This Privacy Policy explains how Skyes Over London LC ("kAIxU", "we", "us", "our") collects, uses, and protects information when you use the kAIxU SuperIDE platform and related services.
When you register, we collect your email address and a bcrypt-hashed password. We never store plaintext passwords. Optionally, you may configure multi-factor authentication (TOTP).
Files, code, and text you create inside kAIxU workspaces are stored in your workspace. When you use AI-assisted editing features, the content you submit is transmitted to our proprietary AI gateway for processing. We do not use your workspace content to train AI models.
We collect metadata about your use of the platform including: request timestamps, AI call counts, token usage, error events, and feature usage. This data is used for billing, quota enforcement, debugging, and aggregate analytics. It does not include the content of your prompts or code.
Login attempts, IP addresses, session creation, MFA events, and password resets are logged in our audit log for security purposes and retained for 90 days.
Payment card data is processed exclusively by Stripe Inc. We store only your Stripe Customer ID and subscription status — never full card numbers, CVVs, or bank account details.
We use browserlocalStorage to store your authentication token and IDE preferences (theme, tab state). We do not use third-party advertising cookies. Essential session management may use a secure HTTP-only cookie.
| Purpose | Data Used | Legal Basis (GDPR) |
|---|---|---|
| Providing the service | Account info, workspace content, usage data | Contract performance (Art. 6(1)(b)) |
| Billing and quota enforcement | Subscription status, AI usage counts | Contract performance (Art. 6(1)(b)) |
| Security and fraud prevention | IP addresses, audit events | Legitimate interests (Art. 6(1)(f)) |
| Product improvement | Aggregate, anonymised usage data | Legitimate interests (Art. 6(1)(f)) |
| Legal compliance | Audit logs, billing records | Legal obligation (Art. 6(1)(c)) |
| Communications | Email address | Contract performance / Consent |
We do not sell your personal data. We share data only with subprocessors necessary to deliver the service. A complete, current list is published at /subprocessors. Key subprocessors include:
We do not share your data with advertising networks, data brokers, or analytics platforms.
Our infrastructure is primarily located in the United States. If you are located in the European Economic Area, United Kingdom, or Switzerland, your data is transferred to the US under Standard Contractual Clauses (SCCs) pursuant to GDPR Article 46(2)(c). Customers requiring a Data Processing Agreement may request one via privacy@kaixu.app or access the pre-signed version at /dpa.
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 30 days after deletion |
| Workspace content | Duration of account + 30 days after deletion |
| AI usage logs | 13 months (for billing disputes and analytics) |
| Audit / security events | 90 days |
| Billing records | 7 years (tax compliance) |
| Anonymised analytics | Indefinitely |
Depending on your jurisdiction, you may have the following rights regarding your personal data:
To exercise these rights, contact privacy@kaixu.app. We will respond within 30 days. EU/UK residents may lodge a complaint with their supervisory authority.
We implement industry-standard security controls including TLS 1.2+ in transit, bcrypt password hashing (cost 12), JWT-based session management with short expiry, TOTP multi-factor authentication, and role-based access control. Full details are available at /security.
kAIxU is not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, contact privacy@kaixu.app immediately.
We may update this Privacy Policy. Material changes will be notified by email to registered users at least 30 days before taking effect. Continued use after the effective date constitutes acceptance of the updated policy.
Data Controller: Skyes Over London LC
Email: privacy@kaixu.app
General inquiries: info@kaixu.app