← Back to Home

Privacy Policy

Last updated: July 24, 2025

          KickitAi.com is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our WhatsApp subscription services and related platforms.
        

1. Information We Collect

Authentication Data

Email addresses - For email magic link authentication and account identification
Phone numbers - For WhatsApp OTP verification and service delivery
Google account information - When using Google OAuth (name, email, profile picture)
Device and browser information - For security and session management

WhatsApp Service Data

Subscription preferences - Services you've subscribed to receive via WhatsApp
Delivery status - Message delivery confirmations and engagement metrics
Communication logs - Records of WhatsApp messages sent for service delivery

Technical Data

IP addresses and location data - For security and service optimization
Session tokens and cookies - For maintaining authenticated sessions
Usage analytics - How you interact with our services (anonymized)
Error logs - For troubleshooting and improving service reliability

2. How We Use Your Information

Service Delivery

Authenticate your identity across our platform
Deliver WhatsApp subscription content you've requested
Manage your account and subscription preferences
Provide customer support and respond to inquiries

Security and Compliance

Verify your identity and prevent unauthorized access
Detect and prevent fraud, abuse, and security threats
Comply with legal obligations and law enforcement requests
Maintain audit logs for security monitoring

Service Improvement

Analyze usage patterns to improve our services (anonymized data)
Develop new features and enhance user experience
Monitor service performance and reliability

3. Information Sharing

We do not sell your personal information. We may share your information only in these circumstances:

Service Providers

WhatsApp Business API - For delivering subscription content
Google OAuth - For authentication services
AWS - For secure cloud infrastructure and data storage
MongoDB - For secure database services

Legal Requirements

When required by law or legal process
To protect our rights, property, or safety
To prevent fraud or security threats
With your explicit consent

4. Data Security

We implement comprehensive security measures to protect your data:

Encryption - All data is encrypted in transit (TLS/SSL) and at rest
Authentication - JWT tokens with 24-hour expiration and secure HTTP-only cookies
Access Control - Role-based access with principle of least privilege
Infrastructure - AWS cloud security with regular security updates
Monitoring - Continuous monitoring for security threats and anomalies
Compliance - Regular security audits and compliance assessments

5. Data Retention

Authentication data - Retained while your account is active
Subscription data - Retained for service delivery and 90 days post-cancellation
Communication logs - Retained for 6 months for support and compliance
Security logs - Retained for 12 months for security monitoring
Analytics data - Anonymized data retained for service improvement

6. Your Rights

You have the following rights regarding your personal data:

Access - Request copies of your personal data
Correction - Request correction of inaccurate data
Deletion - Request deletion of your personal data
Portability - Request transfer of your data to another service
Objection - Object to processing of your personal data
Restriction - Request restriction of processing

To exercise these rights, contact us at the information provided below.

7. Cookies and Tracking

We use the following types of cookies:

Essential cookies - Required for authentication and core functionality
Security cookies - For fraud prevention and security monitoring
Analytics cookies - To understand how you use our services (anonymized)

You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

8. International Data Transfers

Your data may be processed in servers located in the European Union (EU) and other regions where our service providers operate. We ensure adequate protection through:

Standard Contractual Clauses (SCCs) for international transfers
Adequacy decisions by relevant data protection authorities
Other appropriate safeguards as required by applicable law

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. We will notify you of significant changes by:

Posting the updated policy on our website
Sending email notifications to registered users
Updating the "Last updated" date at the top of this policy

11. Contact Information

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

Email: privacy@kickitai.com

Website: https://kickitai.com

Data Protection Officer: dpo@kickitai.com

For EU residents, you also have the right to lodge a complaint with your local data protection authority.