Privacy Policy

1. Introduction

KiteCX ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud-based customer support platform (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

Account Information

• Name, email address, and password when you create an account
• Company name, subdomain, and business details
• Billing information and payment details (processed securely via Stripe)

Customer Communication Data

• SMS messages sent and received through the platform
• Email messages sent and received through the platform
• Phone numbers of your customers who contact you via SMS
• Email addresses of your customers who contact you via email
• Support ticket content and metadata

Usage Data

• Log data, including IP address, browser type, and access times
• Feature usage and interaction data
• Credit consumption and billing activity

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process and route SMS and email communications
• Power AI-assisted features such as message analysis and ticket categorization
• Process payments and manage subscriptions
• Send service-related notifications and updates
• Monitor and analyze usage patterns to improve performance
• Detect, prevent, and address technical issues or abuse
• Comply with legal obligations

4. AI and Data Processing

Our Service uses artificial intelligence to assist with ticket categorization, response suggestions, and message analysis. Customer communication data may be processed by our AI systems solely to provide these features. We do not use your customer data to train general-purpose AI models. AI processing is performed in accordance with our data security practices and is subject to the same protections as all other data.

5. SMS and Telecommunications Data

When you use our SMS features, we process telecommunications data in compliance with applicable laws, including:

• The Telephone Consumer Protection Act (TCPA)
• CTIA Messaging Principles and Best Practices
• Applicable state and federal telecommunications regulations

We maintain records of opt-in and opt-out requests from your customers to ensure compliance. Phone numbers and message content are stored securely and are only accessible to authorized users within your organization.

6. Data Sharing and Third Parties

We do not sell your personal information or your customer data. We may share information with third-party service providers who assist us in operating the Service:

• Twilio — for SMS message delivery and phone number provisioning
• Stripe — for payment processing and subscription management
• Google Firebase — for authentication, database, and cloud infrastructure
• OpenAI — for AI-powered features and message analysis
• Resend — for email delivery
• Sentry — for error tracking and performance monitoring

These providers are contractually obligated to protect your data and may only use it to perform services on our behalf.

7. Data Retention

We retain your account information and customer communication data for as long as your account is active or as needed to provide the Service. If you cancel your account, we will delete or anonymize your data within a reasonable timeframe, unless we are required to retain it for legal or compliance purposes. You may request deletion of your data at any time by contacting us.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit using TLS/SSL
• Secure cloud infrastructure with access controls
• Authentication and authorization mechanisms
• Regular security assessments and monitoring

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your data:

• Access — Request a copy of the data we hold about you
• Correction — Request correction of inaccurate data
• Deletion — Request deletion of your data
• Portability — Request your data in a portable format
• Objection — Object to certain processing of your data
• Restriction — Request restriction of processing

To exercise any of these rights, please contact us through our support channels.

10. Cookies and Tracking

We use essential cookies and similar technologies to maintain your session and authenticate your account. We may also use analytics tools to understand how the Service is used. You can control cookie settings through your browser preferences.

11. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us through our support channels or via the contact information provided on our website.