The Honest Version (Then the Legal Version)
We know nobody reads privacy policies. So here's the TL;DR:
✅Your relationship data is YOURS. We store it securely on Google Cloud, but you own it.
✅We'll never sell your data. Your contacts, notes, and interactions stay private.
✅You can delete everything anytime. Hard delete = gone forever. Soft delete = 60 days, then gone forever.
✅We use anonymized patterns to improve the AI. We learn from usage patterns, never from your actual conversations or personal notes.
✅We encrypt everything. Your data is protected both in storage and in transmission.
✅You can export your data. Premium users can do it in-app. Free users can email us.
If you want the legal details, keep reading.
1. Information We Collect
Information You Provide Directly:
When you use Kindred, you provide us with:
- Account Information: Name, email address, phone number, profile photo
- Contact Information: Names, phone numbers, emails, addresses, companies, and other details about people in your network
- Relationship Data: Notes about contacts, relationship categories/circles, important dates (birthdays, anniversaries, work anniversaries)
- Interaction History: Logs of calls, messages, emails, and meetings including date, time, duration, type, and any notes you add
- Events & Meetings: Calendar events, meeting locations, attendees, event descriptions
- Voice Notes: If you use voice input to log interactions, we transcribe and store them as text
- Conversation Context: Summaries and context you provide about your relationships and interactions
Information We Collect Automatically:
- Device Information: Device type, operating system version, app version, unique device identifiers
- Usage Data: Features you use, time spent in app, actions taken, interaction patterns
- Log Data: Error logs, crash reports, performance data, diagnostic information
- Location Data: Approximate location for local events (only if you grant permission)
Information from Third-Party Integrations:
With your explicit permission, we may import data from:
- Google Services: Google Contacts, Google Calendar, Gmail metadata (sender, recipient, timestamp - NOT email content)
- Apple Services: iOS Contacts, Apple Calendar
- Other Calendar Services: Microsoft Outlook, other calendar providers you connect
Important: We only access metadata (who, when, event titles) from your email and calendar. We never read the content of your emails or private calendar notes unless you explicitly provide them to us within Kindred.
2. How We Use Your Information
Provide Core Services:
- Store and organize your professional and personal relationships
- Generate smart reminders based on your interaction patterns and relationship history
- Track relationship health and engagement over time
- Provide AI-powered suggestions for when and why to reach out
- Create timelines of your relationship history
- Help you search and find contacts quickly
- Suggest optimal communication timing based on your patterns
Improve Kindred (The AI Training Part):
Here's exactly what we DO:
- Analyze anonymized, aggregated patterns across all users to improve our AI
- Train models on relationship timing patterns, interaction frequency patterns, and reminder effectiveness
- Improve our AI's ability to suggest relevant reminder timing
Here's exactly what we DON'T do:
- We do NOT read your specific notes about people
- We do NOT access the content of your conversations or what you wrote about anyone
- We do NOT use actual names, phone numbers, email addresses, or any personally identifiable information in AI training
- We do NOT share individual relationship data with anyone, ever
Example: We might learn "users who set quarterly reminders for investors tend to maintain stronger relationships" from anonymized usage patterns, but we will never know that you specifically need to call Sarah about your Series A fundraise.
Communications:
- Send you important product updates and security notifications
- Notify you about features you've requested or changes to features you use
- Respond to your support requests and questions
- Send optional tips, best practices, and product education (you can opt out anytime)
Legal & Safety:
- Comply with applicable legal requirements
- Prevent fraud, abuse, or misuse of our services
- Enforce our Terms of Service
- Protect the security and integrity of our services
3. How We Share Your Information
We Do NOT Sell Your Data. Period.
Your relationship data is private and will never be sold to advertisers, data brokers, marketing companies, or any third parties for any reason.
We May Share Information Only In These Limited Cases:
Service Providers:
We use trusted third-party services to operate Kindred:
- Cloud Infrastructure: Google Cloud Platform (US region) to securely store your data
- Database: Google Cloud SQL with encryption and security controls
- AI Processing: For AI features, data is anonymized and processed without storing personal identifiers
All service providers are bound by strict confidentiality agreements and cannot use your data for their own purposes.
Legal Requirements:
We may disclose information only if required by:
- Valid court order or subpoena
- Legal obligation under applicable law
- Government or regulatory request where legally required
We will notify you of such requests unless prohibited by law.
Business Transfers:
If Kindred is acquired, merged, or undergoes a business transition, your data may transfer to the new entity. The same privacy protections will continue to apply, and you'll be notified of any changes.
With Your Explicit Consent:
We'll ask your permission before sharing data in any other way not described here.
4. Data Security
We take security seriously:
Infrastructure Security:
✅Secure Cloud Storage: All data is stored on Google Cloud Platform in secure US data centers (us-central1 region)
✅Database Security: Google Cloud SQL with security configurations, firewall rules, and access controls
✅Data Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3
✅Data Encryption at Rest: All stored data is encrypted using AES-256 encryption
✅Secure Backups: Regular encrypted backups with restricted access
Access Controls:
- Role-based access control (RBAC) - only authorized personnel can access systems
- Two-factor authentication (2FA) required for all administrative access
- Principle of least privilege - team members only access what they need for their role
- We never access your personal relationship data unless you explicitly request support assistance
Monitoring & Testing:
- Continuous security monitoring and logging
- Regular security updates and patches
- Ongoing security assessments
Compliance:
- Working toward SOC 2 Type II certification
- GDPR compliant for EU users
- CCPA compliant for California users
However, no system is 100% secure. While we implement industry-standard security measures, we cannot guarantee absolute security against all possible threats.
5. Your Rights & Control
You Own Your Data:
Delete Your Data:
You have two deletion options:
- Soft Delete: When you delete contacts, interactions, or notes in the app, they're moved to a "deleted" state for 60 days (in case you change your mind), then permanently erased
- Hard Delete: When you delete your entire account (Settings → Account → Delete Account), ALL your data is immediately and permanently removed from our servers with no recovery option
Export Your Data:
- Premium users: Export all your data directly from the app in industry-standard formats (CSV, JSON) via Settings → Data Export
- Free users: Email us at [email protected] and we'll send you a complete data export within 7 business days
Your export includes: all contacts, interaction history, notes, relationship data, events, and account information.
Access Your Data:
- View all data we have about you directly in your account
- Request a detailed report of all collected data by emailing [email protected]
Correct Your Data:
- Update any information directly in the app anytime
- Contact us at [email protected] if you need assistance correcting data
Control Integrations:
- Enable/disable specific integrations (Google Contacts, Calendar, etc.) in Settings
- Revoke permissions at the device level anytime through your device settings
- Disconnect third-party services without losing your core Kindred data
Opt-Out of Communications:
- Unsubscribe from marketing and educational emails anytime (link at bottom of every email)
- You'll still receive critical account, security, and transactional notifications
- Manage notification preferences in Settings → Notifications
6. Data Retention
Active Accounts:
We retain your data as long as your account is active and you continue using Kindred.
Soft-Deleted Data:
When you soft-delete items (contacts, interactions, notes) within the app, they're retained for 60 days then permanently erased. This allows you to recover accidentally deleted data.
Hard-Deleted Accounts:
When you permanently delete your account, ALL personal data is immediately and irreversibly erased from our servers. There is no recovery period.
Legal Retention:
We may retain certain anonymized data if required by law (e.g., anonymized financial transaction records for tax compliance).
Anonymized Analytics:
Anonymized, aggregated usage patterns (with no personal identifiers) may be retained indefinitely for product improvement.
7. International Data Transfers
Kindred operates globally but stores data in the United States (Google Cloud us-central1 region).
For International Users:
If you're using Kindred from outside the United States, your data will be transferred to and stored in the US. By using Kindred, you consent to this transfer.
For EU Users (GDPR):
We comply with GDPR requirements for international data transfers:
- We use Standard Contractual Clauses (SCCs) approved by the European Commission
- We implement appropriate technical and organizational security measures
- You have specific rights detailed in the "European Privacy Rights" section below
For UK Users:
We comply with UK GDPR requirements using similar safeguards as EU transfers.
For California Users (CCPA):
You have specific rights under California law - see "Your California Privacy Rights" section below.
8. Children's Privacy
Kindred is intended for users 13 years of age and older.
We do not knowingly collect personal information from children under 13. If we discover we've collected data from a child under 13, we will delete that information immediately.
If you're a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at [email protected].
For EU Users: The minimum age is 16 in certain EU countries. Please check your local requirements.
9. Third-Party Links & Integrations
Kindred may contain links to third-party websites or integrate with third-party services (Google, Apple, Microsoft, etc.).
We are not responsible for the privacy practices of third parties. Please review their privacy policies separately.
When you authorize integrations (e.g., Google Calendar, Google Contacts), you are also subject to their terms of service and privacy policies. We recommend reviewing:
- Google Privacy Policy: https://policies.google.com/privacy
- Apple Privacy Policy: https://www.apple.com/legal/privacy/
- Microsoft Privacy Policy: https://privacy.microsoft.com/
We only request the minimum permissions necessary to provide Kindred's functionality.
10. Cookies & Tracking Technologies
Mobile App:
Our mobile app does not use cookies but may use similar technologies:
- Local Storage: To store app preferences and cache data for offline functionality
- Device Identifiers: To identify your device for security and support purposes
- Analytics: To understand app usage and improve performance (anonymized)
Website:
Our website (trykindredapp.com) uses:
- Essential Cookies: Required for website functionality (login, preferences)
- Analytics Cookies: To understand website traffic and usage (anonymized via Google Analytics)
You can control cookie preferences through your browser settings.
11. Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
We'll notify you of material changes by:
- Email notification to your registered email address
- In-app notification when you next open Kindred
- Posting the updated policy on our website with a new "Last Updated" date
Continued use of Kindred after changes take effect means you accept the updated policy.
We encourage you to review this policy periodically to stay informed about how we protect your information.
12. Contact Us
Questions? Concerns? Data requests? We're here to help.
Website: www.trykindredapp.com/privacy
13. Your California Privacy Rights (CCPA)
If you're a California resident, you have these additional rights under the California Consumer Privacy Act (CCPA):
Right to Know:
Request disclosure of:
- Categories of personal information we collect
- Sources of that information
- Business purpose for collecting it
- Categories of third parties we share it with
- Specific pieces of personal information we have about you
Right to Delete:
Request deletion of your personal information (subject to certain exceptions)
Right to Opt-Out:
Opt-out of "sale" of personal information
(Note: We do NOT sell personal information, but you can still exercise this right)
Right to Non-Discrimination:
We will not discriminate against you for exercising your CCPA rights by:
- Denying goods or services
- Charging different prices
- Providing different quality of service
How to Exercise Your Rights:
- Email: [email protected]
- Subject line: "CCPA Request"
- Include: Your name, email, and specific request
Response Time: We'll respond within 45 days (can extend by 45 days for complex requests with notice).
14. European Privacy Rights (GDPR)
If you're in the European Economic Area (EEA), United Kingdom, or Switzerland, you have these rights under GDPR:
Right of Access
Request a copy of the personal data we hold about you
Right to Rectification
Request correction of inaccurate or incomplete personal data
Right to Erasure
Request deletion of your personal data in certain circumstances
Right to Restrict Processing
Request limitation on how we process your data
Right to Data Portability
Receive your personal data in a structured, machine-readable format
Right to Object
Object to processing of your personal data based on legitimate interests
Right to Withdraw Consent
Withdraw consent at any time where we rely on consent
Right to Lodge a Complaint
File a complaint with your local data protection authority
How to Exercise Your Rights:
- Email: [email protected]
- Subject line: "GDPR Request"
- Include: Your name, email, country of residence, and specific request
Response Time: We'll respond within 30 days of your request.
Legal Basis for Processing:
We process your data based on:
- Contract Performance: To provide Kindred's services
- Legitimate Interests: To improve our services and prevent fraud
- Consent: For optional features and marketing communications
- Legal Obligations: To comply with applicable laws
15. Data Breach Notification
In the unlikely event of a data breach that affects your personal information:
We will:
- Investigate the breach immediately
- Notify affected users within 72 hours of discovery (or as required by law)
- Notify relevant authorities as legally required
- Provide clear information about what happened and what data was affected
- Offer guidance on steps you can take to protect yourself
- Take immediate action to secure our systems and prevent future breaches
You will receive notification via:
- Email to your registered email address
- In-app notification
- Website notice (for widespread breaches)
The Bottom Line (From the Founder)
I built Kindred because I kept losing important relationships and opportunities, not because I wanted to build a data collection machine.
Your relationship data is personal and sacred. We protect it like it's our own (because honestly, I use Kindred too and my data is in the same systems as yours).
Here's my personal promise:
- We'll never sell your data
- We'll never snoop through your notes about people
- We'll use AI to help you, not to exploit your relationships
- We'll be transparent when things change
- We'll fix problems quickly when they arise
If you have questions, concerns, or just want to chat about privacy - email me directly at [email protected]. I read every email.
Henry Ikoh
Founder, Kindred
This privacy policy was last updated on October 1, 2025 and is effective as of October 1, 2025.
Version 1.0