Trust Center

Data handling

• Data residency: all customer data lives in the European Economic Area. Neon Postgres is in the EU region; Fly.io hosts us in Frankfurt; Vercel serves via its EU edge.
• Encryption: TLS 1.3 in transit. At-rest encryption provided by Neon + Fly + Vercel (details in each subprocessor’s documentation).
• No training on your inputs: the prompts, runs, and feedback you generate are never used to train any model.

Subprocessors

A short list; all EU-hosted for customer data:

Commercial data providers (Kantar, others) are data sources we license from — we are their customer, not the reverse. Your personal information is not transmitted to them.

Compliance

• GDPR: Art. 15 export + Art. 17 erasure actionable in-product; data subject rights honoured within 30 days.
• SOC 2 Type II: not yet. We will begin a formal Vanta engagement when our first enterprise contract closes; target ~6 months to Type I, ~12 months to Type II.
• ISO 27001: not yet. Evaluated after SOC 2.
• DPA: available on request for enterprise customers.
• HIPAA/BAA: not supported. KUKI is not intended for regulated health data.

Security practices

• Authentication: OAuth via Google; JWT-based API sessions. SSO for enterprise on the roadmap.
• Access control: role-based (owner / admin / analyst / viewer). Every privileged action is audited.
• Secrets: environment variables via Fly.io secret storage; no secrets committed to Git.
• Dependency scanning: automated via Dependabot; critical CVEs patched within 7 days.
• Observability: Langfuse for LLM traces; Sentry for application errors; PostHog for usage analytics (opt-in, anonymized).

Incident history

None to report. Live status at /status.

Responsible disclosure

Security researchers: please email hello@kukilab.tech with “Security” in the subject. We respond within 48 hours. No formal bug bounty yet; we credit reporters who contribute materially.

Questions

Enterprise security review? DPA copy? hello@kukilab.tech.