ProductAbout UsPricingUse CasesBlogContact Us
Book a Demo
Features
FAQ
About Us
Product
FeaturesFAQ
Pricing
Use Cases
Blog
Contact Us

Privacy Policy

Privacy Policy

1. Scope

This Privacy Policy explains how Kora Studio (“Kora”, “we”, “us”, “our”) collects, uses, discloses, and protects personal information when you visit our website, join our waitlist, create an account, use our services, or communicate with us (collectively, the “Services”).

If you use Kora Studio on behalf of an organization, your use may also be governed by a separate agreement between your organization and Kora.

2. Definitions

  • “Personal Information” means information that identifies, relates to, describes, or could reasonably be linked to an individual.
  • “Customer Content” means project models, files, parameters, designs, and outputs you submit to or generate using Kora Studio. Customer Content may include personal information if you include it in files.
  • “Controller” and “Processor” have the meanings used in applicable privacy laws (e.g., GDPR).

3. Information We Collect

We may collect the following categories of information:

A. Information you provide

  • Account and profile data: name, work email, organization, role, and account credentials (or SSO identifiers).
  • Waitlist and marketing forms: contact details and your stated interests (e.g., use cases).
  • Support and communications: information you share when contacting support or participating in feedback programs.
  • Payment details (if applicable): billing contact details and transaction records (payment processing is typically handled by a payment provider; we do not store full card numbers).

B. Information collected automatically

  • Usage and telemetry: feature usage events, performance metrics, logs, device and browser information, and crash reports.
  • Website analytics: pages visited, referral sources, approximate location (city/region), and interactions with site content.
  • Cookies and similar technologies: used for authentication, preferences, analytics, and marketing (see Section 9).

C. Information from third parties

  • Integrations and service providers: authentication providers (SSO), analytics tools, support platforms, and hosting providers.
  • Business contacts: if you engage with us at events or through partners, we may receive your business contact details.

4. How We Use Information

We use personal information for the following purposes:

  • Provide, maintain, and secure the Services (authentication, access, account administration).
  • Operate and improve product functionality (including debugging, analytics, and performance).
  • Provide customer support and respond to requests.
  • Communicate about updates, webinars, releases, and product news (you can opt out of marketing emails).
  • Conduct research and development, including feedback programs and usability testing.
  • Process payments and manage subscriptions (if/when paid plans are offered).
  • Protect against fraud, abuse, and security incidents, and enforce our terms.
  • Comply with legal obligations and respond to lawful requests.

5. Legal Bases (for EEA/UK)

If you are in the EEA/UK, we process personal information under one or more of the following legal bases:

  • Contract: to provide the Services you request.
  • Legitimate interests: to secure, operate, and improve the Services, and to communicate with business users.
  • Consent: for certain cookies and marketing communications where required.
  • Legal obligation: to comply with applicable laws.

6. How We Share Information

We do not sell personal information. We may share personal information as follows:

  • Service providers (subprocessors) that help us operate the Services (hosting, analytics, support tooling, email delivery, payment processing).
  • Professional advisors (e.g., legal, auditors) as needed for business operations and compliance.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets (subject to appropriate safeguards).
  • Legal and safety: to comply with law, protect rights and safety, and prevent fraud or abuse.

We require service providers to use appropriate safeguards and to process personal information only as necessary to provide their services to us.

7. Customer Content and Confidentiality

Customer Content belongs to you or your organization. We process Customer Content only to provide, secure, and support the Services.

  • We do not use Customer Content for advertising.
  • We do not publish or market your project content without your permission.
  • We encourage customers not to include sensitive personal data in models unless necessary.

8. Data Retention

We retain personal information only as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.

  • Account data: retained while your account is active and for a reasonable period thereafter.
  • Usage data: retained according to internal schedules for analytics and security purposes.
  • Support records: retained to maintain continuity of support and improve service quality.
  • Backups: may retain information for a limited period before expiration as part of disaster recovery.

9. Cookies and Tracking

We use cookies and similar technologies for authentication, preferences, analytics, and marketing.

  • Essential cookies: required for site functionality and security.
  • Analytics cookies: help us understand site usage and improve performance.
  • Marketing cookies: help measure campaigns and deliver relevant content where permitted.

You can manage cookie preferences through your browser settings and any cookie banner controls we provide (where required).

10. Security

We use administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, and alteration.

For more detail, see our Security & Data page.

  • Encryption in transit (TLS) for data transmitted to our services (where applicable).
  • Access controls and least-privilege internal access.
  • Monitoring and incident response processes.

11. International Data Transfers

We may process and store personal information in countries other than your own. Where required by law, we use appropriate safeguards for cross-border transfers (such as Standard Contractual Clauses).

12. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal information, and to object to certain processing.

  • EEA/UK: rights under GDPR (access, rectification, erasure, restriction, portability, objection).
  • California: rights under CCPA/CPRA (access, deletion, correction, opt-out of sale/sharing where applicable).
  • Other jurisdictions: similar rights may apply.

To submit a request, contact us using the details in Section 15. We may need to verify your identity and authority before fulfilling requests.

13. Marketing Communications

You can opt out of marketing emails at any time by using the unsubscribe link in our emails or by contacting us. We may still send non-marketing messages related to your account, security, or service updates.

14. Children’s Privacy

Kora Studio is not directed to children and we do not knowingly collect personal information from children under 16 (or the age defined by applicable law). If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

15. Contact Us

If you have questions about this Privacy Policy or want to exercise your privacy rights, contact:

  • Privacy: samira@kora.studio
  • Support: support@kora.studio

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will post an updated version and revise the “Last updated” date. Continued use of the Services after an update means you accept the updated Privacy Policy.

575 Lexington Ave, 14th
Floor, New York, NY 10022
EmailSalesSupport
Security & DataAbout CompanyBlog
© 2026 Kora Studio
Terms & ConditionsPrivacy Policy