Privacy Policy

Participant Interactions:

Questions participants ask the Event Assistant and the Assistant's responses.

Fallback Information:

If the Assistant cannot answer a question, it may collect a participant's email address and name (optional) to follow up once an organiser responds.

Organiser Information:

Event organisers provide official event information (e.g., race guides, schedules) to train the Assistant.

Technical Information:

Non-personal data like device type, browser, and general usage analytics for improving service performance.

From Your Gmail Account (when you connect Gmail to Kala):

• Email sender addresses
• Email subject lines
• Email body content
• Email timestamps and metadata
• Attachment information (names, types, sizes)

What Gmail Data We Access

When you connect your Gmail account to Kala, we request access to:

• Read your emails (gmail.readonly): To ingest participant emails into Kala's unified inbox
• Read, compose, and send emails (gmail.modify): To send AI-generated responses on your behalf and mark handled emails as read to organise your inbox
• See your primary email address (userinfo.email): For account authentication

How We Use Your Gmail Data

Kala uses your Gmail data exclusively to provide the following services:

• Unified Inbox: We retrieve emails from participants and display them in Kala's dashboard so you can manage all communications in one place.
• AI-Powered Responses: We analyse email content to generate appropriate responses based on your Knowledge Base. These responses are sent from your Gmail account on your behalf.
• Email Organisation: We mark emails as read/handled and apply labels to keep your inbox organised.

Limited Use Disclosure

Kala's use and transfer of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only use Gmail data to provide Kala's event communication features
• We do not sell or transfer your Gmail data to third parties (except as required by law or with your explicit consent)
• We do not use Gmail data for advertising, credit-worthiness determination, or data brokering
• Humans do not read your Gmail data except:
  • When you explicitly request support assistance with a specific message
  • For security purposes (investigating abuse or bugs)
  • To comply with legal obligations

How We Store Your Gmail Data

• Email content is temporarily cached in our secure database (PostgreSQL on AWS) for processing and display in the Kala dashboard
• Encrypted at rest using AES-256 encryption
• Encrypted in transit using TLS 1.3
• Access controls: Only your organisation members with appropriate permissions can access your email data
• Retention: Email data is retained for the duration of your active Kala subscription. Upon account deletion, all email data is permanently deleted within 30 days.

Third-Party AI Processing

To generate responses, Kala uses:

• Anthropic Claude AI: Email content is sent to Anthropic's API for natural language processing. Anthropic's data usage policies apply (Anthropic Privacy Policy).
• Milvus Vector Database: Email embeddings (mathematical representations, not original text) are stored for semantic search. This data is hosted on our secure infrastructure.

Important: We do not use your Gmail data to train AI models. Anthropic Claude processes emails transiently and does not retain your data for model training.

Your Control Over Gmail Data

You maintain full control:

• Revoke access anytime via your Google Account Permissions
• Request data deletion by contacting support@kalapace.com
• Download your data via Kala's export feature (available in Settings)

Gmail Data Sharing

We do not sell your Gmail data. We share Gmail data only in these circumstances:

• With your explicit consent (e.g., when you share a specific email with a teammate in Kala)
• For security purposes (investigating abuse, fraud, or security incidents)
• To comply with legal obligations (court orders, subpoenas, regulatory requests)
• In the event of a merger or acquisition (only with prior notice and your consent)

Active Accounts

• Gmail data: Retained for the duration of your active subscription
• Participant conversations and organiser-provided context: Stored securely in cloud servers
• Fallback questions and participant emails: Stored for organiser follow-up
• Knowledge Base content: Retained indefinitely (until you delete it)
• Usage analytics: Retained for 24 months
• Event data: Retained for up to 12 months after the event date, unless the organiser requests earlier deletion

Account Deletion

When you delete your Kala account:

• Gmail access is immediately revoked (OAuth token invalidated)
• All email data is permanently deleted within 30 days
• Knowledge Base content is deleted within 30 days (unless you export it first)
• Aggregated, anonymised analytics may be retained for service improvement

Legal Obligations

We may retain certain data longer if required by law (e.g., financial records, audit logs).