← Back to home

Trust Center

Last updated · April 2026

Data handling

Subprocessors

A short list; all EU-hosted for customer data:

ProviderPurposeRegion
NeonPostgres databaseEU
Fly.ioApplication hostingFrankfurt
VercelFrontend hostingEU edge
GoogleSign-in with Google (auth only)Global

Commercial data providers (Kantar, others) are data sources we license from — we are their customer, not the reverse. Your personal information is not transmitted to them.

Compliance

Security practices

Incident history

None to report. Live status at /status.

Responsible disclosure

Security researchers: please email hello@kukilab.tech with “Security” in the subject. We respond within 48 hours. No formal bug bounty yet; we credit reporters who contribute materially.

Questions

Enterprise security review? DPA copy? hello@kukilab.tech.