Privacy Policy

Last updated: March 23, 2026

This Privacy Policy explains how Kairvio ("we," "us," or "our") collects, uses, stores, shares, and protects your information when you use our platform, website, and services (the "Service"). By using the Service, you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

Account information: Name, email address, phone number, business name, and business address when you create an account.
Business data: Customer records, contact information, conversation messages, invoices, quotes, job schedules, and other business data you enter into the Service.
Payment information: Billing details for your subscription. Payment processing is handled by Stripe — we do not store full credit card numbers on our servers.
Communications: Messages you send and receive through the Service, including SMS, voice calls, emails, and social media messages.
AI training data: Business information you provide to configure AI features (e.g., business description, services offered, pricing, FAQs).

1.2 Information We Collect Automatically

Usage data: Pages visited, features used, actions taken, and time spent in the Service.
Device information: Browser type, operating system, device type, and IP address.
Log data: Server logs including access times, error logs, and referral URLs.
Cookies: We use essential cookies to maintain your session and preferences. We do not use third-party advertising cookies.

1.3 Information from Third-Party Integrations

Facebook & Instagram (Meta): When you connect your Facebook Page or Instagram Professional Account to Kairvio, we access your page's messaging data (incoming and outgoing messages, sender name and profile information) to display conversations in our unified inbox. We also access your Page name and profile to identify the connected account. See Section 5 for more details.
Stripe: When you connect your Stripe account, we receive transaction status and payment confirmation data to update invoice statuses. We do not access your Stripe balance or bank details.
Twilio: Call logs, SMS delivery status, voicemail recordings, and call transcriptions are processed through Twilio and stored in your account.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service.
Process your transactions and manage your subscription.
Send and receive messages on your behalf through connected communication channels.
Power AI features (AI Assistant, AI Voice Receptionist, Sales Co-Pilot, etc.) using the business information you provide.
Send you service-related notifications, including account alerts, billing reminders, and feature updates.
Respond to your support requests and communicate with you about your account.
Monitor and analyze usage patterns to improve the Service and develop new features.
Detect, prevent, and address fraud, abuse, and security issues.
Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your data for advertising profiling or share it with data brokers.

3. How We Share Your Information

We share your information only in the following circumstances:

Service providers: We use third-party services to operate the platform, including Twilio (communications), Stripe (payments), Supabase (database hosting), Resend (email delivery), Anthropic (AI processing), and Meta (social messaging). These providers process data on our behalf and are contractually obligated to protect it.
Your customers: When you send messages, invoices, quotes, or appointment confirmations through the Service, the relevant information is delivered to your customers as intended.
Legal requirements: We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

4. Data Storage & Security

Your data is stored on secure servers using industry-standard security measures, including:

Encryption in transit (TLS/SSL) and at rest.
Access controls and authentication for all system access.
Regular security assessments and monitoring.
Third-party providers (Supabase, Stripe, Twilio) that maintain SOC 2 compliance.

While we implement commercially reasonable security measures, no method of transmission or storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you and any relevant authorities as required by applicable law.

Your data is primarily stored in the United States. If you are accessing the Service from outside the United States, you consent to the transfer and processing of your data in the United States.

5. Facebook & Instagram (Meta) Data

When you connect your Facebook Page or Instagram Professional Account to Kairvio, we access and process the following data through the Meta Platform:

Page information: Your Page name, Page ID, and profile picture to identify the connected account.
Messaging data: Incoming and outgoing messages sent through Facebook Messenger and Instagram Direct Messages, including message content, sender name, and sender profile information.

How we use Meta data:

To display your Facebook and Instagram conversations in the Kairvio unified inbox.
To allow you to reply to messages from within Kairvio.
To include these conversations in your customer communication history.

What we do NOT do with Meta data:

We do not sell, license, or share your Facebook or Instagram data with third parties.
We do not use it for advertising, marketing profiling, or analytics unrelated to providing the Service.
We do not transfer it to data brokers or any unrelated services.

Disconnecting and deleting Meta data:

You can disconnect your Facebook Page or Instagram account at any time from Settings > Integrations within Kairvio. Upon disconnection, we stop accessing new data from Meta. To request deletion of previously stored Meta messaging data, email support@kairvio.com with the subject line "Meta Data Deletion Request." We will process your request within 30 days. You can also visit our Data Deletion page for more information.

6. SMS and Text Messaging

When end users provide their phone number to a business using Kairvio, they may receive transactional SMS messages from that business, including appointment reminders, booking confirmations, invoices, quotes, and service follow-ups. Messages are sent on behalf of the business through Kairvio's platform using Twilio as the telecommunications provider.

Consent: By providing a phone number through any of the following methods, end users consent to receive SMS messages from the business:

Calling or texting the business phone number
Submitting a phone number via an online booking page or web form
Providing a phone number verbally or in writing during an in-person interaction

Opt-Out: End users can opt out of receiving text messages at any time by replying STOP to any message. After opting out, no further messages will be sent unless the end user re-initiates contact.

Help: End users can reply HELP to any message to receive support information.

Message Frequency: Message frequency varies based on service activity (e.g., appointment reminders, invoice delivery). Messages are transactional in nature and are not used for marketing purposes.

Message and Data Rates: Standard message and data rates may apply depending on the end user's mobile carrier and plan.

Carriers: Carriers are not liable for delayed or undelivered messages.

Phone numbers collected for SMS messaging are not sold, rented, or shared for marketing purposes. Phone numbers are used solely for the purpose of delivering service-related communications on behalf of the business.

7. AI Data Processing

When you enable AI features (AI Assistant, AI Voice Receptionist, Sales Co-Pilot, etc.), the business information you provide and relevant conversation context may be processed by third-party AI services (e.g., Anthropic Claude) to generate responses. This data is sent securely and is not used by the AI provider to train their models. AI-generated responses are not stored by the AI provider beyond the duration of the request.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account cancellation or deletion, we retain your data for up to 30 days to allow for reactivation, after which it is permanently deleted from our active systems. Some data may be retained in encrypted backups for up to 90 days. Data required for legal compliance, dispute resolution, or enforcement of our terms may be retained longer as permitted by law.

9. Your Rights & Data Deletion

You have the right to:

Access your data: Request a copy of the personal data we hold about you.
Correct your data: Update or correct inaccurate information through your account settings or by contacting us.
Export your data: Request an export of your business data in a commonly used format.
Delete your data: Request deletion of your account and all associated data.
Restrict processing: Request that we limit how we process your data in certain circumstances.
Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

How to Request Data Deletion

To request deletion of your Kairvio account and all associated data, including any data received through Facebook, Instagram, or other connected platforms:

Email support@kairvio.com with the subject line "Data Deletion Request."
Include your account email address and the specific data you want deleted (or request full account deletion).
We will confirm receipt of your request within 48 hours.
Your data will be permanently deleted from our active systems within 30 days.

For more details, visit our Data Deletion page.

10. Cookies

We use essential cookies to keep you logged in and maintain your preferences. We do not use third-party advertising or tracking cookies. You can disable cookies in your browser settings, but this may affect your ability to use the Service.

11. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through the Service at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

13. Contact

For privacy-related questions, data requests, or concerns:

Email: support@kairvio.com
Web: kairvio.com/contact
Data Deletion: kairvio.com/data-deletion