Legal

Privacy Policy

Last updated: March 2026

1. Information We Collect

We collect information you provide directly to us, such as your name, email address, and password when you create an account. We also collect information about how you use the Service, including workflow configurations, run logs, and usage metrics. We do not sell your personal information.

2. How We Use Your Information

We use the information we collect to: (a) provide, maintain, and improve the Service; (b) send you transactional emails such as confirmations and notifications; (c) respond to your support requests; (d) monitor and analyse trends and usage to improve the Service; (e) detect and prevent fraudulent or illegal activity.

3. Data Storage & Security

Your data is stored securely using Supabase (SOC 2 Type II compliant). All data is encrypted in transit using TLS and at rest using AES-256 encryption. We implement industry-standard security practices including regular security reviews and access controls.

4. OAuth & Third-Party Tokens

When you connect third-party services (Gmail, Slack, Notion, etc.), we store OAuth tokens required to execute your workflows. These tokens are encrypted at rest and are only used to perform actions you have explicitly configured. We never share these tokens with other users or third parties.

5. Cookies

We use cookies and similar tracking technologies to maintain your session and remember your preferences. We use session cookies (which expire when you close your browser) and persistent cookies (which remain for a set period). You can control cookie settings through your browser, but disabling cookies may affect Service functionality.

6. Data Retention

We retain your account data for as long as your account is active. Workflow run logs are retained for 90 days on the Starter plan and 1 year on Pro and Business plans. When you delete your account, we delete your personal data within 30 days, except where retention is required by law.

7. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share data with: (a) service providers who assist in operating our platform (hosting, email, analytics); (b) law enforcement when required by law; (c) a successor entity in the event of a merger or acquisition, with notice to you.

8. Your Rights

You have the right to: access the personal data we hold about you; correct inaccurate data; request deletion of your data; export your data in a machine-readable format; opt out of marketing communications at any time. To exercise these rights, contact us at privacy@kauraai.com.

9. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it promptly.

10. International Users

If you are accessing the Service from outside the United States, your information may be transferred to and processed in the United States or other countries. By using the Service, you consent to this transfer.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice on our website. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@kauraai.com. We will respond within 30 days.

Questions? Email us at privacy@kauraai.com