Privacy Policy

Privacy Policy for Kai’s Box / PeopleAI

Effective Date: 27/10/2025
Website: https://kaisbox.com
Contact Email: info@kaisbox.com
Service Name: PeopleAI
Provider: Kai’s Box

1. Introduction

Welcome to Kai’s Box (“we”, “us”, “our”). Our website https://kaisbox.com (“Site”) provides an online AI assistant platform known as PeopleAI. By registering for or using our services, you agree to the terms of this Privacy Policy, which explains how we collect, use, disclose, and protect your personal information.

2. What Information We Collect

a. Account & Profile Data

• When you register for PeopleAI, we collect your name (or username), email address, and a password (encrypted).
• We may collect additional profile data (e.g., display name, plan status) when you subscribe or upload files.

b. Payment & Subscription Data

• If you choose a paid plan, we collect billing information via our payment providers (e.g., credit/debit card data via Stripe or payment details via Flutterwave). Note: we do not store full card numbers on our servers — payment processing is handled by the provider.
• We store your plan type (monthly/yearly), subscription start and end dates, payment gateway used, and transaction logs (for audit and support).

c. Usage & Interaction Data

• We log your conversations with PeopleAI, including prompts, uploads, chat transcripts, and derived usage statistics.
• We may collect metadata such as timestamps, IP addresses, browser/user-agent info, and event logs (file uploads, voice dictation sessions, etc.).

d. Uploaded Content & Enrichment Data

• If you upload files (PDFs, audio, images) or request enrichment (e.g., email/username breach checks via OSINT), we may process and store anonymized results or temporary data to fulfill your request.
• We use third-party enrichment services (e.g., HaveIBeenPwned, Dehashed, IntelX) to provide breach / OSINT data. We only pass to the AI backend the sanitized context data, never revealing raw leaked credentials to users unless explicitly authorized.

e. Third-Party AI Provider Data

• Our system integrates generative AI models such as OpenAI (ChatGPT/GPT-5), Google Gemini, and Anthropic Claude. When we send prompts and context to those providers, we include only the sanitized content you supply and our relevant metadata.
• Those providers may collect usage logs but operate under their own privacy policies; you should review those as needed.

3. How We Use Your Information

• To deliver and operate the PeopleAI service, including chat sessions, file uploads, voice dictation, enrichment lookups, and streaming responses.
• To manage your account, subscription status (free/paid), billing, renewal, and cancellation.
• To monitor usage, detect abuse/fraud, enforce plan limits, and enforce our Acceptable Use Policy.
• To improve our service: training system usage statistics (only aggregated/anonymized), diagnosing issues, performing analytics.
• To communicate with you: subscription notices, renewal reminders, support, changes to policy or terms.
• For legal compliance: we may process or retain data if required by law, or to respond to legal requests, or to protect our rights & property.

4. Disclosure & Sharing

• We do not sell your personal information to third parties.
• We share only what is necessary: with payment processors (Stripe/Flutterwave) to authorize and manage transactions; with infrastructure providers (hosting, email service) under confidentiality obligations; with AI providers (OpenAI/Gemini/Claude) for generation tasks.
• We may share anonymized or aggregated usage data (no personally identifying details) for service improvement or research.
• If required by law or by a valid subpoena, we may disclose personal data to law enforcement or regulators.

5. Cookies & Tracking Technologies

• We use cookies, localStorage and similar techniques to maintain your session (logged-in state), store your preferences (UI theme, plan settings), and to perform authentication.
• We may use analytics tools (Google Analytics, etc.) to monitor site traffic in an aggregate manner.
• You can disable certain cookies via your browser settings, but disabling authentication/session cookies may prevent login.

6. Data Retention & Deletion

• We retain your account profile data for as long as you maintain an account or until you request deletion.
• For paid users: we retain subscription history and payment logs for at least [insert retention period, e.g., 5 years] to comply with financial record-keeping obligations.
• For free users: usage logs may be purged or anonymized after 12-24 months of inactivity.
• You may request deletion of your account and associated data by contacting us at info@kaisbox.com. On deletion, we will anonymize or remove your personal identifiers within 30 days, unless legal retention is required.

7. Your Rights (Global Considerations)

Depending on your jurisdiction, you may have rights such as:

• Accessing your personal data that we hold.
• Correcting inaccurate personal data.
• Deleting or restricting processing of your personal data.
• Data portability (to the extent technically feasible).
• Withdrawing consent (if applicable) or objecting to processing.
• For EU/UK residents: you have the right to lodge a complaint with your local supervisory authority.
  We will comply with these rights to the extent required by local law (GDPR, UK DPA, CCPA, etc.). To exercise your rights, contact info@kaisbox.com.

8. Payments & Subscription Policies

• Paid plans are processed via Stripe or Flutterwave. Your card or payment method details are not stored on our servers — they are managed by the payment provider.
• Your plan level (monthly or yearly) will be active for the term you paid; renewals will be processed automatically unless you cancel via your account page or unsubscribe link.
• If you unsubscribe (via our “My Account” or relevant settings), your plan status in our system will change to free. However, you are responsible for ensuring your payment method is canceled at the payment provider as applicable.
• Refunds: All refund requests must adhere to our Refund Policy (linked separately). We may issue partial or full refunds at our discretion, depending on usage.
• If we detect fraudulent or abusive activity, we reserve the right to suspend or terminate a paid account, cancel future billing, and refund unused service periods (subject to review).

9. Security

• We implement appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS/TLS), hashed passwords, access controls, and regular server monitoring.
• However, no system is 100% secure. You are responsible for safeguarding your account credentials and notifying us immediately of any unauthorized access.
• We log access and relevant events (login attempts, subscription changes) for audit and security purposes.

10. Children’s Privacy

• Our service is not intended for children under the age of 16 (or in jurisdictions, the applicable age of consent). We do not knowingly collect personal data from minors. If you believe we have inadvertently done so, please contact us at info@kaisbox.com and we will delete the data promptly.

11. International Transfers

• Kai’s Box is based in Cameroon. Data collected may be stored and processed in servers located in Sesen.
• If you are based in the EU, UK or other jurisdictions with stricter data-protection laws, we ensure adequate safeguards (such as Standard Contractual Clauses or similar) to protect your rights when data is transferred internationally.

12. Updates to this Privacy Policy

• We may update this policy from time to time. When we do, we will post the revised version on this page with a new “Effective Date”. If changes are significant, we may provide additional notice (e.g., email). We encourage you to check this policy periodically.

13. Contact Us

If you have questions, requests or complaints regarding this Privacy Policy or how your data is handled, you may contact us at:
Email: info@kaisbox.com
Website: https://kaisbox.com