Privacy, clarity, and control.
We are committed to protecting your information and keeping your work under your control.
Last updated: April 2, 2026
1. Overview and Scope
Krilarr ('Company', 'we', 'us', 'our') operates a SaaS platform that helps creators and professionals verify and share their work. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our website, mobile apps, and services. This policy is compliant with GDPR (EU) and CCPA (California) standards.
2. Personal Information We Collect
Account Information
When you create an account, we collect your name, email address, password, and optional profile information (bio, profile picture, location).
Proof Data
We collect and store the proofs, files, and content you upload to the platform. This includes documents, images, code snippets, and metadata about your work.
Usage Data
We automatically collect information about your interactions with the platform, including pages visited, features used, clicks, search queries, time spent, and device information (IP address, browser type, operating system).
Payment Information
When you upgrade to a paid plan, payment processing is handled by Flutterwave. We do not store full credit card details—only transaction records and billing history. Flutterwave may share limited information with us for billing and fraud prevention.
Communication Data
We collect emails, messages, and feedback you send us, as well as support tickets and newsletters you subscribe to.
3. Legal Basis for Processing (GDPR)
For users in the EU, we process personal data based on: (a) your consent (e.g., for marketing emails); (b) performance of our contract with you (account management, service delivery); (c) our legitimate interests (security, fraud prevention, service improvement); (d) legal compliance; and (e) your explicit consent for cookies and analytics.
4. How We Use Your Information
Service Delivery
To create and maintain your account, process payments, deliver the platform, and provide customer support.
Proof Verification
To verify proof submissions, generate cryptographic hashes, and maintain audit trails.
Communication
To send account notifications, password resets, updates, and promotional content (only if you've opted in).
Product Improvement
To analyze usage patterns, identify bugs, test new features, and improve user experience.
Security and Compliance
To detect fraud, prevent abuse, comply with legal obligations, and protect our platform and users.
5. Data Sharing and Disclosure
Service Providers
We share data with third-party services necessary to operate the platform, including cloud infrastructure providers, email services, analytics platforms, and payment processors (Flutterwave). These vendors are contractually bound to protect your data.
Legal Obligations
We may disclose information if required by law, court order, government request, or when necessary to protect rights, safety, and property.
Proof Visibility
If you choose to publish or share a proof, it becomes publicly visible. We do not proactively share your data, your privacy settings control visibility.
No Sale of Data
We do NOT sell your personal information to third parties. We do not trade your data for financial gain.
6. Data Retention and Deletion
Active Accounts
We retain your data while your account is active. Account usage, proofs, and preferences are maintained for service delivery.
Deactivated Accounts
Upon account deletion request, we securely erase personal and proof data within 30 days, except where retention is required by law (e.g., tax records, fraud investigations). We retain anonymized usage data for analytics.
Backups
Deleted data may persist in backup systems for up to 90 days before permanent removal.
Legal Holds
If subject to legal proceedings, we may retain data beyond your deletion request until legal obligations are satisfied.
Deletion Request Process
To request account deletion, go to Settings > Account > Delete Account, or contact us at hellokrilarr@gmail.com with subject 'Krilarr Support' and your user ID. Provide your email and we'll confirm deletion.
7. Your Privacy Rights
GDPR Rights (EU Residents)
You have the right to: (a) access your personal data; (b) correct inaccurate information; (c) request erasure ('right to be forgotten'); (d) restrict processing; (e) data portability (receive data in machine-readable format); (f) object to processing; (g) withdraw consent at any time.
CCPA Rights (California Residents)
You have the right to: (a) know what personal information is collected; (b) delete personal information; (c) opt-out of sales or sharing of data; (d) access your data; (e) correct inaccurate information.
Exercise Your Rights
To exercise these rights, email hellokrilarr@gmail.com with 'Privacy Request' and your user ID. Provide sufficient detail to identify you. We'll respond within 30 days (GDPR) or 45 days (CCPA).
No Discrimination
We will not discriminate against you for exercising your privacy rights. Legitimate business purposes or legal obligations may limit the scope of certain requests.
8. Cookies and Tracking
What Are Cookies?
Cookies are small files stored on your device that remember preferences and track activity.
How We Use Cookies
We use essential cookies for authentication and session management, analytics cookies (Google Analytics) to understand usage patterns, and marketing cookies to track campaign effectiveness (if consent given).
Your Choices
You can disable cookies in your browser settings. Disabling essential cookies may limit platform functionality. Analytics and marketing cookies can be disabled via cookie consent banner at first visit.
Third-Party Tracking
Third-party services (Google Analytics, Flutterwave) may independently track your activity. Review their privacy policies for details.
9. Security and Data Protection
Safeguards
We implement industry-standard security measures including end-to-end encryption for sensitive data, TLS/SSL encryption in transit, secure password hashing, regular security audits, and limited access to personal data.
Security Limitations
No method of transmission or storage is 100% secure. While we work to protect your information, we cannot guarantee absolute security. You are responsible for keeping your credentials confidential.
Data Breach Notification
In the event of a data breach affecting your personal information, we will notify you without undue delay (per GDPR) and take steps to mitigate harm.
10. Children's Privacy
Krilarr is not intended for users under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect information from children. If we become aware a child has provided information, we will delete it promptly.
11. International Data Transfers
If you are outside the US, your data may be transferred to, stored in, and processed in the United States or other countries. By using Krilarr, you consent to this transfer. We comply with GDPR Standard Contractual Clauses for transfers from the EU.
12. Third-Party Links
Our platform may contain links to external websites and services. This Privacy Policy applies only to Krilarr. We are not responsible for the privacy practices of third-party sites. Review their policies before accessing.
13. Changes to This Policy
We may update this Privacy Policy periodically. Changes take effect 30 days after posting. Significant changes will be communicated via email or a notice on the platform. Your continued use constitutes acceptance of the updated policy.
14. Data Protection Officer (DPO) & Contact
Questions or Requests
If you have questions, requests, or concerns about this Privacy Policy or our data practices, contact us at:
hellokrilarr@gmail.com (subject: Krilarr Support)
Address
Krilarr Inc. (Mailing address to be provided)
Data Protection Officer
For GDPR-specific inquiries, you may also contact our DPO (to be designated).
Regulatory Complaints
You have the right to lodge a complaint with your local data protection authority (EU) or California Attorney General (CA) if you believe we have violated your privacy rights.
15. Effective Date
This Privacy Policy is effective as of April 2, 2026 and was last updated on April 2, 2026.