Privacy Policy
IKONBAI Inc. ("IKONBAI™", "we", "us", or "our") operates the KIOKU™ platform at usekioku.com. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our services.
1. Information We Collect
Account Information: Email address, name, and company name provided during sign-up or magic-link authentication.
Usage Data: API call counts, memory operations, agent activity, latency metrics, and plan consumption — collected automatically to power your dashboard.
Technical Data: IP address, browser type, operating system, and referring URLs collected via standard server logs.
Payment Data: Billing is processed by Stripe Inc. We store only your Stripe customer ID — we never store full card numbers or CVVs.
2. How We Use Your Information
- Provide, operate, and maintain the KIOKU™ platform
- Send transactional emails (magic link login, billing receipts)
- Monitor service health, detect abuse, and enforce rate limits
- Improve and develop new features based on aggregate usage patterns
- Comply with legal obligations
We do not sell your personal data to third parties. We do not use your data for advertising purposes.
3. Data Storage & Security
Your data is stored in a PostgreSQL database hosted on Railway infrastructure within the United States. We use industry-standard encryption in transit (TLS 1.2+) and at rest. API keys are stored as SHA-256 hashes — your plain-text key is shown only once at creation.
4. Data Retention
We retain account and usage data for as long as your account is active. If you close your account, we delete your personal data within 30 days, except where retention is required by law. Memory objects you create via the API are deleted immediately upon your request or account closure.
5. Third-Party Services
- Stripe — payment processing (stripe.com/privacy)
- Resend — transactional email delivery (resend.com/privacy)
- Railway — infrastructure hosting (railway.app/legal/privacy)
- OpenAI — AI inference for memory search (openai.com/policies/privacy-policy)
6. Cookies
We use only essential session cookies required for authentication. We do not use tracking cookies, analytics cookies, or advertising cookies. A consent banner is displayed on first visit.
7. Your Rights (GDPR / CCPA)
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data ("right to be forgotten")
- Object to or restrict processing
- Data portability — receive your data in a machine-readable format
- Withdraw consent at any time
To exercise any of these rights, email us at privacy@usekioku.com.
8. Children's Privacy
KIOKU™ is not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us immediately.
9. International Transfers
IKONBAI Inc. is incorporated in the United States. If you access KIOKU™ from the European Economic Area (EEA), United Kingdom, or other regions with data protection laws, note that your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses where required by applicable law.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the platform after the effective date constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions or requests:
IKONBAI Inc.
Email: privacy@usekioku.com
Website: usekioku.com