KLATALK Privacy Policy
Last updated: February 2026
1. Overview
KLATALK ("we", "our", "the app") is an AI-native messenger. This policy explains how we collect, use, and protect your data.
Key principle: AI never reads your messages unless you explicitly invoke it via @klat or in an AI Room.
2. Data We Collect
- Account information: Email, display name, username, profile picture
- Messages: Text messages sent and received within conversations
- AI interactions: When you invoke Klat AI, the conversation context is processed
- Usage data: Feature usage, AI interaction logs (for billing), timestamps
3. AI & OpenAI Data Sharing
Messages in AI-enabled interactions are sent to OpenAI for processing.
- What is shared with OpenAI: Message content and conversation context (recent messages) when you use @klat, AI Rooms, or Voice Klat. User locale for language detection.
- What is NOT shared with OpenAI: Your password, payment information, messages in chats where AI is not invoked, messages from other conversations.
- OpenAI's policy: OpenAI processes data per their API data usage policy. API inputs/outputs are not used to train OpenAI models.
4. User Control
- You choose when to invoke AI. Type
@klat in any chat to summon the assistant.
- AI Rooms are explicitly created by you for AI conversations.
- Regular 1:1 and group chats have no AI involvement unless you use
@klat.
- Voice Klat sessions are initiated by you via the microphone button.
5. Data Retention
- Messages are stored for as long as your account is active.
- You may request deletion of your account and all associated data.
- AI interaction logs are retained for billing purposes.
6. Third-Party Services
- OpenAI: Chat Completions API (gpt-4o), Realtime API (gpt-4o-realtime-preview) for AI features
- Supabase: Authentication, database, realtime messaging, edge functions (hosted infrastructure)
- Cloudflare: CDN and web hosting for klatalk.com
- Google: OAuth authentication (if you sign in with Google)
7. Security
- All connections use TLS 1.3 encryption in transit
- Data at rest is encrypted (AES-256) by Supabase
- Row Level Security (RLS) ensures users only see their own data
- API keys are stored securely in server-side vaults, never in client code
- AI messages can only be created server-side
8. klat_money & Payments
- klat_money is an in-app currency used to pay for AI features
- Transaction history is visible in your wallet
- Payment processing (when available) uses industry-standard encryption
9. Your Rights
- Access your data through the app's settings
- Request data export or account deletion
- Opt out of AI features by simply not using them
10. Contact
For privacy inquiries, contact us at: privacy@klatalk.com