Privacy Policy
Last updated: March 25, 2026
1. Who We Are
KianBot is operated by KB Software LLC. Our website is located at kianbot.ai. For questions about this policy, contact us at [email protected].
2. Information We Collect
We collect the following data when you use KianBot:
- Account information: Email address and hashed password when you register.
- API keys: Your Anthropic API key, stored encrypted with AES-256-GCM. We never see or store your key in plaintext.
- Build data: Prompts you submit, generated project files, build status and telemetry (language, file count, duration).
- Billing data: Payment processing is handled by Stripe. We store only your Stripe customer ID and subscription status. We never see or store your full credit card number.
- Usage data: API token counts and estimated costs for your builds.
- Technical data: IP address, browser type, and request timestamps for security and rate limiting purposes.
3. How We Use Your Information
- To provide and operate the KianBot build service.
- To process your subscription payments via Stripe.
- To decrypt your API key at build time to call the Anthropic API on your behalf.
- To display your API usage and cost estimates in your dashboard.
- To enforce rate limits and prevent abuse.
- To improve our service using anonymous build telemetry (language usage, success rates).
4. Data Security
- API keys are encrypted with AES-256-GCM before storage. The encryption key is stored as a Cloudflare Workers secret, separate from the database.
- Passwords are hashed with PBKDF2 (100,000 iterations, SHA-256) with per-user random salts.
- All sessions use HttpOnly, Secure, SameSite=Strict cookies.
- All connections use HTTPS/TLS encryption.
- Our infrastructure runs on Cloudflare's global network with DDoS protection.
- Build output files are stored in Cloudflare R2 and accessible only by the build owner.
5. Data Sharing
We do not sell your personal data. We share data only with:
- Stripe: For payment processing. See Stripe's Privacy Policy.
- Anthropic: Your API key is sent to Anthropic's API to generate your builds. See Anthropic's Privacy Policy.
- Cloudflare: Our hosting provider. See Cloudflare's Privacy Policy.
6. Data Retention
- Account data is retained while your account is active.
- Build output files are stored for 90 days after creation.
- Anonymous telemetry is retained indefinitely for service improvement.
- You can delete your API key at any time from the Settings page.
7. Your Rights
You may request access to, correction of, or deletion of your personal data by contacting us at [email protected]. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.
8. Cookies
We use a single session cookie (HttpOnly, Secure) to maintain your login. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.
9. Changes to This Policy
We may update this policy from time to time. Material changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance.
10. Contact
KB Software LLC
Email: [email protected]
Web: kbsoftware.org