Privacy & Data Governance Policy

Last Updated: 02 September 2025

At Kiksy.AI, your privacy and trust are our highest priorities. Our platform provides AI-powered conversational as well as Autonomous agents, WhatsApp integrations, and human avatar experiences to help businesses engage their customers. Because we process sensitive conversations and business data, we believe in being transparent about how we collect, use, and protect your information.

This Privacy Policy explains what data we collect, how we use it, how we keep it safe, and the choices you have as a user. It also outlines our Data Governance framework, Internal Governance model, and Your Rights.

1. Who We Are

Kiksy.AI (“Kiksy”, “we”, “our”, “us”) is a conversational AI and avatar-based engagement platform. We act as a service provider (data processor) to businesses who use our platform to connect with their customers.

When you interact with a business using Kiksy (for example, through WhatsApp, an avatar on a website, or another digital channel), we help power those conversations securely on their behalf.

2. Information We Collect

2.1 Conversation Data
  • Messages you send via WhatsApp, avatar-based agents, or web chat.
  • Audio or video messages if you use voice or avatar interactions.
  • Metadata such as time of message, language, and channel used.
2.2 Business System Data

If the business you’re interacting with connects Kiksy to its systems (e.g., CRM, ERP, e-commerce, payment gateway):

  • We may securely retrieve order details, account status, or other business-related information to personalize responses.
2.3 Device & Technical Information
  • Browser type, IP address, device type, operating system, and session identifiers.
  • Cookies or tokens used for session management and personalization (only where permitted).
2.4 Sensitive & Personal Data
  • We do not request sensitive data such as financial information, government IDs, or passwords unless the business explicitly configures such interactions.
  • Any such data is processed only for the limited purpose of completing the user request (e.g., confirming a payment, validating a customer account).

3. How We Use Your Information

  • Deliver services: Enable smooth conversations across WhatsApp, avatars, and other channels.
  • Personalize experiences: Tailor answers based on your profile, history, or preferences.
  • Improve our technology: Anonymized data may be used to train and improve AI models.
  • Support compliance: Help businesses meet their regulatory and reporting needs.
  • Security & fraud prevention: Detect suspicious activities and protect accounts.

We never sell your personal data to third parties.

4. Use of AI & Large Language Models (LLMs)

  • Minimal exposure: Only the parts of your conversation necessary for generating a response are shared with the model.
  • Anonymization: Where possible, personal details are masked before being sent.
  • Compliance: We only use enterprise-grade LLM providers that meet security standards (SOC 2, GDPR, HIPAA where relevant).
  • No long-term storage: Inputs are not stored by LLMs beyond what is necessary for the conversation.

5. Data Governance

  • Ownership: Customer data belongs to the customer. Kiksy.AI only processes data on behalf of businesses.
  • Accountability: We align with global frameworks such as GDPR, CCPA, and ISO 27001.
  • Consent & Transparency: Users are informed when conversations are AI/LLM-powered, and businesses must obtain end-user consent.
  • Data Minimization: We only collect and store what is necessary to deliver services.
  • Retention:
    • Conversation logs: 30–180 days (configurable by each business).
    • Audit logs: 1 year.
    • Deleted after expiry or anonymized.
  • Security: Encryption in transit (TLS 1.2+), encryption at rest (AES-256), role-based access, continuous monitoring.

6. How We Share Information

  • With the business you are engaging with – so they can serve you better.
  • With trusted partners (WhatsApp/Meta, cloud providers, LLM vendors) under contract.
  • For legal reasons – if required by law, regulation, or to protect rights and safety.
  • We do not share data with advertisers or unrelated third parties.

7. Data Storage & Retention

  • Conversation Logs: Retained 30–180 days (per business config).
  • Audit Logs: Retained up to 1 year.
  • Backups: Securely stored with encryption, deleted after retention period.
  • Permanent Deletion: Data deleted or anonymized after retention expiry.

8. Security Measures

  • Encryption: Data in transit (TLS 1.2+), data at rest (AES-256).
  • Access Control: Strict role-based access.
  • Audit Trails: All access logged & monitored.
  • Infrastructure: Hosted on ISO 27001 and SOC 2 certified environments.

9. Internal Governance

  • Data Protection Officer (DPO): Oversees compliance and responds to requests.
  • Engineering & Security Teams: Maintain encryption, monitoring, and incident response.
  • Client Administrators: Control access to their customer data.
  • Annual Audits: Independent reviews of protection controls.
  • Role-Based Access (RBAC): Employees access data only necessary for their role.
  • Incident Management: Breach triggers 72-hour notification to affected clients and authorities.

10. Your Rights

  • Access – request your data.
  • Correction – fix inaccuracies.
  • Deletion (“Right to be Forgotten”).
  • Portability – export data in machine-readable format.
  • Withdraw consent – opt out anytime.
  • Restriction of Processing – limit certain uses.

You may exercise these rights with the business you are interacting with, or by contacting us below.

11. Children’s Privacy

Kiksy.AI is not designed for use by children under 16. We do not knowingly collect data from children. If discovered, it will be deleted promptly.

12. International Transfers

Your data may be processed outside your country of residence (e.g., US, EU, India cloud servers). Adequate safeguards (like Standard Contractual Clauses) are ensured.

13. Policy Updates

We may update this Privacy Policy from time to time. Changes will be posted here with an updated “Last Updated” date. Significant changes will be communicated to businesses and users.

14. Contact Us

  • Data Protection Officer – Kiksy.AI
  • Email: chandra.peela@kiksarvr.com
  • KIKSAR TECHNOLOGIES PVT. LTD.
  • Suite #2E,
    2nd Floor, Neil Tower of Neil Rao Towers,
    Plot #117, Road #3, EPIP Ph 1,
    Whitefield, Bangalore, India 560066
arrow-icon