Privacy Policy
Last Updated: February 15, 2026
At Krib ("we," "our," or "us"), we respect your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property management and field service management platform (the "Service").
Quick Navigation
- 1. Information We Collect
- 2. How We Use Your Information
- 3. AI and Automated Processing
- 4. Advertising & Data Sharing
- 5. SMS and Text Message Communications
- 6. Cookies & Tracking Technologies
- 7. Data Retention
- 8. Your Privacy Rights (CCPA/GDPR)
- 9. Do Not Sell My Personal Information
- 10. International Data Transfers
- 11. Security
- 12. Data Breach Notification
- 13. Children's Privacy
- 14. Changes to This Policy
- 15. Contact Us
1. Information We Collect
Information You Provide
- Account Information: Email address, password, and name when you register. If you use third-party login (Google, Apple), we receive identifiers from those services.
- Property Data: Property addresses, home system details (HVAC, plumbing, etc.), maintenance records, appliance information, and photos you upload.
- Contractor Information: Business name, contact information, service types, licensing details, and work history.
- Payment Information: When you process payments through Krib, payment data is handled directly by our payment processor (Stripe). Krib does not store full credit card numbers or bank account details.
- Communications: Messages sent through in-app chat, email correspondence with support, and feedback you provide.
- Phone Numbers: When provided for SMS notifications, booking confirmations, or contractor-homeowner communication.
Information Collected Automatically
- Device Information: Device type, operating system, browser type, and unique device identifiers.
- Usage Data: Pages viewed, features used, time spent in the app, and interaction patterns.
- Location Data: General location based on IP address; precise location only if you enable it for property features.
- Log Data: IP address, access times, and referring URLs.
Information from Third-Party Services
- Property Data APIs: We may retrieve publicly available property data (e.g., from RentCast) to enrich your property profile. This data is cached locally for performance.
- Environmental APIs: Air quality, solar potential, flood zone, and weather data from public government and third-party sources.
- Payment Processor: Transaction status and payment confirmation data from Stripe.
2. How We Use Your Information
We use your information for the following purposes:
- Provide the Service: To operate Krib, manage your property records, process payments, and deliver features you request.
- AI Processing: To provide AI-assisted features such as receipt scanning, photo evaluation, and property analysis (see Section 3).
- Personalization: To customize your experience and provide relevant content.
- Communications: To send maintenance reminders, booking confirmations, service updates, and respond to inquiries via email, push notifications, and SMS.
- Advertising: To display relevant advertisements based on your property profile (see Section 4).
- Aggregated Insights: To create anonymized, aggregated property insights for industry analysis, partnerships, and improving the Service.
- Analytics: To understand how users interact with Krib and improve our Service.
- Safety & Security: To detect fraud, protect users, and enforce our terms.
- Legal Compliance: To comply with applicable laws and regulations.
3. AI and Automated Processing
Krib uses artificial intelligence services to provide certain features. Here is how AI processing works:
AI Services Used
- Google Gemini (via Firebase Vertex AI): Used client-side for receipt scanning, label scanning, photo evaluations, and property analysis. Your photos and text are sent to Google's AI services for processing.
- Google Gemini (server-side): Used for automated analysis such as contractor evaluation summaries, property condition assessments, and generating general informational content (like SEO articles and comparative reviews) on our public website.
What Data is Processed by AI
- Photos of receipts, labels, and equipment you submit for scanning
- Photos submitted for property evaluations
- Property descriptions and maintenance notes
- Publicly available data regarding software, tools, and industry standards used to generate public-facing informational content
Important Notes About AI
- AI processing for user data is automated and no human reviews your submissions unless you contact support
- AI-generated results, including public informational articles and guides, may contain errors — you should always review and verify the output
- Google's AI services are subject to Google Cloud's Terms of Service and privacy practices
- You can choose not to use AI-powered features by manually entering information instead of using the scanner
4. Advertising, Data Sharing & Monetization
To keep Krib's core features free, we monetize the platform through advertisements and by analyzing, aggregating, and sharing property insights. Here's how we handle data:
Aggregated Data & Insights (Data Monetization)
We create, sell, and share aggregated or anonymized property insights with trusted business partners, including insurance companies, real estate platforms, home warranty providers, and manufacturers. This data helps the industry understand home maintenance lifecycles and property histories (similar to a vehicle history report).
Data we may share for these insights includes:
- System and appliance age, make, and maintenance history (e.g., HVAC installation dates)
- Anonymized contractor service records and property evaluations
- General geographic trends (e.g., zip code level data)
- Environmental attributes (e.g., solar potential, proximity to flood zones)
We do NOT share: Your exact name, specific street address (unless required to fulfill a service request), or direct personal contact information with these data partners without your explicit consent. See Section 9 for your right to opt out of the sale of this data.
Personalized Advertising
We may use non-sensitive, aggregated property attributes to show relevant ads within the application. For example:
- If you have a pool, you may see pool maintenance service ads
- If your HVAC system is over 10 years old, you may see HVAC replacement offers
- If you're in a specific region, you may see local contractor recommendations
Advertising Partners
We may work with the following types of advertising partners:
- Google Ads: Privacy Policy
- Home service networks: To connect you with vetted local contractors
- Product manufacturers: For relevant home product recommendations
Other Data Sharing
- Service Providers: We share data with vendors who help us operate (e.g., Firebase/Google Cloud for hosting, Stripe for payments, Twilio for SMS, Resend for email). These providers are contractually bound to protect your data.
- AI Providers: Photos, text, and other content you submit for AI analysis are processed by Google Gemini (see Section 3).
- Contractors (By Your Request): When you use the contractor link feature, you control what information is shared.
- Legal Requirements: We may disclose information to comply with laws, court orders, or government requests.
- Business Transfers: If Krib is acquired or merged, your data may transfer to the new owner. We will notify you before your data is transferred and becomes subject to a different privacy policy.
5. SMS and Text Message Communications
Krib uses SMS (text messages) via Twilio to send certain communications:
Types of SMS Messages
- Booking confirmations and appointment reminders
- Quote and invoice notifications
- Job status updates
- Payment reminders and confirmations
Your Consent and Rights
- By providing your phone number and opting in to SMS notifications, you consent to receive automated text messages from Krib related to the Service
- Message and data rates may apply depending on your mobile carrier
- Message frequency varies based on your activity and notification preferences
- To opt out: Reply STOP to any SMS message from Krib, or adjust your notification preferences in Settings. You can also email support@mykrib.app to opt out
- Opting out of SMS will not affect your ability to use the Service, but you may miss time-sensitive notifications
- We will not send SMS for marketing or promotional purposes without your separate, explicit consent
6. Cookies & Tracking Technologies
We use cookies and similar technologies to operate and improve Krib:
| Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, basic functionality | Session / 1 year |
| Preferences | Remember your settings (theme, consent choices) | 1 year |
| Analytics | Understand usage patterns, improve features (Google Analytics) | 26 months |
| Advertising | Show relevant ads, measure ad performance | 90 days |
You can manage cookie preferences through your browser settings or our consent banner. Note that disabling essential cookies may affect functionality.
7. Data Retention
We retain your information for as long as necessary to provide the Service:
- Account & Property Data: Retained until you delete your account. After deletion, data is removed from active systems within 30 days.
- Backup Data: May persist in encrypted backups for up to 90 days after deletion.
- Analytics Data: Aggregated analytics are retained for up to 26 months.
- Payment Records: Transaction records may be retained as required by tax and financial regulations.
- Legal Holds: We may retain data longer if required for legal proceedings or compliance.
8. Your Privacy Rights (CCPA/GDPR)
Depending on your location, you may have the following rights:
For All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Update or correct inaccurate information.
- Deletion: Delete your account and associated data via Settings > Delete Account.
- Export: Download your data via Settings > Export My Data.
California Residents (CCPA)
Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), you have the right to:
- Know what personal information we collect, use, and disclose
- Request deletion of your personal information
- Opt out of the "sale" or "sharing" of personal information (see Section 9)
- Limit the use of your sensitive personal information
- Non-discrimination for exercising your privacy rights
Categories of information collected: Identifiers (email, name, phone number), property information (appliance data, maintenance history), usage data, device information, payment transaction data, and inferences drawn from the above.
Sale of Data: In the preceding 12 months, we have disclosed property-related data (such as system ages and HVAC service histories) in an anonymized or aggregated format to business partners. Under the broad definition of the CCPA, this sharing may be considered a "sale" of personal information. See Section 9 to exercise your right to opt out.
European Residents (GDPR)
Under the General Data Protection Regulation, you have the right to:
- Access, rectify, or erase your personal data
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Object to automated decision-making, including AI-powered analysis
- Lodge a complaint with a supervisory authority
Legal Basis for Processing: We process your data based on: (a) your consent, (b) performance of our contract with you, (c) our legitimate interests in operating and improving Krib (including synthesizing data insights), and (d) compliance with legal obligations.
Data Processing Agreement (DPA): For business users operating in the EU/UK who require a formal Data Processing Agreement to comply with GDPR obligations, please contact us at privacy@mykrib.app to execute our standard DPA.
How to Exercise Your Rights
To exercise any of these rights, you can:
- Use the in-app settings (Settings > Data & Privacy) where available
- Email us at privacy@mykrib.app
We will respond to verified requests within 30 days (or 45 days for complex requests, with notice).
9. Do Not Sell or Share My Personal Information
Under California law (CCPA/CPRA) and other state privacy laws, "sale" or "sharing" includes disclosing personal information to third parties for monetary or other valuable consideration, even if no money is exchanged.
What we never sell: Krib does not sell your direct personal identifying information — your name, email address, phone number, or specific street address — to any third party for marketing, advertising, or any other purpose. This personal data stays within Krib and is only shared with service providers who help us operate (see Section 4).
What we do monetize: We aggregate and anonymize property-level data — such as HVAC system ages, appliance makes and models, maintenance frequency patterns, and general geographic trends (e.g., zip-code-level statistics) — to create industry insights and property history reports for business partners like insurance companies, real estate platforms, and home warranty providers. These aggregated datasets describe property characteristics and maintenance patterns across many homes; they do not identify you personally. However, because this property data originates from individual user accounts, its disclosure may qualify as a "sale" or "sharing" of personal information under the broad definitions used in the CCPA/CPRA and similar state privacy laws.
You have the right to direct Krib not to sell or share your personal information.
How to Opt Out:
- Email us at privacy@mykrib.app with the subject line "Do Not Sell or Share My Personal Information" and include your account email address.
- If you have an active Krib account, you may adjust your data sharing preferences in the app under Settings > Data & Privacy.
We will process your request within 15 business days. Opting out of data sales will not limit your access to Krib's core features.
10. International Data Transfers
Krib is based in the United States and our infrastructure (Firebase/Google Cloud, Vercel) primarily stores and processes data in the United States. If you access Krib from outside the United States, your data will be transferred to and processed in the United States.
For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission as the legal mechanism for transferring personal data to the United States. Our service providers (Google Cloud, Stripe, Twilio) maintain their own data protection agreements and compliance certifications.
By using Krib, you acknowledge and consent to the transfer and processing of your data in the United States, where data protection laws may differ from those in your jurisdiction.
11. Security
We implement security measures to protect your data:
- Encryption of data in transit (TLS/SSL) via Firebase and Vercel
- Encryption of data at rest via Google Cloud / Firebase infrastructure
- Secure authentication via Firebase Authentication
- Periodic security reviews of our codebase and infrastructure
- Limited access to production data
However, no system is 100% secure. If you believe your account has been compromised, please contact us immediately at security@mykrib.app.
12. Data Breach Notification
In the event of a data breach that affects your personal information, we will:
- Notify affected users as required by applicable law (including California Civil Code §1798.82 and GDPR Article 34)
- Provide notification in the most expedient time possible and without unreasonable delay
- Include a description of the breach, the types of information involved, and steps you can take to protect yourself
- Report to relevant regulatory authorities as required by law
13. Children's Privacy
Krib is not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us at privacy@mykrib.app and we will delete it promptly.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top
- Notify you via email or in-app notification for significant changes
- Provide a summary of key changes
Your continued use of Krib after changes become effective constitutes acceptance of the revised policy.
15. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Privacy Inquiries: privacy@mykrib.app
- Security Issues: security@mykrib.app
- General Support: support@mykrib.app
- Legal Inquiries: legal@mykrib.app
For GDPR inquiries, you may also contact your local data protection authority.