Privacy Policy
Effective date: February 18, 2026 — Last updated: February 18, 2026
1. Introduction
KearAI Chat (“we,” “us,” or “our”) operates the website located at https://chat.kearai.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our Service. Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
If you do not agree with the terms of this Privacy Policy, please do not access the Service.
2. Information We Collect
2.1 Personal Data Provided by You
When you register for an account or use our Service, we may collect the following personal data:
- Account Information: display name, email address, and password (stored as a cryptographic hash).
- OAuth Data: if you sign in via Google, we receive your name, email address, and profile picture URL from Google. We do not receive or store your Google password.
- Support Tickets: subject, category, and message content submitted through our Help Center.
- Conversation Data: messages you send to and receive from AI models through the Service.
2.2 Automatically Collected Data
When you access the Service, certain information is collected automatically:
- Log Data: IP address, browser type and version, operating system, referring URL, pages visited, date and time of visits.
- Cookies and Similar Technologies: session cookies for authentication and preference storage (see Section 6).
- Device Information: device type, screen resolution, and language preferences.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Provision: to create and manage your account, process your interactions with AI models, store conversation history, and provide customer support.
- Service Improvement: to analyze usage patterns, diagnose technical issues, improve performance, and develop new features.
- Security: to detect, prevent, and address fraud, abuse, and security vulnerabilities.
- Communication: to send service-related notifications, respond to support inquiries, and provide important updates about the Service.
- Legal Compliance: to comply with applicable laws, regulations, and legal processes.
- Advertising: to serve relevant advertisements through third-party ad networks (see Section 5).
4. Legal Basis for Processing (EEA/UK Users)
If you are located in the European Economic Area (EEA) or the United Kingdom (UK), our legal basis for collecting and using your personal data depends on the specific context:
- Contract Performance: processing necessary to provide the Service you have requested (Article 6(1)(b) GDPR).
- Legitimate Interests: processing necessary for our legitimate interests, such as improving the Service, ensuring security, and preventing fraud, provided these interests are not overridden by your data protection rights (Article 6(1)(f) GDPR).
- Consent: where you have given explicit consent for specific processing activities, such as the use of non-essential cookies and personalized advertising (Article 6(1)(a) GDPR).
- Legal Obligation: processing necessary to comply with a legal obligation to which we are subject (Article 6(1)(c) GDPR).
5. Third-Party Services
We use the following third-party services that may collect data about you:
5.1 Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC, to analyze website traffic and usage patterns. Google Analytics uses cookies to collect information about your use of the Service, including your IP address. This data is transmitted to and stored by Google on servers in the United States. Google may use this data to evaluate your use of the website, compile reports on website activity, and provide other services relating to website activity and internet usage. For more information, see Google’s Privacy Policy. You may opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
5.2 Google AdSense
We use Google AdSense, an advertising service provided by Google LLC, to display advertisements on the Service. Google AdSense may use cookies and web beacons to collect information about your browsing behavior to serve personalized advertisements. This may involve the use of the DoubleClick cookie, which enables Google and its partners to serve ads based on your visit to this Service and/or other sites on the Internet. You may opt out of personalized advertising by visiting Google Ads Settings or www.aboutads.info.
5.3 Cloudflare CDN
We use Cloudflare, Inc. as a content delivery network (CDN) and security provider. Cloudflare may process certain technical data (such as IP address, HTTP request headers, and page URLs) to deliver content efficiently, protect the Service from malicious traffic, and optimize performance. Cloudflare’s processing of data is governed by Cloudflare’s Privacy Policy.
5.4 Google OAuth
If you choose to sign in with Google, we use Google’s OAuth 2.0 service. We receive your basic profile information (name, email, profile picture) from Google. We do not access any other Google account data. Google’s use of your information is governed by Google’s Privacy Policy.
5.5 AI Model Providers
When you use the Service to interact with AI models, your messages are transmitted to the respective AI model providers (OpenAI, xAI, Replicate/Anthropic, DeepSeek) for processing. Each provider has its own privacy policy governing how they handle data. We transmit only the content of your messages and necessary metadata; we do not share your account information with these providers.
6. Cookies and Tracking Technologies
6.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Session Cookie | Authentication and session management | 30 days |
| Theme Preference | Stores your selected visual theme (localStorage) | Persistent |
| Model Preference | Stores your last selected AI model (localStorage) | Persistent |
| Google Analytics | Website usage analytics | Up to 2 years |
| Google AdSense | Personalized advertising | Varies |
| Cloudflare | Security and performance optimization | Varies |
6.2 Managing Cookies
You can control and manage cookies through your browser settings. Please note that disabling essential cookies (such as session cookies) may prevent you from using certain features of the Service. For more information about cookies and how to manage them, visit www.allaboutcookies.org.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy:
- Account Data: retained for as long as your account is active. You may request account deletion at any time.
- Conversation Data: retained for as long as your account is active. You may delete individual conversations at any time through the Service.
- Support Tickets: retained for up to 3 years after resolution for quality assurance and legal compliance purposes.
- Log Data: retained for up to 90 days for security and debugging purposes.
8. Your Rights
8.1 Rights Under GDPR (EEA/UK Users)
If you are located in the EEA or UK, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of Access (Article 15): the right to obtain confirmation as to whether your personal data is being processed, and to access such data.
- Right to Rectification (Article 16): the right to have inaccurate personal data corrected.
- Right to Erasure (Article 17): the right to request the deletion of your personal data (“right to be forgotten”).
- Right to Restriction of Processing (Article 18): the right to restrict the processing of your personal data under certain conditions.
- Right to Data Portability (Article 20): the right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object (Article 21): the right to object to the processing of your personal data for direct marketing or on grounds relating to your particular situation.
- Right to Withdraw Consent (Article 7): where processing is based on consent, the right to withdraw that consent at any time.
8.2 Rights Under CCPA (California Residents)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
- The right to know what personal information is being collected about you.
- The right to know whether your personal information is sold or disclosed, and to whom.
- The right to say “no” to the sale of your personal information. We do not sell your personal information.
- The right to request the deletion of your personal information.
- The right to equal service and price, even if you exercise your privacy rights.
8.3 Exercising Your Rights
To exercise any of the above rights, please contact us at [email protected]. We will respond to your request within 30 days (or within the timeframe required by applicable law). We may ask you to verify your identity before processing your request.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using TLS/SSL (HTTPS).
- Secure password hashing using industry-standard algorithms.
- Regular security reviews and updates.
- Access controls limiting data access to authorized personnel only.
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and third-party service providers are located. These countries may have data protection laws that are different from the laws of your country. By using the Service, you consent to the transfer of your information to these countries. Where required by applicable law, we ensure that appropriate safeguards are in place for such transfers.
11. Children’s Privacy
The Service is not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information as soon as possible. If you believe that a child has provided us with personal data, please contact us at [email protected].
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the “Last updated” date at the top of this page and, where appropriate, by providing a prominent notice on the Service. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data.
13. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
- Email: [email protected]
- Help Center: https://chat.kearai.com/support
If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority (DPA).