> For the complete documentation index, see [llms.txt](https://docs.kula.digital/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.kula.digital/trust-and-legal/privacy.md). # Privacy policy > **Draft — for counsel review before publishing.** This is a good-faith first draft grounded in how the product works. It is not legal advice. Have it reviewed and finalised by qualified counsel, and confirm the sub-processor list, retention periods, and contact details, before publishing or relying on it. *Last updated: draft.* Kula Intelligence is operated by **Kula Holdings Pty Ltd** ("Kula", "we"). This policy explains what data we handle, why, and your choices. ## Two roles * **For studio operators (our customers):** we are the **controller** of your account information. * **For a studio's own data (members, sales, bookings, and so on):** the studio is the **controller** and Kula acts as a **processor** on the studio's instructions. We only access that data to provide the service to the studio. ## What we collect **1. Account information.** When you create an account: your name, email, studio name, region, timezone, and sign-in identifiers from our identity provider. Billing details if you subscribe. **2. Studio operational data (via connectors).** When you connect a data source, we read and store a copy of the relevant records so the AI can answer questions. Depending on which sources you connect, this can include: * **Members & contacts** — names, email addresses, phone numbers, membership status and plans (e.g. from your booking platform or Wix). * **Bookings & attendance** — classes, visits, check-ins, cancellations. * **Sales & payments** — sale amounts, plans, payment method and status, and limited payment metadata. We store at most the **last four digits** of a card; we never receive or store full card numbers. * **Accounting** — contacts, invoices, transactions, and (where your plan allows) general-ledger data from Xero. * **Marketing & web analytics** — advertising performance and spend from Meta, and **aggregated** website metrics from Google Analytics 4 (not individual visitor identities). Exactly what each connector reads — and what it does not — is listed on each [connector page](/your-data-sources/connectors.md). **3. Provider credentials.** The keys or tokens you provide to connect a source are stored **encrypted at rest (AES-256-GCM) in your studio's own database**, with the encryption key held separately. They're used only to read from that provider, and never shared between studios. **4. Usage & audit data.** Records of tool calls, privileged actions, and errors, used to operate the service, support you, and maintain an audit trail. ## What we do **not** collect or do * We do not receive full payment card numbers. * We do not track individual website visitors (GA4 data is aggregated). * We do not sell your data, ever. * We do not use one studio's data to answer another studio's questions. ## How we use data * **To provide the service** — to let your connected AI client answer questions about your studio. * **To operate and support** — diagnostics, troubleshooting, security, and billing. * **Optional semantic search** — only if you opt in, we generate embeddings from your text to power similarity search; the data stays in our cloud region. We do **not** use your studio's data to train cross-customer or general-purpose AI models. ## A note on connected AI clients Kula Intelligence is the bridge between your data and **an AI client you choose** (Claude, ChatGPT, and so on). When you ask a question, the relevant results are sent to that AI provider so it can answer you. That exchange is governed by **your agreement with that AI provider**, not by Kula. Choose the permission level that limits what's exposed — see [Permission levels](/connect-claude-and-access/scopes.md). ## Who we share data with (sub-processors) We use a small set of infrastructure providers to run the service. Each processes data only to provide its part of the service: | Provider | Role | | --------------------- | ----------------------------------------------------------------------------- | | Neon | Managed Postgres — your studio's database | | Google Cloud Platform | Cloud hosting, document storage, secrets, and the optional embeddings service | | Kinde | Operator sign-in / identity | | Vercel | Hosting for the operator web apps | We may update this list as our infrastructure evolves; the current list will always be here. We do not share your data with third parties for their own marketing. ## Where data is stored Your studio's data is stored in the cloud region you're provisioned in. Australian studios' data stays in Australia. ## How long we keep data * **While your account is active**, we retain your studio's transformed (canonical) data so the service keeps working — this is what makes 12-month trends and history possible. * **The raw imported copy** — the verbatim vendor data we land before transforming it — is kept only long enough to re-process safely: **30 days, then it is purged.** The canonical data it produced is unaffected. * **When you disconnect a data source**, the data we hold from that source is purged within **30 days**. * **When you close your account**, your studio's database and stored copies are purged within **30 days** of closure, except where we must retain limited records to meet a legal or accounting obligation. ## Your rights Depending on where you are, you may have rights to access, correct, export, or delete personal data, and to object to or restrict certain processing. * **Operators:** contact us using the details below. * **A studio's members:** because the studio controls its member data, direct requests to the studio; we will assist the studio in fulfilling them as its processor. ## Security We protect data with per-studio isolation, encryption in transit and at rest, scoped access, and auditing. See [Security & data handling](/trust-and-legal/security.md). To report a vulnerability, see [Responsible disclosure](/trust-and-legal/disclosure.md). ## Children Kula Intelligence is a business tool not directed at children and not intended for the collection of children's data. ## Changes to this policy We'll update this page when our practices change and revise the "last updated" line. Material changes will be communicated to operators. ## Contact Questions or requests: ****, Kula Holdings Pty Ltd, Sydney, Australia. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.kula.digital/trust-and-legal/privacy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.