Privacy Policy

Last updated: May 8, 2026

1. Who We Are

Kyora Sentinel is operated by Cyber Boss Consulting LLC, doing business as Kyora IQ (“we,” “our,” or “us”). Our platform provides AI-powered career coaching, interview preparation, and professional development tools. By using Kyora Sentinel, you agree to this Privacy Policy.

For privacy-related inquiries, contact us at support@kyoraiq.com.

2. Information We Collect

Account information

When you create an account we collect your email address, optional first and last name, and a hashed password. This is stored securely in Supabase.

Usage data

We collect session counts, scores, and plan usage to enforce plan limits and display your progress. We do not collect detailed behavioral analytics or sell usage data.

Payment information

Payments are processed by Stripe. We store your Stripe customer ID and subscription ID but never your card number, CVV, or full payment details. Stripe's privacy policy governs payment data.

AI session content

Resumes, job descriptions, and interview transcripts are processed in real time to generate AI responses. This content is not stored after your session ends unless you explicitly save it.

Security logs

We log security events such as failed login attempts, rate limit hits, and suspicious activity. These logs are retained for 30 days and then deleted.

Contact messages

If you contact us via the contact form, your name, email, and message are stored until we respond and delete the message. We do not retain contact messages beyond correspondence.

3. How We Use Your Information

  • To provide and operate the Kyora Sentinel platform
  • To enforce plan limits and process billing
  • To display your progress and readiness scores
  • To respond to support requests
  • To detect and prevent fraud, abuse, and security threats
  • To comply with legal obligations

We do not sell your personal data. We do not use your resume or job descriptions to train AI models.

4. Third-Party Services

  • Supabase — authentication and database hosting. Data is stored in the United States.
  • Stripe — payment processing. Governed by Stripe's privacy policy.
  • OpenAI — AI responses. Content sent to OpenAI is governed by OpenAI's API usage policies. We do not send data with identifiers that link to your account.
  • Vercel — platform hosting and deployment.

5. Cookies

We use the following cookies:

  • Authentication cookies — required to keep you logged in. These are session cookies managed by Supabase.
  • Preference cookies — used to remember settings such as whether you have seen the onboarding modal. These are stored in your browser only.
  • Analytics cookies — we do not currently use third-party analytics or advertising cookies.

You can disable cookies in your browser settings. Disabling authentication cookies will prevent you from logging in.

6. Data Retention

  • Account data — retained while your account is active. Deleted within 30 days of an account deletion request.
  • Session transcripts and AI content — not stored. Discarded immediately after the session ends.
  • Security logs — retained for 30 days then automatically deleted.
  • Billing records — retained by Stripe for 7 years as required by US tax law.
  • Contact messages — deleted after correspondence is complete.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access — request a copy of the data we hold about you
  • Deletion — request deletion of your account and associated data
  • Correction — request correction of inaccurate data
  • Portability — request your data in a portable format
  • Opt-out — opt out of any non-essential data processing

To exercise any of these rights, email support@kyoraiq.com. We will respond within 30 days.

8. California Privacy Rights (CCPA)

California residents have the right to know what personal information we collect, request deletion of their personal information, and opt out of the sale of personal information. We do not sell personal information. To submit a request, contact support@kyoraiq.com.

9. GDPR (European Users)

If you are located in the European Economic Area, our legal basis for processing your data is contractual necessity (to provide the service) and legitimate interest (security and fraud prevention). You have the right to lodge a complaint with your local data protection authority. To exercise your GDPR rights, contact support@kyoraiq.com.

10. Children's Privacy

Kyora Sentinel is intended for users 18 years of age and older. We do not knowingly collect personal information from anyone under 18. If we become aware that a minor has provided personal information, we will delete it immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the platform or emailing you. Continued use of Kyora Sentinel after changes constitutes acceptance of the updated policy.