Privacy Policy

Effective date: 1 January 2025 · Last updated: 1 January 2025

This policy explains what data Kochi.co collects, why, and how you can control it. It applies to all users regardless of location.

1. Who We Are

Kochi.co ("we", "our", "us") operates the Kochi.co application and related services. References to "you" mean any user of our services.

For questions about this policy: privacy@kochi.co

2. Data We Collect

We collect only what is necessary to provide our services.

Account data:

Name and email address
Password (hashed — never stored in plain text)
Profile information you choose to provide

Usage data:

Device type, OS, and app version
IP address and approximate location (country/region)
In-app actions and feature usage (anonymised where possible)
Crash reports and performance logs

Communications:

Support messages you send us
Feedback and survey responses

We do not collect sensitive personal data (health, financial, biometric, or government ID data) unless explicitly stated for a specific feature.

3. How We Use Your Data

Provide, maintain, and improve our services
Authenticate your account and secure your data
Respond to support requests
Send transactional emails (account activity, security alerts)
Send product updates and marketing (you may opt out at any time)
Comply with legal obligations
Detect and prevent fraud or abuse

4. Legal Bases for Processing

Depending on your location, we rely on one or more of the following:

Contract performance — processing necessary to deliver our services
Legitimate interests — security, fraud prevention, service improvement
Legal obligation — compliance with applicable laws
Consent — marketing communications and any optional data collection

5. Data Sharing

We do not sell your personal data. We share it only with:

Service providers — hosting, analytics, email delivery, and customer support tools operating under data processing agreements
Legal authorities — when required by law, court order, or to protect our rights
Business transfers — in the event of a merger or acquisition, with advance notice to users

6. Cookies & Tracking

We use essential cookies required for the service to function. We may also use analytics cookies to understand usage patterns. You can control cookie preferences through your browser settings or our in-app privacy controls.

We do not use third-party advertising cookies.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion, most personal data is removed within 30 days. Anonymised usage data and legally required records may be retained longer in accordance with applicable law.

8. International Transfers

Your data may be processed in countries outside your own. Where required, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions. You may request details about transfer mechanisms by contacting us.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

Access — request a copy of your personal data
Correction — correct inaccurate or incomplete data
Deletion — request erasure of your data (submit a deletion request)
Portability — receive your data in a structured, machine-readable format
Restriction — request that we limit processing of your data
Objection — object to processing based on legitimate interests
Withdraw consent — at any time for consent-based processing
Non-discrimination — exercise your rights without receiving degraded service

To exercise any right, email privacy@kochi.co. We respond within 30 days. If you believe we are not handling your data lawfully, you have the right to lodge a complaint with your local data protection authority.

10. Children's Privacy

Our services are not directed at children under 13 (or under 16 where required by local law). We do not knowingly collect data from children. If we become aware that a child has provided personal data, we will delete it promptly.

11. Security

We implement industry-standard measures including encryption in transit (TLS) and at rest, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

12. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or in-app notice at least 14 days before taking effect. Continued use after the effective date constitutes acceptance.

Questions or Requests

Email us at privacy@kochi.co
We respond to all privacy requests within 30 days.

To delete your account and data, visit our Data Deletion page →