Skip to main content
Kikou

Privacy Policy

Last updated: May 8, 2026

Kikou (“we”, “us”, “our”) operates the digital business card platform at kikou.cards. This Privacy Policy explains what personal information we collect, why we collect it, and how we protect it. We comply with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information we collect

  • Account information — name, email address, and hashed password when you sign up.
  • Card content — the details you add to your digital business card: name, title, company, phone number, email, website, location, bio, and headshot image.
  • Scan & analytics data — when someone views your card or scans your QR code, we record a one-way hash of their IP address, their browser user-agent string, approximate country, the referrer URL, and the scan source. We do not store raw IP addresses.
  • Lead submissions — when someone fills out the contact form on your card, we store the name, email, phone, company, and message they provide.
  • Payment information — billing details are collected and processed by Stripe. We store only your Stripe customer ID and subscription status — we never see or store your full card number.
  • Usage data — standard web server logs (timestamps, page requests, browser type) to keep the service running and diagnose issues.

2. How we use your information

  • To provide and maintain the Kikou service.
  • To display your digital business card to anyone who scans your QR code or opens your link.
  • To generate analytics about how your card is being used (scan counts, unique visitors, top referrers).
  • To process payments and manage your subscription.
  • To send transactional emails (email verification, password resets).
  • To protect against abuse, fraud, and unauthorized access.

3. Third-party services

We use the following third-party services to operate Kikou. Each has its own privacy policy:

  • Stripe — payment processing.
  • Resend — transactional email delivery.
  • Turso (LibSQL) — database hosting.
  • Vercel — application hosting and blob storage.
  • Cloudflare — CDN and object storage (R2).
  • Google Wallet & Apple Wallet — generating wallet passes for your card.

We do not sell your personal information to any third party.

4. Data retention

We keep your account data for as long as your account is active. Scan analytics and lead data are retained while your account exists. If you delete your account, we will delete your personal information and card data within 30 days, except where we are required by law to retain it.

5. Your rights

Under PIPEDA and applicable provincial privacy laws, you have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your information.
  • Withdraw consent for data processing.

To exercise any of these rights, contact us at the address below.

6. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), hashed passwords, rate limiting, and access controls. No system is 100% secure, but we take reasonable steps to protect your information.

7. Cookies

We use a session cookie to keep you signed in. We do not use advertising or tracking cookies. No third-party analytics scripts (such as Google Analytics) are loaded.

8. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice on the site. Your continued use of Kikou after changes are posted constitutes acceptance of the updated policy.

9. Contact

If you have questions about this Privacy Policy or want to exercise your privacy rights, contact us at:

Kikou
Email: privacy@kikou.cards

10. Governing law

This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein.