Will my team actually use KushL?

Yes, because it feels like WhatsApp. No learning curve. If they can send a message, they can use KushL.

Does KushL work offline?

Yes! KushL is a Progressive Web App (PWA). View tasks, read messages, and draft replies even without internet. Everything syncs automatically when you are back online.

Is my data safe with KushL?

Absolutely. We use enterprise-grade Supabase servers with bank-level encryption. Your data is stored in India, and we never sell or read your data.

How is KushL different from WhatsApp Business?

WhatsApp Business is for customer communication. KushL is for team coordination. We automatically detect tasks from chat, track deadlines, organize files, and generate reports.

Privacy Policy - KushL | Data Protection & Security

1. Introduction

Maitreya Labs (operating under the brand name "KushL") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website kushl.app and use our collaborative project management services.

Data Controller: Maitreya Labs, located at 13, Raviraj, Mangal Housing Society, Gulmohar Road, Savedi, Ahilyanagar, Maharashtra, 414003, India.

This policy is compliant with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, the General Data Protection Regulation (GDPR) for EU users, and the California Consumer Privacy Act (CCPA) for California residents.

2. Information We Collect

2.1 Information You Provide Directly

Account Registration:

Full Name
Email Address
Password (stored in encrypted form)
Profile Image (optional)

Subscription & Billing:

Payment information (processed via Razorpay - we don't store card details)
Billing address
GST details (if applicable)

Workspace Content:

Messages and chat history
Tasks and project data
Files and attachments you upload
AI queries and responses

2.2 Information Collected Automatically

IP Address
Browser Type and Version
Operating System
Device Identifiers
Pages Visited and Time Spent
Feature Usage Patterns

2.3 Information from Third Parties

Payment transaction data from Razorpay
Authentication data from Supabase

3. Purpose of Data Collection

We use your personal data for the following purposes:

Data Type	Purpose	Legal Basis
Name, Email	Account creation, Communication	Contract performance
Payment Info	Subscription billing	Contract performance
Workspace Content	Providing collaboration services	Contract performance
AI Queries	Providing AI assistant features	Contract performance
Usage Data	Service improvement, Analytics	Legitimate interest

4. AI Data Processing

KushL uses AI to provide intelligent features like task extraction and chat assistance. Here's how we handle AI-related data:

Query Processing: Your @AI queries are sent to our AI providers (DeepSeek, OpenRouter) to generate responses
No Training: Your data is NOT used to train AI models
Context: AI has access to your current task/project context to provide relevant responses
BYOK: If you bring your own API key, queries go directly to your chosen provider
Retention: AI query logs are retained for 30 days for debugging, then deleted

5. Data Sharing with Third Parties

We share your data with the following categories of third parties:

5.1 Payment Processor - Razorpay

Your payment data is transmitted securely via TLS encryption directly to Razorpay. We do not store your full card number. Razorpay is a PCI-DSS compliant Payment Aggregator licensed by the Reserve Bank of India.

5.2 Database and Authentication - Supabase

User account data and workspace content is stored securely on Supabase infrastructure with encryption at rest and in transit.

5.3 AI Providers

AI queries are processed by DeepSeek or OpenRouter. These providers do not retain your data beyond the immediate request processing.

5.4 Legal and Regulatory Authorities

We may disclose your information to law enforcement agencies when legally required.

We do NOT sell your personal data to third parties.

6. Data Retention

We retain your personal information as follows:

Account Data: Retained while your account is active and for 30 days after deletion request
Workspace Content: Retained while workspace is active; deleted 30 days after workspace deletion
Payment Records: Retained for 7 years as required by tax laws
AI Query Logs: Retained for 30 days for debugging
Usage Analytics: Retained in anonymized form indefinitely

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

All data transmission is encrypted using TLS 1.2+ protocols
Passwords are hashed using industry-standard algorithms
Payment data is processed by PCI-DSS compliant Razorpay
Access to personal data is restricted to authorized personnel only
Data is stored on secure cloud infrastructure with encryption at rest
Regular security assessments and vulnerability testing

8. Your Rights

8.1 Under DPDP Act, 2023 (India)

Right to access your personal data
Right to correction of inaccurate data
Right to erasure (subject to legal retention requirements)
Right to nominate another person to exercise rights
Right to grievance redressal

8.2 Under GDPR (EU Users)

Right to access, rectification, and erasure
Right to restrict processing
Right to data portability
Right to object to processing
Right to withdraw consent

8.3 Under CCPA (California Residents)

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information (we do not sell data)
Right to non-discrimination for exercising rights

To exercise any of these rights, please contact us at hello@kushl.app.

9. Data Export

You can export your data at any time:

All user data in JSON format
Tasks in CSV format
Conversation history in Markdown format
Files and attachments as-is

Export is available to all subscription tiers and completes within 5 minutes for most accounts.

10. Cookies and Tracking

10.1 Essential Cookies

Required for authentication and session management. These cannot be disabled.

10.2 Functional Cookies

Remember your preferences (theme, language) and provide personalized features.

10.3 Analytics Cookies

Help us understand how users interact with our platform. You can opt-out through your browser settings.

11. Children's Privacy

Our Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@kushl.app.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

13. Grievance Officer

In accordance with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and the DPDP Act, 2023, we have appointed a Grievance Officer:

Grievance Officer: Prathamesh Jeurkar

Email: hello@kushl.app

Phone: +91 74181 25909

Address: 13, Raviraj, Mangal Housing Society, Gulmohar Road, Savedi, Ahilyanagar, Maharashtra, 414003, India

Response Time: Acknowledgement within 24 hours; Resolution within 15 days

14. Contact Us

For any privacy-related questions or concerns:

Brand: KushL

Legal Entity: Maitreya Labs

Email: hello@kushl.app

Phone: +91 74181 25909

Address: 13, Raviraj, Mangal Housing Society, Gulmohar Road, Savedi, Ahilyanagar, Maharashtra, 414003, India