Kizuki
LEGAL · PRIVACY POLICY

Privacy Policy

Last revised: 2026-05-28 · DRAFT — pending lawyer review

Note: DRAFT pending qualified data-protection counsel review for EU (GDPR), Japan (APPI), and California (CCPA). Source markdown: docs/legal/PRIVACY-POLICY.md.

1. Who We Are

SmartRich Inc., Tokyo, Japan. Contact: privacy@kizuki.smartrich.ai.

2. What We Collect

From the merchant: email, business name, default UI locale, brand voice description, reply rules, keywords, Telegram chat_id, activity log.

From public social media (on merchant's behalf): post content matching keywords, hashed author handle (SHA-256, never cleartext), source URL, author-detected locale.

Automatic: IP (purged 30 days), user-agent, country (CF geo).

3. AI Processing

Kizuki routes LLM inference to whichever provider is cheapest + healthy: Anthropic / Google / OpenAI. All three configured with no-train defaults.

3.1 We do not train AI models on your data (L-3)

Your reply samples, brand voice fingerprints, draft history, classifier outputs, post content, customer interactions, and all derived data are:

  • Never used to train any Kizuki-controlled AI model. Kizuki does not train, fine-tune, or adapt any AI model on customer data.
  • Routed to providers under contractual no-training terms: Anthropic Workbench (DPA prohibits training), Google Vertex AI for Business (contractual no-train), OpenAI Enterprise API (no-train default per API ToS for paid tier).
  • Not shared with any third party for AI training, statistical sampling, or "research" purposes.
  • Logged for ≤ 30 days at the provider end ONLY for abuse-detection, then auto-purged per each provider's standard retention policy.

If a provider changes their no-train terms, we will migrate that workload to an alternative provider within 30 days and disclose the migration in our changelog. We will never silently allow your data to enter a training set.

4. Your Rights (GDPR / APPI / CCPA)

  • Access — A13 Activity Log → "Export CSV" or GET /v1/me/export
  • Erasure — cancel + wait 90 days OR immediate via privacy@kizuki.smartrich.ai
  • Portability — same as Access (tar.gz / CSV)
  • Restriction / Withdraw consent — settings or email

Response SLA: 30 days.

5. Retention

Active accounts: per-tier (Pro 30d, Business 90d, Enterprise 1y+). Cancelled: 90d soft-delete then complete cascade delete.

6. Security

Multi-tenant DB isolation, HMAC-signed cookies, webhook signature verification, Cloudflare-encrypted secrets, hashed author handles, no third-party tracking pixels.

Full Policy

Full text in docs/legal/PRIVACY-POLICY.md.