AIROS

Legal

Privacy Policy

Effective May 8, 2026

1. Introduction

This Privacy Policy describes how Kaan Yurdakoş (the “Operator”), a sole proprietor registered in Türkiye, trading as Kairos Labs (“Kairos”, “we”, “us”), collects, uses, and protects your personal information when you use the Kairos service (the “Service”). It applies to data we receive through our websites at kairoslabs.pro and platform.kairoslabs.pro and through our APIs.

2. Information We Collect

Account data

Email address, display name, profile photo, hashed password (when not using OAuth), and authentication tokens.

Content data

Video files you upload or fetch by URL, audio extracted from those videos, transcripts generated from audio, AI-detected clip metadata, and the resulting clip files. We process this data solely to deliver the Service to you.

Social connections

When you connect a third-party platform (YouTube, TikTok, Instagram, etc.) we store an encrypted OAuth refresh token that allows us to publish content on your behalf as you direct. We do not access these accounts for any other purpose.

Usage and device data

IP address, browser and device type, pages visited, features used, and error events. This is used for security, debugging, and product improvement.

Billing data

Payment information is collected and processed by Lemon Squeezy, our merchant of record. Kairos receives only your subscription status, plan tier, and minimal billing metadata; we do not store your card details.

3. How We Use Your Information

  • To provide, operate, and improve the Service.
  • To process and store your video content for the purpose of generating clips.
  • To authenticate you, secure your account, and prevent abuse.
  • To send transactional emails (clip ready, scheduled post results, billing notices, security alerts).
  • To comply with legal obligations and enforce our Terms.
  • To produce aggregate, non-identifying analytics that inform product decisions.

We do not sell your personal information. We do not use Your Content to train AI models.

4. Service Providers

We share data with the following sub-processors, strictly as necessary to operate the Service:

  • Supabase — account database and authentication.
  • Google Cloud Storage — encrypted storage of video uploads and generated clips.
  • MongoDB Atlas — job, clip, and metadata storage.
  • OpenAI — AI clip detection. Per OpenAI’s API data policy, content submitted via the API is not used to train OpenAI’s models.
  • Gladia — speech-to-text transcription.
  • Lemon Squeezy — payment processing and merchant of record.
  • Resend — transactional email delivery.
  • Upstash Redis — queueing and caching infrastructure.
  • Google Analytics 4 — anonymized usage analytics.
  • Sentry — error monitoring.

5. Cookies & Tracking

We use a small number of essential cookies for authentication and session management. We use Google Analytics 4 to measure aggregate site usage; you can opt out at any time via your browser settings or a privacy extension. We do not use third-party advertising cookies.

6. Your Rights

Under the EU General Data Protection Regulation (GDPR), the Turkish Personal Data Protection Law (KVKK), and similar regulations, you have the right to:

  • access the personal information we hold about you;
  • correct inaccurate information;
  • request deletion of your personal information (right to be forgotten);
  • export your data in a portable format;
  • object to or restrict certain processing;
  • withdraw consent where processing is based on consent.

To exercise any of these rights, email privacy@kairoslabs.pro. We respond within 30 days.

7. Data Retention

We retain account data and content for as long as your account is active. When you delete your account, we permanently delete associated content within 30 days, except where we are required to retain certain records for legal, accounting, or fraud-prevention purposes. Aggregated analytics may be retained indefinitely as it does not identify you.

8. Security

We protect your data with industry-standard measures including TLS encryption in transit, encryption at rest for credentials and OAuth tokens, role-based access control, and routine security review. No system is perfectly secure; if you suspect a breach, please contact security@kairoslabs.pro.

9. International Data Transfers

We process and store data in the United States (Google Cloud), the European Union, and Türkiye. By using the Service you consent to the transfer of your information to these jurisdictions. Where applicable we rely on standard contractual clauses or equivalent safeguards.

10. Children’s Privacy

The Service is not directed at children under 16, and we do not knowingly collect personal data from minors. If you believe a child has provided us with personal information, contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced via email or in-product notice at least 14 days before they take effect.

12. Contact

Privacy questions: privacy@kairoslabs.pro
General contact: hello@kairoslabs.pro