Legal

PRIVACY POLICY

Last Updated: December 22, 2025

We at Krira Labs ("we," "our," or "us") respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Data that we collect from or about you when you use our website, infrastructure platforms (including Krira Augment), and services (collectively, "Services").

This Privacy Policy applies to the data we process as a data controller. For content that we process on behalf of our enterprise customers (e.g., through our API or dedicated instances), our use of that data is governed by our Customer Master Services Agreement (MSA) or Data Processing Agreement (DPA) covering access to and use of those offerings.

1. Personal Data We Collect

We collect personal data relating to you ("Personal Data") as follows:

Personal Data You Provide

  • Account Information: When you create an account to use our Services, we collect your name, email address, and account credentials. If you subscribe to a paid plan, we also collect billing details, payment information, and transaction history via our secure payment processor.
  • User Content: We collect Personal Data that you provide in the input to our Services ("Content"), including your prompts, documents for indexing, knowledge base files, and other content you upload for our services.
  • Communication Information: If you communicate with us via email, support tickets, or social media, we may collect your name, contact information, and the contents of the messages you send.

Personal Data We Receive from Your Use of the Services

When you visit, use, or interact with the Services, we receive the following technical information:

  • Log Data: Information your browser or device automatically sends, including Internet Protocol (IP) address, browser type, date and time of request, and feature usage (e.g., "Vector Indexing" vs. "LLM Inference").
  • Usage Data: Metrics on how you use the infrastructure, such as latency, token usage, error rates, and API volume.
  • Cookies: We use cookies to operate our Services and improve your experience (e.g., keeping you logged in).

2. How We Use Personal Data

We use Personal Data for the following purposes:

  • To provide and maintain our Services: For example, to index your documents into vector stores or route your prompts to the correct LLM backend.
  • To improve and develop our Services: We analyze aggregate usage patterns to optimize our infrastructure (e.g., "Which embedding models are most popular?"). Note: We do not use your proprietary Customer Content (documents or proprietary prompts) to train our core foundation models without your explicit, written consent.
  • To communicate with you: Sending product updates, security alerts, and invoice information.
  • To prevent fraud and ensure security: Monitoring for anomalous API traffic or unauthorized access attempts.
  • To comply with legal obligations: Protecting the rights, safety, and property of Krira Labs and our users.

3. Disclosure of Personal Data

We may disclose your Personal Data in the following circumstances:

  • Vendors and Service Providers: To assist in business operations (e.g., cloud hosting providers like AWS/GCP, payment processors like Stripe). These parties access data only to perform their specific duties and are bound by confidentiality obligations.
  • Business Transfers: If Krira Labs is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred as a business asset, provided the receiving party agrees to respect your personal data in a manner consistent with this policy.
  • Legal Requirements: We may share information with government authorities if required by law (e.g., a valid subpoena or court order).
  • Affiliates: We may disclose Personal Data to our subsidiaries and corporate affiliates solely for the purpose of providing the Services to you.
  • No Sale of Data: We do not sell your Personal Data to third parties for monetary or other valuable consideration.

4. Retention

We retain your Personal Data only for as long as needed to provide our Services or for legitimate business purposes (resolving disputes, safety, legal compliance).

User Content: You have control over the retention of your vector indices and documents. If you delete a project or knowledge base, we delete the associated embeddings from our active servers immediately (though backups may exist for a limited period for disaster recovery).

5. International Data Transfers

Krira Labs is headquartered in Pune, India. By using our Services, you acknowledge that your information may be transferred to, stored, and processed in:

  • India (Primary engineering and support).
  • United States (Cloud infrastructure servers).

We ensure strictly appropriate safeguards (such as Standard Contractual Clauses) are in place for cross-border transfers.

6. Security

We implement enterprise-grade technical, administrative, and organizational measures designed to protect Personal Data from loss, misuse, and unauthorized access.

  • Encryption: All API traffic is encrypted via TLS 1.2+. Data at rest (vector stores) is encrypted using AES-256 standards.
  • Access Control: We enforce strict Role-Based Access Control (RBAC) internally.

Disclaimer: No Internet transmission is ever 100% secure. You are responsible for keeping your API keys and credentials confidential.

7. Your Rights

Depending on your jurisdiction (including rights under GDPR, CCPA, or India's DPDP Act), you may have the right to:

  • Access and export your Personal Data.
  • Delete your Personal Data from our records.
  • Correct inaccurate Personal Data.
  • Restrict how we process your data.

You can exercise these rights by emailing hello@kriralabs.com.

8. Third-Party Links & Models

Our Services may interact with third-party Large Language Models (e.g., OpenAI, Anthropic) if you configure your pipeline to do so. Data sent to these providers is governed by their respective privacy policies and your agreements with them. Our website may also contain links to external sites; we are not responsible for their content or privacy practices.

9. Children's Privacy

Our Services are strictly intended for enterprise and professional use. We do not knowingly collect Personal Data from individuals under the age of 18. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our servers.

10. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising under this policy shall be subject to the exclusive jurisdiction of the courts located in Pune, Maharashtra, India.

11. Changes to the Privacy Policy

We may update this Privacy Policy from time to time. We will publish the updated version on this page with the "Last Updated" date. For significant changes, we will notify you via email or a dashboard notification.

12. Contact Us

If you have questions about this policy or our data practices, please contact us:

Krira Labs
Pune, India
Email: hello@kriralabs.com