We looked at KernelCare a while ago. Didn’t end up using it - patches didn’t seem to be released in a timely fashion & the comms channel was a bit of a bodge (forum or news area on their website, IIRC). Also our security folk weren’t happy with their lack of certification.
Zero-downtime is a bit of an ops own goal too. It’s much better to check your systems & services can withstand the odd restart.
Others’ mileage may vary and this might be a fun thing to play with on a Pi, but I’d never look at it for production systems again.