Privacy Policy

1 · Who we are

Kaer Labs, Inc. ("Kaer", "we", "us") is the data controller for information collected via kaer.ai, app.kaer.ai, computer.kaer.ai, chat.kaer.ai, and our APIs. You can reach our privacy team at [email protected].

2 · What we collect

Account information

When you create an account we collect your name, email address, authentication identifiers (OAuth subject IDs, magic-link tokens), and workspace metadata. Payment information is processed by Stripe; we never see full card numbers.

Usage data

We log API requests, agent runs, billing events, and product interactions to operate the Service, prevent abuse, and improve performance. Logs include timestamps, IP addresses, user-agent, request paths, status codes, and timing metrics.

Customer Data

You decide what content, prompts, files, and instructions you submit to the Service. We treat all of this as Customer Data and process it only as required to operate the Service for you.

Cookies & analytics

We use first-party cookies for authentication and a small set of privacy-respecting analytics events to understand which features are used. We do not use third-party advertising trackers.

3 · How we use it

To provide, maintain, and improve the Service.
To authenticate users, prevent abuse, and respond to security incidents.
To bill you for usage and process payments.
To communicate operational notices (status, billing, security advisories).
To comply with legal obligations.

We do not sell personal data. We do not use Customer Data to train foundation models without your explicit, opt-in consent.

4 · Sub-processors

We use a small number of vetted sub-processors to operate the Service. The current list is published at kaer.ai/security#sub-processors and includes infrastructure providers (cloud hosting, CDN), email delivery (transactional notifications), payments (Stripe), and model providers (only when you opt into a third-party model).

5 · Sharing & disclosure

We share personal information only:

With sub-processors strictly to operate the Service.
To comply with law, valid legal process, or government request.
To protect the rights, property, or safety of Kaer, our users, or the public.
In connection with a corporate transaction (merger, acquisition, financing) — under confidentiality and only the data needed to evaluate the transaction.

6 · Retention

We retain account information for as long as your account is active and for up to 90 days after closure to allow recovery. Customer Data is retained according to your workspace settings; on workspace deletion, data is removed from primary storage within 7 days and purged from backups within 30 days.

7 · Security

We encrypt data in transit (TLS 1.3) and at rest (AES-256). Access to production systems is restricted to authorised personnel with MFA, audited via a SIEM. Independent SOC 2 Type II reporting is available under NDA — request from [email protected].

8 · International transfers

Personal data may be processed in the United States, the European Union, or any region where our sub-processors operate. For EU/UK transfers we rely on Standard Contractual Clauses and the UK Addendum where applicable.

9 · Your rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion ("right to be forgotten").
Object to or restrict certain processing.
Receive a portable copy of your data.
Withdraw consent where processing is based on consent.

Exercise any of these rights by emailing [email protected]. We respond within 30 days.

10 · Children

The Service is not directed to anyone under 16. If we learn that we have collected personal data from a child under 16, we will delete it promptly.

11 · Changes to this policy

We may update this policy as our practices evolve. Material changes will be communicated via email or in-product notice at least 30 days before they take effect.

12 · Contact

Questions, complaints, or requests? Email [email protected]. For data protection inquiries from the EU/UK, our Data Protection Representative is reachable at the same address.

1 · Who we are

2 · What we collect

Account information

Usage data

Customer Data

You decide what content, prompts, files, and instructions you submit to the Service. We treat all of this as Customer Data and process it only as required to operate the Service for you.

Cookies & analytics

We use first-party cookies for authentication and a small set of privacy-respecting analytics events to understand which features are used. We do not use third-party advertising trackers.

3 · How we use it

To provide, maintain, and improve the Service.
To authenticate users, prevent abuse, and respond to security incidents.
To bill you for usage and process payments.
To communicate operational notices (status, billing, security advisories).
To comply with legal obligations.

We do not sell personal data. We do not use Customer Data to train foundation models without your explicit, opt-in consent.

4 · Sub-processors

5 · Sharing & disclosure

We share personal information only:

With sub-processors strictly to operate the Service.
To comply with law, valid legal process, or government request.
To protect the rights, property, or safety of Kaer, our users, or the public.
In connection with a corporate transaction (merger, acquisition, financing) — under confidentiality and only the data needed to evaluate the transaction.

6 · Retention

7 · Security

8 · International transfers

9 · Your rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion ("right to be forgotten").
Object to or restrict certain processing.
Receive a portable copy of your data.
Withdraw consent where processing is based on consent.

Exercise any of these rights by emailing [email protected]. We respond within 30 days.

10 · Children

The Service is not directed to anyone under 16. If we learn that we have collected personal data from a child under 16, we will delete it promptly.

11 · Changes to this policy

We may update this policy as our practices evolve. Material changes will be communicated via email or in-product notice at least 30 days before they take effect.

12 · Contact

Questions, complaints, or requests? Email [email protected]. For data protection inquiries from the EU/UK, our Data Protection Representative is reachable at the same address.

Privacy policy.

1 · Who we are

2 · What we collect

Account information

Usage data

Customer Data

Cookies & analytics

3 · How we use it

4 · Sub-processors

5 · Sharing & disclosure

6 · Retention

7 · Security

8 · International transfers

9 · Your rights

10 · Children

11 · Changes to this policy

12 · Contact

Privacy policy.

1 · Who we are

2 · What we collect

Account information

Usage data

Customer Data

Cookies & analytics

3 · How we use it

4 · Sub-processors

5 · Sharing & disclosure

6 · Retention

7 · Security

8 · International transfers

9 · Your rights

10 · Children

11 · Changes to this policy

12 · Contact