Privacy Policy
Effective date: April 27, 2026
Last updated: April 27, 2026
This Privacy Policy describes how Kemin ("we," "us," or "our") collects, uses, and shares information when you use the EDIE Fleet Dashboard, the Kemin EDIE Controller mobile application, EDIE pump monitoring devices, and related services (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
Account information
When you create an account, we collect:
- Your email address
- Your name (if provided)
- A securely hashed version of your password
Device and operational data
When you use an EDIE device or the Service, we collect:
- Device hardware identifiers (such as MAC address and serial number)
- Firmware version
- Sensor readings (water flow, chemistry measurements such as CLO2, pH, ORP, setpoints)
- Operational status, error codes, and alarm events
- Timestamps associated with the above
- Optional facility name and location you choose to associate with a device
Alert recipients
If you configure email alerts, we collect the email addresses you designate as recipients so we can deliver alerts on your behalf.
Technical and usage information
When you connect to our service, our infrastructure provider automatically logs:
- IP addresses
- Browser or device information (user agent)
- Request paths, timestamps, and response codes
This information is used for security, troubleshooting, and operational purposes.
Information we do not collect
- Payment information (handled separately, if applicable)
- Precise GPS location from devices (only the optional facility name/location text you enter)
- Biometric data
- Information from children under 13
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Authenticate users and protect against unauthorized access
- Display device telemetry, history, and analytics in the dashboard and mobile app
- Send transactional alert emails when device conditions trigger them
- Diagnose technical issues and respond to support requests
- Detect, prevent, and address fraud, abuse, or security incidents
- Comply with legal obligations
We do not use your information for advertising or sell your personal information to third parties.
3. How We Share Your Information
We share information only as needed to operate the Service:
- Service providers (sub-processors): We use trusted third parties to host the Service and deliver email alerts. These providers process data on our behalf under contractual obligations to maintain confidentiality and security, including a cloud hosting and infrastructure provider and an email delivery provider.
- Within your organization: Account administrators ("master users") in your organization may view and manage all devices and users associated with the account.
- Legal compliance: We may disclose information when required by law, valid legal process, or to protect the rights, property, or safety of Kemin, our users, or the public.
- Business transfers: If Kemin is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Data Retention
We retain different categories of information for different periods:
| Category | Retention |
|---|
| Account information | While your account is active |
| Device telemetry (raw sensor logs) | Retained as long as needed for analysis and reporting; aggregated summaries retained for at least one year |
| Alarm and error events | Up to 90 days |
| Short-term operational data | A few hours to a few days |
| Email delivery logs | Per our email provider's policy |
| Infrastructure logs | Up to 7 days at the application level; longer at the network provider level per their policies |
When you delete your account or request deletion of your data, we will remove your personal information within a reasonable timeframe, except where we are required to retain it for legal, security, or legitimate business reasons.
5. Data Security
We implement reasonable technical and organizational measures to protect your information, including:
- Encryption of data in transit (HTTPS/TLS)
- Hashed passwords using industry-standard algorithms with per-user salts
- Authenticated API access for both users and devices
- Role-based access controls
- Regular software updates and security patches
No system is perfectly secure. While we work to protect your information, we cannot guarantee absolute security.
6. Your Rights and Choices
Depending on where you live, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request that we correct inaccurate or incomplete information.
- Deletion: Request that we delete your personal information, subject to certain exceptions (e.g., where required by law).
- Portability: Request a machine-readable copy of your data.
- Restriction or objection: Request that we limit or stop processing your information in certain circumstances.
How to exercise your rights
- Through the Service: Account administrators can add or remove device owner email addresses and delete devices through the dashboard. Users can export their own device history as CSV.
- By contacting us: For account deletion, data export requests, or other privacy questions, email us at the address in Section 12 below.
We will respond to verified requests within the timeframe required by applicable law.
Email alert recipients
If you have been added as an email recipient for device alerts and wish to be removed, please contact your account administrator or email us at the address below.
7. Account and Data Deletion
You may request deletion of your Kemin EDIE Fleet Dashboard account and any data entered using the Kemin EDIE Controller mobile application or the dashboard.
How to request deletion
- From the dashboard: Sign in at dashboard.kemin.io, scroll to the footer, and click Request Account Deletion. This opens a pre-filled email to our support team.
- From the mobile app: Use the Request Account Deletion option in the app menu or settings, which opens the same pre-filled email.
- By email: Send an email to support@kemin.com with the subject line "Account Deletion Request", including the email address associated with your account.
We will verify your identity and process verified deletion requests within 30 days.
What gets deleted
Upon a verified deletion request, we will permanently delete:
- Your user account record (email, name, password hash, role)
- Your association with any devices you own (your email is removed from device owner records)
- Your inclusion as an alert email recipient on any device
- Personally identifying information you entered, such as facility name and location, where it can be unambiguously attributed to you
What may be retained
Some data may be retained after account deletion for legitimate operational, legal, or safety reasons:
- Device telemetry and sensor logs: Operational data from devices (flow rates, chemistry readings, alarms, timestamps) may be retained because it is associated with the device hardware and the customer organization, not your individual user account. If you wish to also delete device data, an account administrator must delete the device through the dashboard.
- Email delivery logs: Our email provider may retain delivery metadata per their own policies (typically up to 30 days).
- Infrastructure logs: Network and security logs (including IP addresses and request metadata) are retained by our infrastructure provider for up to 7 days at the application level, longer at the network level.
- Records required by law: Information that we are legally required to retain (for example, audit, tax, or fraud-prevention records) will be kept for the legally required period and then deleted.
- Backups: Residual copies in encrypted backups are overwritten on the normal backup rotation schedule (typically up to 90 days).
Important: shared device access
If you are the only owner of one or more devices, deleting your account without first transferring ownership could leave those devices inaccessible to your organization. Our support team will check for sole-ownership situations and help arrange ownership transfer to another user before completing the deletion. For this reason, account deletion is performed by our support team rather than as a self-service action.
8. International Data Transfers
Our service providers operate globally, which means your information may be processed in countries other than your own, including the United States. Where required by applicable law, we rely on appropriate safeguards (such as Standard Contractual Clauses) for cross-border data transfers.
If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with similar data protection laws, you may have additional rights under those laws. Contact us to learn more or to request a Data Processing Addendum.
9. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
10. Third-Party Links
The Service may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we may also notify you by email or through the Service. Your continued use of the Service after the changes take effect constitutes your acceptance of the revised policy.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us:
Kemin
Email: support@kemin.com
[Mailing address, if applicable]
For European Economic Area / United Kingdom users:
[EU Representative contact, if designated]