Privacy PolicyPrivacy Policy

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Respond to your comments and questions
• Personalize and improve your experience
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues and fraud

3. Information Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

• With your consent: We may share your information when you give us explicit consent to do so
• Service providers: We may share information with third-party vendors who perform services on our behalf
• Legal compliance: We may disclose information if required by law or in response to valid legal requests
• Business transfers: In connection with any merger, sale, or acquisition of our business

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Monitoring and logging of system activities

5. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Data portability: Request a copy of your data in a portable format
• Opt-out: Unsubscribe from marketing communications

6. Cookies and Tracking

We use cookies and similar tracking technologies to collect information about your browsing activities. You can control cookies through your browser settings and other tools. Note that disabling cookies may affect the functionality of our services.

7. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA) and other regions with comprehensive data protection laws. We ensure appropriate safeguards through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for certain countries deemed to provide adequate protection
• Other legally approved transfer mechanisms where required

9. GDPR Rights (European Union)

If you are a resident of the European Union, you have specific rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract: To perform our services as outlined in the Terms of Service
• Consent: For marketing communications and optional features (you may withdraw consent at any time)
• Legitimate Interest: For fraud prevention, security, and service improvement
• Legal Obligation: To comply with applicable laws and regulations

Your GDPR Rights

• Right to Access: Request a copy of your personal data we hold
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Right to Restriction: Request that we limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw previously given consent at any time
• Right to Lodge a Complaint: File a complaint with your local supervisory authority

To exercise these rights, contact us at privacy@kazii.ai with "GDPR Request" in the subject line. We will respond within 30 days.

Data Breach Notification

In the event of a data breach affecting your personal information, we will:

• Notify relevant supervisory authorities within 72 hours (where required by law)
• Notify affected individuals without undue delay if the breach presents a high risk to your rights and freedoms
• Provide information about the nature of the breach and remedial actions taken

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Account data: Until account deletion plus 30 days for backup recovery
• Transaction records: 7 years (legal and tax requirements)
• Marketing data: Until consent is withdrawn
• Analytics data: 26 months (anonymized after 14 months)

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Categories of Personal Information Collected

• Identifiers: Name, email address, IP address, unique identifiers
• Commercial Information: Purchase history, payment information, subscription details
• Internet Activity: Browsing behavior, interaction data, device information
• Geolocation Data: Approximate location based on IP address
• Professional Information: Company name, role, industry, work-related data
• Inferences: Preferences, characteristics, behavior patterns derived from your activity

Business Purposes for Collection

• Providing, maintaining, and improving our services
• Processing transactions and payments
• Customer support and communications
• Security, fraud prevention, and system integrity
• Legal compliance and regulatory requirements
• Marketing communications (with consent)

Categories of Third Parties

We may share your information with:

• Service Providers: Payment processors (Stripe), cloud hosting (Supabase, Vercel)
• Analytics Providers: Aggregate usage statistics only (no personal data sold)
• Communication Tools: Email delivery and customer support systems

Your California Privacy Rights

• Right to Know: Request disclosure of personal information collected, used, shared, or sold
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit use of sensitive personal information
• Right to Non-Discrimination: Equal service and pricing regardless of privacy choices

To exercise your California privacy rights, contact us at privacy@kazii.ai with "CCPA Request" in the subject line. We will respond within 45 days and may request verification of your identity to protect your privacy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:

• Email: privacy@kazii.ai
• Website: Contact Form
• For GDPR requests: Subject line "GDPR Request"
• For CCPA requests: Subject line "CCPA Request"