Privacy Policy

We collect information to provide and improve our AI agent services. Here's what we gather and why:

Account Information

• Email address - For account creation, notifications, and support
• Name - To personalize your experience
• Organization details - For team and enterprise accounts
• Payment information - Processed securely through Stripe; we never store full card numbers

Usage Information

• Agent executions - Inputs, outputs, and execution logs to improve results
• Credit usage - To track your consumption and billing
• Feature interactions - To understand which features provide value

Technical Information

• Device and browser data - For compatibility and security
• IP address - For security, fraud prevention, and approximate location
• Cookies and similar technologies - For authentication and preferences

We use your information for the following purposes:

Service Delivery

• Execute AI agents and deliver results
• Process payments and manage your credits
• Provide customer support
• Send service-related notifications

Service Improvement

• Analyze usage patterns to improve agent performance
• Develop new features based on user needs
• Fix bugs and optimize platform performance

Security & Compliance

• Detect and prevent fraud or abuse
• Comply with legal obligations
• Enforce our Terms of Service

Communication

• Send product updates and announcements (with opt-out)
• Respond to your inquiries
• Share relevant educational content

We do not sell your personal information. We share data only in these circumstances:

Service Providers

We work with trusted partners who help us operate our platform, including:

• Stripe - Payment processing
• WorkOS - Authentication and SSO
• Convex - Database and backend infrastructure
• AI model providers - OpenAI, Anthropic, Google for agent execution

All providers are contractually obligated to protect your data and use it only for the services they provide to us.

Legal Requirements

We may disclose information when required by law, such as:

• Responding to valid legal processes
• Protecting the rights and safety of users
• Investigating potential violations of our terms

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

We implement robust security measures to protect your data:

• Encryption - All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access controls - Role-based access with audit logging
• Infrastructure security - Enterprise-grade cloud hosting with redundancy
• Regular audits - Security assessments and penetration testing
• Employee training - Security awareness and data handling protocols

While no system is 100% secure, we continuously improve our security practices and promptly address any vulnerabilities.

Depending on your location, you may have the following rights regarding your personal data:

Access & Portability

• Request a copy of your personal data
• Export your data in a portable format

Correction & Deletion

• Correct inaccurate information
• Request deletion of your data (subject to legal retention requirements)

Control

• Opt out of marketing communications
• Restrict certain processing activities
• Withdraw consent where applicable

Exercising Your Rights

To exercise any of these rights, email us at privacy@karigor.ai. We'll respond within 30 days.

We use cookies and similar technologies for:

Essential Cookies

Required for authentication, security, and basic functionality. These cannot be disabled.

Analytics Cookies

Help us understand how users interact with our platform. You can opt out of these in your account settings.

Preference Cookies

Remember your settings like theme preference and language.

We do not use third-party advertising cookies. You can manage cookie preferences through your browser settings.

Our AI agents process your data to deliver results. Here's how we handle this:

Data Processing

• Inputs - Data you provide to agents is processed by our AI providers
• Outputs - Results are stored in your account for your access
• Logs - Execution logs help us improve agent performance

AI Provider Data Handling

Our AI providers (OpenAI, Anthropic, Google) process data according to their respective privacy policies. We use API configurations that:

• Disable training on your data where available
• Minimize data retention periods
• Ensure enterprise-grade security

Sensitive Data

Avoid inputting highly sensitive data (passwords, financial account numbers, health records) into AI agents unless using agents specifically designed and certified for such data.

We retain your data based on the following guidelines:

• Account data - Retained while your account is active, deleted within 90 days of account closure
• Agent execution data - Retained for 12 months, then anonymized or deleted
• Payment records - Retained for 7 years for tax and legal compliance
• Support tickets - Retained for 3 years after resolution

You can request earlier deletion by contacting us.

Karigor AI Labs is headquartered in Bangladesh. Your data may be transferred to and processed in countries outside your residence, including the United States (where our AI providers OpenAI, Anthropic, and Google operate).

We ensure appropriate safeguards are in place, including:

• Data processing agreements with all service providers
• Standard Contractual Clauses where applicable
• Security measures consistent with industry standards
• Compliance with Bangladesh ICT laws and regulations

We may update this policy to reflect changes in our practices or legal requirements. When we make significant changes:

• We'll notify you via email or in-app notification
• We'll update the "Last updated" date at the top
• We'll provide a summary of key changes

Continued use of our services after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, we're here to help: