Contact Sales
Sign up Log in

Legal

Privacy Policy

Klove AI Pty Ltd

Effective: March 2026

1. Introduction

This Privacy Policy explains how Klove AI Pty Ltd (ABN pending) ("klove", "we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our platform at https://klove.ai and any related services (collectively, the "Service").

klove is an Agent Presence Platform that helps businesses control how AI agents discover, understand, and represent them. We provide tools for tracking brand visibility across AI search platforms, serving AI-optimised content via edge middleware, and measuring AI agent traffic to customer websites.

We are committed to protecting your privacy and complying with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles ("APPs"). Where applicable, we also comply with the European General Data Protection Regulation ("GDPR") and other relevant privacy laws.

Our registered address is: Level 1, 457-459 Elizabeth Street, Surry Hills, NSW 2010, Australia.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: When you create an account, we collect your name, email address, and password (or Google OAuth credentials). If you are invited to a workspace, we collect the email address used for the invitation.
  • Workspace information: When you create a workspace, we collect your business name, website domain, and any configuration preferences you set.
  • Prompt tracking configuration: The prompts you create or accept for AI visibility tracking, the competitor brands you add, and the topics you organise them under.
  • Agent page content: Any content you create, upload, or generate for your AI-optimised agent pages, including business descriptions, FAQ content, pricing information, and structured data.
  • Payment information: If you subscribe to a paid plan, payment is processed by our third-party payment provider. We do not store your full credit card number, but we may receive and store your billing name, billing address, and the last four digits of your card for record-keeping.
  • Communications: If you contact us via email or support channels, we collect the content of your messages and any information you choose to provide.

2.2 Information We Collect Automatically

  • Usage data: We collect information about how you use the Service, including pages visited, features used, actions taken, timestamps, and session duration.
  • Device and browser information: Your IP address, browser type and version, operating system, device type, and screen resolution.
  • Cookies and similar technologies: We use cookies and similar tracking technologies to maintain your session, remember your preferences, and understand how the Service is used. See Section 8 for details.

2.3 Information We Collect Through the Service

  • AI platform response data: When we run prompt checks on your behalf, we submit your configured prompts to AI platforms (such as ChatGPT, Perplexity, Gemini, and Claude) through automated browser sessions. We collect the responses these platforms generate, including the text of the response, any cited URLs, and source references. These responses are generated by third-party AI platforms and may reference publicly available information about your brand or your competitors.
  • Edge event data: If you deploy our edge middleware (e.g., a Cloudflare Worker) on your website, it detects AI agent traffic and reports anonymised event data back to our platform. This includes the type of AI bot detected, the detection method used, the URL path visited, and the user-agent string. We do not collect the personal information of your website visitors through edge middleware.
  • Website crawl data: When you connect your domain, we crawl your website's publicly accessible pages to extract page titles, meta descriptions, headings, and URLs. This is used to suggest relevant prompts and to build your agent pages. We only crawl content that is publicly available.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To operate, maintain, and improve the klove platform, including running prompt checks, generating agent pages, processing edge events, and executing workflows.
  • Account management: To create and manage your account, authenticate your identity, and manage workspace access and permissions.
  • Analytics and insights: To generate visibility metrics, sentiment analysis, competitive benchmarking, and bot traffic analytics that form the core value of the Service.
  • Communication: To send you service-related notifications, respond to your enquiries, and provide customer support.
  • Product improvement: To understand how the Service is used, diagnose technical issues, and develop new features.
  • Legal compliance: To comply with applicable laws, regulations, and legal processes.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service providers: We use third-party service providers to help us operate the Service. These include Supabase (database hosting), Vercel (frontend hosting), Railway (API and worker hosting), Cloudflare (DNS and edge infrastructure), and Anthropic, OpenAI, Google, and Perplexity (AI platform APIs for sentiment analysis and content generation). These providers process data on our behalf and are contractually required to protect your information.
  • AI platform interactions: When we run prompt checks, we submit prompts to third-party AI platforms through their web interfaces. These prompts are conversational questions about your industry (e.g., 'What is the best CRM for small businesses?'). We do not include your personal information in these prompts. The AI platforms' own privacy policies govern how they handle these interactions.
  • Edge middleware: If you deploy our edge middleware on your domain, the middleware code runs entirely on your own infrastructure (e.g., your Cloudflare account). We receive only the aggregated event data that the middleware sends back to our API.
  • Business transfers: If klove is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • Legal requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request.

5. Data Storage and Security

Your data is stored on servers located in Australia (Sydney, ap-southeast-2) via Supabase Cloud, with API and worker services hosted in Singapore via Railway. Frontend assets are served globally via Vercel's CDN with the primary region in Sydney.

We implement appropriate technical and organisational security measures to protect your information, including:

  • Encryption in transit (TLS/HTTPS for all connections)
  • Encryption at rest (database encryption via Supabase)
  • Row-Level Security (RLS) on all database tables, ensuring users can only access data within their authorised workspaces
  • Role-based access control (admin, user, viewer) within each workspace
  • JWT-based authentication with short-lived tokens
  • Rate limiting on API endpoints
  • Hashed API keys for edge middleware authentication

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained for the life of your account. If you delete your account, we will delete your personal information within 30 days, except where retention is required by law.
  • Prompt check data: Historical prompt check results are retained for the duration of your subscription to enable trend analysis. You can export your data at any time.
  • Edge event data: Bot detection events are retained for 12 months, then automatically archived or deleted.
  • Crawled page data: Website crawl data is retained for the duration of your workspace. Archived pages are automatically deleted after 90 days.

7. Your Rights

Under the Australian Privacy Act and, where applicable, the GDPR, you have the following rights:

  • Access: You can request a copy of the personal information we hold about you.
  • Correction: You can request that we correct inaccurate or incomplete personal information.
  • Deletion: You can request that we delete your personal information, subject to legal retention requirements.
  • Data portability: You can request your data in a structured, commonly used format (CSV export is available for prompt tracking data).
  • Objection: You can object to the processing of your personal information in certain circumstances.
  • Withdrawal of consent: Where we rely on your consent to process personal information, you can withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@klove.ai. We will respond to your request within 30 days.

8. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential cookies: Required for the Service to function, including session authentication cookies managed by Supabase. These cannot be disabled.
  • Preference cookies: Store your preferences such as view mode (list vs grid) and workspace selection.

We do not use third-party advertising cookies or cross-site tracking technologies. We do not display ads in our products.

9. Third-Party Services

The Service integrates with or relies on the following third-party services, each governed by their own privacy policies:

  • Supabase (database, authentication): supabase.com/privacy
  • Vercel (frontend hosting): vercel.com/legal/privacy-policy
  • Railway (API/worker hosting): railway.app/legal/privacy
  • Cloudflare (DNS, edge infrastructure): cloudflare.com/privacypolicy
  • Anthropic (AI services): anthropic.com/privacy
  • OpenAI (AI services): openai.com/privacy
  • Google (AI services): policies.google.com/privacy
  • Perplexity (AI services): perplexity.ai/privacy

When we submit prompts to AI platforms for visibility tracking, we interact with their web interfaces through automated browser sessions. These platforms may log these interactions according to their own privacy policies. We do not include any personal information of our users in these prompts.

10. International Data Transfers

Your data may be processed in countries other than Australia, including Singapore (where our API servers are hosted) and the United States (where some of our third-party service providers are located). Where data is transferred outside Australia, we take reasonable steps to ensure it is protected in accordance with the APPs, including using service providers that maintain appropriate security standards.

11. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or want to make a complaint about how we handle your personal information, please contact us:

Klove AI Pty Ltd
Level 1, 457-459 Elizabeth Street, Surry Hills, NSW 2010, Australia
Email: privacy@klove.ai
Website: https://klove.ai

If you are not satisfied with our response to a privacy complaint, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Work smarter, not harder with Klove

Start automating tasks today and give your team more time to focus on what matters.

Request a demo