Privacy Policy

Last updated: 6/25/2025

1. Introduction

Klyro ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial wellness platform and related services.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Name and email address
  • Account credentials and authentication information
  • Profile information and preferences
  • Payment and billing information (processed securely through Stripe)

2.2 Financial Information

With your consent, we may collect:

  • Transaction data and spending patterns
  • Receipt information and purchase details
  • Financial goals and budgeting preferences
  • Bank account and credit card information (encrypted and securely stored)

2.3 Emotional and Behavioral Data

To provide our core service, we collect:

  • Mood tracking data and emotional state information
  • Behavioral patterns and spending triggers
  • User-provided notes and reflections
  • Survey responses and feedback

2.4 Technical Information

We automatically collect:

  • Device information and browser type
  • IP address and location data
  • Usage patterns and feature interactions
  • Log files and error reports

3. How We Use Your Information

We use your information to:

  • Provide and maintain our financial wellness services
  • Generate personalized insights and recommendations
  • Process payments and manage subscriptions
  • Analyze spending patterns and emotional correlations
  • Improve our AI algorithms and service quality
  • Communicate with you about your account and our services
  • Provide customer support and respond to inquiries
  • Comply with legal obligations and prevent fraud

4. Information Sharing and Disclosure

Our Commitment:

We do not sell, trade, or rent your personal information to third parties. Your financial and emotional data is highly sensitive, and we treat it with the utmost care and security.

We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party vendors who help us operate our service (e.g., Stripe for payments, Supabase for data storage)
  • Legal Requirements: When required by law, court order, or government regulation
  • Safety and Security: To protect the rights, property, or safety of Klyro, our users, or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with user notification)
  • Consent: With your explicit consent for specific purposes

5. Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for sensitive financial data
  • Secure HTTPS connections for all data transmission
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Data backup and disaster recovery procedures
  • Employee training on data protection and privacy

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

You can request a copy of your personal data and export your information in a portable format.

6.2 Correction and Updates

You can update or correct your personal information through your account settings or by contacting us.

6.3 Deletion

You can request deletion of your account and associated data. Some information may be retained for legal or business purposes.

6.4 Opt-Out

You can opt out of marketing communications and certain data processing activities.

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience and analyze usage patterns. You can control cookie preferences through your browser settings.

We use both session cookies (which expire when you close your browser) and persistent cookies (which remain until deleted) for authentication, preferences, and analytics.

8. Third-Party Services

Our service integrates with third-party providers:

  • Stripe: Payment processing (subject to Stripe's privacy policy)
  • Supabase: Database and authentication services
  • OpenAI: AI-powered insights and recommendations
  • Google OAuth: Authentication services (optional)

These services have their own privacy policies, and we encourage you to review them.

9. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this privacy policy.

11. Children's Privacy

Our service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our service. Your continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@klyro.app
Address: [Your Business Address]
Data Protection Officer: dpo@klyro.app

This Privacy Policy is effective as of 6/25/2025 and will remain in effect except with respect to any changes in its provisions in the future.