kıncura

Privacy Policy

Last updated: February 6, 2026

At Kincura, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Information You Provide

  • Account Information: Email address, password, and name when you create an account
  • Care Recipient Information: Names, dates, and other details about people you are caring for
  • Documents: Files you upload such as medical records, legal documents, and financial statements
  • Financial Information: Account details, balances, and transaction information you choose to track
  • Medical Information: Medications, appointments, provider contacts, and health-related notes
  • Contacts: Names, phone numbers, and other contact details for healthcare providers, attorneys, and family members

Information Collected Automatically

  • Usage Data: Pages visited, features used, and time spent on the service
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and referring URLs

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process and store the information you enter
  • Send you important service-related communications
  • Respond to your requests and support inquiries
  • Detect, prevent, and address security issues
  • Comply with legal obligations

3. How We Protect Your Information

We implement robust security measures to protect your data:

  • Encryption at Rest: Your data is encrypted using AES-256 encryption when stored
  • Encryption in Transit: All data transmitted between your device and our servers uses TLS 1.3
  • Multi-Factor Authentication: Optional MFA adds an extra layer of security to your account
  • Access Controls: Strict access controls ensure only you can access your data
  • Regular Security Audits: We regularly review and update our security practices

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in these limited circumstances:

  • Service Providers: With trusted third parties who help us operate our service (hosting, security)
  • Legal Requirements: When required by law or to protect our rights
  • With Your Consent: When you explicitly authorize sharing
  • Business Transfers: In connection with a merger, acquisition, or sale of assets — any successor would be bound by this Privacy Policy and required to maintain the same protections for your data

5. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication (data stored in the United States)
  • Vercel: Hosting and content delivery

These providers have their own privacy policies and maintain security certifications.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your personal data
  • Data Portability: Request your data in a machine-readable format
  • Objection: Object to certain processing of your data
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information below.

8. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, request deletion, and opt-out of the sale of personal information. We do not sell personal information.

9. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including the rights listed in Section 7 above. Our legal basis for processing your data is your consent and our legitimate interest in providing the service.

Data access requests: To request a copy of the personal data we hold about you, email info@kincura.com with the subject line "Data Access Request." We will fulfill all requests within 30 days.

Data breach notification: In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

10. Children's Privacy

Our service is intended for users who are 18 years of age or older. We do not knowingly create accounts for children under 18. Information stored within an account about minors — such as a child's medical records — is entered by and remains under the control of the account holder.

11. Cookies and Tracking

We use essential cookies to maintain your login session and preferences. We do not use third-party advertising cookies. You can configure your browser to refuse cookies, but this may limit your ability to use the service.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

info@kincura.com