Koan

Privacy Policy

You’re either extremely diligent or just curious — either way, we salute you. Here's everything we do (and don’t do) with your data, no legalese required.

Last updated: May 21, 2025

Koan ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (GDPR).

1. Who We Are

Koan is a SaaS platform that helps users discover startup opportunities by analyzing public online content. We operate from San Francisco, CA and can be contacted at privacy@koan.ai.

2. What Data We Collect

We may collect and process the following categories of personal data:

  • Account Information: Email address, name, and login credentials.
  • Usage Data: Interactions with the platform, logs, device type, IP address, and browser type.
  • Payment Information: Processed securely via third-party providers like Stripe; we do not store card numbers.
  • Support Data: Any information you provide when contacting customer support.

3. How We Use Your Data

We process your personal data for the following purposes:

  • To provide and maintain the Koan platform.
  • To manage user accounts and authentication.
  • To communicate with you (e.g., support, service updates).
  • To analyze usage and improve the product.
  • To comply with legal obligations (e.g., tax or regulatory requirements).

4. Legal Basis for Processing

We rely on the following lawful bases for processing your data:

  • Contract: When data is necessary to fulfill our service.
  • Consent: For optional communications or cookies.
  • Legitimate Interests: For product improvement, fraud prevention, and security.
  • Legal Obligation: For record-keeping and compliance.

5. Data Sharing

We do not sell your personal data. We may share your data with:

  • Service providers: e.g., hosting, analytics (e.g., Supabase, Vercel).
  • Payment processors: e.g., Stripe.
  • Legal authorities: If required by law or legal process.

All third parties are contractually bound to process data in compliance with GDPR.

6. International Data Transfers

Where applicable, we ensure adequate protection through:

  • EU Standard Contractual Clauses (SCCs)
  • Partners certified under an approved framework (e.g., EU-U.S. Data Privacy Framework)

7. Data Retention

We retain personal data only as long as necessary for the purposes listed above, or as required by law. You can request deletion of your account and data at any time.

8. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Object to processing
  • Data portability
  • Lodge a complaint with a data protection authority

To exercise these rights, email us at privacy@koan.ai.

9. Cookies

We use cookies to enhance user experience. You can manage your cookie preferences through your browser or via our cookie banner (where applicable).

10. Changes to This Policy

We may update this Privacy Policy from time to time. You will be notified of any significant changes via email or platform notice.

Contact Us

For any privacy-related questions, reach out to:

📧 contact@koanapp.com
📍 Warsaw, Poland