Legal

Kio Privacy Policy

Last updated: June 1, 2026

Kio is a personal AI life assistant made by Prosperous Power LLC. This policy explains what we collect, why we collect it, and what you control. We wrote it in plain English because you deserve to actually understand it.

If you only read one section, read How We Use Your Gmail and Calendar Data. That's the one that matters most.

For the rules that govern your use of Kio, see our Terms of Service.

The Short Version

We collect what's needed to make Kio work — your account info, your conversations with Kio, and any reminders, notes, or drafts you ask Kio to create.
We do not sell your data. We do not use your data to train AI models.
Your conversations are protected by encryption in transit and at rest. Like every AI assistant today, our AI needs to read your messages to respond and to remember context that helps it serve you better over time.
You can export or delete your data at any time, including by deleting your account.
Kio is in an early, invite-only beta — we're still finalizing the experience, and you can delete your account anytime.

Who We Are

Kio is operated by Prosperous Power LLC, a Delaware limited liability company. You can reach us at support@mykio.app. For privacy-specific questions, use the same address with “Privacy” in the subject line.

What We Collect

Account information. When you create a Kio account, we collect the basic information needed to authenticate you, including your email address, name, and a unique user identifier.

Your content and memory. When you use Kio, we collect and store the messages you send, Kio's replies, and anything you ask Kio to create on your behalf — reminders, notes, calendar events, email drafts, and the running profile Kio uses to remember context across conversations.

Connected accounts. If you connect Gmail or Google Calendar, we receive the access tokens needed to read and write on your behalf, and the data Kio actually uses when you ask it to (see How We Use Your Gmail and Calendar Data below).

Device and app information. We collect basic technical information about your device — device type, operating system version, app version, and crash logs — so we can keep the app working and fix things when they break. If you opt in to push notifications, we store the notification token your device gives us. We use push notifications only for service-related and feature-related messages you've enabled; we will ask separately before using push for any marketing. If you ask Kio about something local (“coffee nearby”), we use your device location for that request only and only with your permission.

Diagnostics and analytics. We collect anonymized event data about how Kio is used — which features you use, when, how often. We never include the content of your messages in this data. It's categorical and numeric only: button taps, feature usage counts, response times. We use this to understand which parts of Kio are useful and to find problems.

How We Use Your Data

We use your data to:

Provide the service and make Kio actually useful — store your conversations, run reminders, sync with the integrations you've connected.
Personalize Kio's responses to you — Kio builds an evolving understanding of your goals, the people in your life, and your routines, and uses that context to tailor replies.
Keep the service safe and reliable — detect abuse, debug problems, recover from outages.
Communicate with you — service updates, security notices, and occasional product announcements you can opt out of.
Comply with the law — respond to lawful requests from authorities when we're required to.

We do not use your data for advertising, profiling for unrelated purposes, or sale to third parties. We do not use your conversations or content to train AI models, and we use AI providers under terms that prohibit them from training their models on your data.

How We Use Your Gmail and Calendar Data

If you connect Gmail or Google Calendar, here's exactly what Kio does and doesn't do.

Kio reads only what's needed to answer your question. When you ask Kio to check a thread or summarize your inbox, Kio reads the relevant emails and metadata at that moment. Kio doesn't crawl your entire inbox in the background.

Kio drafts emails to your Gmail Drafts folder. Kio never sends emails on its own. When Kio drafts a reply, the draft lands in your Gmail account where you can review, edit, and send it from Gmail itself — exactly the same as if you wrote it yourself.

Kio reads your calendar to give context-aware help. When you ask “what's on my schedule,” Kio reads the calendars you've selected. Kio can also create or modify events when you explicitly ask.

Kio's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

We only use your Gmail and Google Calendar data to provide or improve the user-facing features of Kio that are visible and prominent in the app.
We do not transfer this data to others unless doing so is necessary to provide and improve those features, comply with applicable law, or as part of a merger, acquisition, or sale of assets (and only with your notice).
We do not use this data to serve advertisements.
We do not allow humans to read this data unless we have your affirmative agreement for specific messages, it's necessary for security purposes (e.g., investigating abuse), to comply with applicable law, or our use is for internal operations and the data has been aggregated and anonymized.

You can disconnect Gmail or Calendar at any time from inside Kio. When you disconnect, the access tokens are deleted from our systems within a reasonable time.

How AI Processing Works

Kio uses a third-party AI provider to understand your messages and generate replies. Here's what that means in practice.

What gets sent. When you send a message, Kio assembles the relevant context — your message, recent conversation history, and the profile Kio has built about you — and sends it to our AI provider so it can generate a helpful response.

What the provider does with it. The provider processes this information to produce Kio's reply. We use a paid-tier service under contractual terms that prohibit the provider from using your data to train, improve, or develop their models, and your data is not retained by the provider afterward.

What stays with Kio. Your conversations and the context Kio builds about you are stored on Kio's own systems (see Security below) so Kio can remember what matters to you across conversations. That's what makes Kio a personal assistant rather than a stateless chatbot — the more you talk with Kio, the better it understands how to help.

What we don't do. We don't use your conversations or content to train AI models — ours or anyone else's — and we don't sell or license your data for model development.

We share data only with the third-party service providers we need to operate Kio — for hosting, authentication, AI processing, push notifications, error monitoring, and similar operational purposes. These providers are bound by contract to use your data only on our behalf and only for the purposes we specify.

We do not sell your personal data. We do not share it with advertisers, data brokers, or for any purpose unrelated to running the service.

We may share data when required by law — for example, in response to a valid subpoena, court order, or government request — and to protect the rights, property, or safety of Kio's users or the public.

What We Don't Collect

We don't track you across other apps or websites.
We don't access your contacts, photos, microphone, or location unless you specifically use a feature that needs them, and we ask permission first.
We don't collect data from people who haven't signed up for a Kio account.

How Long We Keep Your Data

Active conversations and content are kept while your account is active.
Deleted conversations or content are removed from our active systems within 30 days. Platform-level backups managed by our hosting provider may retain the data for a limited additional period before they cycle out.
Deleted accounts — your personal data is removed from our active systems within 30 days of account deletion; platform-level backups cycle out shortly after. Limited records may be retained longer where required by law (for example, financial records or fraud-investigation logs).
Service providers that processed your data (for hosting, AI processing, error monitoring, and similar operational purposes) operate on their own retention schedules under contracts that limit their use to providing the service to us.
Anonymized analytics data that can no longer be linked to you may be retained indefinitely.

Your Rights and Choices

You can:

Access the data we have about you
Correctinformation that's wrong
Delete your account and your data
Export your data in a portable format
Object to specific uses of your data

To exercise any of these, email support@mykio.app. We'll respond within 30 days.

Appeals.If we deny your privacy request, you can appeal by replying to our response or emailing support@mykio.app with the subject line “Privacy Appeal.” We'll respond within 60 days. If we deny the appeal, residents of states that provide it (including Virginia, Colorado, Connecticut, Texas, and Oregon) may contact their state attorney general.

Do Not Track and Global Privacy Control. Our service does not respond to “Do Not Track” browser signals. We honor the Global Privacy Control (GPC) signal where it applies under California law.

Deleting Your Account

You can delete your Kio account and data at any time by emailing support@mykio.app with the subject line “Delete my account” — we'll remove it within 30 days. (A one-tap delete inside the app is on the way.)

When you delete your account, we remove your personal data from our systems within 30 days. Some information may persist longer where required by law or in our anonymized analytics where it can no longer be tied to you.

California Privacy Rights

If you're a California resident, you have rights under the California Consumer Privacy Act (CCPA) including the right to know what personal information we collect, the right to delete it, the right to correct it, and the right not to be discriminated against for exercising those rights. The rights described in Your Rights and Choices above satisfy these. We do not sell or share personal information for cross-context behavioral advertising.

Categories of personal information we collect. In the past 12 months we have collected the following categories (as defined in Cal. Civ. Code §1798.140): identifiers (name, email, user ID); customer records (account information); internet or other network activity (app usage, device data, crash logs); geolocation (only when you use a location-aware feature); inferences drawn from your use of Kio to personalize responses; and the contents of communications you send to Kio.

Sources of personal information. Directly from you; from your device; from connected services (such as Gmail and Google Calendar) that you authorize; and from our service providers.

Business and commercial purposes. Providing the service, personalization, security, debugging, legal compliance, and communicating with you.

Categories disclosed to service providers. All of the categories above may be disclosed to service providers under written contracts that prohibit independent use. We have not sold or shared (as defined under CPRA) personal information in the past 12 months.

If you're in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the GDPR including access, rectification, erasure, restriction, portability, and objection. Our legal basis for processing your data is the contract you enter into when you create an account, your consent for optional features, and our legitimate interest in providing and improving the service. To exercise your rights, contact support@mykio.app. You also have the right to lodge a complaint with your local data protection authority.

International Data Transfers

Kio is operated from the United States. If you use Kio from outside the US, your data will be transferred to and processed in the US. We rely on standard contractual clauses and other approved transfer mechanisms where required.

Children

Kio is not directed to children under 13 and is not intended for them. We don't knowingly collect personal information from anyone under 13. If we learn that we've collected information from a child under 13, we'll delete that information and the account promptly. Parents or guardians who believe a child has provided information to Kio can email support@mykio.app with the subject line “COPPA” and we'll act within 10 business days.

Security

Keeping your data safe is a core commitment, not an afterthought.

Encryption. All data transmitted between your device and Kio is protected by industry-standard encryption in transit (TLS), and your data is encrypted at rest on our hosting infrastructure — so it's protected whether it's moving or stored.

Access controls. Production systems are restricted by role. Only a small number of authorized personnel can access user data, and only when necessary to resolve a technical issue, respond to a support request you've initiated, or comply with a legal obligation. Access is logged.

Secure infrastructure. Kio's backend runs on managed cloud infrastructure with built-in encryption, automated backups, and access controls maintained by the platform provider.

No system is perfect. We use appropriate technical and organizational safeguards, but no service can guarantee absolute security. If we discover a security incident that affects your data, we'll notify you promptly in accordance with applicable law.

Who Can Access Your Conversations

Your conversations with Kio are yours. Here's who else can see them, and why.

Kio's AI. To generate a reply, Kio sends relevant context from your conversation to our AI provider (see How AI Processing Works above). The provider processes it to produce a response and does not retain it afterward.

Authorized personnel. A small number of authorized team members can access conversation data when necessary to diagnose a technical problem, investigate a security or abuse concern, or respond to a lawful request. This access is role-restricted and logged — it's not routine monitoring, and we never read your conversations for marketing, research, or any purpose unrelated to keeping the service safe and working.

No one else. We don't sell access to your conversations, and we don't share their content with advertisers, data brokers, or other users.

Changes to This Policy

If we make material changes to this policy, we'll let you know in advance — by email, in-app notice, or both — before they take effect. Smaller updates we'll publish here with a new “Last updated” date.

This policy supersedes all prior privacy policies for Kio, including any policy that named “Jonathan Hsieh, d/b/a Prosperous Power” as the operator. Prosperous Power LLC is the successor-in-interest and assumes all obligations under prior policies.

Accessibility

These documents are available in plain text. If you need them in another format, email support@mykio.app and we'll do our best to accommodate.

Contact

For privacy questions, data requests, or anything related to this policy:

Email: support@mykio.app (subject line: “Privacy”)
Mail: Prosperous Power LLC, [registered address]

Back to Kio · Terms of Service