This policy explains what information we collect on kailabs.cc and the KAI Terminal application (the “Service”), why we collect it, how long we keep it, and the rights you have over it. Whichever country you live in, we apply GDPR-grade protections by default.
KAI Labs (the “we”, “us”) operates this Site and the Service. We are currently in pre-incorporation phase; this notice will be updated with the registered company name, jurisdiction, and registered address before the public commercial launch (summer 2026).
EU/UK representative (GDPR Art. 27, UK GDPR Art. 27): not yet appointed. EU/UK residents may direct any request to the privacy contact above; their request will be handled identically and within the same statutory deadlines.
| Data | When | Purpose | Legal basis (GDPR Art. 6) | Retention |
|---|---|---|---|---|
| Email address | Waitlist or account signup | Send launch invite, transactional confirmations, account access | Consent (Art. 6(1)(a)) for marketing; contract performance (Art. 6(1)(b)) once you have an account | Until you unsubscribe or request deletion; max 24 months without engagement |
| UTM & referrer parameters | Stored locally on landing arrival | Attribute eventual signup to the source | Legitimate interest in marketing measurement (Art. 6(1)(f)) | 30 days in localStorage on your device |
| IP address & user agent | Waitlist submission | Fraud / abuse prevention, geo aggregation | Legitimate interest in security (Art. 6(1)(f)) | 90 days, then deleted; aggregated counts retained |
| Cookie consent decision | You click Accept or Reject | Remember your choice so we don’t re-prompt | Consent (Art. 6(1)(a)) | 12 months in localStorage on your device |
| Behavioural session data (Microsoft Clarity, see §3) | Only after you accept analytics cookies | Understand usability, fix UX bugs | Consent (Art. 6(1)(a)) | Microsoft Clarity defaults (currently 13 months) |
| First-party usage analytics (see §4) | Every page view (cookieless) | Aggregate funnel and product analytics | Legitimate interest (Art. 6(1)(f)); no individual identification | 13 months at row level, then aggregated |
| Cryptocurrency payment data | Paid plans (post-launch) | Process payment, refunds, tax / accounting compliance | Contract performance (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)) | As required by applicable accounting law (typically 5–7 years) |
After you accept analytics cookies via the consent banner, we load Microsoft Clarity to capture how you use this Site through behavioural metrics, heatmaps, and session replay. The data is processed by Microsoft Corporation (US) under the EU-US Data Privacy Framework. For the categories Microsoft collects and how it uses them, see the Microsoft Privacy Statement.
If you reject analytics cookies, Clarity is never loaded and no Clarity-set cookies are written to your browser. You can change your decision at any time via Cookie settings in the page footer.
Form input fields (including the waitlist email field) are explicitly masked in Clarity recordings — your email address never appears in session replay.
Cookies set by Microsoft Clarity (after consent):
| Cookie | Purpose | Lifetime |
|---|---|---|
_clck | Persists Clarity user ID | 1 year |
_clsk | Stitches multiple page views into a single session | 1 day |
CLID | Identifies first time Clarity saw the user | 1 year |
MUID | Microsoft analytics / advertising identifier | 13 months |
ANONCHK | Indicates whether MUID is transferred to Microsoft’s ad platform | 10 minutes |
SM | Synchronizes the MUID across Microsoft domains | session |
We run a self-hosted, cookieless analytics tool on our own infrastructure to count page views and a small set of funnel events (CTA clicks, FAQ opens, waitlist focus / submit). It does not use cookies, does not collect personally identifiable information, and does not perform cross-site tracking. The infrastructure is located in Kazakhstan (see §7 for transfer mechanisms applied to EU/UK residents).
kai_consent — your cookie choice. 12 months.kai_utm — last-touch UTM & referrer parameters. 30 days.Both values stay in your browser until you submit the waitlist form, you clear browser storage, or the TTL expires. You can also reset them via your browser settings or via Cookie settings in the footer.
| Processor | Purpose | Data | Country | Transfer mechanism |
|---|---|---|---|---|
| Microsoft Corporation | Behavioural analytics (Clarity) | Session recordings, masked form inputs, page interactions | United States | EU-US Data Privacy Framework + Standard Contractual Clauses |
| Resend, Inc. | Transactional & waitlist email delivery | Recipient email, message content | United States | Standard Contractual Clauses + UK IDTA |
| KAI Labs (own infrastructure) | Site hosting, Service hosting, first-party analytics | All categories described in §2 except those handled by Microsoft / Resend | Kazakhstan | Standard Contractual Clauses where required |
We do not sell or share your personal data with any other third party. We do not run advertising networks, retargeting pixels, or social embeds on this Site.
Our infrastructure is in Kazakhstan; Microsoft (Clarity) and Resend operate from the United States. Where personal data of EU / UK / EEA residents is transferred outside the EEA, we rely on Standard Contractual Clauses (Decision (EU) 2021/914) and the EU-US Data Privacy Framework where applicable. UK transfers additionally rely on the UK International Data Transfer Addendum (IDTA). You can request a copy of the relevant SCCs at privacy@kailabs.cc.
Where GDPR or UK GDPR applies to our processing, you have the right to:
Email privacy@kailabs.cc to exercise any of these rights. We respond within 30 days (extendable by two further months for complex requests, GDPR Art. 12(3)). Requests are free of charge unless manifestly unfounded or excessive.
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by CPRA grants you the rights to:
Categories of personal information we collect (CCPA categories): identifiers (email, IP address), internet / network activity (page views, click events), commercial information (transaction history post-launch), and inferences derived from those. Retention is described in §2.
To exercise CCPA rights email privacy@kailabs.cc with subject “CCPA Request”. You may designate an authorised agent in accordance with Cal. Civ. Code § 1798.135.
Microsoft Clarity performs limited behavioural analytics on your interactions with this Site (where you click, how far you scroll, which form fields you focus). This constitutes “profiling” within the meaning of GDPR Art. 4(4) but does not constitute an automated individual decision under Art. 22 because no decision with legal or similarly significant effect on you is produced from it.
The KAI Terminal trading engine (post-launch) issues trading decisions based on rules and prompts you configure. Those decisions are executed against an exchange account you control, on capital you allocate, and you can pause, modify, or revoke authorisation at any time. You retain full autonomy over the system at all times.
This Site and the Service are not directed at children. We do not knowingly collect personal data from anyone under the age of 16 (UK GDPR / GDPR) or under 13 (US COPPA). If you believe a child has provided us personal data, contact privacy@kailabs.cc and we will delete it.
Once paid plans are available, payment will be processed exclusively in cryptocurrency. The wallet address you pay from, the transaction hash, the amount, and the timestamp are recorded for accounting, refund, and tax compliance purposes. The blockchain itself is a public ledger; we do not control its propagation or retention.
We apply industry-standard safeguards: TLS in transit, encrypted storage at rest, restricted administrative access, and least-privilege secret management. No system is perfectly secure; we will notify affected users without undue delay (and supervisory authorities within 72 hours where GDPR requires) in the event of a personal data breach likely to result in a risk to rights and freedoms.
Substantive changes will be announced via email (to waitlist subscribers and account holders) and via a banner on this Site for at least 30 days. Routine clarifications are reflected in the “Last updated” date above.
Privacy contact / data subject requests: privacy@kailabs.cc. General contact: hello@kailabs.cc.