Last updated May 17, 2026
kippie.AI | Operated by Aeterna LLC
Privacy Policy
Aeterna LLC ("Company", "we", "us", or "our") is committed to maintaining robust privacy protections for our users. This Privacy Policy outlines how kippie.AI ("Platform", "Service") collects, secures, processes, and shares personal data and document intelligence assets provided by individuals, corporate clients, and academic research institutions.
1. Data Collection Boundaries
We segment our collection of information into operational categories to maintain clear data minimization boundaries.
Account Profile Data: during user registration, account administration, and payment execution, we collect identifiers necessary for system administration, including full name, professional work email address, affiliated company or institution name, assigned functional role, and preferred system currency denomination where applicable.
Explicit Document Data: to perform our primary cloud utility, our systems ingest and cache unstructured business records, including uploaded statement files, user-defined corporate project codes and ledger tracking numbers, receipt image files, and synthesized output metadata mapping statements to corresponding receipts.
2. Infrastructure Subprocessors and AI Data Governance
To deliver our service reliably, we share targeted data elements with foundational third-party subprocessors. These subprocessors are expected to be bound by data protection obligations and restricted from using your data for ancillary marketing or unapproved processing vectors.
3. Payment Processing Exclusion
Aeterna LLC operates a zero-storage protocol for primary payment mechanisms. We do not see, intercept, process, parse, or store raw credit card numbers, CVV codes, or full banking credentials. Primary payment processing is executed via isolated iframe modules or secure redirects using tokenized cryptography managed by Stripe, Inc. Transaction histories are archived inside Stripe's secure cloud environment.
4. Cryptographic Security and Data Retention
Data in transit: network requests between Vercel edge routers, FastAPI application environments, and Supabase database endpoints are required to use encrypted HTTPS protocols using Transport Layer Security.
Data at rest: project profiles, statement text arrays, and receipt file assets are secured inside Supabase storage architectures using encryption controls provided by the storage provider.
Account profile parameters are retained for the lifetime of your active subscription. Explicit Document Data, including statements, matched receipt images, and compiled reports, may be purged via user-initiated deletion commands on the dashboard. Upon user deletion, underlying assets are permanently scrubbed from active production database instances within 48 hours, unless a longer retention period is legally required.
5. Rights Under Modern Privacy Frameworks
Depending on your geographical jurisdiction, you may have statutory rights regarding your personal information. These may include rights to access the data we hold, correct processing discrepancies, request portability, or request deletion. To execute these protocols, or to challenge data processing configurations, contact our administrative desk directly at admin@kippie.ai.