Fkra AI (accessible at https://fkra.ai, hereinafter referred to as "Fkra," "the Platform," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you access or use the Fkra platform, including our website, AI-powered services, credit system, and community features. By using Fkra, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you register for an account, purchase credits, or use our services, you may provide the following information:

• Account Information — your name, email address, and login credentials
• Profile Information — profile picture, bio, language preferences, and other optional details you choose to add
• Payment Information — when purchasing credits, billing details are collected and processed by our third-party payment processors (Stripe and PayPal). Fkra does not directly store your full credit card numbers or bank account details on our servers
• User Content — documents, text, code, images, and other materials you upload, submit, or create on the Platform
• Community Content — posts, comments, poll responses, and event interactions in Fkra's community features
• Communications — messages, feedback, and support requests you send to us

1.2 Information Collected Automatically

When you access or use Fkra, we automatically collect certain information, including:

• Device and Browser Information — device type, operating system, browser type and version, screen resolution, and language settings
• Log Data — IP address, access times, pages viewed, referring URLs, and actions taken on the Platform
• Usage Data — features used, credit consumption patterns, AI feature interactions, and session duration
• Cookies and Similar Technologies — we use cookies, local storage, and similar technologies as described in Section 7 below

1.3 Information from Third Parties

We may receive information about you from third-party services, such as authentication providers (if you sign in via social login), payment processors (transaction confirmations and dispute notifications), and analytics providers.

2. How We Use Your Information

Fkra uses the information we collect for the following purposes:

• Provide and operate the Platform — including processing your credit purchases, delivering AI-powered features, maintaining your account, and enabling community participation
• Process payments and manage credits — verifying transactions, granting purchased credits to your account, tracking credit consumption, and maintaining an immutable audit ledger of all credit transactions
• Deliver AI services — processing your content through AI models (including third-party models such as OpenAI) to provide features like concept graph generation, document analysis, chat, code review, translation, image generation, and research queries
• Personalize your experience — adapting content, recommendations, and interface settings based on your preferences and usage patterns
• Communicate with you — sending transactional emails (purchase confirmations, credit notifications), responding to support requests, and providing important updates about your account or the Platform
• Improve and develop the Platform — analyzing usage trends, diagnosing technical issues, testing new features, and enhancing the performance and security of our services
• Ensure security and prevent fraud — detecting and preventing unauthorized access, credit system manipulation, payment fraud, and other malicious activities
• Comply with legal obligations — fulfilling our legal and regulatory requirements, including tax reporting and responding to lawful data requests

3. AI Data Processing

Fkra uses artificial intelligence to power many of its features. When you use AI-powered services on the Platform, your input data (text, documents, code, images) may be processed as follows:

• Third-party AI providers — your content may be sent to third-party AI service providers (such as OpenAI) for processing. These providers process your data in accordance with their own privacy policies and data processing agreements we have in place with them.
• No training on your data — Fkra does not use your personal content to train or fine-tune AI models. Your data is processed solely to generate the requested output (e.g., a concept graph, translation, or analysis).
• Data minimization — we send only the data necessary for the requested AI operation to third-party providers. We do not send your account information or payment details to AI providers.
• Privacy mode — Fkra offers privacy mode settings that allow you to control certain aspects of how your project data is processed, including opting out of AI training data usage and configuring data anonymization for exports.

4. Payment and Credit Data

When you purchase credits on Fkra, your payment is processed by third-party payment processors:

• Stripe — Stripe collects and processes your payment card information in a PCI-DSS compliant environment. Fkra receives only a confirmation of the transaction, a unique payment intent identifier, and limited card details (last four digits, card brand) for your records. Stripe's privacy policy is available at stripe.com/privacy.
• PayPal — if PayPal is enabled as a payment option, PayPal processes your transaction and shares transaction confirmation details with Fkra. PayPal's privacy policy is available at paypal.com/privacy.

Fkra maintains an internal credit ledger that records all credit transactions (purchases, usage, administrative adjustments, and refunds). This ledger includes the transaction type, amount, timestamp, and associated payment reference ID, but does not contain your sensitive payment credentials.

5. Information Sharing and Disclosure

Fkra does not sell your personal information. We may share your information only in the following circumstances:

• Service Providers — we share data with trusted third-party service providers who assist us in operating the Platform, including:
  • Payment processors (Stripe, PayPal) for transaction processing
  • AI service providers (OpenAI) for AI feature delivery
  • Cloud hosting and infrastructure providers (Supabase) for data storage
  • Analytics providers (PostHog) for usage analytics
  • Error monitoring services (Sentry) for debugging and performance
  • Email service providers for transactional communications
• With Your Consent — when you explicitly authorize us to share your information
• Legal Compliance — when required by law, regulation, legal process, or governmental request
• Safety and Rights Protection — when necessary to protect the rights, property, or safety of Fkra, our users, or the public
• Business Transfers — in connection with a merger, acquisition, reorganization, or sale of all or a portion of our assets, in which case your information may be transferred as part of the transaction
• Aggregated or De-Identified Data — we may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, or business purposes

6. Data Security

Fkra implements appropriate technical and organizational measures to protect your personal information, including:

• Encryption — data in transit is protected using TLS/SSL encryption. Sensitive data at rest is encrypted using industry-standard algorithms.
• Access Controls — we use role-based access controls (RBAC) and Row-Level Security (RLS) policies on our database to ensure that users can only access their own data.
• Authentication Security — user sessions are secured and regularly refreshed, with middleware-level enforcement of authentication and authorization.
• Payment Security — payment processing is handled by PCI-DSS compliant processors (Stripe, PayPal). Webhook signatures are cryptographically verified to prevent tampering.
• Audit Logging — all credit transactions are recorded in an immutable audit ledger, and administrative actions are tracked with the responsible administrator's identity.
• Monitoring — we use error monitoring (Sentry) and security tools (Arcjet for bot detection and rate limiting) to detect and respond to security incidents.

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

7. Cookies and Tracking Technologies

Fkra uses the following cookies and tracking technologies:

• Essential Cookies — required for the Platform to function, including authentication session cookies, locale preferences, and CSRF protection tokens. These cannot be disabled.
• Analytics Cookies — we use PostHog to collect anonymized usage analytics that help us understand how the Platform is used and identify areas for improvement. PostHog data is used for internal analytics only.
• Performance Monitoring — Sentry collects error reports and performance data to help us identify and fix technical issues. This may include limited device and browser information associated with error events.

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may impair the functionality of the Platform.

8. Data Retention

Fkra retains your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Account Data — retained for the duration of your account and for a reasonable period thereafter to allow for account reactivation or legal compliance.
• Credit and Payment Records — transaction records in the credit ledger are retained indefinitely for audit, tax, and legal compliance purposes.
• User Content — retained for the duration of your account. Upon account deletion, your content will be removed within a reasonable timeframe, subject to backup retention schedules.
• Analytics Data — aggregated and anonymized analytics data may be retained indefinitely. Identifiable usage logs are retained for up to 12 months.
• Communication Records — support correspondence is retained for up to 24 months after the last interaction.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of Access — you may request a copy of the personal information we hold about you
• Right to Rectification — you may request that we correct any inaccurate or incomplete personal information
• Right to Erasure — you may request deletion of your personal information, subject to legal retention obligations (e.g., payment records required for tax compliance)
• Right to Restriction — you may request that we restrict the processing of your personal information in certain circumstances
• Right to Data Portability — you may request a copy of your data in a structured, machine-readable format
• Right to Object — you may object to the processing of your personal information for certain purposes, including direct marketing
• Right to Withdraw Consent — where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days or as required by applicable law.

10. International Data Transfers

Fkra operates globally, and your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. When we transfer your data internationally, we take appropriate safeguards to ensure that your information is protected in accordance with this Privacy Policy and applicable data protection laws, including the use of standard contractual clauses where required.

11. Children's Privacy

Fkra is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

12. Third-Party Links and Services

The Platform may contain links to third-party websites or services that are not operated by Fkra (including our social media pages on Instagram, YouTube, Facebook, LinkedIn, X, and GitHub). We are not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any third-party services you access through links on our Platform.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated policy on this page and updating the "Effective Date" above. For significant changes, we may also notify you via email or a prominent notice on the Platform. Your continued use of Fkra after such changes take effect constitutes your acceptance of the revised Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Website: https://fkra.ai

Fkra AI (accessible at https://fkra.ai, hereinafter referred to as "Fkra," "the Platform," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you access or use the Fkra platform, including our website, AI-powered services, credit system, and community features. By using Fkra, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you register for an account, purchase credits, or use our services, you may provide the following information:

• Account Information — your name, email address, and login credentials
• Profile Information — profile picture, bio, language preferences, and other optional details you choose to add
• Payment Information — when purchasing credits, billing details are collected and processed by our third-party payment processors (Stripe and PayPal). Fkra does not directly store your full credit card numbers or bank account details on our servers
• User Content — documents, text, code, images, and other materials you upload, submit, or create on the Platform
• Community Content — posts, comments, poll responses, and event interactions in Fkra's community features
• Communications — messages, feedback, and support requests you send to us

1.2 Information Collected Automatically

When you access or use Fkra, we automatically collect certain information, including:

• Device and Browser Information — device type, operating system, browser type and version, screen resolution, and language settings
• Log Data — IP address, access times, pages viewed, referring URLs, and actions taken on the Platform
• Usage Data — features used, credit consumption patterns, AI feature interactions, and session duration
• Cookies and Similar Technologies — we use cookies, local storage, and similar technologies as described in Section 7 below

1.3 Information from Third Parties

We may receive information about you from third-party services, such as authentication providers (if you sign in via social login), payment processors (transaction confirmations and dispute notifications), and analytics providers.

2. How We Use Your Information

Fkra uses the information we collect for the following purposes:

• Provide and operate the Platform — including processing your credit purchases, delivering AI-powered features, maintaining your account, and enabling community participation
• Process payments and manage credits — verifying transactions, granting purchased credits to your account, tracking credit consumption, and maintaining an immutable audit ledger of all credit transactions
• Deliver AI services — processing your content through AI models (including third-party models such as OpenAI) to provide features like concept graph generation, document analysis, chat, code review, translation, image generation, and research queries
• Personalize your experience — adapting content, recommendations, and interface settings based on your preferences and usage patterns
• Communicate with you — sending transactional emails (purchase confirmations, credit notifications), responding to support requests, and providing important updates about your account or the Platform
• Improve and develop the Platform — analyzing usage trends, diagnosing technical issues, testing new features, and enhancing the performance and security of our services
• Ensure security and prevent fraud — detecting and preventing unauthorized access, credit system manipulation, payment fraud, and other malicious activities
• Comply with legal obligations — fulfilling our legal and regulatory requirements, including tax reporting and responding to lawful data requests

3. AI Data Processing

Fkra uses artificial intelligence to power many of its features. When you use AI-powered services on the Platform, your input data (text, documents, code, images) may be processed as follows:

• Third-party AI providers — your content may be sent to third-party AI service providers (such as OpenAI) for processing. These providers process your data in accordance with their own privacy policies and data processing agreements we have in place with them.
• No training on your data — Fkra does not use your personal content to train or fine-tune AI models. Your data is processed solely to generate the requested output (e.g., a concept graph, translation, or analysis).
• Data minimization — we send only the data necessary for the requested AI operation to third-party providers. We do not send your account information or payment details to AI providers.
• Privacy mode — Fkra offers privacy mode settings that allow you to control certain aspects of how your project data is processed, including opting out of AI training data usage and configuring data anonymization for exports.

4. Payment and Credit Data

When you purchase credits on Fkra, your payment is processed by third-party payment processors:

• Stripe — Stripe collects and processes your payment card information in a PCI-DSS compliant environment. Fkra receives only a confirmation of the transaction, a unique payment intent identifier, and limited card details (last four digits, card brand) for your records. Stripe's privacy policy is available at stripe.com/privacy.
• PayPal — if PayPal is enabled as a payment option, PayPal processes your transaction and shares transaction confirmation details with Fkra. PayPal's privacy policy is available at paypal.com/privacy.

Fkra maintains an internal credit ledger that records all credit transactions (purchases, usage, administrative adjustments, and refunds). This ledger includes the transaction type, amount, timestamp, and associated payment reference ID, but does not contain your sensitive payment credentials.

5. Information Sharing and Disclosure

Fkra does not sell your personal information. We may share your information only in the following circumstances:

• Service Providers — we share data with trusted third-party service providers who assist us in operating the Platform, including:
  • Payment processors (Stripe, PayPal) for transaction processing
  • AI service providers (OpenAI) for AI feature delivery
  • Cloud hosting and infrastructure providers (Supabase) for data storage
  • Analytics providers (PostHog) for usage analytics
  • Error monitoring services (Sentry) for debugging and performance
  • Email service providers for transactional communications
• With Your Consent — when you explicitly authorize us to share your information
• Legal Compliance — when required by law, regulation, legal process, or governmental request
• Safety and Rights Protection — when necessary to protect the rights, property, or safety of Fkra, our users, or the public
• Business Transfers — in connection with a merger, acquisition, reorganization, or sale of all or a portion of our assets, in which case your information may be transferred as part of the transaction
• Aggregated or De-Identified Data — we may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, or business purposes

6. Data Security

Fkra implements appropriate technical and organizational measures to protect your personal information, including:

• Encryption — data in transit is protected using TLS/SSL encryption. Sensitive data at rest is encrypted using industry-standard algorithms.
• Access Controls — we use role-based access controls (RBAC) and Row-Level Security (RLS) policies on our database to ensure that users can only access their own data.
• Authentication Security — user sessions are secured and regularly refreshed, with middleware-level enforcement of authentication and authorization.
• Payment Security — payment processing is handled by PCI-DSS compliant processors (Stripe, PayPal). Webhook signatures are cryptographically verified to prevent tampering.
• Audit Logging — all credit transactions are recorded in an immutable audit ledger, and administrative actions are tracked with the responsible administrator's identity.
• Monitoring — we use error monitoring (Sentry) and security tools (Arcjet for bot detection and rate limiting) to detect and respond to security incidents.

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

7. Cookies and Tracking Technologies

Fkra uses the following cookies and tracking technologies:

• Essential Cookies — required for the Platform to function, including authentication session cookies, locale preferences, and CSRF protection tokens. These cannot be disabled.
• Analytics Cookies — we use PostHog to collect anonymized usage analytics that help us understand how the Platform is used and identify areas for improvement. PostHog data is used for internal analytics only.
• Performance Monitoring — Sentry collects error reports and performance data to help us identify and fix technical issues. This may include limited device and browser information associated with error events.

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may impair the functionality of the Platform.

8. Data Retention

Fkra retains your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Account Data — retained for the duration of your account and for a reasonable period thereafter to allow for account reactivation or legal compliance.
• Credit and Payment Records — transaction records in the credit ledger are retained indefinitely for audit, tax, and legal compliance purposes.
• User Content — retained for the duration of your account. Upon account deletion, your content will be removed within a reasonable timeframe, subject to backup retention schedules.
• Analytics Data — aggregated and anonymized analytics data may be retained indefinitely. Identifiable usage logs are retained for up to 12 months.
• Communication Records — support correspondence is retained for up to 24 months after the last interaction.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of Access — you may request a copy of the personal information we hold about you
• Right to Rectification — you may request that we correct any inaccurate or incomplete personal information
• Right to Erasure — you may request deletion of your personal information, subject to legal retention obligations (e.g., payment records required for tax compliance)
• Right to Restriction — you may request that we restrict the processing of your personal information in certain circumstances
• Right to Data Portability — you may request a copy of your data in a structured, machine-readable format
• Right to Object — you may object to the processing of your personal information for certain purposes, including direct marketing
• Right to Withdraw Consent — where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days or as required by applicable law.

10. International Data Transfers

Fkra operates globally, and your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. When we transfer your data internationally, we take appropriate safeguards to ensure that your information is protected in accordance with this Privacy Policy and applicable data protection laws, including the use of standard contractual clauses where required.

11. Children's Privacy

Fkra is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

12. Third-Party Links and Services

The Platform may contain links to third-party websites or services that are not operated by Fkra (including our social media pages on Instagram, YouTube, Facebook, LinkedIn, X, and GitHub). We are not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any third-party services you access through links on our Platform.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated policy on this page and updating the "Effective Date" above. For significant changes, we may also notify you via email or a prominent notice on the Platform. Your continued use of Fkra after such changes take effect constitutes your acceptance of the revised Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Website: https://fkra.ai