Privacy Policy

Last updated: April 26, 2026

1. Who we are

Kitgy ("we," "us," "our") is operated by {Legal entity name}, a {state/province} {entity type} headquartered at {Mailing address}. For privacy questions, reach us at {privacy@yourdomain}.

2. Two kinds of data — please read this

Kitgy is a multi-tenant business platform. We handle two distinct categories of personal data, with different roles attached to each. Please read this section carefully — your rights and our responsibilities depend on which category your data falls into.

2.1 Account & billing data — Kitgy is the controller

When you sign up for Kitgy, when your team members log in, and when you pay us, we are the data controller for the information involved. This includes:

• Your name, email, and login credentials.
• Your company name, business address, phone, and website.
• Billing information processed by Stripe (we don't store full card numbers; Stripe holds them).
• Subscription history, plan, and usage metrics about how often you use the Service.
• Server logs and IP addresses when you access the Service.

2.2 Tenant data — Kitgy is the processor for you

Most of the data you load into Kitgy — your customers, your orders, your products, your vendors, your work orders, etc. — is data about other people. For that data, you are the controller, and we act as a processor on your behalf. We process that data only to provide the Service to you, and only as instructed by you through your use of the Service.

What this means in practice: your privacy obligations to your customers (under the GDPR, CCPA, etc.) are between you and them. We support you in fulfilling those obligations — e.g. by giving you the tools to find, export, or delete a customer's data — but the legal relationship is yours.

If your jurisdiction requires a Data Processing Agreement (DPA) or Standard Contractual Clauses, contact us at {privacy@yourdomain} and we'll send our standard terms.

3. What we collect

3.1 You give us directly

• Registration: name, email, company name, business address, phone, password (stored hashed; we never see the plaintext).
• Subscription: Stripe customer id, subscription id, billing period dates. Card details are tokenized by Stripe and not held on our servers.
• Bulk imports: CSV files you upload via Settings → Bulk Import. Anything in those files becomes your tenant data.
• Store integrations: when you connect a Shopify / Etsy / eBay / etc. account, we receive an OAuth token and (per your scopes) listing and order data on a recurring schedule.
• Support communications: emails or messages you send us.

3.2 We collect automatically

• Server logs: request paths, status codes, timing, IP address, user agent. Retained for 14 days for debugging and security; aggregated metrics longer.
• Performance metrics: latency, error counts, query timing, instrumented via OpenTelemetry.
• Cookies: we use cookies for authentication (the ASP.NET Identity cookie), session continuity, and basic anti-CSRF. We don't use third-party tracking or advertising cookies.

3.3 From third parties

When you connect an external store or service, we receive whatever data you've authorized that platform to share with us via OAuth scopes you accept during the connection flow. We don't enrich your data from third-party data brokers.

4. How we use data

• To provide the Service. Authenticate you, sync your stores, run your reports, etc.
• To bill you. Process subscription charges via Stripe.
• To support you. Respond to your questions, diagnose issues you report.
• To keep the Service safe. Detect abuse, prevent fraud, enforce our Terms.
• To improve the Service. Aggregate, anonymized usage patterns. We don't use your tenant data to train AI/ML models.
• To comply with legal obligations. Tax records, responding to lawful requests, etc.

5. Who we share data with

We share data only with the third parties needed to operate the Service, never for advertising. Each is a separate company with its own privacy practices — review their policies as well.

• Stripe — subscription billing. Receives billing email, charge amounts, and the tokenized payment method. stripe.com/privacy
• Sales channel integrations — Shopify, Etsy, eBay, Amazon, Wix, BigCommerce, WooCommerce, Squarespace. We receive listings and orders on your authorization; we send fulfillment updates when you ship.
• Shipping providers — EasyPost, ShipStation. Receive recipient name, address, and parcel dimensions when you purchase a label.
• PayPal — if you use Quote-based buyer payments. Receives buyer email and order total.
• {Hosting provider, e.g. Microsoft Azure} — infrastructure for running the Service.
• {Email provider, when configured} — transactional emails (invitations, password resets). The default Kitgy build ships with a no-op email sender; if you wire one up, update this list.
• Authorities — we may disclose data when compelled by lawful process. We notify you first when permitted.

6. International transfers

Our infrastructure is hosted in {region(s)}. If you access the Service from outside that region, your data may be transferred across borders. Where required (e.g. EU → US transfers under the GDPR), we rely on Standard Contractual Clauses or equivalent legal mechanisms. Contact us for details.

7. Retention

• Account data — while your account is active and for {retention window, e.g. 90 days} after cancellation, then deleted. Some records (invoices, security logs) are retained longer where required by law.
• Tenant data — while your account is active, plus an export window of {data export window, e.g. 30 days} after cancellation. After the window we delete it permanently.
• Server logs — 14 days, then aggregated only.

8. Security

We protect data with industry-standard measures: TLS in transit, encryption at rest, hashed passwords (ASP.NET Identity, PBKDF2 by default), tenant isolation at the application layer, scoped role- based access within each tenant, and audit logs of administrative actions. No system is perfect; if something goes wrong, we'll notify you in line with applicable breach-notification laws.

9. Your rights

Depending on where you live, you may have rights to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data ("right to be forgotten").
• Portability — receive your data in a machine-readable format.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with your data-protection authority.

For your account / billing data (where Kitgy is the controller), exercise your rights by emailing {privacy@yourdomain}.

For data about you that's stored in someone else's tenant (where you're the customer's customer, supplier, or employee — Kitgy is the processor), please direct your request to the tenant who stores your data; they're the controller and can act on your behalf. If you don't know who the tenant is, contact us and we'll help route your request.

10. California rights (CCPA / CPRA)

If you're a California resident, you have the rights described in Section 9 plus the right to opt out of "selling" or "sharing" your personal information. We do not sell or share personal information as those terms are defined under the CPRA, and we don't use sensitive personal information for inferring characteristics about you. Submit California-specific requests to {privacy@yourdomain}.

11. Children

The Service isn't directed at children under 16. We don't knowingly collect personal information from anyone under 16. If you believe a child has signed up, contact us and we'll delete the account.

12. Changes

We may update this Privacy Policy as the Service evolves. The "Last updated" date at the top of the page reflects the latest change. Material changes will be announced in-app or by email.

13. Contact

Privacy questions, requests, or concerns: {privacy@yourdomain}
Mailing address: {Mailing address}
Data Protection Officer: {Name and contact, if appointed}

See also: Terms of Service.