Kairos Consulting

Privacy Policy

How personal data is handled when you use this website, contact Kairos, request consulting services, or access the client portal.

Last updated: May 26, 2026

This Privacy Policy explains how Kairos Consulting handles personal data in connection with the website, consultation requests, client portal access, consulting delivery, and related communications.

1. Controller and Contact

The responsible provider and website operator is Kairos Consulting, a trade name used by Lucas Barrios, operating from Berlin, Germany.

Contact: hello@kairos-consulting.com

2. Website Usage

When you visit the website, technical information may be processed to deliver pages, maintain security, prevent abuse, understand site reliability, and improve the user experience. This can include IP address, device and browser information, requested URLs, timestamps, referrer information, error logs, and similar server or security data.

3. Contact Forms and Discovery Requests

When you contact Kairos or request a discovery conversation, we may process details such as your name, email address, phone number if you provide it, company name, role, industry, budget range, timeline, message content, scheduling details, and follow-up notes.

This information is used to respond to your request, assess fit and scope, prepare next steps, and maintain business records related to the inquiry.

4. Client Portal and Account Data

If you receive client portal access, Kairos may process account credentials, profile details, company information, project access, notifications, messages, documents, milestones, activity records, and support records needed to provide and secure the portal.

5. Consulting and Project Data

During consulting work, Kairos may process information shared for the engagement, including proposals, statements of work, contracts, invoices, project notes, operational materials, research records, implementation details, uploaded files, and related client communications.

Client engagement terms, confidentiality obligations, and any applicable data processing agreement may add further rules for project data.

6. Analytics and Cookies

The website may use technically necessary cookies or similar browser storage for authentication, client portal sessions, security, and basic site functionality. If analytics are enabled, Kairos currently uses Google Analytics 4 to understand aggregate website usage, page performance, referral patterns, and content effectiveness.

Analytics only loads when the production environment is configured with a measurement ID. Microsoft Clarity and Plausible tracking are not part of the public website unless they are intentionally added later and this policy is updated.

7. AI-Assisted Processing

Kairos may use AI-assisted tools to support analysis, summarization, workflow design, research, document preparation, and consulting operations. AI-assisted outputs are treated as support material and require human review before business, technical, legal, compliance, or operational reliance.

Client data is handled through AI-assisted workflows only where appropriate for the engagement and subject to agreed confidentiality, data protection, and project terms.

8. Legal Bases

Depending on the context, processing may rely on consent, steps prior to a contract, performance of a contract, legitimate interests, or legal obligations. Legitimate interests may include responding to business inquiries, maintaining security, operating the website and portal, improving services, and keeping administrative records.

9. Service Providers

Kairos may use service providers for hosting, database and authentication, email delivery, analytics, scheduling, AI-assisted processing, security, and business administration. These providers may process personal data only as needed for the relevant service and subject to applicable contractual safeguards.

10. International Transfers

Some providers may process data outside Germany or the European Economic Area. Where this occurs, Kairos relies on appropriate transfer mechanisms where required, such as adequacy decisions, standard contractual clauses, or other legally recognized safeguards.

11. Data Retention

Personal data is retained only as long as necessary for the relevant purpose, unless a longer retention period is required for legal, accounting, security, dispute, or contractual reasons. Inquiry records, portal records, project documents, email records, and accounting materials may have different retention periods depending on their purpose and legal requirements.

12. Data Sharing

Personal data may be shared with service providers, professional advisers, public authorities, or contracting parties where necessary for the purposes described in this policy. Kairos does not sell personal data.

13. Your Rights

Subject to applicable privacy law, you may have rights to request access, rectification, erasure, restriction, portability, objection to certain processing, and withdrawal of consent for consent-based processing. You may also have the right to lodge a complaint with a competent data protection supervisory authority.

To exercise privacy rights, contact hello@kairos-consulting.com.

14. Security

Kairos uses security-conscious practices such as HTTPS, authenticated portal sessions, role-based access controls, restricted administrative workflows, and service-side access controls where implemented. No system can be guaranteed to be completely secure.

15. Updates

This policy may be updated as the website, services, providers, or legal requirements change. The date above shows when this page was last updated.