KKakerouBack home

Legal

Privacy Policy

Last updated July 2, 2026

Kakerou is a personal lead-recovery operator. To do its job it connects to accounts you authorize and acts through them — as you, never through a shared address. This policy explains exactly what it accesses, what it does with that data, and the controls you have. In plain terms: your data is used to do the work you asked for, it is never sold, and nothing is sent on your behalf without your explicit okay.

What we access

Only what the operator needs, and only from accounts you connect:

How we use it

To draft and triage, message content is processed by our language-model provider (OpenRouter, which routes to Anthropic models). It is used to generate the draft for that task and is not used to train models on your data.

What we never do

Where your data lives

Account records and operating memory are stored in our database (Supabase) with row-level security so only your account can read your data. OAuth tokens are held by Composio. The app runs on Vercel. Each provider processes data on our behalf under its own security commitments.

Third parties we rely on

Your controls

Data retention

We keep your data while your account is active and for as long as needed to provide the service. When you delete your account or revoke access, we delete or disconnect the associated data within a reasonable period.

Google API disclosure

Kakerou's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Gmail data for advertising, and we do not transfer it except as needed to provide or improve the feature you asked for, to comply with law, or as part of a merger you are notified of.

Changes

We may update this policy as the product evolves. Material changes will be reflected by the date above.

Contact

Questions, or a data request? Email darynmirzhusip@gmail.com.