Privacy Policy & Your Rights

What We Collect

KinLore collects the following personal information to provide genealogy research services:

• Contact information: Your email address and optional phone number
• Research requests: Names, approximate dates, and locations of ancestors you ask us to research
• Payment information: Processed by Stripe — we store only transaction status and amounts, not card data
• Conversations: Chat messages with our Mae assistant, including family stories you share
• Usage data: IP address at submission time for fraud prevention

How We Use Your Information

• To conduct genealogy research on your behalf
• To send you research updates and your completed report
• To process payment for premium tiers
• To improve our research accuracy over time
• To comply with legal obligations

We do not sell your personal information to third parties for advertising purposes.

Living Person Privacy Protection

KinLore classifies every person in our research database as living or deceased. This classification is based on:

• Confirmed deceased: An explicit death date is present in records
• Presumed deceased: Birth year is more than 110 years ago
• Living (all others): Full privacy protections apply

Information about living individuals is displayed only to the authenticated requester via a private, token-protected access link. This is a hard access control boundary required by our data source agreements.

Data Sharing

We share data only with:

• Stripe — payment processing (see Stripe Privacy Policy)
• Anthropic — AI research assistance (data subject to Anthropic's privacy policy)
• Legal requirements — if required by law or court order

Data Retention

• Research requests: Retained until you request deletion
• Chat conversations: Retained until you request deletion
• Purchase records: Anonymized on deletion request (financial records retained 7 years for legal compliance)
• API logs: Automatically deleted after 30 days

Your Privacy Rights

Under GDPR (if you're in the EU/EEA) and CCPA (if you're in California), you have the following rights:

CCPA Opt-Out Preferences

California residents can manage their privacy preferences below. Enter your email to update your choices.

Data Subject Access Requests (DSAR)

To exercise your right to access or delete your data, submit a request below. We'll send a verification email — click the link to confirm and execute your request.

Response times: GDPR — within 30 days · CCPA — within 45 days

Contact & Complaints

For privacy questions or to exercise your rights by email:

Email: hello@kinlore.ai

EU residents have the right to lodge a complaint with their local data protection authority if they believe their rights have not been respected.

Age Requirements

KinLore is not directed at children. We require:

• United States: Minimum age 13 (COPPA compliance)
• EU / EEA: Minimum age 16 (GDPR Article 8)
• Other regions: Minimum age 13

If we become aware that we have inadvertently collected personal information from a child below the applicable minimum age, we will delete it promptly. Contact hello@kinlore.ai to report any such concerns.