Privacy Policy
Last Updated: December 26, 2024
At Krib ("we," "our," or "us"), we respect your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property management application (the "Service").
Quick Navigation
1. Information We Collect
Information You Provide
- Account Information: Email address, password, and name when you register. If you use third-party login (Google, Apple), we receive identifiers from those services.
- Property Data: Property addresses, home system details (HVAC, plumbing, etc.), maintenance records, appliance information, and photos you upload.
- Contractor Information: Details about contractors you add, including names, phone numbers, and service history.
- Communications: When you contact support or provide feedback.
Information Collected Automatically
- Device Information: Device type, operating system, browser type, and unique device identifiers.
- Usage Data: Pages viewed, features used, time spent in the app, and interaction patterns.
- Location Data: General location based on IP address; precise location only if you enable it for property features.
- Log Data: IP address, access times, and referring URLs.
2. How We Use Your Information
We use your information for the following purposes:
- Provide the Service: To operate Krib, manage your property records, and deliver features you request.
- Personalization: To customize your experience and provide relevant content.
- Communications: To send maintenance reminders, service updates, and respond to inquiries.
- Advertising: To display relevant advertisements based on your property profile (see Section 3).
- Analytics: To understand how users interact with Krib and improve our Service.
- Safety & Security: To detect fraud, protect users, and enforce our terms.
- Legal Compliance: To comply with applicable laws and regulations.
3. Advertising & Data Sharing
To keep Krib free, we may display advertisements. Here's how we handle advertising and data sharing:
Personalized Advertising
We may use non-sensitive, aggregated property attributes to show relevant ads. For example:
- If you have a pool, you may see pool maintenance service ads
- If your HVAC system is over 10 years old, you may see HVAC replacement offers
- If you're in a specific region, you may see local contractor recommendations
We do NOT share: Your specific address, personal contact information, or detailed property records with advertisers without your explicit consent.
Advertising Partners
We may work with the following types of advertising partners:
- Google Ads: Privacy Policy
- Home service networks: To connect you with vetted local contractors
- Product manufacturers: For relevant home product recommendations
Other Data Sharing
- Service Providers: We share data with vendors who help us operate (e.g., Firebase/Google Cloud for hosting, analytics providers). These providers are contractually bound to protect your data.
- Contractors (By Your Request): When you use the contractor link feature, you control what information is shared.
- Legal Requirements: We may disclose information to comply with laws, court orders, or government requests.
- Business Transfers: If Krib is acquired or merged, your data may transfer to the new owner.
4. Cookies & Tracking Technologies
We use cookies and similar technologies to operate and improve Krib:
| Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, basic functionality | Session / 1 year |
| Preferences | Remember your settings (theme, consent choices) | 1 year |
| Analytics | Understand usage patterns, improve features | 26 months |
| Advertising | Show relevant ads, measure ad performance | 90 days |
You can manage cookie preferences through your browser settings or our consent banner. Note that disabling essential cookies may affect functionality.
5. Data Retention
We retain your information for as long as necessary to provide the Service:
- Account & Property Data: Retained until you delete your account. After deletion, data is permanently removed within 30 days, except as required by law.
- Analytics Data: Aggregated analytics are retained for up to 26 months.
- Backup Data: May persist in encrypted backups for up to 90 days after deletion.
- Legal Holds: We may retain data longer if required for legal proceedings or compliance.
6. Your Privacy Rights (CCPA/GDPR)
Depending on your location, you may have the following rights:
For All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Update or correct inaccurate information.
- Deletion: Delete your account and associated data via Settings > Delete Account.
- Export: Download your data via Settings > Export My Data.
California Residents (CCPA)
Under the California Consumer Privacy Act, you have the right to:
- Know what personal information we collect, use, and disclose
- Request deletion of your personal information
- Opt out of the "sale" of personal information (see Section 7)
- Non-discrimination for exercising your privacy rights
Categories of information collected: Identifiers (email, name), property information, usage data, device information, and inferences drawn from the above.
European Residents (GDPR)
Under the General Data Protection Regulation, you have the right to:
- Access, rectify, or erase your personal data
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with a supervisory authority
Legal Basis for Processing: We process your data based on: (a) your consent, (b) performance of our contract with you, (c) our legitimate interests in operating and improving Krib, and (d) compliance with legal obligations.
How to Exercise Your Rights
To exercise any of these rights, you can:
- Use the in-app settings (Settings > Data & Privacy)
- Email us at privacy@mykrib.app
We will respond to verified requests within 30 days (or 45 days for complex requests, with notice).
7. Do Not Sell My Personal Information
Under California law, "sale" includes sharing personal information with third parties for monetary or other valuable consideration.
We do not sell your personal contact information (email, phone number, address) to third parties.
We may share aggregated property attributes with advertising partners, which could be considered a "sale" under CCPA. You can opt out of this by:
- Clicking "No Thanks" on our cookie consent banner
- Adjusting your preferences in Settings > Privacy
- Emailing privacy@mykrib.app with subject line "Do Not Sell"
We will process your request within 15 business days.
8. Security
We implement industry-standard security measures to protect your data:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure authentication via Firebase Authentication
- Regular security assessments
- Access controls limiting employee data access
However, no system is 100% secure. If you believe your account has been compromised, please contact us immediately.
9. Children's Privacy
Krib is not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top
- Notify you via email or in-app notification for significant changes
- Provide a summary of key changes
Your continued use of Krib after changes become effective constitutes acceptance of the revised policy.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Email: privacy@mykrib.app
- General Support: support@mykrib.app
For GDPR inquiries, you may also contact your local data protection authority.