Privacy Policy

Effective date: 24 April 2026 · KRUX Compliance Intelligence

1. What We Collect

Account information: name, email address, organization details
Shipment data: documents, costs, timelines, compliance records you enter
Usage data: pages visited, features used, session timestamps
Payment data: processed by Stripe — we do not store card numbers

2. How We Use Your Data

To provide and operate the KRUX platform
To generate AI compliance briefs (document content is sent to Anthropic's API)
To send deadline alerts and compliance notifications
To process payments and manage subscriptions
To improve the Service — usage patterns only, never shipment content

3. Data Isolation

Each organization's data is strictly isolated. Your shipments, manufacturers, contacts, and documents are never visible to other organizations. Row-level security is enforced at the database level.

4. Third-Party Processors

Processor	Purpose	Data Shared
Supabase	Database and file storage	All platform data
Anthropic	AI analysis and briefs	Shipment context, documents
Stripe	Payment processing	Email, billing address
Resend	Transactional email	Email address, alert content

5. Data Retention

Your data is retained while your account is active. On account deletion, data is removed within 30 days. Backups may retain data for up to 90 days after deletion.

6. Your Rights

You may request export or deletion of your data at any time by emailing privacy@krux.ai. We will respond within 14 business days.

7. Security

Data is encrypted in transit (TLS 1.3) and at rest. Access is protected by Supabase Row Level Security policies. We conduct security reviews regularly.

8. Contact

Privacy questions: privacy@krux.ai