Last updated: 11 November 2025
The data controller for your personal information is:
KYNECTO LTD
3rd Floor, 86-90 Paul Street
London EC2A 4NE, United Kingdom
Company Number: 15393531
UK ICO Registration Number: ZB840618
We are an international recruitment platform serving users worldwide. We are registered with the Information Commissioner's Office (ICO) in the United Kingdom and comply with applicable data protection laws in all jurisdictions where we operate, including:
United Kingdom: UK GDPR and Data Protection Act 2018
European Union: EU GDPR (Regulation (EU) 2016/679)
United States: California Consumer Privacy Act (CCPA) and other applicable state privacy laws
Other Jurisdictions: Applicable local data protection laws
For any data protection inquiries, please contact us at support@staxbridge.com.
We collect information you provide directly to us, such as when you create an account, complete your profile, or communicate with us. This may include:
We use the information we collect to:
Under the UK GDPR, EU GDPR, and other applicable data protection laws, we process your personal data based on the following legal grounds:
Article 6(1)(b) - Contractual Necessity
We process your data to provide our recruitment platform services, including account management, profile matching, and facilitating connections between users. This includes essential service communications.
Article 6(1)(a) - Consent
Where you have provided explicit consent, we process your data for specific purposes such as optional marketing communications (if applicable). You can withdraw consent at any time.
Article 6(1)(f) - Legitimate Interests
We process data for our legitimate interests including platform security, fraud prevention, service improvement, and analytics. We ensure these interests do not override your fundamental rights and freedoms.
Article 6(1)(c) - Legal Obligations
We may process your data to comply with legal obligations, such as tax reporting, fraud prevention, or responding to lawful requests from authorities.
As part of our recruitment platform service, we send essential email communications that are necessary for the platform's functionality. By using our service, you consent to receive these communications under GDPR Article 6(1)(b) (contractual necessity).
We send the following types of emails as part of our core service functionality:
These emails are essential for the platform's operation and cannot be disabled while maintaining an active account. However, you have the following options:
We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances:
We may share your contact information with another user only when you initiate or explicitly accept a connection. We do not monitor or control communications once contact details are exchanged. After a connection is accepted and contact information is shared, all subsequent communications, arrangements, transactions, or outcomes are solely between the parties. We are not responsible or liable for any interactions or agreements occurring outside the Platform.
We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure.
We use fuzzy location matching to protect your privacy. Your exact location is never shared with recruiters. Instead, we provide approximate location information to help with opportunity matching while maintaining your privacy.
We do not use cookies. Our Platform uses browser storage (localStorage and sessionStorage) to enhance your user experience and maintain your session.
We use sessionStorage to store authentication tokens and user session data, which are automatically cleared when you close your browser. We use localStorage to store your theme preferences and other settings that persist across sessions.
You can clear this data at any time through your browser settings, though doing so may require you to log in again and may reset your preferences.
We use trusted third-party service providers (data processors) to help us operate our platform. These processors are bound by contractual obligations to protect your data and only process it for specified purposes. Our key processors include:
Cloud Hosting and Infrastructure
We use Microsoft Azure for hosting our platform and storing data. Data is stored in UK/EEA data centers where possible.
Payment Processing
We use Stripe for payment processing. Stripe processes payment information in accordance with PCI DSS standards. Payment data is handled by Stripe and not stored on our servers.
Email Services
We use email service providers to send essential service communications. These providers process email data solely for delivery purposes.
Location Services
We use Google Places API for location services. Location queries are processed by Google in accordance with their privacy policy.
All third-party processors are required to maintain appropriate security measures and comply with applicable data protection laws. We do not sell your personal data to third parties.
As an international platform, your personal data may be transferred, stored, and processed in countries outside your country of residence, including the United Kingdom, European Economic Area (EEA), United States, and other jurisdictions where our service providers operate.
Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place, including:
If you have questions about specific international transfers, please contact us at support@staxbridge.com.
We take data security seriously and have implemented appropriate technical and organizational measures to protect your personal data. However, in the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:
If you become aware of any security vulnerability or potential data breach, please contact us immediately at support@staxbridge.com.
Depending on your location, you have rights under applicable data protection laws, including the UK GDPR, EU GDPR, CCPA, and other local privacy regulations. These rights may include:
Right of Access (Article 15)
You have the right to request access to your personal data and receive a copy of the data we hold about you.
Right to Rectification (Article 16)
You have the right to request correction of inaccurate or incomplete personal data. You can update most information directly through your account settings.
Right to Erasure / "Right to be Forgotten" (Article 17)
You have the right to request deletion of your personal data when it is no longer necessary, you withdraw consent, or you object to processing. You can delete your account at any time through your account settings.
Right to Restrict Processing (Article 18)
You have the right to request restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
Right to Object (Article 21)
You have the right to object to processing of your personal data based on legitimate interests. You can also object to direct marketing at any time.
Right to Withdraw Consent (Article 7)
Where processing is based on consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of processing before withdrawal.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
To exercise any of these rights, please contact us at support@staxbridge.com. We will respond to your request within one month (or as required by applicable law in your jurisdiction).
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority:
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Our retention periods are as follows:
Active Accounts:
We retain your data while your account is active and for 90 days after account inactivity, after which accounts may be automatically deactivated.
Deleted Accounts:
Upon account deletion, we delete or anonymize your personal data within 30 days, except where we are required to retain certain information for legal compliance (e.g., financial records for 7 years as required by UK tax law).
Legal Requirements:
We may retain certain data for longer periods where required by law, such as transaction records for tax purposes (7 years) or fraud prevention records.
After the retention period expires, we securely delete or anonymize your personal information in accordance with our data protection obligations.
Our platform is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.
If you have any questions about this Privacy Policy, please contact us at:
KYNECTO LTD
3rd Floor, 86-90 Paul Street
London EC2A 4NE