certified. Our compliance report is available upon request through the Kyth Trust Center.

No Guarantee: While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk. If you become aware of any security breach or unauthorized access, please contact us immediately at security@kyth.ai.

Depending on your location, you may have certain rights regarding your personal information:

8.1 Rights for European Economic Area (EEA) and UK Users (GDPR)

If you are located in the EEA or UK, you have the following rights under the General Data Protection Regulation (GDPR):

• Right to Access: You have the right to request access to the personal information we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal information.
• Right to Erasure: You have the right to request deletion of your personal information in certain circumstances.
• Right to Restriction: You have the right to request that we restrict processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to processing of your personal information based on legitimate interests.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your jurisdiction.

Legal Basis for Processing: We process personal information on the following legal bases: (a) performance of a contract (to provide the Service to you); (b) legitimate interests (to improve our Service, ensure security, and conduct business operations); and (c) publicly available data (for attorney profile data published by law firms for professional purposes).

8.2 Rights for California Users (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: Kyth does not sell or share personal information as defined by the CCPA/CPRA.
• Right to Non-Discrimination: You have the right not to be discriminated against for exercising your privacy rights.

8.3 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@kyth.ai or hello@kyth.ai. We will respond to your request within the timeframe required by applicable law (typically 30 days for GDPR requests and 45 days for CCPA requests). We may need to verify your identity before processing your request.

Kyth is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States and other countries. Where required by law (such as for transfers from the EEA), we implement appropriate safeguards such as Standard Contractual Clauses.

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information. If you believe we have collected information from a child under 18, please contact us at privacy@kyth.ai.

The Service may contain links to third-party websites, services, or resources that are not operated by Kyth. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. If we make material changes, we will notify you by email (to the address associated with your account) or by posting a notice on our website prior to the change becoming effective. We will also update the "Last Updated" date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@kyth.ai
Address: KYTH LLC, 1201 Peachtree Street, N.E., Suite 100, Atlanta, GA 30361, USA
Data Protection Officer: For GDPR-related inquiries, you may contact our Data Protection Officer at privacy@kyth.ai.