← Back to Home

Privacy Policy

Last updated: November 8, 2025

Introduction

Keelo.ai ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our growth intelligence platform and services.

We prioritize user privacy and data security. You maintain full control over your data, and we only access information you explicitly authorize through secure OAuth connections.

1. Information We Collect

1.1 Account Information

When you create a Keelo.ai account, we collect:

  • Email address
  • Name
  • Company name
  • Password (encrypted)

1.2 Integration Data

When you connect third-party services through OAuth authorization, we collect data from your authorized integrations:

HubSpot & Salesforce (CRM Data):

  • Contact information (names, emails, phone numbers)
  • Deal/opportunity data (values, stages, close dates)
  • Company information
  • Activity history (emails, calls, meetings)
  • Custom properties and fields

Shopify (E-commerce Data):

  • Customer data (names, emails, addresses)
  • Order information (products, quantities, amounts)
  • Product catalog
  • Inventory levels

Google Ads (Advertising Data):

  • Campaign names and settings
  • Performance metrics (clicks, impressions, cost)
  • Ad group and keyword data
  • Conversion data

Google Drive (Documents):

  • Document content you explicitly select
  • File metadata (names, types, dates)

Important: We only collect data you explicitly authorize through OAuth. You can revoke access at any time through your Integrations dashboard or directly in the third-party platform.

2. How We Use Your Information

We process your data solely to provide our growth intelligence platform services:

  • Generate analytics, insights, and visualizations
  • Provide automated recommendations based on your data patterns
  • Enable natural language queries about your business data
  • Detect trends, anomalies, and opportunities
  • Create performance dashboards and reports
  • Synchronize and aggregate data across your connected platforms

3. Advanced Analytics & AI Processing

Keelo.ai uses advanced analytics and intelligent processing to provide insights and recommendations. We partner with Anthropic to provide intelligent insights through their Claude API.

Important Data Protection Guarantees:

  • No AI Training: Your data is NOT used to train any AI models
  • Transient Processing: Data is processed in real-time and not retained by our AI provider
  • No Human Review: Your data is not reviewed by humans at Anthropic
  • Enterprise Security: All AI processing uses enterprise-grade encryption
  • Private Workspace: AI analysis happens within your private workspace—insights are never shared

You can review Anthropic's commercial data protection terms at https://www.anthropic.com/legal/commercial-terms

4. Data Sharing and Disclosure

What We DO NOT Do:

  • We do not sell your data to third parties
  • We do not rent or lease your data
  • We do not share your data with third parties for their marketing purposes
  • We do not use your data to train AI models

Limited Sharing:

We only share data in these specific circumstances:

  • Service Providers: Anthropic (Claude AI), Vercel (hosting), Railway (hosting)—all under strict data processing agreements
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
  • With Your Consent: When you explicitly authorize sharing

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: AES-256-CBC encryption for OAuth tokens and sensitive data at rest
  • Transport Security: TLS 1.3 encryption for all data in transit
  • Access Control: Role-based access control and multi-factor authentication
  • Infrastructure: SOC 2 compliant hosting providers (Vercel, Railway)
  • Monitoring: Continuous security monitoring and logging
  • Regular Audits: Periodic security assessments and penetration testing

6. Data Retention

We retain your data for the following periods:

  • Active Account Data: As long as your account remains active
  • Integration Data: Until you disconnect the integration or delete your account
  • Deleted Account Data: 30 days after account deletion (for recovery purposes), then permanently deleted
  • Logs and Analytics: Up to 90 days for security and debugging purposes

7. Your Privacy Rights

You have the following rights regarding your data:

Right to Access

Request a copy of all personal data we hold about you

Right to Rectification

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your data ("right to be forgotten")

Right to Data Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to processing of your data for specific purposes

Right to Revoke Consent

Disconnect integrations and revoke OAuth access at any time

To exercise any of these rights, contact us at privacy@keelo.ai. We will respond within 30 days.

8. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Data Processing Agreements with all subprocessors
  • Compliance with GDPR, CCPA, and other applicable privacy laws

9. Cookies and Tracking

We use essential cookies to:

  • Maintain your session and authentication
  • Remember your preferences
  • Analyze platform usage (anonymized)

We do not use third-party advertising cookies or trackers.

10. Children's Privacy

Keelo.ai is not intended for children under 18. We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, contact us immediately at privacy@keelo.ai

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or through the platform. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions, concerns, or requests:

Email: privacy@keelo.ai

Data Protection Officer: dpo@keelo.ai

Company: Keelo.ai

13. Regulatory Compliance

Keelo.ai complies with:

GDPR

EU General Data Protection Regulation

CCPA/CPRA

California Consumer Privacy Act

SOC 2

Type II Compliance (in progress)

ISO 27001

Information Security Standards