This Privacy Policy explains how Kosuke, Inc. ("we", "our", "us") collects, uses, and protects your personal data when you use our website, participate in surveys, or interact with our products and services.
We are based in the United States (Delaware) and comply with applicable US privacy laws, including the California Consumer Privacy Act (CCPA/CPRA).
1. Data Controller
Kosuke, Inc.
1111B S Governors Ave # 54640, Dover, DE 19904
Email: filippo.pedrazzini@kosuke.ai
Data Controller: Filippo Pedrazzini
2. What Data We Collect
We may collect the following types of personal data, depending on how you interact with our services:
a. User-Provided Data
- Name and surname (if provided)
- Email address
- Payment details (via Stripe)
- Survey responses and feedback
- Account credentials (email/password via Clerk)
b. Automatically Collected Data
- IP address and device/browser info
- Usage and interaction data (via Plausible, PostHog)
- Error logs (via Sentry)
- Login/session metadata (via Clerk)
- Email activity metadata (via Resend)
- Web behavior (page visits, clicks)
3. Google User Data
- When you sign in with Google, we access basic profile information (such as your name, email address, and profile image) as authorized by you.
- We use this data only to provide login and account functionality.
- We do not share or sell Google user data.
- You can revoke access at any time via your Google Account permissions page.
- Any stored Google user data is deleted within 30 days of account disconnection or deletion.
4. How We Use Your Data
We process your data for the following purposes:
- To authenticate and manage user accounts (via Clerk)
- To provide access to our services and surveys
- To send transactional emails and newsletters (via Resend and Ghost)
- To process payments (via Stripe)
- To analyze website and product usage (via Plausible and PostHog)
- To monitor and fix errors (via Sentry)
- To comply with legal obligations and respond to requests from authorities
5. Legal Basis for Processing
We process your personal data:
- Consent – for analytics, marketing emails, and voluntary survey responses.
- Contractual necessity – to provide services you've requested (e.g. authentication, payments).
- Legal obligations – for tax, accounting, and regulatory compliance.
- Legitimate business interests – such as service improvement, security, and performance monitoring (e.g. via Sentry, PostHog).
You may opt out of non-essential data processing at any time
6. Third-Party Services
We use third-party providers to support our services. These providers may process your data on our behalf under strict data protection agreements:
| Service | Purpose | Location | Terms of Service | Privacy Policy |
|---|---|---|---|---|
| DigitalOcean | Hosting infrastructure | EU / US | Terms | Privacy |
| Clerk | User authentication | US | Terms | Privacy |
| Stripe | Payment processing | US / EU | Terms | Privacy |
| Ghost | Newsletter & publishing | EU / US | Terms | Privacy |
| Resend | Transactional emails | US | Terms | Privacy |
| Plausible | Cookie-free web analytics | EU (Germany) | Terms | Privacy |
| PostHog | Product analytics | US / EU (self-hosted) | Terms | Privacy |
| Sentry | Error monitoring | US / EU option | Terms | Privacy |
| Notion | Surveys & embedded forms | US | Terms | Privacy |
Our service providers may process data in various locations. We ensure appropriate contractual protections are in place.
7. Cookies and Analytics
We use a privacy-friendly approach to analytics:
- Plausible Analytics: Cookie-free, anonymous tracking.
- PostHog: Used for product feature usage insights.
You can opt out of non-essential cookies at any time via the "Manage Cookies" link in our footer.
You can manage your preferences at any time via the "Change Cookie Settings" link in our footer.
8. How Long We Keep Your Data
We retain your data only as long as necessary to:
- Fulfill the purpose for which it was collected
- Comply with legal or contractual obligations
- Resolve disputes and enforce agreements
Typical retention periods:
- Survey and contact data: Up to 12 months
- Payment records: 7 years (for accounting)
- Analytics and session data: Up to 12 months or as configured in the tool
- Newsletter subscriptions: Until you unsubscribe
9. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — Request a copy of your personal data
- Correction — Correct inaccurate or incomplete data
- Deletion — Request deletion of your personal data
- Portability — Receive your data in a machine-readable format (EU/EEA)
- Restrict Processing — Ask us to limit how we process your data (EU/EEA)
- Object — Object to processing based on legitimate interests (EU/EEA)
- Opt-Out of Sale/Sharing — Opt out of the sale or sharing of your personal data (US)
- Non-Discrimination — We will not treat you differently for exercising your rights (US)
- Withdraw Consent — At any time, for non-essential processing
US residents (including California) have rights under the CCPA/CPRA. EU/EEA residents have rights under the GDPR.
To exercise any of these rights, email us at:
📧 filippo.pedrazzini@joandko.io
10. Data Security
We implement appropriate technical and organizational measures to protect your data. These include:
- HTTPS encryption
- Access control and authentication
- Data minimization and anonymization
- Secure third-party agreements and audits
11. International Data Transfers
Your data is primarily processed in the United States. If you access our services from outside the US, including from the EU/EEA, your data will be transferred to the US.
For EU/EEA users, we ensure appropriate safeguards are in place for such transfers, including:
- Standard Contractual Clauses (SCCs)
- The EU-U.S. Data Privacy Framework, where applicable
- Data Processing Agreements with all third-party providers
We only use third-party vendors that demonstrate compliance with applicable data protection laws.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in technology, services, or legal requirements.
The most recent version will always be available on this page, with the "Last updated" date at the top.
13. Contact
For any privacy-related questions or to exercise your rights, contact:
Filippo Pedrazzini
📧 filippo.pedrazzini@joandko.io
🏢 Jo & Ko OÜ, Sepapaja 6, Tallinn 15551, Estonia