Draft — pending legal review.This page describes how Kintrusts is built to handle data today, but hasn't been reviewed by counsel and isn't yet in effect as a binding policy. It complements, and shouldn't be read in place of, our Privacy Policy.

Data Policy

Last updated: draft, not yet published.

1. Scope

This page describes, at a more technical level than our Privacy Policy, the categories of data Kintrusts processes, who processes it on our behalf, and how long it's retained.

2. Categories of Data

  • Account data — email address, hashed password, role.
  • Household data — invited members' email addresses and household linkage.
  • Document content — names, addresses, relationships, asset descriptions, and other answers you enter to generate your documents.
  • Payment records — order amount, status, and a reference ID from Stripe. We never receive or store your card number.

3. Who Processes It

  • Supabase — our database, authentication, and file storage provider. Hosts all account and document data.
  • Stripe — our payment processor. Handles your card details directly; we never see them.

We don't use any other sub-processors today.

4. Data Retention

Your data is retained for as long as your account is active. Deleting an individual plan removes that plan's documents. Deleting your account removes your data after a short grace period, intended to protect against accidental deletion.

5. Data Security

Data is encrypted in transit (HTTPS) and at rest, as part of our providers' infrastructure. Access to your documents is restricted to your own account through database-level access rules, not just application-level checks.

6. Your Rights

You can access, correct, export, or delete your data at any time through your account, or by contacting us using the details below.

7. Changes to This Policy

We'll post any changes to this page and update the “last updated” date above.

8. Contact Us

Questions about this policy can be sent to support@kintrusts.com or through our contact page.