This Privacy Policy explains how Krowna (“we”, “us”, “our”) collects, uses, and protects your information when you use the Krowna web and mobile apps. We designed Krowna to collect the minimum data required to deliver the service.
1. Information We Collect
- Account data: email address, hashed password, display name, avatar.
- Calendar data: events, tasks, habits, goals, notes, and reminders you create.
- Profile data: working hours, focus preferences, goals, and other details you share with the AI.
- Connected accounts: tokens and metadata from integrations you enable (e.g., Google Calendar).
- Usage data: feature interactions, device type, crash logs, and diagnostic events.
- Billing data: plan tier, credits balance, and payment receipts. Card details are handled by Lemon Squeezy; we never see them.
2. How We Use Your Data
- To operate and improve the service.
- To power AI scheduling, planning, and voice features on your behalf.
- To communicate about your account, billing, and product updates.
- To detect abuse, debug issues, and secure the platform.
3. AI Processing
When you use AI features, we send the minimum context required (such as your prompt, relevant events, and profile snippets) to our model providers — OpenAI and Anthropic. Both providers operate under zero-retention agreements for API traffic and do not train their models on your content. Your raw calendar is never uploaded in bulk.
4. Sharing
We share data only with the service providers required to run Krowna:
- Supabase — database and authentication hosting (EU/US regions).
- OpenAI & Anthropic — AI inference for your requests.
- Lemon Squeezy — payment processing and Merchant of Record for taxes.
- Google — calendar sync (only if you connect it).
- Vercel — web hosting and edge delivery.
We do not sell or rent your personal data.
5. Cookies & Local Storage
We use strictly necessary cookies for authentication and essential app state. We also store small preferences (e.g., completed onboarding, view settings) in your browser's local storage. We do not use third-party advertising cookies.
6. Data Retention
We keep your data while your account is active. On deletion, personal data is removed or anonymized within 30 days, except where retention is required by law (e.g., invoices).
7. Your Rights
Depending on where you live (EEA, UK, California, and other jurisdictions), you may have rights to access, correct, export, or delete your personal data. You can exercise most of these rights directly from Settings, or by emailing privacy@krowna.com.
8. International Transfers
Your data may be processed in countries outside your own. When transferring data out of the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses.
9. Security
We use TLS in transit, encryption at rest, row-level security, and least-privilege access controls. No system is perfectly secure — if you suspect a vulnerability, please report it to security@krowna.com.
10. Children
Krowna is not directed at children under 13. If we learn we have collected data from a child under 13, we will delete it.
11. Changes
We may update this Privacy Policy. Material changes will be announced by email or in-app notice at least 14 days before taking effect.
12. Contact
Questions about privacy? Email privacy@krowna.com.