Kulvo

Privacy Policy

Last updated: March 11, 2026

Kulvo ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect information when you use our platform and services.

1. Information We Collect

Information you provide directly

  • Account information: Name, email address, company name, and profile details when you create an account
  • Proposal content: Documents, text, images, and other materials you upload or create
  • Signature data: Electronic signatures, signer names, and related metadata
  • Client information: Names, email addresses, and company details of your clients that you provide when sending proposals
  • Payment information: Billing details are collected and processed by Stripe; we do not store full credit card numbers

Information collected automatically

  • IP addresses: Recorded when proposals are viewed or signed, for security and audit purposes
  • Device and browser data: User agent, screen resolution, and similar technical information
  • Usage data: Pages visited, features used, and interaction patterns to improve the Service

2. How We Use Your Information

We use your information for the following purposes:

  • Providing the Service: Creating and delivering proposals, processing signatures, and facilitating payments
  • Email notifications: Sending proposal delivery confirmations, view notifications, signature alerts, and reminders
  • Analytics: Understanding how the Service is used to improve features and performance
  • Security: Detecting and preventing fraud, abuse, and unauthorized access
  • Legal compliance: Maintaining audit trails for electronic signatures as required by law

3. Third-Party Services

We use the following third-party services to operate Kulvo:

  • Stripe — Payment processing. Stripe collects and processes payment information under its own privacy policy. See stripe.com/privacy
  • Resend — Transactional email delivery. Used to send proposal notifications and reminders. See resend.com/legal/privacy-policy
  • Google OAuth — Authentication. We receive your name, email, and profile picture when you sign in with Google. See policies.google.com/privacy

We do not sell your personal data to third parties.

4. Cookies

Kulvo uses minimal cookies, primarily for authentication and session management. We use:

  • Session cookies: Essential for keeping you signed in and maintaining your session
  • Security cookies: Used to prevent cross-site request forgery and other security threats

We do not use advertising or third-party tracking cookies.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Proposal data and signature records may be retained for longer periods as required for legal compliance and audit purposes.

When you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., signature audit trails, financial records).

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data, subject to legal retention requirements
  • Export: Request a portable copy of your data in a machine-readable format
  • Opt-out: Unsubscribe from non-essential email communications

To exercise any of these rights, contact us at support@kulvo.dev.

7. GDPR Compliance (EEA Users)

If you are located in the European Economic Area (EEA), our legal bases for processing your personal data include: performance of a contract (providing the Service), legitimate interests (improving the Service, security), and your consent (where applicable). You have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.

8. CCPA Compliance (California Users)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information. To exercise your CCPA rights, contact us at support@kulvo.dev.

9. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, secure authentication, and regular security reviews. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the Service. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at support@kulvo.dev.