Skip to content
kairo
Try Kairo
Trust & transparency

Trust center

The index for everything we publish about how we treat your data, how the product behaves, and how to reach us if something feels off.

Last updated
Effective
Entity
Kairo Labs LLC · Illinois, USA

Kairo is operated by Kairo Labs LLC, an Illinois limited liability company, and is being built as the intelligent layer connecting your calendar, notes, tasks, meetings, classes, PDFs, projects, and people. Because we hold that much context, we hold ourselves to a higher bar than most productivity tools. This page is the index of everything we publish about how we treat your data, how the product behaves, and how to reach us if something feels off.

Where Kairo operates

Kairo is currently offered only in the United States and its territories (Puerto Rico, US Virgin Islands, Guam, American Samoa, Northern Mariana Islands, US Minor Outlying Islands). All processing and storage happens in the United States. International expansion will be announced through the waitlist and updated Terms.

Our philosophy

Private by default. Shared intentionally. Kairo handles enough of your life — schedule, notes, meetings, classes, PDFs, collaboration — that we treat privacy as a core feature, not a checkbox. Nothing is public by default. AI never acts silently. Sharing is always explicit, and you can revoke it any time.

What you should know in one minute

  • We do not sell or share your personal information. Not to advertisers, not to data brokers, not ever.
  • We do not train AI models on your private content, and our AI providers are contractually prohibited from doing so.
  • Your notes, events, tasks, files, and team content belong to you. Export anytime in standard formats (JSON + ICS).
  • AI features only run on the content you point them at. AI is off by default until you opt in.
  • Per-note and per-event sharing is opt-in, per resource — there is no app-wide "share everything" toggle.
  • Spaces have their own scope: a Space's calendar, tasks, notes, files, and DMs are isolated from your personal life.
  • Calendar integrations are read-only until you explicitly grant write access.
  • We follow least-privilege: most engineers cannot see customer content at all.
  • Encryption in transit (TLS 1.2+) and at rest (AES-256). OAuth tokens are encrypted with AES-256-GCM application-side.
  • Confirmed security incidents are disclosed to affected users within 72 hours where law requires.

Where things live

Compliance and certifications

  • Compliant with applicable US state privacy laws (CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA).
  • COPPA-compliant: minimum age 13, no knowing collection from under-13.
  • Internal controls aligned with common SOC 2 Trust Services Criteria. We are not pursuing SOC 2 certification at this time; if and when we do, the report will be available under NDA.
  • DMCA designated agent registered for copyright takedowns: dmca@heykairo.io.

Get in touch

Security disclosures: security@heykairo.io.
Privacy questions: privacy@heykairo.io.
Legal: legal@heykairo.io.
DMCA: dmca@heykairo.io.
Trust & safety reports: trust@heykairo.io.
Anything else: hello@heykairo.io.

Founding cohort

Kairo's founding cohort is a small group of early users based in Illinois — students, founders, and operators who use Kairo daily and help shape what we build next. They get direct access to the team and a permanent mark on the public founders wall. The controls described above apply to every account, founding cohort or not.

A note from us

Your data is yours. Every release ships through code review, automated tests, and the same controls described above. Feedback from customers shapes what we build next — we publish a changelog and respond to every security report directly.

Thank you for trusting Kairo with the schedule, notes, and people that run your week.

Built in Chicago. Operated by Kairo Labs LLC, an Illinois limited liability company.