Privacy Policy

Last Updated: July 6, 2025

Introduction

Your privacy and the security of your data are critically important to us at Kimova AI ("we," "our," or "us"). This Privacy Policy explains what information we collect, how we use and protect it, and your rights regarding your data when you use our website and services, including TurboAudit, Ask ISMS, and Ask AIMS.

1. Information We Collect

To provide and improve our services, we collect several types of information from you:

1.1. Account & Contact Information

  • When you register, we collect your name, email address, phone number, and job title.
  • We also collect your company's name, address, size, and industry to tailor our services.

1.2. Audit Data (Your Sensitive Information)

To perform an audit, you provide us with sensitive information about your organization's security. This is your most confidential data, and we treat it with the highest level of care. This data includes:

  • Security policies, procedures, and network diagrams.
  • Risk assessments, asset inventories, and incident reports.
  • Access control records and other compliance-related documentation.

This data is used exclusively to perform the audit and is never used for any other purpose.

1.3. Payment Information

When you purchase a service, we collect payment information. This is handled securely by our payment gateway providers. We do not store your full credit card number. We only store basic details like the cardholder's name, expiry date, and the last four digits for billing purposes.

1.4. Technical and Usage Data

We automatically collect technical data to improve our platform. This includes your IP address, browser type, operating system, and how you interact with our site (e.g., pages visited). This is collected via standard tools like Google Analytics and Bing Analytics.

2. How We Use Your Information

We use your information for the following specific purposes:

  • To Provide Our Services: We use your Audit Data to conduct audits, perform gap assessments, and generate reports. We use your chat data to power Ask ISMS and Ask AIMS.
  • To Manage Your Account: We use your contact and payment information for billing, and to communicate with you about your account and service updates.
  • To Improve Our Platform: We analyze usage data to understand how our services are used, which helps us fix issues and develop new features.
  • To Meet Legal Obligations: We may be required to use your information to comply with legal and regulatory requirements.

3. Data Storage & Security

We take the security of your data extremely seriously. All your data, especially sensitive Audit Data, is stored in an encrypted format on secure cloud infrastructure provided by Firebase and Google Cloud.

We implement robust security measures, including strict access controls and regular security reviews, to prevent unauthorized access, disclosure, or loss of your information. Only authorized personnel have access to your data, and only for the purpose of providing the service to you.

4. Data Retention

We retain your data for 3 months after you delete your account. After this period, it is permanently deleted from our systems, unless we are required by law to retain it for a longer period.

5. Third-Party Service Providers

We rely on a small number of trusted third-party providers to help us operate our platform. We only share the minimum data necessary for them to perform their function.

  • Firebase & Google Cloud: For secure, encrypted data storage and user authentication.
  • Google Analytics & Bing Analytics: To analyze website usage.
  • Payment Gateway Providers: To securely process your payments.

We ensure all our providers adhere to strict data security and privacy standards.

6. Your Rights

You have control over your data. You have the right to:

  • Access and Correct your personal and company information at any time through your account settings.
  • Request Deletion of your account and all associated data. We will honor this request, subject to any legal retention requirements.

To exercise these rights or for any data protection queries, please contact our Data Protection Officer (DPO) at dpo@kimova.ai.

7. Cookies and Tracking

We use cookies from services like Google Analytics and Bing Analytics to help us understand website traffic and usage patterns. This helps us improve our service. You can manage cookie preferences through your browser settings.

8. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via email and post the updated policy on our website. We encourage you to review this page periodically.

9. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please do not hesitate to contact our Data Protection Officer at dpo@kimova.ai.