Privacy Policy | Kiingo AI

Kiingo, LLC ("Kiingo," "we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, store, and protect personal information and business data when you use the Kiingo AI for QuickBooks application and related services (collectively, the "Application").

By using the Application or authorizing a connection to your QuickBooks account, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

This Privacy Policy applies to all users of the Application, including individuals who connect the Application to their QuickBooks accounts and their authorized users.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide to us, including:

Account information: name, email address, company name, phone number, and other contact details provided during registration or through communications with us;
Communication data: information contained in messages you send to us, including support requests, feedback, and correspondence;
Payment information: billing details processed through our third-party payment processor (we do not store full payment card numbers on our servers).

1.2 QuickBooks Data Accessed Through the Application

When you authorize the Application to connect to your QuickBooks account via Intuit's OAuth 2.0 framework, we access and process the following categories of data from your QuickBooks account ("QuickBooks Data"):

Financial Data

Invoices, bills, and payment records;
Expenses, receipts, and purchase orders;
Revenue and income records;
Profit and loss statements and balance sheets;
General ledger entries and journal entries;
Bank and credit card transaction data synced to QuickBooks;
Tax-related information and categories;
Chart of accounts and account balances.

Customer and Vendor Data

Customer and vendor names, addresses, and contact information;
Customer and vendor transaction history;
Outstanding balances and payment terms;
Communication records associated with transactions.

Employee and Payroll Data

Employee names and contact information;
Payroll records, compensation details, and pay schedules;
Time tracking and attendance data;
Tax withholding information;
Benefits and deduction records.

1.3 Data Accuracy Disclaimer

Kiingo relies on the accuracy, completeness, and timeliness of data provided by you, your QuickBooks account, and Intuit's APIs. We do not independently verify the accuracy of QuickBooks Data received through the Application. Kiingo is not responsible for any errors, inaccuracies, omissions, or inconsistencies in your source data, nor for any consequences arising from the processing of inaccurate source data. You are solely responsible for the accuracy and integrity of the data in your QuickBooks account.

1.4 Automatically Collected Information

When you interact with the Application, we automatically collect certain technical information:

Device and browser data: device type, operating system, browser type and version, screen resolution, and language preferences;
Usage data: features accessed, actions taken within the Application, timestamps, frequency of use, and interaction patterns;
Log data: IP addresses, access times, pages viewed, error logs, and referring URLs;
Cookies and similar technologies: as described in our Cookie Policy.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing and Operating the Application

Connecting to and syncing data from your QuickBooks account;
Processing and analyzing your QuickBooks Data to deliver Application features, including AI-powered insights, reporting, and recommendations;
Displaying dashboards, visualizations, and analytical outputs;
Authenticating users and managing account access.

2.2 Improving the Application

Analyzing usage patterns to enhance functionality and user experience;
Identifying and resolving bugs, errors, and performance issues;
Training and improving our AI and machine learning models (using aggregated, de-identified data only, unless you provide explicit consent for identifiable data use);
Conducting research and development for new features.

2.3 Communications

Sending transactional messages related to your account and use of the Application;
Responding to your inquiries and support requests;
Sending service announcements, updates, and security alerts;
Sending marketing communications (only with your consent, and you may opt out at any time).

2.4 Legal and Compliance

Complying with applicable laws, regulations, and legal processes;
Enforcing our End-User License Agreement and other agreements;
Protecting the rights, property, and safety of Kiingo, our users, and the public;
Detecting, preventing, and addressing fraud, security breaches, and technical issues.

3. Your Responsibilities as Data Controller

When you connect your QuickBooks account to the Application, you act as the data controller for the personal information of individuals whose data is contained in your QuickBooks account (including employees, customers, vendors, and contractors). As data controller, you are responsible for:

Ensuring you have a lawful basis to collect, store, and share the personal information contained in your QuickBooks Data, including with Kiingo through the Application;
Obtaining all necessary consents from data subjects (such as employees whose payroll data is processed, or customers whose contact information and transaction history is accessed) prior to authorizing the Application to access their data;
Providing all required privacy notices to data subjects informing them that their personal information may be processed by third-party service providers, including Kiingo;
Complying with all applicable data protection, privacy, and employment laws in connection with the data you make available through the Application;
Responding to data subject rights requests related to the personal information you control, and notifying Kiingo promptly if such requests require action on Kiingo's part;
Ensuring that your use of the Application's outputs and AI-generated insights complies with applicable laws, including any restrictions on automated decision-making that may affect individuals' rights.

Kiingo acts as a data processor with respect to QuickBooks Data containing personal information and processes such data only in accordance with this Privacy Policy and our End-User License Agreement. For enterprise customers requiring a formal Data Processing Addendum (DPA), please contact us at privacy@kiingo.com.

4. Legal Bases for Processing

We process your information based on the following legal grounds:

Contractual necessity: processing required to perform our obligations under the End-User License Agreement;
Consent: where you have provided affirmative consent, such as for marketing communications or optional data processing;
Legitimate interests: processing necessary for our legitimate business interests, such as improving the Application, ensuring security, and preventing fraud, balanced against your privacy rights;
Legal obligations: processing required to comply with applicable laws and regulations.

5. How We Share Your Information

We do not sell your personal information or QuickBooks Data. We share information only in the following circumstances:

5.1 Service Providers

We engage trusted third-party service providers who perform services on our behalf, including cloud hosting, data analytics, payment processing, email delivery, and customer support. These providers are contractually obligated to use your information only for the purposes of providing services to Kiingo and are bound by confidentiality obligations.

5.2 Intuit and QuickBooks

We interact with Intuit's APIs to access and sync your QuickBooks Data. Data transmitted to and from QuickBooks is subject to Intuit's Privacy Policy. Our Application complies with Intuit's developer platform policies, including Intuit's data handling, security, and privacy requirements for applications listed on the Intuit App Store.

5.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including in response to subpoenas, court orders, or law enforcement requests.

5.4 Protection of Rights

We may disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will provide notice before your information becomes subject to a different privacy policy.

5.6 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5.7 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. Such data is not subject to the restrictions of this Privacy Policy.

6. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:

Encryption of data in transit (TLS/SSL) and at rest (AES-256);
Access controls and authentication mechanisms, including role-based access;
Regular security assessments, vulnerability scanning, and penetration testing;
Employee security training and confidentiality agreements;
Incident response procedures and breach notification protocols;
Secure software development practices.

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, and you acknowledge and accept this inherent risk. Kiingo shall not be liable for any unauthorized access, data breach, or security incident that results from: (a) your failure to maintain the security of your account credentials; (b) a security breach or vulnerability in QuickBooks, Intuit, or any other Third-Party Service; or (c) circumstances beyond Kiingo's reasonable control. Our liability in connection with any data security matter is subject to the limitations set forth in our End-User License Agreement.

7. Data Retention

We retain your information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

Account information: retained for the duration of your account and for a reasonable period thereafter to comply with legal obligations and resolve disputes;
QuickBooks Data: retained only for as long as your Application connection is active and for a reasonable period after disconnection to facilitate potential reconnection, after which it is deleted or anonymized;
Usage data and logs: retained for up to twenty-four (24) months for analytics and security purposes;
Legal compliance data: retained as required by applicable laws and regulations.

When data is no longer needed, we securely delete or anonymize it using commercially reasonable methods.

8. Sensitive Personal Information

Under the California Privacy Rights Act (CPRA) and other applicable privacy laws, certain categories of personal information are classified as "Sensitive Personal Information" and are subject to additional protections. The Application may process the following types of Sensitive Personal Information from your QuickBooks Data:

Social Security numbers and tax identification numbers: if present in employee or contractor records within QuickBooks;
Financial account information: bank account numbers, credit card numbers, and other financial identifiers synced to QuickBooks;
Precise compensation and payroll data: salary, wages, bonuses, deductions, and tax withholding details of employees;
Login credentials: account credentials used to access the Application (stored in hashed form only).

We process Sensitive Personal Information solely for the purposes of providing and improving the Application as described in this Privacy Policy. We do not use Sensitive Personal Information for purposes beyond what is necessary to deliver the Application's features, and we do not use it to infer characteristics about individuals. You have the right to limit our use and disclosure of your Sensitive Personal Information to only those purposes necessary to provide the Application. To exercise this right, contact us at privacy@kiingo.com.

9. Automated Decision-Making and AI Processing

The Application uses artificial intelligence and machine learning technologies to analyze your QuickBooks Data and generate insights, reports, and recommendations. We want to be transparent about how these technologies are used:

Purpose: AI processing is used to identify patterns, generate financial analyses, produce forecasts, and provide business recommendations based on your QuickBooks Data;
Human oversight: The Application's AI-generated outputs are designed to assist and inform your decision-making, not to replace it. No fully automated decisions with legal or similarly significant effects on individuals are made by the Application without human review;
Accuracy limitations: AI-generated outputs may be inaccurate, incomplete, or unsuitable for your specific circumstances. You should independently verify all outputs before relying on them for financial, tax, legal, or business decisions;
No profiling for adverse decisions: We do not use automated processing of your data to make decisions that produce legal effects or similarly significant effects on individuals (such as employment decisions, credit determinations, or denials of service).

If you have questions about how AI is used in the Application, please contact us at privacy@kiingo.com.

10. Your Rights and Choices

10.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:

Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes of collection, and the categories of third parties with whom we share your personal information.
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions (such as legal compliance requirements).
Right to Correct: You have the right to request correction of inaccurate personal information.
Right to Opt Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising purposes. If this practice changes, we will provide a mechanism for you to opt out.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of Sensitive Personal Information (as described in Section 8) to purposes necessary to provide the Application.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

To exercise these rights, contact us at privacy@kiingo.com. We will verify your identity before processing your request and respond within forty-five (45) days.

10.2 General Rights (All Users)

Regardless of your location, you may:

Access your data: request a copy of the personal information we hold about you;
Correct your data: request that we update inaccurate or incomplete information;
Delete your data: request deletion of your personal information, subject to legal retention requirements;
Data portability: request a copy of your data in a structured, commonly used, and machine-readable format (such as CSV or JSON), to the extent technically feasible;
Revoke QuickBooks access: disconnect the Application from your QuickBooks account at any time through the Intuit App Center or your QuickBooks account settings;
Opt out of marketing: unsubscribe from marketing emails using the link in any marketing message or by contacting us;
Manage cookies: adjust your cookie preferences as described in our Cookie Policy.

10.3 Authorized Agents

You may designate an authorized agent to make privacy requests on your behalf. We may require verification that you authorized the agent and may require the agent to provide proof of their authority.

11. Children's Privacy

The Application is not directed to individuals under the age of sixteen (16), and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take prompt steps to delete that information. If you believe a child has provided us with personal information, please contact us at privacy@kiingo.com.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction. By using the Application, you consent to the transfer of your information to the United States and other countries where Kiingo and its service providers operate. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

13. Third-Party Links and Services

The Application may contain links to third-party websites or integrate with third-party services. This Privacy Policy applies only to the Application and does not govern third-party websites or services. We encourage you to review the privacy policies of any third-party services you access through the Application. Kiingo is not responsible for the privacy practices of third parties.

14. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. At this time, there is no uniform standard for interpreting DNT signals. We currently do not respond to DNT signals, but we will reevaluate this practice as standards develop.

15. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you in accordance with applicable laws and regulations. Notification may be provided via email, through the Application, or by other means as required by law. We will also notify relevant regulatory authorities as required.

16. Intuit Platform Compliance

The Application is developed and operated in compliance with Intuit's developer platform requirements, including Intuit's policies regarding data access, data storage, data security, and user privacy for applications that integrate with QuickBooks. We adhere to Intuit's requirements for handling QuickBooks Data, including:

Accessing only the QuickBooks Data scopes that are necessary for the Application's functionality;
Storing QuickBooks Data securely and in accordance with Intuit's data handling guidelines;
Deleting QuickBooks Data promptly when a user disconnects the Application or when required by Intuit;
Undergoing security reviews and assessments as required by Intuit's developer program.

For more information about how Intuit handles data, please refer to Intuit's Privacy Policy.

17. Limitation of Liability

To the maximum extent permitted by applicable law, Kiingo's liability for any claims arising from or related to this Privacy Policy, our data practices, or any data breach or security incident shall be subject to the limitations of liability set forth in our End-User License Agreement, including the liability cap, the exclusion of consequential damages, and the assumption of risk provisions. By using the Application, you agree that the limitations of liability in the EULA apply equally to any privacy-related claims.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will post the updated Privacy Policy on this page with a revised "Last Updated" date. For material changes, we will provide additional notice through the Application or via email. Your continued use of the Application after any changes constitutes your acceptance of the updated Privacy Policy.

19. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company: Kiingo, LLC
Privacy inquiries: privacy@kiingo.com
General inquiries: legal@kiingo.com
Website: www.kiingo.com

For privacy-related requests, we aim to respond within forty-five (45) days of receiving your verified request.