KAKEL Tech
Get started

Privacy Policy

Last updated: 5/20/2026

This Privacy Policy describes how KAKEL Enterprises LLC ("KAKEL") collects, uses, and shares data when you use kakel.io and our KAKEL Tech products.

What we collect

  • Account data: email, optional display name, optional country, password hash (bcrypt), MFA secret (if enabled), Stripe customer ID.
  • Billing data:handled by Stripe. We do not store credit card numbers on our servers. Stripe's privacy policy applies to payment data.
  • License + activation data: license keys you own, machine IDs you activate against them, hostnames, timestamps. Machine IDs are device-derived hashes, not personal identifiers.
  • IMEI lookup data: we log free-tool IMEI lookups for rate-limiting. The hashed lookup bucket (IP + UA fingerprint) is retained for 24 hours; raw IPs are not stored.
  • Blacklist contributions: if you use the Device Risk API write tier, the IMEIs / serials you contribute are stored against your tenant ID for revenue-share accounting.
  • Operational telemetry: server logs (request paths, status codes, timings). Personal data is not extracted into analytics tools.

How we use it

To provide and operate the Services, to authenticate you, to enforce license terms, to bill you correctly, to investigate abuse, and to comply with applicable legal obligations.

Who we share it with

  • Stripe — payment processing.
  • AWS — infrastructure (Amplify Hosting, S3, SES, KMS).
  • Email delivery — AWS SES for transactional email.
  • Law enforcement — when compelled by valid legal process or to prevent imminent harm. We will challenge overbroad or unlawful requests.

We do not sell personal data. We do not share customer IMEI databases with parties not under contract.

Data retention

Account and billing records: retained for as long as your account is active plus 7 years after closure for tax / accounting compliance. License + activation records: retained for the life of the license plus 2 years. Lookup rate-limit buckets: 24 hours. Server logs: 30 days.

Your rights

Subject to applicable law (including GDPR for EU/EEA users and CCPA for California residents), you have the right to access, correct, delete, port, or restrict processing of your personal data. To exercise these rights, email privacy@kakel.io.

International transfers

KAKEL is a US-based entity and our infrastructure is hosted in the United States (AWS us-east-1). If you access the Services from outside the US, your data will be transferred to the US.

Contact

Privacy questions: privacy@kakel.io.

This page is a working draft. Final wording will be reviewed by counsel before launch.