Privacy Policy

Krixa AI (“Krixa”, “we”, “us” or “our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our AI-powered content generation platform available at krixa.ai (the “Service”). By accessing or using Krixa AI, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

We collect information that you provide directly and information generated automatically during your use of the Service.

• Account information: name, email address, and authentication credentials (including OAuth identifiers when you sign in via Google).
• Usage data: IP address, browser type, device information, feature interactions, API request logs, and credit consumption records.
• Diagnostic data: error traces, performance metrics, and crash reports used to maintain and improve the Service.

When you create a Krixa AI account, we collect your name and email address to identify you, communicate with you, and secure your account. You are responsible for maintaining the confidentiality of your login credentials. We support password-based authentication and Google OAuth. We never store passwords in plain text.

You may upload or input content into Krixa AI to generate marketing materials, including brand assets, prompts, descriptions, and reference materials. This “User Submitted Content” is stored securely so you can access, edit, and reuse it across projects. You retain ownership of all content you submit. We do not use your submitted content to train our own models or share it with other users.

Krixa AI uses third-party artificial intelligence providers to generate content based on your inputs, including Instagram Carousels, Instagram Captions, Facebook Posts, LinkedIn Posts, X Threads, WhatsApp Promotions, and Email Campaigns. Your prompts and instructions are transmitted to these providers solely to produce the requested output. We do not use your inputs to train foundation models, and we contractually require our AI providers not to retain your data beyond what is necessary to fulfil the request.

All payments on Krixa AI are processed by Stripe, our third-party payment processor. When you subscribe to a paid plan or purchase credits, Stripe collects your payment details directly. Krixa AI does not store full credit card numbers, bank account information, or other sensitive payment data on our servers. We receive only your Stripe customer ID, subscription status, plan tier, and invoice metadata, which we use to manage your account and billing.

We use a minimal set of first-party cookies and local storage entries to keep you signed in, remember your preferences (such as theme selection), and maintain session state. We may also use privacy-first analytics tools to understand how users interact with the Service so we can improve it. Where required by law, we will obtain your consent before setting non-essential cookies.

We send transactional emails that are necessary to operate the Service, including account verification messages, password reset instructions, payment receipts, billing notices, and important service updates. We may also send product updates and marketing communications if you have opted in. You can unsubscribe from marketing emails at any time by following the link in the email or contacting us at hello@krixa.ai.

We implement industry-standard security measures to protect your data, including TLS encryption in transit, encryption at rest, least-privilege database access, row-level security policies, and regular security audits. While we take every reasonable precaution, no internet-based service can be completely secure. If you discover a vulnerability, please report it responsibly to security@krixa.ai.

We rely on trusted third-party service providers to operate Krixa AI. These include hosting and database services, payment processing (Stripe), email delivery, AI model providers, and analytics platforms. All third parties are bound by appropriate data processing agreements and are only permitted to use your data for the specific purpose of providing their services to us. We do not sell your personal data to anyone.

Depending on your location, you may have rights under applicable data protection laws, including the right to access, correct, delete, restrict, or port your personal data, and the right to object to certain processing activities. You may also withdraw consent where processing is based on consent. To exercise any of these rights, please email us at hello@krixa.ai. We will respond to valid requests within the timeframes required by law.

We retain your account information and User Submitted Content for as long as your account remains active. If you delete your account, we will remove your personal data from our active systems within 30 days, though residual copies may remain in encrypted backups for a limited period. Billing and transaction records are retained for the period required by applicable tax and accounting laws (typically six years).

Krixa AI is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us at hello@krixa.ai and we will promptly delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. Material changes will be communicated to you via email or an in-product notice before they take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at hello@krixa.ai.