kalpa.

Privacy Policy

Last updated: 2026-04-19

1. About This Policy

This Privacy Policy describes how Kalpa Technologies LLC(“Kalpa,” “we,” “our,” “us”) collects, uses, stores, and protects your information when you use the Kalpa marketing automation platform at marketing.kalpatechllc.comand related Kalpa-branded products. By using the platform you agree to the practices described here.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account information: email, display name, password (stored as a bcrypt hash — never in plaintext), and organization/tenant metadata.
  • Marketing data you upload or sync: contacts, email lists, campaign copy, landing-page content, social-media posts you author.
  • Connected-account credentials: OAuth access tokens and refresh tokens for third-party services you connect to your Kalpa workspace (Pinterest, Facebook, Instagram, Stripe, etc.). These are encrypted at rest.
  • Payment information: billing handled by Stripe. We store subscription state and identifiers — never raw card data.
  • Analytics: aggregate pageview counts, conversion events, and similar telemetry for features you enable.

3. How We Use Your Information

  • Provide and operate the platform you signed up for.
  • Authenticate you and protect your account.
  • Publish content on your behalf to connected services (e.g., schedule a pin to your Pinterest board) only when you explicitly request it.
  • Bill you for your subscription.
  • Respond to support requests and send transactional notifications (password resets, billing receipts).

We do not use your data to train third-party AI models.

4. Use of the Pinterest API

Kalpa integrates with Pinterest’s public API so you can connect a Pinterest account, schedule pins, and see their performance inside your Kalpa workspace. The following describes how we handle Pinterest-derived data specifically:

  • We use the Pinterest API. Kalpa accesses Pinterest only through Pinterest’s official API endpoints (such ashttps://api.pinterest.com/v5) in accordance with the Pinterest Developer Agreement and Pinterest Platform Policies.
  • Kalpa is not endorsed by or affiliated with Pinterest.Kalpa Technologies LLC operates independently. The Pinterest name, logo, and marks are trademarks of Pinterest, Inc. Use of the Pinterest API does not imply partnership, sponsorship, or endorsement.
  • What Pinterest data we store. OAuth access + refresh tokens (encrypted at rest), the Pinterest username for display, board IDs you select for publishing, pin IDs you create through Kalpa, and anonymized engagement counts returned by Pinterest (impressions, saves, clicks) for your own analytics dashboards.
  • What happens when you disconnect. When you disconnect your Pinterest account from the Kalpa dashboard (Settings → Social Accounts → Remove), we immediately delete the encrypted access and refresh tokens from our database. Pin IDs, board metadata, and cached Pinterest-derived analytics tied to that Pinterest account are also purged within 24 hours as part of our scheduled data-retention job. Tokens are revoked with Pinterest through the standard token-revocation endpoint.
  • No resale, no redistribution. Kalpa does not sell, sublicense, rent, lease, or otherwise redistribute Pinterest content or any Pinterest-derived data to third parties. Pinterest data is used solely to operate the features you have enabled inside your own Kalpa workspace.
  • No secondary use. Pinterest data is not used to train machine-learning models, enrich advertising profiles, or any purpose other than fulfilling requests you make through Kalpa.
  • Data retention after account termination. If you delete your Kalpa account, all Pinterest-derived data is permanently erased within 30 days, along with the rest of your workspace data.

5. Use of Other Third-Party APIs

Similar handling applies to other integrations you enable (Facebook, Instagram, Stripe, Google, SendGrid/Amazon SES). We store only the minimum credentials and identifiers required to deliver the feature, encrypted at rest, and we purge them on disconnect. We do not resell or redistribute data obtained through any third-party API.

6. How Long We Keep Data

  • Account data for as long as your Kalpa account is active, and up to 30 days after deletion to allow recovery from accidental deletion.
  • Transactional logs (email sends, API calls) for 90 days.
  • Backups are encrypted and rotated every 30 days.

7. Your Rights

You can access, export, correct, or delete your personal data at any time through the Kalpa dashboard. If you need help, email privacy@kalpatechllc.com. Residents of California (CCPA/CPRA), the European Economic Area (GDPR), and the United Kingdom have additional rights including the right to object to processing and to lodge complaints with a supervisory authority.

8. Security

All traffic to Kalpa is served over HTTPS with TLS 1.2+. Secrets and OAuth tokens are encrypted at rest with Fernet (AES-128 + HMAC-SHA256). Passwords are bcrypt-hashed (cost 12). We operate on AWS EC2 in the us-east-1 region.

9. Children

Kalpa is not directed at children under 13 and we do not knowingly collect data from anyone under 13.

10. Changes to This Policy

We may update this policy. When we do, we update the “Last updated” date and, for material changes, email active customers. The most recent version always lives at marketing.kalpatechllc.com/privacy.

11. Contact

Questions? Email privacy@kalpatechllc.comor write to Kalpa Technologies LLC.