Privacy Policy

KYRA is a private, worker-only platform designed to help independent traveling workers manage their business safely and efficiently. We are committed to protecting your privacy and handling your data with the highest level of care. References to "we", "us", or "our" refer to KYRA. References to "you" or "your" refer to members of the platform.

We collect only the data necessary to provide the platform's services: Account data: Your display name or alias, email address, and login credentials. We do not require your real name. Usage data: Features you use, pages you visit, and actions you take within the platform — collected to improve the service. Client records: Any client profiles, notes, and booking information you create. This data belongs to you and is stored privately. Safety reports: When you submit a safety report, we store the phone number, incident category, severity level, and your notes. Your identity as the reporter is never displayed to other members. Payment data: Billing information is handled entirely by Stripe. We store only your Stripe customer ID and subscription status — never your card details. City essentials: Reviews and ratings you submit for city listings.

We use your data to: - Provide and maintain the platform's features - Process your subscription and manage billing - Moderate safety reports to prevent abuse - Improve the platform based on usage patterns - Send essential service communications (billing, security) We do not use your data for advertising, profiling, or sale to third parties.

Your privacy is the foundation of this platform. Specific protections include: Safety reports: Your identity as a reporter is never visible to other members. Reports are attributed only to "a verified member". Moderation staff can see reporter identity only for the purpose of preventing abuse. Client records: Your client profiles, notes, and booking history are private to your account only. No other member can access your records. No public profiles: There are no public-facing profiles on this platform. Your account is not discoverable by other members. Alias-based accounts: You are not required to use your real name. We encourage the use of a professional alias.

We do not sell, rent, or share your personal data with third parties for commercial purposes. We share data only with: Stripe: For payment processing. Stripe's privacy policy applies to payment data. Hosting providers: Our infrastructure providers process data as part of hosting the platform. These providers are bound by strict data processing agreements. Legal requirements: We may disclose data if required by law, court order, or to protect the safety of our members or the public.

We retain your data for as long as your account is active. If you close your account: - Your account data is deleted within 30 days - Safety reports you submitted are anonymised (reporter identity removed) but the report content may be retained to protect the community - Billing records are retained for 7 years as required by financial regulations You can request deletion of your data at any time by contacting us at [email protected].

Depending on your location, you may have the following rights: - Right to access: Request a copy of the data we hold about you - Right to rectification: Correct inaccurate data - Right to erasure: Request deletion of your data - Right to portability: Receive your data in a portable format - Right to object: Object to certain types of processing To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

We take security seriously. Measures include: - All data is encrypted in transit (TLS) and at rest - Passwords are hashed using industry-standard algorithms - Access to production data is restricted to essential personnel only - Regular security reviews and updates Despite these measures, no system is completely secure. If you discover a security vulnerability, please contact us at [email protected].

We use only essential cookies required for the platform to function: - Session cookies: To keep you logged in - Security cookies: To prevent CSRF attacks We do not use tracking, advertising, or analytics cookies.

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-platform notification. Continued use of the platform after changes constitutes acceptance of the updated policy. This policy was last updated: April 2025.

For privacy-related questions or requests, contact us at: Email: [email protected] Support: [email protected]