Privacy Policy

Effective Date: February 26, 2026  |  Last Updated: February 26, 2026

1. Services Covered

This policy covers everything we operate.

• Multikor marketing and informational websites
• Multikor portals and dashboards (each Organization receives a private subdomain)
• The Multikor AI Chat Agent (web, iOS, and Android)
• The Multikor mobile applications for iOS and Android
• Administrative and management dashboards
• Any APIs or backend services that support the above

2. Information We Collect

2.1 Information You Provide Directly

2.2 Information Collected Automatically

2.5 Data You Import

When you import data into the platform, here's what we process.

2.3 Information from Third Parties

We may receive information about you from:

• Authentication providers: Firebase Authentication (Google) provides account verification status
• App store platforms: Apple App Store and Google Play Store may provide purchase and subscription data
• Analytics services: Google Analytics provides aggregated usage data
• Organization Administrators: If you're invited to an Organization, your Administrator may provide your name, email, company, job title, and role when granting you access. See Section 5 for details.

2.4 Information We Do NOT Collect

• We don't knowingly collect data from children under 18
• We don't store biometric data on our servers (it's processed entirely on your device; see notice above)
• We don't access your contacts, photos, calendar, or GPS location
• We don't sell your personal information

3. How We Use Your Information

3.1 Service Delivery and Operations

• Authenticate your identity and manage your account
• Process and respond to your AI Chat Agent queries
• Maintain conversation history for session continuity
• Deliver text-to-speech and voice-input features
• Process waitlist and early-access requests
• Provide customer support

3.2 Model Improvement and Analytics

Here's exactly how we use your data to make the platform better.

• Our SLMs (DistilBERT/TinyBERT) handle classification and routing—they decide where your request goes, not what the response says. These models are refined through feedback loop processing, not direct training on raw customer data.
• We run 24 feedback loops across 7 categories. When a human expert corrects an AI decision, that correction refines confidence thresholds and routing accuracy.
• Cross-client learning uses only anonymized, aggregated interaction patterns. Raw data never crosses Tenant boundaries.
• We process imported data through Auto-Schema to classify fields, detect data types, and flag PII—enabling the AI Chat Agent to query your data accurately
• We analyze usage patterns to improve the Services
• We monitor AI response quality and accuracy
• We track platform performance and reliability
• We conduct internal research and development

3.3 Security and Compliance

• Detect and prevent fraud, abuse, and unauthorized access
• Enforce our Terms of Service
• Comply with legal obligations and respond to lawful requests
• Maintain audit logs for compliance purposes

3.4 Communications

• Send service-related notifications (account verification, security alerts, service updates, events requiring your attention)
• Respond to your inquiries and support requests
• Send marketing communications (only with your consent; you may opt out at any time)

4. Legal Bases for Processing (GDPR)

If you're in the EEA, UK, or Switzerland, here's our legal basis for each type of processing.

5. Organizational Accounts and Administrator Access

If you're part of an Organization, your admin may see some of your activity. Here's what that means.

5.1 Data Provided by Administrators

When an Administrator invites you to an Organization, they provide your personal information (name, email, company, job title, and role) to create your account. The Administrator represents they have the authority and, where required, your consent to share this information.

5.2 Data Visible to Administrators

If you're a Member of an Organization, your Administrator(s) may see:

• Account information: Your name, email, company, job title, and role
• Usage activity: Login history, session data, pages visited, features used, time spent
• Chatbot conversations: Full conversation logs between you and the AI Chat Agent
• Chatbot analytics: Token usage, conversation frequency, session duration, interaction patterns
• Reports and exports: Administrators may generate and export reports containing the above

5.3 Administrator Obligations

Administrators are required to:

• Use monitoring and reporting tools only for legitimate business purposes
• Comply with applicable privacy and employment laws when accessing Member data
• Inform Members of any workplace monitoring policies
• Promptly revoke access for Members who no longer need it

Multikor isn't responsible for how an Organization or its Administrators use the data available through admin features, except as required by law.

5.4 Member Rights Within Organizations

As a Member, you keep all privacy rights in Section 10. Account deactivation is managed by your Organization's Administrator(s)—you cannot deactivate your own account. Data retention for deactivated accounts is governed by your Organization's retention policies in addition to ours. Questions? Contact your Administrator or privacy@multikor.ai.

6. AI Chat Agent — Specific Disclosures

The AI Chat Agent is central to our Services. Here's exactly what happens with your data.

6.1 What We Store

• Your messages: The text of every message you send to the AI Chat Agent
• AI responses: The full text of every response the AI generates
• Session metadata: Session IDs, timestamps, selected AI agent, selected discipline/skill
• Usage metrics: Token counts (input and output), API cost data
• Technical data: User agent string, IP address at time of interaction

6.2 How Long We Store It

• Active conversation data is retained for the duration of your account
• When your account is deactivated, conversation data is retained per your Organization's retention policies and purged per our data retention schedule (Section 9)
• Anonymized, aggregated analytics derived from conversations may be retained indefinitely

6.3 Third-Party AI Providers

Your messages are sent to third-party AI providers to generate responses. Current providers include:

• Anthropic (Claude models) — Anthropic Privacy Policy
• OpenAI (GPT models, text-to-speech) — OpenAI Privacy Policy
• Google (Gemini models) — Google Privacy Policy
• Other leading AI providers as we expand our model roster

These providers process your messages solely to generate AI responses. We contractually require them to handle your data per applicable privacy laws. We do not authorize third-party AI providers to use your data to train their models. See each provider's privacy policy for their retention and processing practices.

6.4 How We Learn from Your Data

What our SLMs actually do: Our small language models (DistilBERT/TinyBERT) handle classification and routing. They decide where your request goes—they don't generate the content you see. The "learning" comes from feedback loops, not from training on your raw messages.

How the feedback loops work:

• Three-tier routing outcomes: Every request gets a confidence score. Scores ≥ 90% are auto-approved; 70–89% are queued for human review; < 70% are escalated to a data architect.
• 24 feedback loops across 7 categories: When a human expert corrects an AI decision, that correction refines confidence thresholds and routing accuracy—not raw model weights trained on your data.
• Cross-client patterns are anonymized: Any learning that benefits other customers uses only anonymized, aggregated interaction patterns. Your raw data never leaves your Tenant boundaries.
• Self-healing tiers: 85% of detected issues are auto-regenerated, 10% are quarantined for async review, 5% are escalated to human experts.
• Gelfand validation: AI outputs are checked for semantic consistency and factual grounding before delivery.

Your data ownership is preserved:

• You retain full ownership of all data you submit (see Terms of Service, Section 8.2)
• You may request deletion of your identifiable data at any time
• Model refinements that incorporate your data in aggregated, de-identified form may be retained, as they can't be reverse-engineered to recover your original data
• Multikor owns the resulting SLMs, algorithms, and platform improvements

6.5 Voice Data

When using voice input:

• Speech-to-text conversion may occur on-device (via Web Speech API or native APIs) or via third-party services
• We don't store raw audio recordings
• Only the resulting text transcription is stored as part of the conversation
• Text-to-speech output may be generated by third-party services (e.g., OpenAI)

6.6 AI Decision Routing and Confidence Scoring

We store metadata about how the AI routes and scores your requests.

For every AI interaction, we store routing metadata including:

• The confidence score assigned by our SLMs
• The routing decision (auto-approved, queued for review, or escalated)
• Self-healing events (whether an output was regenerated, quarantined, or escalated)
• Feedback loop data (which category the interaction falls into, any expert corrections)

Retention: Routing metadata is retained for the duration of your account plus applicable audit periods. Feedback loop data is retained indefinitely in aggregated, anonymized form for continuous platform improvement.

6.7 Data Ingestion and Integration

When you import data from files or connect third-party systems, here's how we handle that data.

What we process:

• All field values and content in uploaded CSV/JSON files
• All records synced via API from connected third-party data sources
• Our Auto-Schema system performs full content analysis to detect data types, classify fields, identify relationships, and flag PII

How we protect it:

• Imported data is processed through a dedicated ingestion pipeline with its own security controls (see Section 8.3.7)
• All imported data is isolated within your Tenant boundaries—it never mixes with other customers' data
• PII detected during Auto-Schema creation is flagged and subject to your Tenant's data handling policies
• Integration credentials (OAuth tokens, API keys) are encrypted at rest and never logged in plaintext

Third-party data source connections:

• When you connect a third-party system, we access only the data and scopes you authorize
• We don't access or store your third-party system passwords—connections use OAuth 2.0 or secure API key exchange
• You can disconnect any integration at any time through the admin dashboard
• When you disconnect an integration, we stop syncing new data. Previously imported data remains in your Tenant unless you request deletion.

Retention: Imported data is retained for the duration of your account. When your account is deactivated, imported data is retained per your Organization's retention policies and purged per our data retention schedule (Section 9).

7. How We Share Your Information

We don't sell your data. Here's who we do share it with and why.

8. Data Storage and Security

8.1 Where We Store Data

Your data is stored on servers in the United States, operated by our infrastructure providers (AWS, Google Cloud/Firebase, Vercel). If you access the Services from outside the US, your data will be transferred to the US for processing and storage.

8.2 International Data Transfers (GDPR)

For users in the EEA, UK, or Switzerland, we protect international data transfers with:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• Other legally approved transfer mechanisms

8.3 Security Measures

We take security seriously. Here's a detailed look at how we protect your data.

8.3.1 Encryption

• At rest: SSE-KMS with customer-managed keys (FIPS 140-2 validated)
• In transit: TLS 1.2+ minimum, TLS 1.3 preferred for all API and web traffic
• Internal services: VPC PrivateLink for service-to-service communication—data never traverses the public internet
• Enterprise option: Bring Your Own Key (BYOK) for customers who require their own encryption keys

8.3.2 Multi-Tenant Data Isolation

Your data is isolated from every other customer's data through five layers:

1. Data tagging: Every record is tagged with your Tenant ID at write time
2. Query filtering: All database queries are scoped to your Tenant—cross-tenant queries are architecturally impossible
3. Index partitioning: Search indexes are partitioned per Tenant
4. Compute isolation: Processing workloads are separated per Tenant
5. Audit logging: All access is logged and traceable to specific users and tenants

8.3.3 Authentication and Access Control

• Identity management: Amazon Cognito with separate user pools for customers and administrators
• API security: JWT and HMAC signature validation on every request
• OAuth 2.0: For third-party integrations
• Multi-factor authentication: Required for access to protected health information (PHI) and sensitive admin functions
• Password security: PBKDF2-SHA256 with 160,000 iterations
• Role-based access: 4 admin roles (Owner, Admin, Analyst, Viewer) and 3 chatbot tiers (Basic, Standard, Advanced) with granular permissions

8.3.4 PII Detection and Protection

• Three-layer detection: AWS Macie + Presidio SLM + regex pattern matching for comprehensive PII identification
• De-identification: HIPAA Safe Harbor method applied to data used for analytics and model improvement
• Auto-block: High-risk PII is automatically blocked from processing without explicit user consent

8.3.5 Network Security

• Network isolation: All services run in VPC private subnets—no direct internet access to backend systems
• Web application firewall: AWS WAF protects all public endpoints
• Rate limiting: Per-tier rate limits prevent abuse and ensure fair usage

8.3.6 Content Safety

• Per-tenant Bedrock Guardrails: Industry-calibrated content filtering (healthcare = maximum, finance = high, retail = standard)
• Gelfand semantic validation: Checks AI outputs for internal consistency and factual grounding
• Five-category output testing: Every LLM output is evaluated for accuracy, relevance, safety, coherence, and completeness

8.3.7 Data Ingestion Pipeline Security

Data ingestion operates through a dedicated security pipeline separate from the AI chat pipeline:

• Ingestion isolation: File uploads and API syncs are processed in isolated compute environments, separate from the chat and analytics pipelines
• Credential security: OAuth tokens and API keys for third-party integrations are encrypted at rest (AES-256), rotated on schedule, and never stored in application logs
• PII scanning on ingest: All incoming data passes through PII detection (field-level classification) during Auto-Schema creation, before it becomes queryable
• Schema validation: Auto-generated schemas are validated for structural integrity and flagged for review if sensitive data patterns are detected
• Async processing: Ingestion jobs run asynchronously with retry logic, dead-letter queues for failed records, and audit trails for every import operation
• Tenant scoping: Every imported record is tagged with your Tenant ID at write time—cross-tenant access to imported data is architecturally impossible

No security system is perfect. While we work hard to protect your data, we can't guarantee absolute security.

8.4 Disaster Recovery

We plan for the worst so you don't have to.

• Recovery Point Objective (RPO): 0–15 minutes for critical data (near-zero data loss)
• Recovery Time Objective (RTO): 5 minutes to 4 hours depending on service tier and severity
• DR testing: Quarterly disaster recovery drills to validate our recovery procedures
• Multi-region: Enterprise customers may opt into multi-region redundancy for additional resilience

8.5 Incident Response

• Severity tiers: Four-tier severity classification (SEV1 through SEV4) with escalation procedures for each
• Response time: 30-minute mean-time-to-response target for SEV1 (critical) incidents
• Circuit breaker: Automatic service isolation to prevent cascading failures
• Breach notification: In the event of a data breach, we'll notify affected users and applicable regulators within the timeframes required by law (72 hours under GDPR, "without unreasonable delay" under CCPA, and per applicable state breach notification laws)

8.6 Compliance Frameworks

The Multikor platform is designed to support compliance with:

Industry-specific compliance documentation and certifications are available to enterprise customers under NDA. Contact security@multikor.ai for details.

9. Data Retention

Here's how long we keep different types of data.

10. Your Privacy Rights

10.1 Rights for All Users

Regardless of where you are, you have the right to:

• Request account deactivation through your Organization's Administrator (see Section 10.4)
• Opt out of marketing communications at any time
• Contact us with questions at privacy@multikor.ai

10.2 GDPR Rights (EEA, UK, Switzerland)

If you're in the EEA, UK, or Switzerland, you also have these rights under the GDPR:

• Right of Access: Get a copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request erasure of your personal data (processed through your Organization's Administrator; see Section 10.4)
• Right to Restrict Processing: Limit how we process your data
• Right to Data Portability: Get your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interest
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact privacy@multikor.ai. We'll respond within 30 days (extendable by 60 days for complex requests).

10.3 CCPA/CPRA Rights (California Residents)

California residents have these additional rights:

• Right to Know: See what personal information we've collected
• Right to Delete: Request deletion of your personal information (processed through your Organization's Administrator; see Section 10.4)
• Right to Correct: Fix inaccurate personal information
• Right to Opt Out of Sale/Sharing: We don't sell or share your data for cross-context behavioral advertising
• Right to Non-Discrimination: We won't penalize you for exercising your rights
• Right to Limit Use of Sensitive Information: Limit use of sensitive personal information to what's necessary

To exercise these rights, contact privacy@multikor.ai or use the account settings in the app. We'll verify your identity and respond within 45 days.

10.4 Account Deactivation

You cannot deactivate your own account. To request deactivation:

• Contact your Administrator: Ask your Organization's Administrator to deactivate your account through the admin dashboard
• Email: If you can't reach your Administrator, contact privacy@multikor.ai and we'll work with your Organization to process your request

When an account is deactivated:

1. Your access to the Services is immediately revoked
2. Your data is retained per your Organization's retention policies and our data retention schedule (Section 9)
3. Data that is no longer needed is purged according to the applicable retention period
4. Data we're legally required to keep (e.g., billing records, audit logs) is retained as required

Your Organization's Administrator may reactivate your account at their discretion. Anonymized, aggregated data that can no longer be linked to you may be retained indefinitely for analytics.

10.5 Data Erasure Requests

If you want your personal data erased (under GDPR, CCPA, or other applicable law), contact your Organization's Administrator or email privacy@multikor.ai. We'll work with your Organization to process the request. Erasure may be subject to your Organization's retention policies and applicable legal requirements.

11. Cookies and Tracking Technologies

11.1 What We Use

• Essential Cookies: Required for authentication, sessions, and security
• Analytics Cookies: Google Analytics (GA4) for aggregated usage statistics
• Local Storage: Used by the web app for session state and preferences

11.2 AI Bot Detection

We detect and log visits from AI crawlers and bots (including ChatGPT, Claude, Perplexity, Google, Bing, and others) for analytics. This tracking applies only to automated bot traffic, not individual users.

11.3 Online Data Partners and Advertising

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.

11.4 Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may limit certain features. For analytics opt-out, visit Google Analytics Opt-Out.

12. Mobile Application Privacy

Privacy details specific to the Multikor iOS and Android apps.

12.1 Device Permissions

You can manage all optional permissions through your device settings at any time.

12.2 Apple App Privacy (iOS)

Per Apple's App Privacy requirements:

• Data Used to Track You: None. We don't track you across other apps or websites.
• Data Linked to You: Account info (name, email, company), chat messages, usage data, device identifiers
• Data Not Linked to You: Aggregated analytics, crash reports
• Biometric Data: Face ID / Touch ID for authentication only; processed on-device via Apple Secure Enclave. Never leaves your device.

12.3 Google Play Data Safety (Android)

Per Google Play's Data Safety requirements:

• Data collected: Name, email, company, chat messages, usage data, device info, app interactions
• Data shared: Chat messages shared with AI providers for response generation
• Biometric data: Fingerprint / face unlock for authentication only; processed on-device via Android Keystore. Never leaves your device.
• Security: Data encrypted in transit and at rest
• Data deletion: Users can request account deactivation through their Organization's Administrator; data erasure requests are processed per applicable law

12.4 No Sale of Data

We don't sell personal information collected through the mobile apps. Ever.

13. Children's Privacy

The Services aren't directed to anyone under 18. We don't knowingly collect personal information from children. If we learn we have, we'll delete it promptly. If you believe a child under 18 has provided us with personal data, contact privacy@multikor.ai.

14. Third-Party Links and Services

The Services may contain links to third-party websites or services (e.g., Google Calendar for scheduling demos). We're not responsible for their privacy practices. Review their policies before sharing personal information.

15. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) setting. There's currently no industry standard for responding to DNT signals. We don't currently respond to them. We'll update this policy if a standard is established.

16. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices, technology, legal requirements, or business. When we make material changes:

• We'll update the "Last Updated" date at the top
• We'll notify you via email or in-app notification at least 30 days before material changes take effect
• Mobile app users will see updates reflected in app store listings

Continued use after changes take effect means you accept the updated policy.

17. Contact Us

Questions about this policy or your data? We're here to help.

• Support: support@multikor.ai
• Privacy: privacy@multikor.ai
• Security: security@multikor.ai
• Website: https://multikor.ai  |  https://multikor.com

For GDPR-related inquiries, you may also contact your local data protection authority. A list of EEA DPAs is available at edpb.europa.eu.