Skip to main content

Kyndryl Privacy Statement

This Privacy Statement is effective as of 20 February 2024


At Kyndryl we value your privacy and are committed to protecting and processing your personal information responsibly.

This privacy statement describes how Kyndryl collects, uses and shares your information. It applies to Kyndryl Corporation and Kyndryl subsidiaries except where a subsidiary presents its own statement without reference to Kyndryl’s.  

We may provide additional data privacy information by using a supplementary privacy notice.  


If you have any questions related to Privacy at Kyndryl, please contact us by using this form:

Personal Information We Collect and Use

This section describes the various types of information that we collect and how we use it.

You can create an account with Kyndryl by accessing an identification and authentication mechanism hosted by Kyndryl or a third party (Kyndryl identification), as made transparent during the sign-on process. The Kyndryl identification provides Kyndryl with your name, email address, and country or region of residence. We may require a Kyndryl identification for certain online services or applications.

We may also store your details from business contact information that you provide to us, or that we collect from your organization, our Business Partners, or our suppliers.

The Kyndryl identification uniquely identifies you when you access our websites, make a request or order, or use a product or service. If you log into our websites with a Kyndryl identification we may link the information we collect with your account. A Kyndryl identification is also used to give you access to  Kyndryl Online Services and may allow you to manage your contract and billing history. The email address in your Kyndryl identification may be used to contact you in relation to any services to which you subscribe.

Business contact information is typically information that you would find on a business card, such as name and business contact details. We use this information to contact or communicate with you about business matters. If we receive business contact information from a third party, such as a Kyndryl Business Partner or supplier, we will confirm that the information was shared appropriately.

We may also combine your business contact information with other business-relevant information, such as information about your professional education, skills, work experience, or other publicly available information, such as business-related blogs, publications, job roles, and certifications. This information may be used to tailor our interactions with you in any part of Kyndryl’s business, for example in the sales process, to maintain a relationship with you, and for post-contractual relationships.


Our websites offer ways to communicate with you about us, our products and services. The information that we collect on websites is used to provide you with access to the website, to operate the website, to improve your experience, and to personalize the way that information is provided to you. If you visit our websites without logging in with Your Account we may still collect information that is connected to your website visit.  

For more information on the technologies that we use to collect website information, and setting your preferences, see Cookies and Similar Technologies.  

We collect information about your use of our websites, such as:

  • the webpages you view, 

  • the amount of time you spend on pages, 

  • the website URL that referred you to our pages,  

  • your geographic information derived from your IP address, 

  • and any hyperlinks or advertisements you select. 

We use this information to improve and personalize your experience with our websites, provide you with content that you may be interested in, create marketing insights, and to improve our websites, online services, and related technologies. 

We also collect the information that your browser or device automatically sends, such as:

  • your browser type and IP address, 

  • operating system, device type, and version information,

  • language settings, 

  • crash logs, 

  • Kyndryl identification information (if signed in), 

  • and passwords. 

We use this information to provide you with access to our webpages, improve the webpage view on your device and browser, adapt to your settings and language, and adapt content for relevancy or any legal requirements for your country. We also use this information to comply with system and network security requirements, and to provide support. For more information see, Support Services and Protecting You and Kyndryl


We also provide platforms and forums that enable online sharing, support, and collaboration among registered members. Any information that you submit to these platforms may be made available to others on the internet, or removed by us, as covered in the platform privacy notice or terms. We are not responsible for any content that you make available through your use of our products or services.


We prepare reports on our websites to derive insights into trending topics and general market knowledge. These reports may be provided to third parties with details on how users interacted or showed interest in the third-party product or service that was presented on our websites. All reports display aggregated information and cannot be used to identify our website visitors.


We accept no responsibility for the content provided on, or privacy practices, of third-party websites or applications.

Our online services include “as-a-service” and desktop applications, mobile applications (or apps), and Kyndryl Learning services. We collect information about the use of these services, such as pages you view or your interactions on that page, to improve and develop our services and to generate technical and market insights. We may require a Kyndryl indentification for the use of our online services and applications (see Your Account).

The information that we collect on our online services and applications may include: 

  • the pages you view, 

  • your settings within the service,

  • your browser type and IP address, 

  • operating system, device type, and version information,

  • crash logs, 

  • Kyndryl indentification information (if signed in), 

  • and passwords.  

This information is collected to provide you with access, to operate the service, for support, to personalize and improve your experience of the service, to develop other services and technologies, and generate technical and market insights. For more information on the technologies that we use to collect this information, and setting your preferences, see Cookies and Similar Technologies.

Where we provide products and services as a business-to-business provider, the client is responsible for the collection and use of personal information while using our products or services, unless otherwise described. Our agreement with clients may also allow us to request and collect information about authorized users of our products or services for reasons of contract management. 


Mobile application privacy notices may provide details about the information that is collected by the app, such as geo-location information or the unique User-ID of a device. Unique User-IDs are used to connect to servers and to connect the use of the device across apps. Depending on the functions of the app, you can tailor your privacy settings by using the settings menu or in your user profile. 


Kyndryl Learning offers education services and collects information on course completions to be able to provide you with credentials, certificates, or further information when needed.

We accept no responsibility for the content provided on, or privacy practices, of third-party websites or applications.

We use the information that we collect to communicate with you about relevant products, services, and offerings. We also use this information to personalize your experience with our content and advertisements, and to develop internal marketing and business intelligence. You may submit an opt-out request, or select Unsubscribe at the bottom of each marketing email. To review or set your preferences regarding the information that we collect about you on our websites select Cookie Preferences in the website footer.

We use contact information that we collect directly from you, your organization, or third-party data providers, to communicate with you about our products, services, and offerings. When we obtain information about you indirectly from third parties, we implement checks and controls to confirm that this information was legally acquired by the third party and that the third party has the right to provide the information to us for our use in marketing.

We may, subject to your preferences, collect information about your interactions with our websites, our emails (such as whether emails are opened or links selected), and other Kyndryl content, including content on third-party sites. For more information on the technologies that we use to collect this information, and setting your preferences, see Cookies and Similar Technologies


We use this information to develop internal marketing and business intelligence. For example, we may:

  • Combine the information collected to better understand your interests and potential business needs, such as Kyndryl events you attend, content you review, or any of our websites that you visit.

  • Aggregate the information that is collected about website visitors for the purposes of developing and modelling marketing audiences.

  • Leverage insights from the information collected to personalize content and advertisements across multiple interactions and devices.

  • Engage with advertising partners, such as publishers and social media platforms, to deliver targeted Kyndryl advertisements on their websites, aggregate information for analysis, and track engagement with those advertisements on our behalf. These advertising partners may also track your interactions with us on our websites. 

A contractual relationship is created when you order a trial, product or service from us. While we mainly provide our products and services to businesses, individuals may also enter into an agreement with us directly as a client. We may collect any information that is reasonably necessary to prepare for, enter, and fulfill the contractual agreement. 

The information collected in a contractual relationship may include the business contact information of the requester, a Kyndryl identification, and the order details. Information that is required for shipment and payment, for the implementation of services, or to grant access to the product or service may also be collected.  

This information may be collected for various purposes, depending on the nature of the products or services, for example, for contractual management and compliance, to provide support, for the improvement or development of our products and services, and to generate technical and market insights. For more information, see Kyndryl Online Services

When you contact us to request support, we collect your contact information, problem description, and possible resolutions. We record the information that is provided to handle the support query, for administrative purposes, to foster our relationship with you, for staff training, and for quality assurance purposes.  

The information that we collect may include any information exchanged during our phone conversations or provided during Live Chat support sessions on our websites. We may use this information to inform you of products or services that are related to your support request. This can include product updates or fixes, and we may combine the information that is collected through other interactions with you or your organization to provide more valuable suggestions in relation to product support, such as any available training regarding the issue. 

While we handle the support case, we may have incidental access to information that you have provided or information that is on your system. This information may contain information about you, your organization's employees, customers, or other relevant parties. The conditions regarding the handling and processing of this information is covered by the applicable Terms of Use or other agreements between your organization and Kyndryl.

We may collect and use information to protect you and Kyndryl from IT security threats and to secure the information that we hold from unauthorized access, disclosure, alteration, or destruction. This includes information from our IT access authorization systems, such as log-in information. 

The security solutions we use to protect your information, our infrastructure, and our networks may collect information such as IP addresses and log files. This is necessary for the functionality and utility of security programs to enable the investigation of any potential security incidents and generate insights on security threats. 

We may use specialized tooling and other technical means to collect information at access points to, and in, IT systems and networks to detect unauthorized access, viruses, and indications of malicious activities. The information we collect may be used to conduct investigations when unauthorized access, malware or malicious activities are suspected, and to remove or isolate malicious code or content.

In addition, we may collect and use the information submitted confidentially through the Reporting Concerns Portal and Hotline to address and investigate the concerns relating to potential violation of the Kyndryl Code of Conduct or Kyndryl policies, or any other suspected unethical or unlawful conduct.

When you visit a Kyndryl location, we collect your name or business contact information, and, in some cases, information from a government-issued ID. This information is collected for access management and to protect the security and safety of our locations and employees. 

The information that is collected at our locations is used to issue access badges. We may verify the identity of visitors where legally permissible and, for supplier personnel working on site, a badge with a photo identification may be requested for identification purposes. 

Camera supervision and access management are used for reasons of security and safety of our locations, employees, and assets. More information may be available at the Kyndryl location. 

We are constantly searching for new talent for our organization, and we collect information about job applicants or prospective candidates from several sources. Applicants receive a specific privacy notice in the course of the process.  When an employee leaves Kyndryl, we continue to process information that is related to them for any remaining business, contractual, employment, legal, and fiscal purposes, including the management of pensions to the extent handled by Kyndryl.   

Regarding recruitment, we may look for prospective candidates with the help of recruitment intermediaries and may use publicly available information on social media platforms to identify prospective candidates for a specific function.   

When an employee leaves Kyndryl, we retain basic information from the former employee about their employment at Kyndryl.   

After an employee retires, we process information about the retiree for fulfilling the pension obligations toward the retiree. Information about the processing of pension information, or other retirement programs, can be found with the local organization responsible for pensions. In some countries, this may be an independent organization. In some cases, retirees may still participate in Kyndryl-organized initiatives or programs, such as volunteer and social responsibility programs. Such participation is voluntary, and more information is provided on the relevant websites or information pages for those initiatives.

We collect and use information to improve our business operations, systems, and processes. For example, information may be used to conduct, maintain, audit, and optimize our operations, to protect our assets and employees, for product development, and to defend our rights.

We collect information about our business operations to make informed decisions about the organization, the business, and to report on performance, audits, and trends. For example, we use this information to analyze the costs and quality of our operations. Where possible, this is done by using aggregated information, but it may use personal information.  

We collect and use information from our business systems, which may include personal information, to:

  • protect or enforce our rights, including to detect fraud or other criminal activities (for example, by using information in payment systems), 

  • handle and resolve disputes, 

  • answer complaints and defend Kyndryl in legal proceedings,

  • and comply with legal obligations in the countries where we do business.

We collect information from the use of our business processes, websites, cloud and online services, products, or technologies. This information may include personal information and is used for product and process development. For example, we may use this information to increase efficiency, decrease costs, or improve services by developing automated processes and tools, or to develop or improve the technologies on which these are based. 

When you visit our websites, online services and applications, software products, or view our content on certain third-party websites, we collect information regarding your connection by using various online tracking technologies, such as cookies, web beacons, Local Storage, or HTML5. Information that is collected with these technologies may be necessary to operate the website or service, to improve performance, to help us understand how our online services are used, or to determine the interests of our users. We use advertising partners to provide and assist in the use of such technologies on Kyndryl and other sites.  

A cookie is a piece of data that a website may send to your browser, which may be stored on your computer and can be used to identify your computer. Web beacons, including pixels and tags, are technologies that are used to track a user visiting a Kyndryl web page or if a web page was copied to another website. Web beacons may be used in email messages or newsletters to determine whether messages are read, forwarded, or links selected. Local Shared Objects can store content information displayed on the webpage visited, and preferences. These may be used to provide connected features across our websites or display targeted Kyndryl advertising on other websites based on your interests.    

Session cookies can be used to track your progression from page to page so that you are not asked for information that you have already provided during the current session, or information that is needed to be able to complete a transaction. Session cookies are erased when the web browser is closed. Persistent cookies store user preferences for successive visits to a website, such as recording your choice of language and country location. Persistent cookies erase their data within 12 months.  

You can use the Kyndryl Cookie Manager to learn more about the online tracking technologies we use and to review or set your preferences regarding the information that we collect about you on our websites. The Kyndryl Cookie Manager is either presented as a notification window when you first visit a webpage or opened by selecting Cookie Preferences in the website footer. The Kyndryl Cookie Manager does not address all types of tracking technologies (for example, web beacons). When using mobile apps, use the options on your mobile device to manage settings.  

Blocking, disabling, or rejecting Kyndryl cookies may cause services to not function properly, such as in connection with a shopping cart, or block the use of websites or other Kyndryl online services that require you to sign in. Disabling cookies does not disable other online tracking technologies, but prevents the other technologies from accessing any details stored in cookies.

Our websites offer the possibility to use third-party social media options.  If you elect to use these options, these third-party sites may log information about you, such as your IP address, access time, and referring website URLs. If you are logged in to those social media sites, they may also link collected information with your profile information. We accept no responsibility for the privacy practices of these third-party services and encourage you to review their privacy policies for more information. 

Unless otherwise indicated, our websites, products, and services are not intended for use by children under the age of 16.

Sharing Personal Information  

We may share your personal information internally and externally with suppliers, advisors, or Business Partners for Kyndryl’s legitimate business purposes, and only on a need-to-know basis. 

This section describes:

When sharing personal information, we implement appropriate checks and controls to confirm that the information can be shared. 


If we decide to sell, buy, merge, or otherwise reorganize businesses in some countries, such a transaction may involve disclosing some personal information to prospective or actual business purchasers, or the collection of personal information from those selling such businesses.  


Internally, personal information is shared for our legitimate business purposes, such as managing our relationship with you and other external parties, compliance programs, or systems and networks security. We do this to improve efficiency, for cost savings, and internal collaboration between our subsidiaries. Our internal access to personal information is restricted and granted only on a need-to-know basis. Sharing of this information is subject to the appropriate intracompany arrangements, our policies, and security standards. 



  • our business with suppliers may include the collection, use, analysis, or other types of processing of personal information on our behalf
  • our business model includes cooperation with independent Business Partners for marketing, selling, and the provision of Kyndryl products and services. Where appropriate, we share business contact information with selected Business Partners
  • we may share personal information with professional advisors, including lawyers, auditors, and insurance companies to receive their services
  • we may share contractual relationship information with others, for instance, our Business Partners, financial institutions, shipping companies, postal, or government authorities, such as the customs authorities that are involved in fulfillment.  


In certain circumstances, personal information may be subject to disclosure to government agencies in accordance with judicial proceedings, court orders, or legal processes. We may also share personal information to protect the rights of Kyndryl or others when Kyndryl believes that such rights may be affected, for example to prevent fraud.



Your information may be transferred to or accessed by Kyndryl subsidiaries and third parties around the world. Kyndryl complies with laws on the transfer of personal information between countries to keep your personal information protected, wherever it may be.

We have implemented various safeguards including:

  • Contractual Clauses, such as those approved by the EU Commission and accepted in several other countries. More information on EU Standard Contractual Clauses (EU SCCs) can be found here.
  • The APEC Cross Border Privacy Rules (CBPR) system provides protection of personal information that is transferred among participating APEC economies as it pertains to online information collected through
  • Certification under the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. 
    For more information on Kyndryl’s implementation of the DPF, please read our Data Privacy Framework Policy. To learn more about the Data Privacy Framework program, and to view our certification, please visit
  • Kyndryl’s privacy practices, described in this Privacy Statement, comply with the APEC Cross Border Privacy Rules System. More information about the APEC framework can be found here

Controller and Representative Information

Kyndryl does business through its subsidiaries worldwide. The privacy laws in some countries consider a Controller to be the legal entity (or natural person) who defines the purposes for which the processing of personal information takes place and how that information is processed. Parties that are involved in processing operations on behalf of a Controller may be designated as Processors. Designations and associated obligations differ, depending on the jurisdiction.

Where this is relevant for the privacy laws in your country, the Controller of your personal information is Kyndryl’s main subsidiary in your country or region, unless Kyndryl or another Kyndryl subsidiary identifies itself as the Controller for a specific interaction with you.

The contact details of our main subsidiary of a country or region can be found by selecting your country or region and selecting Contact on the footer of websites. Kyndryl can be contacted at:

Kyndryl Inc.,
One Vanderbilt Avenue, 15th Floor,
New York, NY 10017, United States.

Where Kyndryl or a subsidiary it controls is required to appoint a legal representative, the following representatives have been appointed.

European Economic Area (EEA)
Kyndryl 1 B.V., 
Mercuriusplein 1, 2132 HA 
Hoofddorp, The Netherlands 

United Kingdom (UK)

Kyndryl UK Limited,
100 Liverpool Street, EC2M 2RH 
London, United Kingdom

Kyndryl (Thailand) Company Limited

No. 388 Paholyothin Road,
Kwaeng Samsen-Nai, Khet Phayathai,
10400 Bangkok, Thailand.

Information Security and Retention

To protect your personal information from unauthorized access, use, and disclosure, we implement reasonable physical, administrative, and technical safeguard. These safeguards include role-based access controls and encryption to keep personal information private while in transit. When needed, we also require our Business Partners, suppliers, and third parties to implement suitable safeguards, such as contract terms and access restrictions, to protect information from unauthorized access, use, and disclosure.

We only retain personal information as long as necessary to fulfill the purposes for which it is processed, or to comply with legal and regulatory retention requirements. Legal and regulatory retention requirements may include retaining information for:

  • audit and accounting purposes,
  • statutory retention terms, 
  • the handling of disputes, 
  • and the establishment, exercise, or defense of legal claims in the countries where we do business.

We retain any contractual relationship information for administrative purposes, legal and regulatory retention requirements, defending Kyndryl rights, and to manage Kyndryl's relationship with you. The information that is provided in a supplementary privacy notice may provide more detailed information on applicable retention terms.

When personal information is no longer needed, we have processes in place to securely delete it, for example by erasing electronic files and shredding physical records. 

Your Rights/How to Contact Us

You have certain rights when it comes to the handling of your personal information. The Contact Us form can be used to:

  • request access to the personal information that we have on you, or have it updated. Depending on the applicable law, you may have additional rights concerning your personal information.

  • ask questions related to this Privacy Statement and privacy practices. Your message is forwarded to the appropriate member of Kyndryl's Data Privacy Team, including the responsible Data Protection Officers.

  • submit a complaint to Kyndryl if you are not satisfied with how Kyndryl is processing your personal information.

Information about additional rights and when they apply can be found at Your Additional Rights. Your rights may be subject to limitations and exceptions resulting from applicable laws. For example, there may be situations where we cannot share certain information that you seek if disclosing this means disclosing information about others.  

You may also have the right to complain to the competent supervisory authority. Contact details of Data Protection Authorities can be found here. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) here.

For marketing communications, you can also submit an opt-out request, or select Unsubscribe at the end of each marketing email.

Privacy Statement Updates


If a material change is made to this Privacy Statement, the effective date is revised. By continuing to use our websites and services after a revision takes effect, it is considered that users have read and understand the changes.



Learn more about Kyndryl Privacy.

If you have any questions related to Privacy at Kyndryl, please contact us by using this form:



Previous versions

To view previous versions of privacy statements, click on the date of interest from the timeline below.