Korva

Privacy Policy

Last updated June 26, 2026

This Privacy Notice for Korva Labs, Inc. (we, us, or our) describes how and why we might access, collect, store, use, and/or share (process) your personal information when you use our services (Services), including when you:

  • Visit our website at getkorva.co, or any website of ours that links to this Privacy Notice;
  • Download and use our mobile application (Korva), or any other application of ours;
  • Engage with us in other related ways, including any marketing or events.

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions, contact us at privacy@getkorva.co.

1. What Information Do We Collect?

Personal information you disclose to us

We collect personal information that you voluntarily provide when you register, express an interest in our products and Services, participate in activities on the Services, or otherwise contact us. This may include:

  • email addresses
  • usernames
  • passwords
  • contact preferences
  • contact or authentication data
  • content you create or upload (such as links, files, media, and comments)

Sensitive Information. We do not process sensitive personal information.

Social Media Login Data. We may provide you with the option to register or log in using a third-party account such as Apple or Google. If you choose to do so, we may collect certain profile information (such as your name and email) from that provider, as described in How We Handle Your Social Logins below.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This does not reveal your specific identity but may include:

  • Log and usage data — diagnostic, usage, and performance information such as your IP address, device information, browser type, and activity in the Services.
  • Device data — information about the device you use, such as IP address, device and application identifiers, hardware model, and operating system.
  • Location data — approximate location derived from your IP address. We do not collect precise device (GPS) location.
  • Inferred preference data — information we generate about your likely interests by analyzing your activity and saved content, used to personalize and rank the content shown to you. This may include interest profiles and similar derived signals.

Information collected from other sources

If you register or interact with us using a third-party account such as Apple or Google, we may receive personal information about you (such as your name and email) from that provider, whose own use of your information is not governed by this Privacy Notice.

Application data

  • Mobile device access. We may request access to your camera and photo library/storage so you can add images to your profile and content. You can change these permissions in your device settings.
  • Push notifications. We may request to send you push notifications. You can opt out in your device settings.

2. How Do We Process Your Information?

We process your personal information for a variety of reasons, including to:

  • facilitate account creation, authentication, and account management;
  • deliver and facilitate delivery of the Services to you;
  • respond to your inquiries and offer support;
  • send you administrative information, such as changes to our terms and policies;
  • enable user-to-user communications, such as comments and replies;
  • personalize and rank the content shown in your feed based on your activity and interests;
  • request feedback about your use of the Services;
  • send you marketing and promotional communications, in line with your preferences;
  • determine the effectiveness of our marketing and promotional campaigns;
  • develop and display personalized content and advertising (where we offer advertising);
  • identify usage trends so we can improve the Services;
  • protect our Services, including fraud monitoring and prevention; and
  • comply with our legal obligations.

4. When and With Whom Do We Share Your Personal Information?

We may share your data with third-party vendors and service providers who perform services for us or on our behalf and require access to do that work. We have contracts in place designed to safeguard your personal information; they may not use it except as we instruct. The service providers we share information with are:

  • AI service providers: OpenAI and Google Cloud AI
  • Cloud computing services: Google Cloud Platform and Supabase
  • Functionality and infrastructure: Inngest and Upstash
  • Account registration and authentication: Supabase, Apple, and Google
  • Web and mobile analytics: PostHog
  • Website hosting: Vercel
  • Performance monitoring: Sentry
  • Push notifications: Expo

We may also need to share your personal information in the following situations:

  • Business transfers. In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
  • Other users. When you post comments or other content, or interact with public areas of the Services, that information may be viewed by other users and made publicly available. Other users can view your profile and descriptions of your activity.

5. Do We Use Cookies and Other Tracking Technologies?

We may use cookies and similar tracking technologies (such as web beacons and pixels) to gather information when you interact with our Services. Some help us maintain the security of our Services and your account, save your preferences, and support basic functions, while others support analytics. To the extent these technologies are deemed a sale or sharing under applicable US state laws, you can opt out as described in the US residents’ section below. Most browsers let you remove or reject cookies in their settings.

6. Do We Offer Artificial Intelligence-Based Products?

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (AI Products). We provide these through third-party AI service providers, including OpenAI and Google Cloud AI. Your input, output, and personal information may be shared with and processed by these providers to enable your use of our AI Products, which are designed for functions such as content insights, image analysis, and text analysis. All personal information processed using our AI Products is handled in line with this Privacy Notice and our agreements with these providers.

7. How Do We Handle Your Social Logins?

Our Services may offer you the ability to register or log in using a third-party account such as Apple or Google. If you choose to do so, we may receive certain profile information about you from that provider, which may include your name and email address. We use this information only for the purposes described in this Privacy Notice. We do not control, and are not responsible for, other uses of your personal information by your third-party provider, and we recommend reviewing their privacy notice.

8. Is Your Information Transferred Internationally?

Our servers are located in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States and other countries where we or our service providers operate. For transfers of personal information from the EEA, UK, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses, copies of which can be provided upon request.

9. How Long Do We Keep Your Information?

We keep your personal information for as long as necessary to fulfill the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law. No purpose will require us to keep your personal information for longer than the period in which you have an account with us. When we no longer have a legitimate need to process your information, we will delete or anonymize it, or securely store and isolate it until deletion is possible.

10. How Do We Keep Your Information Safe?

We have implemented appropriate and reasonable technical and organizational security measures designed to protect your personal information. However, no electronic transmission or storage technology can be guaranteed to be 100% secure, so we cannot promise that unauthorized third parties will not be able to defeat our security. You should only access the Services within a secure environment.

11. Do We Collect Information From Minors?

We do not knowingly collect data from or market to anyone under 18 years of age, or the equivalent age of majority specified by law in your jurisdiction. By using the Services, you represent that you are at least 18. If we learn that personal information from a user under 18 has been collected, we will deactivate the account and take reasonable measures to delete that data. If you become aware of any such data, please contact us at privacy@getkorva.co.

12. What Are Your Privacy Rights?

Depending on your state of residence in the US, or in regions such as the EEA, UK, Switzerland, and Canada, you may have rights that give you greater access to and control over your personal information. These may include the right to request access and obtain a copy of your personal information, to request rectification or erasure, to restrict or object to processing, to data portability, and not to be subject to automated decision-making. You may review, change, or terminate your account at any time.

Withdrawing your consent. Where we rely on your consent, you may withdraw it at any time by contacting us. This will not affect the lawfulness of processing before its withdrawal.

Opting out of marketing. You can unsubscribe from our marketing communications at any time using the unsubscribe link in those messages or by contacting us. We may still send you service-related messages.

Account information. You can review or change your account information, download your data, or delete your account directly in the app under Settings, or by contacting us. Upon a request to terminate your account, we will deactivate or delete your account and information from our active databases, though we may retain some information to prevent fraud, troubleshoot, assist with investigations, enforce our terms, or comply with legal requirements.

If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection authority. In Switzerland, you may contact the Federal Data Protection and Information Commissioner. For any questions about your rights, email us at privacy@getkorva.co.

13. Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track (DNT) feature. Because no uniform technology standard for recognizing and implementing DNT signals has been finalized, we do not currently respond to DNT browser signals. If a standard is adopted that we must follow, we will inform you in a revised version of this Privacy Notice.

14. Do United States Residents Have Specific Privacy Rights?

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and details about the personal information we maintain about you, to correct inaccuracies, to obtain a copy of, or to delete your personal information, and to withdraw consent. These rights may be limited in some circumstances by applicable law.

Categories we collect. Identifiers; personal information under the California Customer Records statute; internet or other network activity; geolocation data (approximate); audio/visual information (images you upload); and inferences drawn from the above. We do not collect protected classification characteristics, commercial/transaction information, biometric information, professional or employment information, education information, or sensitive personal information.

We have not sold or shared personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We may disclose identifiers, network activity, geolocation, audio/visual information, and inferences to the service providers described above.

How to exercise your rights. Contact us at privacy@getkorva.co. We will verify your identity before acting on your request. You may also use an authorized agent, subject to verification. If we decline to act, you may appeal by emailing us at the same address.

California Shine the Light law. California residents may request, once a year and free of charge, information about categories of personal information we disclosed to third parties for their direct marketing purposes. To make such a request, contact us at privacy@getkorva.co.

15. Do We Make Updates to This Notice?

Yes. We may update this Privacy Notice from time to time. The updated version will be indicated by an updated Last updated date at the top of this Privacy Notice. If we make material changes, we may notify you by prominently posting a notice or by directly sending you a notification.

16. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, you may email us at privacy@getkorva.co, or contact Korva Labs, Inc.

17. How Can You Review, Update, or Delete the Data We Collect From You?

Based on the applicable laws of your country or US state of residence, you may have the right to request access to the personal information we collect, correct inaccuracies, or delete it. You can review, update, download, or delete your data directly in the app under Settings, or by emailing us at privacy@getkorva.co.