Privacy Policy

Effective Date: April 29, 2026

KickPilot ("us", "we", or "our") operates the https://kickpilot.me website (the "Service"). This page informs you of our policies regarding the collection, use, disclosure, and safeguarding of personal data when you use our Service, as well as your rights concerning that data under applicable global privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) as amended by the CPRA.

Definitions

• Personal Data: Data about a living individual who can be identified from those data.
• Usage Data: Data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
• Cookies: Small pieces of data stored on a User's device.
• Data Controller: The entity (KickPilot) that determines the purposes and means of processing personal data.
• Data Processor (Service Provider): Third parties that process data on behalf of the Data Controller.
• Data Subject / User: Any living individual using our Service who is the subject of Personal Data.

Information Collection and Categories of Data

In the past 12 months, we have collected the following statutory categories of Personal Data from our users:

• Identifiers: First and last name, email address, IP address, and unique device identifiers.
• Internet or Network Activity: Browser type, browser version, pages visited, time and date of visit, and time spent on pages.
• Commercial Information: Records of services purchased or considered.

Customer Data: Customer Data may include personal information of your end-user customers input into the Service by you. We only process Customer Data as a Data Processor for the purposes set forth in your agreement with us.

Legal Basis for Processing (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using your Personal Data depends on the data we collect and the specific context in which we collect it. We process your data based on:

1. Contractual Necessity: To provide, maintain, and support our Service (e.g., account creation, billing).
2. Explicit Consent: To send you newsletters, marketing materials, or utilize non-essential tracking cookies. You may withdraw your consent at any time.
3. Legitimate Interests: To analyze usage to improve our Service, ensure security, and detect fraud, provided these interests are not overridden by your data protection rights.
4. Legal Obligation: To comply with applicable laws and regulations.

Tracking Technologies and Cookies

We use cookies and similar tracking technologies to track activity on our Service. We utilize a Consent Management Platform (CMP). Non-essential cookies (such as analytics or marketing cookies) will only be placed on your device if you provide explicit consent via our cookie banner. You can manage your preferences at any time through our website.

Data Retention

KickPilot will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with legal obligations, resolve disputes, and enforce our agreements. Usage Data is generally retained for a shorter period unless used to strengthen security or improve Service functionality.

International Data Transfers

Your information may be transferred to - and maintained on - computers located outside of your jurisdiction (including the United States). If you are located in the EEA or UK, we ensure your data receives an adequate level of protection by relying on Standard Contractual Clauses (SCCs) approved by the European Commission, or through participation in the EU-U.S. Data Privacy Framework.

Disclosure of Data

• Business Transactions: If KickPilot is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred with prior notice.
• Law Enforcement & Legal Requirements: We may disclose your Personal Data to comply with legal obligations, protect the rights or property of KickPilot, prevent wrongdoing, or protect personal safety.

Your Global Privacy Rights (GDPR & General)

You have the right to:

• Access and Portability: Request a copy of your Personal Data in a structured, machine-readable format.
• Rectification: Correct inaccurate or incomplete data.
• Erasure ("Right to be Forgotten"): Request the deletion of your Personal Data.
• Restrict Processing: Request that we limit the processing of your data.
• Object to Processing: Object to processing based on legitimate interests or for direct marketing.
• Avoid Automated Decision-Making: Not be subject to decisions based solely on automated processing.
• Lodge a Complaint: Report concerns to your local Data Protection Authority (DPA) within the EEA.

To exercise these rights, please contact us. We may verify your identity before processing your request.

California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have specific rights regarding your personal information:

• Right to Know and Delete: You may request details about the data we collect and ask us to delete it.
• Right to Correct: You may request correction of inaccurate data.
• Right to Non-Discrimination: We will not discriminate against you (e.g., deny services or change pricing) for exercising your CCPA rights.
• "Do Not Sell or Share My Personal Information": We use third-party analytics and advertising networks (e.g., Google Analytics, Facebook Pixel). Under the CCPA, sharing data via these cookies for targeted advertising may constitute a "sale" or "sharing" of data. You can opt out by clicking the "Do Not Sell or Share My Personal Information" link in our website footer or by utilizing your cookie settings.

Global Privacy Control (GPC): We support and honor Global Privacy Control signals. If your browser broadcasts a GPC signal, we will automatically opt you out of the sale or sharing of your data for targeted advertising.

Service Providers, Analytics, and Payments

We employ third-party Service Providers to facilitate our Service, subject to strict confidentiality agreements:

• Analytics: Google Analytics (You may opt out via the Google Analytics Opt-out Browser Add-on).
• Behavioral Remarketing: Google AdWords and Facebook (Opt-out available via Google Ads Settings and Facebook Ad Preferences).
• Payments: We use Stripe for payment processing. We do not store your card details. Stripe adheres to PCI-DSS standards. Review their Privacy Policy at Stripe.com.

Children's Privacy

Our Service is strictly for individuals who are at least 18 years old. We do not knowingly collect personally identifiable information from anyone under the age of 18. If we become aware that we have collected Personal Data from a minor, we will take immediate steps to remove that information from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy periodically. We will notify you of material changes via email and/or a prominent notice on our Service before the change becomes effective, updating the "Effective Date" above.

Contact Us

For questions or to exercise your privacy rights, contact us at [email protected].