Privacy Policy

Effective April 19, 2026

Kanegdo (“we”, “us”) is operated by Leporia. This Privacy Policy explains what personal data we collect when you use the Service, why we collect it, who we share it with, and how you can exercise your rights over it.

1. Data we collect

Account data

  • Email address and display name (provided by you or by Facebook on sign-in).
  • Hashed password, if you set one. We never store passwords in plain text — we use Argon2id.
  • The Facebook user id and a small profile blob (name, email if granted) when you sign in via Facebook.

Connected Facebook Pages

  • Page id, page name, and an encrypted access token for every Page you select.
  • Tokens are encrypted at rest with AES-256-GCM using a key only the server holds.

Content

  • The intake material you upload (XLSX, text, etc.) and the drafts we generate from it.
  • The published-post id Facebook returns after a successful publish.

Operational data

  • Session cookies (HTTP-only, SameSite=Lax) used to keep you signed in.
  • Server logs containing your IP, user-agent, request paths, and timestamps for security & debugging.
  • An audit log of security-relevant events (logins, role changes, deletions, etc.).
  • A per-call record of every AI request we make on your behalf, including the prompt, the response, token counts and cost.

2. Why we collect it

  • To provide and operate the Service (drafting, scheduling, publishing).
  • To authenticate you and protect your account.
  • To debug failures and improve reliability.
  • To meet our legal obligations (e.g. responding to a valid law-enforcement request).

3. Who we share it with

We do not sell your personal data. We share the minimum necessary with the following sub-processors so the Service can function:

  • Facebook (Meta) — when you publish to a Facebook Page, your post text and any attached media are transmitted to Meta’s Graph API.
  • OpenAI and Anthropic — when we generate a draft, we transmit your intake text + any system prompt to whichever model you (or the system default) selected. We do not opt in to provider-side training when API options are available.
  • SendGrid (via our internal smsandemail relay) — when we send you a magic link, password reset, or transactional email.

4. How long we keep it

  • Account data: for the lifetime of your account, plus up to 30 days after deletion for backups to expire.
  • Sessions: 30 days from issue, or until you sign out / we revoke them.
  • Magic-link tokens: 15 minutes; consumed tokens are kept for 30 days for audit, then deleted.
  • AI interaction records: 13 months for billing and debugging; you can request earlier deletion.
  • Audit log: 24 months for security investigations.
  • Server logs: 30 days.

5. Your rights

You can:

  • Access and correct your account data from your profile page.
  • Export your data by emailing kanegdo@leporia.net — we will reply within 30 days.
  • Delete your account at any time from your profile page, or by following the steps on our data deletion page.
  • Withdraw any consent you previously gave (e.g. revoke Facebook access from your Facebook settings).

6. Children

Kanegdo is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

7. International transfers

Kanegdo is operated from the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S.

8. Security

We use TLS for all in-transit traffic, AES-256-GCM for sensitive tokens at rest, Argon2id for password hashing, and HTTP-only cookies for session management. No system is perfectly secure; if you discover a vulnerability, please report it to security@leporia.net.

9. Changes to this Policy

We may update this Policy. Material changes will be communicated by email or in-app notice at least 14 days before they take effect.

10. Contact

Privacy questions or requests: kanegdo@leporia.net.