Privacy Policy

1. Information We Collect

Account Information

When you create an account, we collect your email address. We use passwordless magic-link authentication, so we never collect or store passwords.

Salesforce Data

When you connect your Salesforce organization, we access Salesforce data on your behalf using OAuth 2.0 with PKCE. We store encrypted OAuth tokens to maintain your connection. We do not permanently store the Salesforce records you share through Koto — data is fetched live from Salesforce each time a shared view is accessed.

Billing Information

Payment processing is handled entirely by Stripe. We do not collect, store, or have access to your full credit card number. Stripe may provide us with limited information such as the last four digits of your card, card brand, and billing address. For details on how Stripe handles your data, please review Stripe's Privacy Policy.

Usage Data

We may collect technical information such as your IP address, browser type, device type, and pages visited. This data is used to maintain and improve the Service.

2. How We Use Your Information

We use the information we collect to provide and maintain the Service, including authenticating your account, connecting to your Salesforce organization, generating shared views, and processing subscription payments. We also use your information to communicate with you about your account, respond to support requests, and send service-related announcements. We do not sell your personal information to third parties, and we do not use your Salesforce data for any purpose other than providing the Service to you.

3. How We Share Your Information

We share information only in the following circumstances:

Service Providers. We use third-party services to operate Koto, including Supabase (data storage and authentication), Stripe (payment processing), and Salesforce (data access via your connected org). These providers only access your data as necessary to perform their services.

Shared Views. When you create a shared view, the Salesforce data in that view becomes accessible to anyone with the share link (or to invited email addresses only, if you enable access restrictions). You control which fields and records are visible.

Legal Requirements. We may disclose your information if required by law, regulation, legal process, or governmental request.

4. Data Storage and Security

Your account data and encrypted Salesforce OAuth tokens are stored in Supabase (PostgreSQL). We use industry-standard security measures including encryption in transit (TLS) and encryption at rest to protect your data. However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your account information for as long as your account is active. Salesforce data is not permanently stored — it is fetched live and not cached beyond the duration of a page request. If you delete your account, we will delete your personal data and revoke your Salesforce OAuth tokens within 30 days, except where we are required to retain data by law.

6. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete the personal data we hold about you. You may also have the right to restrict or object to certain processing, or to request data portability. To exercise any of these rights, contact us at support@usekoto.com. We will respond to your request within 30 days.

7. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service. Your continued use of the Service after any changes constitutes acceptance of the updated policy.