Privacy Notice

1. Who are we and what is this Privacy Notice about?

Hyphen ApS (“Hyphen”, “we”, “us”) is a company offering the app Kin, and owns and operates the site mykin.ai.

We want to provide you with privacy-friendly services and experiences which is why we constantly aim at processing as few personal data as possible. In a perfect world, we would not need to provide you with this Privacy Notice as we would not need to process any of your personal data altogether. However, we are not quite there yet, and Kin is still growing into a truly private product. So for now, we still need some information to provide you with our services and to make sure we can develop Kin in the right direction.

To provide you with Kin and other services, Hyphen will process certain personal data about you as part of our products and services.

In the Privacy Notice (“Notice”) you will be able to read why and how your personal data is processed, what rights you have as an individual, what legal basis Hyphen rely on etc. There will be certain references to “GDPR” which we are obligated to provide you with. “GDPR”  stand for the General Data Protection Regulation ((EU) 2016/679) which we are subject to.

2. Who is responsible for your personal data?

Hyphen ApS determines the purpose and the means of the processing of personal data we collect from you which means we are the data controller of your data.

Our contact details:

Hyphen ApS
CVR: 43118420
Sortedam Dossering 55
2100 Copenhagen Ø
Denmark
Email: legal@mykin.ai

Hyphen does not employ a Data Protection Officer. If you have any questions or concerns regarding Kin or other of our services and the use of your personal data, please contact us on the email address above.

3. Your data protection rights

We take your privacy seriously and that also includes your rights.

In relation to the personal data, we process about you, you have the following rights:

  • Right of access: you have the right to request access to your personal data and to request information about the processing we carry out.
  • Right to rectification: you have the right to have inaccurate personal data rectified and to have incomplete personal data completed.
  • Right to erasure: you have the right to request deletion of your personal data.
  • Right to restriction of processing: you have the right to obtain restricted processing of your personal data to the effect that such personal data may not be processed other than merely by being stored.
  • Right to data portability: you have the right to receive your personal data which you have provided yourself to a controller, in a structured, commonly used and machine-readable format.
  • Right to object: you have the right to object at any time to any unlawful processing of your personal data.

Note that restriction may apply to these rights which will depend on how the personal data is processed. If you want to know more, feel free to contact us.

You also have the right to withdraw a consent, e.g., for direct marketing (our newsletter) at any time. Withdrawing a consent does not affect the lawfulness of processing based on consent carried out before the withdrawal.

If you wish to file a complaint with the data protection authorities, you can always file a complaint with the Danish Data Protection Authorithy (Datatilsynet) by visiting www.datatilsynet.dk

4. Why, how and what personal data is processed

We aim to either only process anonymous data about you, or make sure we do not have access to your data at all. This is the purpose of Kin; to make sure only you have access to your data.

Using and interacting with Kin

When you interact with Kin, all data that is generated, e.g., conversations and memories, are stored locally, on your own device. To provide features like personalized conversations and memory extraction, we utilize ML models like LLMs. E.g., in a conversation, user messages and smaller chunks of the Kin user’s memory are sent to an LLM to generate Kin's response.

It is important to emphasise, that KIN DOES NOT have access to this data at all.

Regarding individuals, Kin users (Beta testers included), and processing of data, user input and partial data will be processed by Azure Open Al Service tp provide you with the Kin functionality, such as chatting, etc. Without processing this input, the functionality would not be available. Neither Hyphen nor Kin has access to any information, and it’s sent directly from your device to the service provider.

Individuals
(the personal data types we process)

Personal data
(the personal data types we process)

Why we use it
(the purpose behind the processing)

Our legal basis for processing
(what rule we rely on)

Retention
(the amount of time we retain the data)

Kin users (Beta testers included)

User input and partial data

Kin integrates with Azure Open AI Service to provide you with the Kin functionality, such as chatting, etc. Without processing this input, the functionality would not be available

Neither Hyphen nor Kin has access to any information, and it’s sent directly from your device to the service provider

Interacting with Hyphen

Opposite Kin, we at Hyphen are the controller for some personal data to make sure we can provide and develop Kin, and to send a newsletter to you from time to time. See the details of the personal data we control here:

Individuals
(the personal data types we process)

Personal data
(the personal data types we process)

Why we use it
(the purpose behind the processing)

Our legal basis for processing
(what rule we rely on)

Retention
(the amount of time we retain the data)

Newsletters recipients (direct marketing)

Email address, name and sign-up timestamp

Communication in relation to our product and services to which you have consented to when signing up to our marketing

Our processing is based on your consent when signing up to our newsletter (GDPR art. 6(1)(a)). You can withdraw your consent anytime at the bottom of any newsletter

For a long as your consent is valid

Waitlist subscribers

Email address

Add you to our waitlist for early access Kin upon your request and send you an invitation

Our processing is based on our legitimate interest in adding you to our waitlist and sending you an early access invite, as requested by you

When early access has been granted

Kin users (Beta testers included)

Phone number

Number is used for user authentication and solely processed for verification purposes

Our processing is based on our legitimate interest in ensuring proper user verification from a security perspective (GDPR art. 6(1)(f)).

Neither Hyphen nor Kin receive or store your phone number. This is solely processed by our service provider and deleted when your account is deleted. There is no connection between your phone number and any data in Kin

Kin and website users (Beta testers included)

Kin:selected feedback message, timestamp, DID

Voluntary: Email address

Website:Email address,
selected feedback message, timestamp

Your feedback, should you wish to share it, is collected to improve our products and services

Our processing is based on our legitimate interest in product and service improvements, and general customer service  (GDPR art. 6(1)(f)).

We keep the data for a period of 180 days from collection to make sure we can properly review and compare various feedback

Beta testers

Required:
Email address, Platform (iOS/Android), Name or Nickname Voluntary:beta test consent for us to reach out to our beta testers for feedback

For our beta testers, we collect information to run Beta testing on iOS and Android platforms, onboard Beta testers and identify use cases

Our processing is based on our legitimate interest in beta testing Kin, incl. identifying use cases, product improvements, errors etc. (GDPR art. 6(1)(f)).

We process data from beta activation (user approval) and until you delete your account.

What is a DID?

When you sign up to Kin, we generate a “DID” which is unique number for each user. We do not use the DID to uniquely identify you, but we use is to e.g. correlate errors and see if they are happening specifically for one user, or if they happen across all users.

6. Recipients of personal data, transfer outside the EU/EEA and disclosures

Hyphen use certain service providers to provide our services. These providers process personal data on our behalf and under our instructions and are our data processors.In general, we treat all personal data you provide to us as confidential, and we therefore only utilise providers which are necessary for our operation.

Our providers support us with email marketing, user verification, in-app functionality, in-app and web analytics (anonymous), customer service and feedback management and beta test management.

It may be necessary to transfer personal data to countries outside the EU/EEA to provide our services by way of our providers. If this is the case, such data will be transferred in accordance with applicable requirement to third-country transfers and safeguarded by an adequacy decision by the European Commission, the Commissions Standard Contractual Clauses (SCCs) or other applicable transfer mechanisms in accordance with the GDPR. If you want to obtain a list of such third country transfers, please reach out to us.Note that we may also in special circumstances transfer data for the purpose of establishing, making or defending a legal claim.

To the extent it is necessary to disclose or share your personal data to comply with a legal obligation or court directives, to enforce or apply this Notice or other agreements, or to protect our rights or security, we may do so.

7. Account Deletion

As a user of the Kin app, you have the right to delete your account at any time. All your user data is stored client-side on your device. Therefore, when you delete your account, there is no data stored on our servers that needs to be deleted, only your account with our authentication provider, Magic.link, and any optionally collected data (such as feedback) associated with your DID. To request account deletion, please follow these steps:

1. In-App Deletion: Navigate to the 'Settings' section within the Kin app. Here, you will find an option labeled "Delete account." Selecting this option will initiate the process of deleting your account.

2. Email Deletion Request: Alternatively, if you prefer or are unable to delete your account through the app, you can send an email to support@mykin.ai. Please include your Decentralized Identifier (DID) in the email.

Upon receiving your request, we will proceed to delete your account and all associated data. Please note that after initiating the account deletion process, either through the app or via email, it may take up to 30 days to completely remove all your data from our systems. During this period, your account will be deactivated, and your data will not be accessible.

8. Changes to this Notice

We might need to change to Notice from time to time as we grow and develop, and to make sure we continue to minimise our controllership of your personal data. Therefore, we reserve the right to change this Notice when considered necessary. When you access our product and services you will always be presented with the latest version of this Notice.



Last update: 2023-12-14

Your life,
kept with Kin

Beta-users are onboarding on a rolling basis.Request to get early access.

Made in

Copenhagen, Denmark