Who we are
Kaer Labs, Inc. (“Kaer”, “we”, “us”, or “our”) provides an autonomous AI agent platform through kaer.ai, app.kaer.ai, computer.kaer.ai, chat.kaer.ai, and our APIs and SDKs.
For most account, security, billing, website, and product-improvement processing, Kaer is the controller of your personal data. Where a business customer uses Kaer to process Customer Data on its behalf, Kaer acts as a processor or service provider for that Customer Data under the applicable agreement and Data Processing Addendum.
Contact us at [email protected] (privacy), [email protected] (security), or [email protected] (legal). If you are in the EEA or the UK, you may contact Kaer or our privacy representative for EEA/UK matters through [email protected], and you have the right to lodge a complaint with your local data-protection supervisory authority. We ask that you contact us first where possible so we can try to resolve the issue.
Scope
This Privacy Policy explains how Kaer collects, uses, stores, shares, and protects personal data when you visit our websites; create or use an account; use Kaer chat, assistants, workflows, automations, APIs, SDKs, Mail AI, voice mode, travel/maps features, computer-use agents, or paired-device features (PaerIDE/SuperWork); connect third-party accounts, mailboxes, calendars, drives, repositories, devices, or APIs; or contact us.
This policy does not replace a Data Processing Addendum or enterprise agreement. If there is a conflict for Customer Data processed on behalf of an organisation, the signed agreement controls for that Customer Data.
What we collect
Account & identity
Email address; optional name or display name; OAuth identifiers and profile data (e.g. Google id, email, name, picture; GitHub id, login, name, avatar); login timestamps; timezone; country derived from timezone during verification; waitlist email; contact-form name, email, and message; and optional onboarding details such as role, industry, use cases, and experience level. If you use email-and-password login we store an Argon2id password hash, not your plaintext password. Magic-link tokens, one-time passcodes, and refresh tokens are stored as hashes.
Authentication & session
Session cookies, JWT claims, token identifiers, hashed refresh tokens, OAuth state cookies, hashed API keys, and similar authentication data. Session JWTs expire after one hour; refresh tokens use a 30-day sliding period with a 90-day absolute cap.
Usage, security & telemetry
Agent runs, model usage, compute charges, daily usage, workflow activity, API usage, timestamps, error events, and security audit events. For security audit events we persist IP addresses using trusted-proxy-aware extraction. Infrastructure and edge systems may also process request metadata needed to operate, secure, and troubleshoot the Service.
Customer Data
Prompts, task descriptions, chat messages, prior transcript history, tool calls and outputs, file paths and contents, uploaded files, project files, workflow configuration, assistant instructions, sandbox artifacts, agent-generated browser activity, and API inputs and outputs. Customer Data may include personal data about you, your employees, your customers, your correspondents, or other third parties, depending on what you provide or connect.
Mail AI
If you connect a mailbox, we may ingest sender name, sender email, subject, message id, and full message body (attachments are not stored — only an attachment count). This may include personal data about third-party correspondents. Mail credentials and OAuth tokens are encrypted at rest.
Voice & audio
If you use voice mode, your browser captures microphone audio with your permission. Raw audio is sent to a Kaer-operated speech-to-text system to produce a transcript; we do not store raw audio. Voice-activity logs may store non-content metrics only.
Location & maps
We do not automatically prompt for precise GPS. If you explicitly choose to share precise location, we process those coordinates for the requested feature. We also process typed addresses, place queries, route inputs, viewport coordinates, and timezone-derived country. Location is not stored in a dedicated table but may appear as free text inside conversations or task records.
Computer-use, sandbox & paired devices
For cloud computer-use, we may process screenshots of the cloud sandbox or browser, browser state, file contents, command output, tool calls, and test artifacts; some screenshots may be sent to a vision model, and transient context may be cached briefly. For paired-device use, file paths, file contents, command output, prompts, results, workspace paths, device metadata, and tool-call telemetry may be processed. Computer-test features may persist intercepted browser HTTP traffic, including headers and bodies.
Payment
Kaer uses Stripe for payments. Stripe receives your email, Kaer user id, tier, amount, and tokenised card details. Card data is tokenised client-side; Kaer does not see or store full card numbers. Kaer stores payment identifiers such as Stripe customer, subscription, and payment ids.
Connectors
If you connect third-party services, we process the account data, tokens, credentials, content, and outputs needed to operate the connector. OAuth tokens, connector tokens, and user-provided API keys are stored in an encrypted per-user vault.
Cookies & local storage
Essential cookies and local storage for authentication, OAuth flows, CSRF protection, session management, and UI preferences. We do not use advertising cookies. See our Cookie Policy.
Legal bases
Where GDPR or UK GDPR applies, we rely on the following legal bases:
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Create & manage accounts; authenticate & secure sessions | Contract necessity; legitimate interests in account integrity and security |
| Provide chat, agents, workflows, APIs & process Customer Data | Contract necessity; for business Customer Data, processing under customer instructions as processor / service provider |
| Provide Mail AI | Contract necessity and your authorisation; legitimate interests in requested mailbox automation |
| Provide computer-use & paired-device features | Contract necessity; consent for device/browser permissions; legitimate interests in security |
| Provide voice mode | Contract necessity; consent via browser microphone permission |
| Provide maps, travel & location features | Contract necessity; consent for precise GPS |
| Process payments & subscriptions | Contract necessity; legal obligation for tax/accounting |
| Prevent abuse, investigate security events & enforce terms | Legitimate interests in protecting Kaer, users, and the public; legal obligation where applicable |
| Service improvement & in-house model training | Legitimate interests, subject to your opt-out |
| Support, contact & rights requests | Legitimate interests; contract necessity; legal obligation for rights/security requests |
| Marketing, waitlist & product updates | Consent where required; legitimate interests for limited business communications |
| Comply with law & legal process | Legal obligation; legitimate interests in legal claims |
We do not intentionally ask you to submit special-category or highly sensitive personal data unless a feature specifically requires it and you are authorised to provide it. If you include such data in prompts, files, mail, screenshots, browser traffic, or connected services, we process it to provide the Service at your direction and subject to applicable law.
How we use data
- provide, maintain, secure, and troubleshoot the Service;
- authenticate users and manage accounts, sessions, API keys, and connected services;
- run agents, tools, workflows, computer-use sessions, voice mode, Mail AI, maps/travel, and paired-device features;
- generate, store, and return outputs and agent records;
- process payments, billing, usage, taxes, credits, cancellations, and refunds;
- provide support and respond to privacy, legal, and security requests;
- detect and prevent fraud, abuse, malware, unauthorised access, spam, and security incidents;
- improve service quality, evaluate model performance, and train Kaer’s own in-house models, subject to your opt-out;
- comply with law and enforce our agreements; and
- protect the rights, safety, and property of Kaer, users, and the public.
AI processing & model providers
Kaer is an AI agent platform. To provide the Service, we send prompts, messages, context, tool outputs, file contents, mail content, screenshots, and other task-relevant Customer Data to AI model providers when needed for the requested feature.
Current model providers include Xiaomi (MiMo), Alibaba Cloud (Qwen / DashScope), DeepSeek, and — where enabled by key or configuration — Baseten and EigenAI (Kimi). Alibaba Cloud (Qwen / DashScope) is used for Mail AI triage and related mail handling, and Qwen-VL may receive screenshots for vision tasks.
Some AI model providers process prompt content outside the EEA. Where GDPR or UK GDPR requires a transfer mechanism, Kaer relies on Standard Contractual Clauses and supplementary measures. We do not use Customer Data to train third-party foundation models.
Service improvement & model training
Kaer uses user interactions, including prompts and responses, to improve service quality and train Kaer’s own small, in-house models. This setting is on by default. You can opt out through account settings or by emailing [email protected]. After you opt out, we stop using your future interactions for this purpose. Opting out does not affect our ability to process your data to provide the Service, maintain security, comply with law, or bill for usage.
Kaer does not sell personal data, does not share personal data for cross-context behavioural advertising, and does not use Customer Data to train third-party foundation models. Our training pipeline may move eligible prompt/response data into training storage and process it on external GPU infrastructure (Modal), with training metadata logged to Weights & Biases. We treat these providers as sub-processors and apply contractual, access-control, and transfer safeguards.
Mail AI
Mail AI can read, classify, summarise, draft, and help handle email from a mailbox you connect. When enabled, it may ingest full message bodies and metadata on a polling or webhook basis. This includes personal data about people who send email to you or receive email from you. Mail content is sent to Alibaba Cloud (Qwen / DashScope) for triage, auto-handling, drafting, and summarisation.
You are responsible for connecting only mailboxes you have authority to connect and for configuring Mail AI in a way that is lawful for your organisation and correspondents. You can limit Mail AI by disconnecting a mailbox, disabling mail features, deleting mail resources, or contacting [email protected].
Computer-use & paired devices
Kaer agents can operate in cloud sandboxes and hardened container environments, capturing screenshots, browser state, files, command output, tool calls, and test artifacts needed to perform a task. Some screenshot image bytes may be sent to a vision model, and transient context may be cached for up to 24 hours.
Paired-device features let an agent execute approved tools on your own machine, protected by a hard human consent gate: delegation requires a human-set, single-use approval key that expires after five minutes, and the model cannot grant it itself. Mail-class tools cannot route to a paired device. Pair only devices and workspace paths you are authorised to expose. Computer-test features may persist full intercepted browser HTTP traffic, including headers and bodies — do not use them on systems or accounts unless you are authorised to capture that traffic and have considered whether cookies, credentials, or personal data may be present.
Sub-processors
Kaer’s own infrastructure and primary storage are in the EU. We use the following third-party sub-processors to provide the Service:
| Provider | Role | Data | Location |
|---|---|---|---|
| Xiaomi (MiMo) | Default model inference | Prompts, messages, tool/file content | Outside EEA |
| Alibaba Cloud (Qwen / DashScope) | Model inference, vision, Mail AI triage | Prompts, mail content, screenshots | Outside EEA |
| DeepSeek | Model inference | Prompts, messages | Outside EEA |
| Baseten (optional) | Model inference | Prompts | United States |
| EigenAI / Kimi (optional) | Model inference | Prompts | Outside EEA |
| Modal | Training compute | Eligible prompt/response pairs | United States |
| Weights & Biases | Training metrics logging | Training metrics, sampled text | United States |
| Stripe | Payments | Email, user id, amount (no card data) | US / EU / global |
| Google, GitHub, Slack, Microsoft | OAuth login & connectors you authorise | Profile & connector data you authorise | Global |
| Cloudflare | Object storage, CDN & edge | Sandbox artifacts, IP, request metadata | EU storage where configured; global edge |
| Map & search providers | Geocoding, routing, tiles, web search | Address text, coordinates, query text, IP/referer | Various |
Where transfers leave the EEA, we rely on Data Processing Addenda, Standard Contractual Clauses, and supplementary measures. Some connectors are user-directed services rather than Kaer-controlled processing — for example Home Assistant, Telegram, Twilio SMS, Spotify, Todoist, Linear, Notion, Strava, Duffel, CoinGecko, and Alpha Vantage. When you connect or instruct an agent to use such a service, that service’s own terms and privacy policy also apply.
Data residency & international transfers
Kaer’s own infrastructure and primary storage are located in the EU, in Germany and Poland.
This does not mean all processing stays in the EEA. Some sub-processors — notably AI model providers and training-pipeline providers — may process prompt content, Customer Data, or related metadata outside the EEA, and certain connector, payment, search, map, CDN, edge, and support services may also process data in other regions.
Where required by GDPR or UK GDPR, Kaer uses Standard Contractual Clauses, Data Processing Addenda, transfer impact assessments, access controls, encryption in transit, encryption for secrets and credentials, provider due diligence, and other supplementary measures. Contact [email protected] for more information about transfer safeguards.
Retention
We keep personal data only as long as needed for the purposes in this policy, unless a longer period is required for legal, tax, accounting, security, dispute-resolution, or compliance reasons.
| Data | Retention |
|---|---|
| Account data | While your account is active. When you request deletion, your account enters a 30-day grace period during which you can cancel; at the end of that period we erase your data from primary systems and remove it from encrypted backups as those backups age out on their normal rotation schedule, unless retention is legally required. |
| Inactive (dormant) accounts | Free accounts with no activity for 12 consecutive months and no active paid subscription are scheduled for deletion to minimise the data we hold. We notify you by email first, and signing in before the stated date keeps your account. |
| Authentication & session | Session JWTs expire after one hour; session cookies up to 30 days; refresh tokens 30-day sliding / 90-day absolute; OAuth flow cookies are transient. |
| Conversations, prompts, files & agent outputs | While your account or workspace is active, unless deleted sooner via product controls; deleted from primary systems within 30 days of verified deletion, subject to legal/security exceptions. |
| Mail AI records | While the mailbox is connected; credentials deleted on disconnect or account deletion. |
| Transient caches (Redis) | Chat context and image bytes up to 24 hours; other entries expire per configured TTLs. |
| Security audit logs | As long as reasonably necessary for security, abuse prevention, legal claims, and compliance. |
| Usage, billing & payment records | As long as needed for billing, accounting, tax, audit, and legal purposes. |
| Voice audio | Not stored. Non-content voice metrics may be kept for diagnostics. |
| Service-improvement & training data | If you opt out, future interactions are excluded. On deletion request, we delete eligible source records from active training datasets unless legally required or technically impossible for already-aggregated model artifacts. |
Before deleting a dormant account we send an email notice; you can keep your account simply by signing in before the date in that notice. You can export or delete your data at any time from Settings → Danger zone, or by emailing [email protected]. When we make material changes to this policy, we notify registered users by email in advance as described in Changes to this policy.
Security
We use technical, organisational, and contractual safeguards including TLS 1.3 encryption in transit; AES-256-GCM application-layer encryption for service secrets, connector/OAuth tokens, user secrets, and mail credentials; Argon2id password hashing; hashed refresh tokens and API keys; access controls; environment-based key management; audit logging for security-sensitive events; and least-privilege production access.
Not all Customer Data is application-layer encrypted: email bodies, chat transcripts, sandbox output, captured HTTP bodies, and project file blobs are stored in protected systems but are not separately encrypted by the application layer in the current architecture. No system can be perfectly secure. If we become aware of a personal-data breach requiring notice, we will notify affected users and regulators as required by law. Report security issues to [email protected].
Your rights
Depending on where you live and how you use the Service, you may have rights over your personal data.
GDPR & UK GDPR
You may request access; correction; erasure; restriction; portability/export in a structured, commonly used, machine-readable format; objection to processing based on legitimate interests (including service-improvement and in-house model-training use); withdrawal of consent without affecting prior processing; information about transfer safeguards; and review of automated decision-making where applicable.
California (CCPA / CPRA)
You may request to know/access the categories and specific pieces of personal information we hold; to know sources, purposes, disclosures, and recipients; deletion; correction; opt-out of sale or sharing; limitation of sensitive personal information where applicable; portability; and non-discrimination for exercising your rights. Kaer does not sell personal information and does not share it for cross-context behavioural advertising.
How to exercise rights
Use account settings where available, or email [email protected] — including for account deletion or data export. We may verify your identity or authority before fulfilling a request. We generally respond within one month for GDPR/UK GDPR requests and within 45 days for CCPA requests to know, delete, or correct, unless an extension is permitted. You may use an authorised agent where the law allows.
Automated decision-making & agents
Kaer provides autonomous agents that act on your instructions — drafting, summarising, classifying, searching, navigating, running tools, operating cloud sandboxes, interacting with connected services, or, with your approval, running tools on a paired device.
Kaer does not intend to make solely automated decisions about you that produce legal or similarly significant effects. Agents are tools under your control, and you are responsible for reviewing agent plans, outputs, and actions — especially before sending messages, modifying systems, committing code, making purchases, booking travel, or taking actions that affect other people. If you believe Kaer has made an automated decision about you with legal or similarly significant effect, contact [email protected] and request human review.
Children
The Service is not directed to children under 16, and you must be at least 16 to use Kaer. If we learn that we collected personal data from someone under 16, we will delete it promptly unless we are legally required to retain it.
Changes to this policy
We may update this Privacy Policy as the Service, laws, or our practices change. For material changes, we will provide notice by email, in-product notice, or another reasonable method at least 30 days before they take effect, unless a shorter period is required for legal, security, or operational reasons.
Contact
Privacy and data-rights requests: [email protected]. Security matters: [email protected]. Legal notices: [email protected]. Kaer Labs, Inc. is responsible for this policy.