Kiksy.AI Privacy Policy

Your privacy and trust are our highest priorities

Last Updated: 06 October 2025

At Kiksy.AI, your privacy and trust are our highest priorities. Our platform provides AI-powered conversational as well as Autonomous agents, WhatsApp bots, and human avatar experiences to help businesses engage their customers.

Because we process sensitive conversations and business data, we believe in being transparent about how we collect, use, and protect your information.

This Privacy Policy explains what data we collect, how we use it, how we keep it safe, and the choices you have as a user. It also outlines our Data Governance framework, Internal Governance model, and Your Rights.

1. Who We Are

Kiksy.AI ("Kiksy", "we", "our", "us") is a conversational AI and avatar-based engagement platform. We act as a service provider (data processor) to businesses who use our platform to connect with their customers.

When you interact with a business using Kiksy (for example, through WhatsApp, an avatar on a website, or another digital channel), we help power those conversations securely on their behalf.

2. Information We Collect

Conversation Data

Messages you send via WhatsApp, avatar-based agents, or web chat
Audio or video messages if you use voice or avatar interactions
Metadata such as time of message, language, and channel used

Business System Data

If the business you're interacting with connects Kiksy to its systems (e.g., CRM, ERP, e-commerce, payment gateway):

We may securely retrieve order details, account status, or other business-related information to personalize responses

Device & Technical Information

Browser type, IP address, device type, operating system, and session identifiers
Cookies or tokens used for session management and personalization (only where permitted)

Sensitive & Personal Data

We do not request sensitive data such as financial information, government IDs, or passwords unless the business explicitly configures such interactions
Any such data is processed only for the limited purpose of completing the user request (e.g., confirming a payment, validating a customer account)

3. How We Use Your Information

We use your information to:

Deliver services: Enable smooth conversations across WhatsApp, avatars, and other channels
Personalize experiences: Tailor answers based on your profile, history, or preferences
Improve our technology: Anonymized data may be used to train and improve AI models

Support compliance: Help businesses meet their regulatory and reporting needs
Security & fraud prevention: Detect suspicious activities and protect accounts

We never sell your personal data to third parties.

4. Use of AI & Large Language Models (LLMs)

Our conversational agents sometimes use Large Language Models (LLMs) to generate human-like responses. Here's how we safeguard your data in those cases:

Minimal Exposure

Only necessary conversation parts are shared with the model

Anonymization

Personal details are masked before being sent where possible

Compliance

Enterprise-grade LLM providers meeting security standards

No Long-term Storage

Inputs not stored beyond conversation necessity

5. Data Governance

We follow clear principles to ensure responsible handling of all data:

Ownership: Customer data belongs to the customer. Kiksy.AI only processes data on behalf of businesses
Accountability: We align with global frameworks such as GDPR, CCPA, and ISO 27001
Consent & Transparency: Users are informed when conversations are AI/LLM-powered, and businesses must obtain end-user consent for WhatsApp/AI interactions

Data Minimization: We only collect and store what is necessary to deliver services
Retention:
- Conversation logs: 1 year (configurable by each business)
- Audit logs: 1 year
- Deleted after expiry or anonymized

Encryption in transit (TLS 1.2+)
Encryption at rest (AES-256)
Role-based access
Continuous monitoring

6. How We Share Information

We may share your data in the following cases:

With the business you are engaging with -- so they can serve you better
With trusted partners -- e.g., WhatsApp (Meta), cloud hosting providers, or LLM vendors, strictly under contract
For legal reasons -- if required by law, regulation, or to protect our rights and safety

We do not share data with advertisers or unrelated third parties.

7. Data Storage & Retention

Conversation Logs

Retained for 1 year (configurable by the business you are engaging with)

Audit Logs

Retained for up to 1 year for compliance and security

Backups: Securely stored with encryption and deleted after their retention period
Permanent Deletion: Once retention expires, data is either securely deleted

8. Security Measures

We take strong precautions to keep your data safe:

Encryption

All data in transit is encrypted with TLS 1.2+; data at rest is encrypted with AES-256

Access Control

Strict role-based access for employees and clients. We enforce strict role-based access control (RBAC) for both employees and clients, using RBAC to ensure standardized access management.

Audit Trails

All system access is logged and monitored

Infrastructure

Hosted on enterprise-grade, ISO 27001 and SOC 2 certified environments

9. Internal Governance

Kiksy.AI maintains a structured governance model to ensure accountability and compliance:

Data Protection Officer (DPO)

Oversees compliance, data handling practices, and responds to privacy requests

Engineering & Security Teams

Maintain encryption, monitoring, and incident response

Client Administrators

Control access to their customer data within their organization

Annual Audits

Regular independent reviews of data protection controls

Role-Based Access (RBAC)

Employees only access data strictly necessary for their role

Incident Management

Any breach triggers a 72-hour notification to affected clients and authorities as required by law

10. Your Rights

As a user, you have the following rights:

Access

Request a copy of the data we hold about you

Correction

Fix inaccuracies in your data

Deletion

Request deletion of your conversation data ("Right to be Forgotten")

Portability

Export your data in a machine-readable format

Withdraw Consent

Opt out of AI-driven or WhatsApp-based interactions at any time

Restriction of Processing

Limit how we use your data in certain circumstances

You may exercise these rights directly with the business you are interacting with, or by contacting us at the details below.

11. Children's Privacy

Kiksy.AI is not designed for use by children under 16. We do not knowingly collect personal data from children. If we become aware that we have done so, we will delete it promptly.

12. International Transfers

Your data may be processed outside your country of residence (e.g., cloud servers in the US, EU, or India). When this happens, we ensure adequate safeguards (such as Standard Contractual Clauses) are in place.

13. Policy Updates

We may update this Privacy Policy from time to time. Changes will be posted here with an updated "Last Updated" date. Significant changes will be communicated directly to our business customers and, where appropriate, to end-users.

14. Contact Us

For questions, complaints, or to exercise your rights, please contact:

Data Protection Officer

Kiksy.AI

chandra.peela@kiksarvr.com

KIKSAR TECHNOLOGIES PVT. LTD.

Suite #2E, 2nd Floor, Neil Tower of Neil Rao Towers,
Plot #117, Road #3, EPIP Ph 1, Whitefield,
Bangalore, India 560066

Multimodal

WhatsApp