Privacy Policy
How KITAURA collects, uses, and protects your data when you build CVs and proposals on our platform.
1. Introduction
KITAURA ("we", "our", "us") operates an AI-powered CV and proposal generator available at kitaura.com (the "Service"). This Privacy Policy explains how we collect, use, store, and protect the personal and professional information you share with us when you use the Service.
By creating an account or using KITAURA, you agree to the practices described in this policy. If you do not agree, please do not use the Service.
2. Information we collect
We collect the following categories of information:
Payment information
Billing name, address, and payment method details — processed via secure third-party processors (Stripe, PayPal). We do not store full card numbers.
3. How we use your data
Your data powers the generation of personalized CVs and proposals. We also use it to:
- Generate personalized CVs and proposals using AI
- Save and sync your documents across devices
- Process payments and manage subscriptions
- Send service updates and security alerts
- Provide customer support
- Improve our templates and user experience
- Detect fraud and unauthorized access
- Comply with legal obligations
4. AI processing
KITAURA uses third-party large language models (such as OpenAI, Anthropic, or similar providers) to generate your content.
- Your input is sent to the AI provider's API only when you request generation
- We do not allow AI providers to train their models on your personal data
- We use enterprise / zero-retention API endpoints wherever available
- Your generated documents are stored on our servers, not the AI provider's
- You can delete all AI-generated history from your account settings
5. Sharing and third parties
We share data only with:
- Cloud hosting providers (AWS, Google Cloud) — for storage and compute
- AI providers — strictly for generating content you request
- Payment processors — for billing
- Analytics tools (anonymized) — for usage insights
- Email service providers — for transactional emails
- Legal authorities — when required by valid legal process
6. Data retention
- Active accounts: We retain your data as long as your account is active.
- Deleted accounts: All personal data is permanently erased within 30 days.
- Inactive accounts: Accounts inactive for 24 months may be deleted after email notice.
- Backups: Encrypted backups are retained for up to 90 days.
7. Your rights
Depending on your location (GDPR, CCPA, and similar laws apply), you have the right to:
- Access — request a copy of your data
- Rectify — correct inaccurate information
- Delete — request permanent deletion
- Restrict — limit how we process your data
- Object — opt out of certain processing
- Port — receive your data in a machine-readable format
- Withdraw consent anytime
To exercise any right, email privacy@kitaura.com. We respond within 30 days.
8. Data security
We implement industry-standard security measures:
- TLS 1.3 encryption for data in transit
- AES-256 encryption for data at rest
- Hashed and salted passwords (bcrypt / Argon2)
- Two-factor authentication available for all accounts
- Regular security audits and penetration testing
- 72-hour breach notification policy
9. Cookies and tracking
KITAURA uses cookies for:
- Essential cookies — login sessions, security
- Preference cookies — language, theme, layout
- Analytics cookies — anonymized usage statistics
- Marketing cookies — only with your explicit consent
Manage preferences anytime via Settings → Privacy → Cookie preferences. We honor "Do Not Track" browser signals.
10. Contact us
For any privacy-related questions, requests, or complaints:
- Privacy queries: privacy@kitaura.com
- Support: support@kitaura.com
- Data Protection Officer: dpo@kitaura.com
We aim to respond to all inquiries within 5 business days.