KODA
Request a Demo

Privacy Policy

Last updated September 22, 2025

Last updated September 17, 2025

This Privacy Policy will help you better understand how we collect, use, and share your personal information. Welcome to Koda, a secure document management and AI assistant platform built on a zero-knowledge architecture. Your privacy is fundamental to our mission of providing secure, intelligent document management solutions. We are committed to transparency about our data practices and to giving you meaningful control over your personal information. This Privacy Policy explains what information we collect, why we collect it, how we use it, and the choices you have regarding your personal data.

What Information Do We Collect?

We collect information necessary to provide and improve our Service, but with a crucial distinction thanks to our zero-knowledge architecture: we never have access to the content of your documents. All your files and the information within them are encrypted on your device before they are uploaded to our servers. The encryption keys are derived from your password and are never transmitted to us or stored by us. This means only you can decrypt and view your documents.

The information we do collect is limited to what’s essential for the functionality of the service:

  • Account Information: Your name, email address, and billing information (for paid plans).
  • Usage Metadata: Information about how you use the service, such as the number of documents you store, file sizes, and general activity. This metadata does not include any information about the content of your documents.
  • Device and Technical Information: Standard technical information such as your IP address, browser type, and operating system, which we use for security and to improve our service.

How Do We Use Your Information?

Our use of your information is strictly limited by our zero-knowledge architecture. We use the information we collect to:

  • Provide and Maintain the Service: We use your account information to manage your account and provide you with access to the Koda platform. We use encrypted versions of your documents to provide storage and syncing capabilities.
  • Power the AI Assistant: Our AI assistant is designed to work with your encrypted data without ever decrypting it on our servers. All AI processing happens in a secure, isolated environment, and we do not have access to the content of your documents or the results of your AI queries. We do not use your data to train our AI models.
  • Improve Our Service: We use anonymised usage metadata to understand how our service is used and to identify areas for improvement. This data is aggregated and does not contain any personal information.
  • Communication and Support: We use your contact information to send you important service-related communications and to respond to your support requests. We cannot, however, access your documents to provide support.

Do We Use Cookies And Other Tracking Technologies?

We use cookies and similar technologies for essential functionslity, such as keeping you logged in to your account. We may also use cookies for analytics purposes to help us understand how our service is used. You can control the use of cookies through your browser settings.

How Long Do We Keep Your Information?

We retain your account information and usage metadata for as long as your account is active. Your encrypted documents are stored on our servers until you delete them. When you delete a document, it is permanently and irretrievably removed from our systems.

How Do We Keep Your Information Safe?

Koda is built on a zero-knowledge security model, which provides the strongest possible protection for your data. Here’s what that means:

  • Client-Side Encryption: All your documents are encrypted on your device using industry-standard AES-256 encryption before they are transmitted to our servers. The encryption keys are derived from your password and are never sent to us.
  • You Hold the Key: You are the only one who holds the key to decrypt your documents. We do not have access to your password or your encryption keys, and therefore we cannot decrypt your data.
  • Protection from Breaches: In the unlikely event of a data breach of our servers, your documents would remain secure as they are encrypted and the attackers would not have the keys to decrypt them.
  • Insider-Proof: Our zero-knowledge architecture means that no one at Koda, not even our system administrators, can access your documents.

What Are Your Privacy Rights?

Our zero-knowledge architecture gives you an unprecedented level of control over your data. Your privacy rights include:

  • The Right to be Forgotten: When you delete your data from Koda, it is permanently gone. We cannot recover it for you, nor can we provide it to any third party.
  • The Right to Data Portability: You can download your documents from Koda at any time. Since you hold the encryption keys, you are in full control of your data.
  • The Right to Access: You can access your documents at any time by logging into your Koda account. However, please note that we cannot provide you with a copy of your data because we cannot decrypt it.

How can you contact us about this policy?

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

support@kodapda.com

Table of Contents

  1. What Information Do We Collect?
  2. How Do We Use Your Information?
  3. Do We Use Cookies And Other Tracking Technologies?
  4. How Long Do We Keep Your Information?
  5. How Do We Keep Your Information Safe?
  6. What Are Your Privacy Rights?
  7. How can you contact us about this policy?