This Privacy Policy describes how KOKORO ("we," "us," or "our") collects, uses, and protects information when you use our website at kokoro.cool and our mobile applications, including Itard (collectively, the "Services"). By using our Services, you agree to the practices described in this policy.
1. Who We Are
Company Name: KOKORO Studio
Business Type: Ontario Business Corporation
Location: Toronto, Ontario, Canada
Contact: hello@kokoro.cool
This agreement is between you and KOKORO. Apple Inc. is not a party to this Privacy Policy and has no responsibility for our Services or their content.
2. Information We Collect
We collect only what is necessary to provide our Services:
Account Information
- Email address (when you register or sign up for our newsletter)
- Authentication tokens (when you sign in, including Sign in with Apple)
- We do not receive your Apple ID password or full name unless you choose to share it
Audio and Voice Data (Itard App)
- Voice recordings captured during active sessions — used solely to analyze emotional tone in real time
- Audio is processed in chunks and is not permanently stored after analysis is complete
- Transcribed text derived from your voice may be stored as part of your session history
- We do not use your voice data to identify you or build voice profiles
Usage Data
- Minutes of recording used (to enforce free plan limits)
- Session timestamps and feature interactions
- Device type, operating system version, and app version (for debugging and compatibility)
Website Data
- Email address submitted via our newsletter form
- Anonymous page-view analytics (no personal identifiers collected)
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our Services
- Authenticate your account and keep it secure
- Analyze and display emotional tone feedback within the Itard app
- Enforce free plan usage limits
- Send you product updates and newsletters (only if you subscribe; you may unsubscribe at any time)
- Respond to your support requests
- Comply with legal obligations
We do not sell, rent, or share your personal information with third parties for marketing purposes.
4. Microphone and Speech Recognition
The Itard app requires access to your device's microphone to record audio for emotional tone analysis. We use Apple's on-device Speech Recognition framework (SFSpeechRecognizer) as the primary transcription method. This processes speech locally on your device whenever possible.
When on-device recognition is unavailable or reaches its system limit, audio may be sent to our secure backend for transcription via OpenAI's Whisper API. In all cases, audio is processed only for the purpose of providing the app's core functionality and is not retained beyond the active session.
You may revoke microphone and speech recognition permissions at any time through your device's Settings. Doing so will prevent core app features from functioning.
5. Third-Party Services
We use the following third-party services to operate our Services. Each has its own privacy policy:
- Supabase — Authentication and database hosting. Stores account credentials, session data, and app usage records. (Privacy Policy)
- OpenAI — Whisper API for audio transcription (fallback). Audio chunks may be sent to OpenAI's servers for processing. (Privacy Policy)
- Vercel — Backend API hosting and deployment. (Privacy Policy)
- Formspree — Newsletter form submissions on our website. (Privacy Policy)
- Google Analytics — Anonymous website traffic analytics. (Privacy Policy)
- Apple — Sign in with Apple authentication. (Privacy Policy)
We do not use any advertising SDKs or tracking frameworks. We do not request access to the Advertising Identifier (IDFA).
6. Data Retention and Deletion
We retain your data only for as long as necessary to provide our Services or as required by law.
- Audio data: Processed in real time and not retained after your session ends
- Session history: Stored until you delete your account
- Account data: Retained until you request deletion
- Newsletter: Retained until you unsubscribe
Account Deletion: You may delete your account and all associated data at any time directly within the Itard app (Settings → Privacy → Delete Account). This action is immediate and irreversible. All your data, including session history and usage records, will be permanently erased from our systems via a cascading deletion process.
You may also request deletion by emailing hello@kokoro.cool. We will process your request within 30 days.
7. Your Privacy Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Request your data in a structured, machine-readable format
- Withdrawal of Consent: Withdraw consent for data processing at any time
- Opt-Out: Unsubscribe from marketing emails at any time
To exercise any of these rights, contact us at hello@kokoro.cool. We will respond within 30 days. We do not discriminate against users who exercise their privacy rights.
8. Data Security
We implement industry-standard security measures to protect your information, including:
- Encrypted data transmission (HTTPS/TLS) for all network requests
- Authentication tokens stored securely in your device's Keychain
- Row-Level Security (RLS) enforced at the database level
- Access to personal data restricted to authorized personnel only
While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
9. Children's Privacy
Our Services are not directed to children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without verified parental consent, we will take steps to delete that information promptly.
If you believe we may have collected information from a child, please contact us at hello@kokoro.cool.
10. International Data Transfers
KOKORO is based in Canada. Our third-party service providers may process and store data in the United States and other countries. By using our Services, you consent to the transfer of your information to these countries, which may have different data protection laws than your jurisdiction.
We ensure that any international transfers are conducted under appropriate safeguards, including standard contractual clauses where required.
11. California Privacy Rights (CCPA)
If you are a California resident, you have the right to know what personal information we collect, disclose, or sell; the right to delete your personal information; and the right to non-discrimination for exercising these rights. We do not sell personal information. To exercise your rights, contact us at hello@kokoro.cool.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we will notify you via email (if subscribed) or through a notice in our app. We encourage you to review this policy periodically. Your continued use of our Services after changes become effective constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:
KOKORO Studio
Toronto, Ontario, Canada
hello@kokoro.cool