Privacy Policy

Kodarai ("we", "our", "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data when you use our website at kodarai.xyz.

1. Information We Collect

We collect information in the following ways:

• Account information — name, email address, and password when you register.
• Profile data — optional information such as your company, niche, target location, and profile photo.
• Usage data — searches performed, leads saved, subscription plan, and credit usage.
• Payment data — billing details are processed by our payment providers (Stripe / Paystack). We do not store full card numbers.
• Device & log data — IP address, browser type, pages visited, and timestamps, collected automatically.

2. How We Use Your Information

• To provide, maintain, and improve the Service.
• To process payments and manage your subscription.
• To personalise AI-generated prompts and scripts to your business details.
• To send transactional emails (receipts, password resets, product updates).
• To detect, prevent, and address fraud and security issues.
• To analyse usage trends and improve user experience.

3. Data Sharing

We do not sell your personal data. We may share data with trusted third parties only as necessary:

• Supabase — database and authentication infrastructure.
• Stripe / Paystack — payment processing.
• OpenAI / Anthropic — AI content generation (only business metadata is sent; no personal user data).
• Legal obligations — we may disclose data if required by law or to protect our legal rights.

4. Cookies & Tracking

We use essential cookies to maintain your session and authentication state. We do not use advertising or tracking cookies. You can disable cookies in your browser settings, though this may affect functionality.

5. Data Storage & Security

Your data is stored on Supabase infrastructure hosted in the EU (eu-west-1). We implement industry-standard security measures including encryption in transit (TLS) and at rest, and row-level security policies. Despite these measures, no system is completely secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict certain processing.
• Data portability — receive your data in a machine-readable format.

To exercise any of these rights, please contact us. We will respond within 30 days.

8. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe we have done so inadvertently, please contact us immediately and we will delete the data.

9. International Transfers

Your data may be processed in countries outside your own. Where we transfer data internationally, we take steps to ensure appropriate safeguards are in place in accordance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy and revising the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions or concerns about this Privacy Policy, please contact us or email us at hello@kodarai.xyz.