Privacy Policy

We collect information you provide directly to us, information we collect automatically when you use Katie AI, and information from third parties.

Information you provide: name, email address, company name, role, billing details (processed by Stripe — we never store full card numbers), the prompts and content you submit to Katie AI for coaching, survey responses, and any messages you send us.

Information collected automatically: device and browser information, IP address, pages viewed, time spent, referring URLs, and product usage events (e.g., lessons completed, workflows scanned, prompts scored). This is used to operate, secure, and improve the service.

Information from third parties: if you sign in using a single sign-on provider (e.g., Google, Microsoft), we receive the basic profile information that provider returns.

We use information to provide, maintain, and improve Katie AI; to authenticate you and secure your account; to process payments and manage subscriptions; to send transactional emails (e.g., receipts, account notifications) and, where you've opted in, product updates; to personalize coaching and recommendations; to detect and prevent fraud or abuse; and to comply with legal obligations.

We do not sell your personal information. We do not use your prompts, content, or workflows to train external third-party AI models.

We share information with service providers who help us run Katie AI under contractual data protection obligations. Today this includes:

• Stripe — payment processing and subscription management

• Supabase — database, authentication, and storage

• Resend — transactional email delivery

• Cloud hosting providers — to run our infrastructure

We may also share information when required by law (e.g., subpoena or court order), to protect the rights, safety, or property of Katie AI or others, or in connection with a business transfer such as a merger or acquisition (with notice to you).

We use cookies and similar technologies to keep you signed in, remember your preferences, measure traffic, and understand how Katie AI is used. Essential cookies are required for the service to function. Analytics and marketing cookies can be controlled through your browser settings or our cookie preferences (where available).

We do not currently respond to Do Not Track signals because no industry standard has been finalized.

We retain personal information for as long as your account is active and as needed to provide the service. After account deletion, we delete or anonymize personal information within 90 days, except where we are required to retain it for legal, accounting, or fraud-prevention purposes.

Backup copies may persist for up to 30 days beyond deletion as part of standard disaster-recovery practices.

Depending on where you live, you may have the right to access, correct, delete, or export your personal information; to object to or restrict certain processing; to withdraw consent; and to lodge a complaint with a data protection authority.

EU/EEA/UK residents have these rights under the GDPR. California residents have additional rights under the CCPA/CPRA, including the right to know, the right to delete, the right to correct, the right to limit use of sensitive personal information, and the right to opt out of sale or sharing (we do not sell personal information).

To exercise any of these rights, email privacy@katie.ai. We may need to verify your identity before fulfilling your request.

We use technical and organizational measures designed to protect your information, including TLS 1.3 in transit, AES-256 at rest, logical isolation of customer data, scoped access controls, and regular third-party penetration testing.

No system is perfectly secure. If we become aware of a security incident affecting your information, we will notify you and any required regulators in accordance with applicable law.

Katie AI is operated from the United States. If you access the service from outside the U.S., your information will be transferred to, stored, and processed in the U.S. and other countries where our service providers operate.

Where required, we rely on appropriate transfer mechanisms such as the EU Standard Contractual Clauses to safeguard cross-border transfers.

Katie AI is not directed to children under 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected such information, we will delete it. If you believe a child has provided us with personal information, please contact privacy@katie.ai.

Katie AI may link to or integrate with third-party services (e.g., the AI tools we recommend or connect to your account). We are not responsible for the privacy practices of those third parties. Review their privacy policies before sharing information with them.

We may update this Privacy Policy from time to time. The updated version will be indicated by a new effective date at the top of this page. For material changes, we will notify you by email or through the service before they take effect.

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: privacy@katie.ai

Mail: PRIORAITIY, attn: Katie AI Privacy

We will respond to verifiable requests within 30 days (or as required by applicable law).