Privacy policy
KairoProject privacy policy — data processed, legal bases, sub-processors, user rights and security measures.
Version 1.2 — June 2026
1. Data Controller
- Publisher: Matthieu Guillon EI (sole trader)
- SIRET: 990 721 490 00029
- GDPR contact: support@kairoproject.com
2. Purpose of This Policy
This policy explains what data is processed by KairoProject, for what purposes, on what legal bases, with which sub-processors, for how long, and what rights are available to data subjects.
KairoProject is a SaaS project management platform. Application data is hosted on a Firebase / Google Cloud infrastructure, in particular Firestore for the primary database.
3. Purposes and Legal Bases
| Purpose | Description | Legal basis |
|---|---|---|
| Account management and authentication | Account creation, login, management of rights and user / organisation workspaces | Performance of contract |
| Provision of the service | Storage of portfolios, projects, tasks, resources, history, preferences and application settings | Performance of contract |
| Billing and subscription management | Payments, subscriptions, invoices, subscription status | Performance of contract / legal obligation |
| Support, maintenance and service continuity | Assistance, incident resolution, service communications, corrections and product operations | Legitimate interest / performance of contract |
| Security and abuse prevention | Access control, rate limiting, technical logs, monitoring, audit logging of sensitive operations | Legitimate interest / legal obligation as applicable |
| Export, portability and GDPR erasure | Processing of access, export, and erasure requests, and retention of associated evidence | Legal obligation |
| Optional AI features | Explicit consent or voluntary activation within the relevant workspace by the administrator | Consent / explicit choice |
| Predictions and internal models | Predictive calculations, custom models tied to a workspace, internal ML service operations | Performance of contract |
| Optional contribution to the global model | Contribution of a scope to the global model where explicit opt-in has been performed by the workspace administrator | Consent / explicit choice of the workspace administrator |
4. Categories of Data Processed
Depending on usage, KairoProject may process the following categories of data:
- Identification and contact data: first name, last name, email address, technical account identifiers.
- Access and rights data: roles, workspace membership, member statuses, technical claims, session preferences.
- Business data: portfolios, projects, tasks, resources, teams, calendars, history, project settings, prompt parameters where used.
- Billing data: subscribed plan, subscription status, payment references and billing information managed via Stripe.
- GDPR export, deletion and evidence data: request identifiers, job statuses, timestamps, subject identifiers, DSAR logs.
- Technical and security data: error logs, operational logs, monitoring events, rate-limiting records, technical identifiers necessary for operations.
- AI and ML data: content entered by the user when requesting an AI assistance feature, structural prediction variables, reconstructed application exports for custom model training, training import files provided by the customer, data from a scope contributing to the global model where global contribution has been explicitly enabled.
5. Hosting, Access and Confidentiality
- Application data is hosted within the Firebase / Google Cloud infrastructure used by KairoProject.
- Access between personal workspaces and organisations is separated by application-level and database-level access controls.
- Other customers have no access to a company's data beyond the rights explicitly granted to them.
- The publisher retains governed technical administrator access for legitimate support, maintenance, security, abuse prevention, and legal compliance purposes.
- Sensitive operations such as exports, deletions, and GDPR audit logging are processed server-side and are not exposed as direct write access from the web client.
6. Sub-processors and Recipients
KairoProject relies in particular on the following categories of sub-processors. Each sub-processor is governed by a data processing agreement (DPA). Application data (database, files, backend functions) is hosted exclusively in Europe via Google Cloud. For sub-processors involving a transfer outside the European Economic Area (Vercel, Stripe, Resend, OpenAI), appropriate safeguards are implemented in the form of standard contractual clauses from the European Commission, accompanied by a Transfer Impact Assessment (TIA) in accordance with the recommendations of the EDPB.
- Firebase / Google Cloud (Google Ireland Limited): user authentication, Firestore database, file storage, and backend function execution. Application data is hosted in Europe (eur3 region, multi-region Belgium/Netherlands); functions run in europe-west1 (Belgium). No transfer outside the EEA for this sub-processor.
- Vercel: web application hosting and execution.
- Stripe: payment processing and subscription management. Only transaction references and billing data are transmitted; no card data is stored by KairoProject.
- OpenAI: certain assistance, generation, or explanation features requested by the user. Transfer outside the EU governed by standard contractual clauses.
- Resend, Inc.: sending of transactional emails (invitations, scheduling alerts, billing notifications). Processing of recipient names and email addresses.
- Other technical providers: monitoring tooling, as applicable.
A detailed list of sub-processors can be provided to the customer upon request or as part of the applicable contractual documentation.
7. Use of OpenAI and the Internal ML Service
7.1 OpenAI
Certain assistance features use OpenAI via KairoProject server-side routes. Depending on the feature used, the following data may be transmitted to OpenAI: a brief entered by the user, contextual project information, task names or structural elements, or for delay analysis a structured project summary and prediction indicators.
OpenAI calls are not made directly from the user's browser to the provider. They pass through KairoProject server-side routes, with input validation, rate limiting, and filtering of permitted models.
7.2 Internal ML Service
KairoProject also uses an internal prediction and training service. This service may receive structural prediction variables, reconstructed exports from a given workspace to train a custom model, training import files provided by the customer, and for the global model data from workspaces that have enabled global contribution.
A custom model remains tied to its corresponding scope and is not reused for another customer.
7.3 Global Model
Where global contribution has been explicitly enabled by the administrator of the relevant workspace, certain data from that workspace may feed the internal training pipeline for the global model.
In the current state of the service, this contribution is not limited to purely numerical, already-anonymised statistics. It may include names, descriptions, project structures, business variables, and import files useful for training.
However, other customers do not gain access to this data in plain form within the application, and passwords, authentication secrets, Stripe data, and GDPR logs are not used in this global training pipeline.
8. Retention Periods
| Data | Retention |
|---|---|
| Active account and project data | Until account or organisation deletion |
| Voluntary account deletion | Immediate purge of active application data, regardless of subscription status. DSAR evidence log retained with limited retention period. |
| Post-subscription-cancellation data | 90 days after the end of the subscription, then permanently and automatically deleted |
| Organisation export jobs | 7 days |
| Signed export download links | 24 hours |
| Organisation deletion jobs | 90 days |
| DSAR logs | 12 months |
| Organisation deletion logs | 12 months |
| Accounting documents | 10 years (applicable legal obligations) |
| Backups | Targeted rotation up to 30 days, with restoration tested outside production |
9. Backup and Restoration
The backup and restoration of the data infrastructure relies primarily on the capabilities and services operated on Firebase / Google Cloud. KairoProject implements reasonable operational and restoration procedures in light of its architecture. Where export features are available, they allow the customer to retain their own working or archival copies.
10. Security
KairoProject implements reasonable security measures adapted to its architecture: encryption in transit and at rest, access controls and workspace separation, rate limiting on certain exposed routes, audit logging of sensitive operations, technical monitoring, and administrator access restricted to named, governed accounts.
10a. Personal Data Breaches
In the event of a personal data breach likely to result in a risk to the rights and freedoms of the individuals concerned, KairoProject undertakes to notify the CNIL within 72 hours of becoming aware of it, in accordance with Article 33 of the GDPR.
- If the breach is likely to result in a high risk to the individuals concerned, they will be informed without undue delay, in accordance with Article 34 of the GDPR.
- Any suspected data breach may be reported to support@kairoproject.com.
- KairoProject maintains an internal record of data breaches, even when notification to the CNIL is not required.
11. Data Subject Rights
In accordance with the GDPR, data subjects may exercise the following rights:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object, where applicable
Requests may be submitted to: support@kairoproject.com
A complaint may also be lodged with the CNIL (French data protection authority): cnil.fr
12. Cookies and Trackers
KairoProject does not enable non-essential trackers by default in the current state of the service. Strictly necessary cookies for service operation, session management, and interface preferences may be used without prior consent. Should audience measurement or marketing trackers be added, an appropriate consent mechanism would be implemented prior to their loading.
See the Cookie policy for full details.
13. Updates
This policy may be amended in the event of legal, contractual, technical, or operational developments. The date of the latest update appears at the top of this document.