Privacy Policy

Kin Casa helps individuals, families, and groups manage properties, tasks, workers, and payments. For the purposes of this policy, we are the data controller of personal data processed in connection with the Service.

This policy applies to information we process when you access or use the Service, visit our website, contact support, receive emails from us, or connect through third-party identity providers (e.g., Google).

• Account & Authentication Data: name, email address, and user identifiers provided by your identity provider (e.g., Google) and our auth partner Clerk.
• Profile & App Data: family/group membership, properties and projects you create, notes, tasks, relationships to workers, and activity necessary to operate the app.
• Worker & Contact Data: worker names, contact details, and related metadata that you enter.
• Payments: We use Stripe to process payments. We receive limited billing info (status, last 4 digits, brand, expiration month/year, subscription status). Sensitive card data is processed and stored by Stripe, not Kin Casa.
• Device & Usage: IP address, device/browser type, pages viewed, session duration, referral source, and similar analytics via PostHog. This helps improve reliability and performance.
• Support Communications: messages, feedback, and email correspondence.
• Cookies: essential cookies for authentication and session management; optional analytics cookies for usage insights.

• Provide, maintain, secure, and improve the Service.
• Authenticate users and authorize access to family/group workspaces.
• Process subscriptions and payments via Stripe.
• Send service-related communications (e.g., confirmations, changes, security alerts).
• Personalize features, remember preferences, and enhance usability.
• Monitor performance, debug issues, and derive product insights (aggregate analytics).
• Comply with legal obligations and enforce our terms, including fraud prevention and security.

• Contract: to provide the Service you request.
• Legitimate Interests: to secure and improve the Service, prevent abuse, and analyze usage.
• Consent: where required (e.g., non-essential cookies).
• Legal Obligation: to meet regulatory and tax requirements.

We do not sell personal data. We share information only as needed to operate the Service:

• Authentication: Clerk (user auth, session management).
• Payments: Stripe (payment processing, subscriptions; Kin Casa never stores full card data).
• Analytics: PostHog (product analytics, error/performance insights).
• Infrastructure & Hosting: cloud hosting/CDN (e.g., Vercel) and database providers to run the app reliably and securely.
• Email: transactional email via our SMTP provider.
• Compliance & Safety: when required by law, to protect rights, safety, and security.
• Business Transfers: in connection with a merger, acquisition, or asset sale, subject to continued protections consistent with this policy.

We keep personal data only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion of your account and associated data at any time (see Your Rights).

We use industry-standard safeguards, including TLS in transit and encryption at rest at our infrastructure providers. No method of transmission or storage is 100% secure; we continuously improve defenses and monitor for abuse.

Your information may be processed in the United States and other countries. Where applicable, we rely on appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.

• Access, Correction, Deletion: You can request access to, correction of, or deletion of your data. To delete your account and associated data, contact us at kincasaweb@gmail.com.
• Portability: Request a copy of your data in a portable format.
• Marketing Preferences: You may opt out of non-essential communications.
• Analytics: You can opt out of analytics cookies where required by your jurisdiction.
• EEA/UK: You may object to processing based on legitimate interests and lodge complaints with your supervisory authority.
• CCPA/CPRA (California): You have rights to know, delete, correct, and limit use of sensitive data, subject to exceptions. We do not sell or share personal information for cross-context behavioral advertising.

We use essential cookies for secure login and session continuity. We may use analytics cookies (PostHog) to understand feature usage and performance. You can control cookies via your browser settings; disabling essential cookies may impact functionality.

• When you sign in with Google, we request basic profile scopes (openid, email, profile) to authenticate you and associate your Google account with Kin Casa. We do not access your Gmail, Drive files, or other restricted Google data.
• Google user data is used solely to provide login, account creation, and security. We do not sell Google user data or use it for advertising.
• You can revoke Kin Casa’s Google access at any time from your Google Account security settings.

Payments are handled by Stripe. Kin Casa does not store full payment card numbers. Stripe processes your payment information in accordance with its own policies and PCI-DSS requirements. We store limited billing metadata (e.g., subscription status) to manage your account.

The Service is not directed to children under 13 (or the age of consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will take appropriate steps to remove it.

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. We will post the updated version with a new "Last updated" date and, where appropriate, provide additional notice.

If you have questions or requests regarding this Privacy Policy or your personal data, contact us at kincasaweb@gmail.com.

Kin Casa, United States