Kinsy Back

Privacy Policy

Last updated: February 19, 2026

Who we are

Kinsy is operated by Kinsy LLC ("we", "us"). We build a private social network for families. Questions? Email support@kinsy.io.

What we collect

  • Account info — your name, email, password (hashed with bcrypt) and avatar.
  • Content you share — posts, comments, reactions, photos, albums, events, RSVPs and family-tree details. This is visible only to your family circle.
  • Device tokens — push subscription endpoints stored if you opt-in to notifications.
  • Billing — Stripe handles all card data. We store your Stripe customer ID, plan and subscription status.
  • Diagnostics — basic logs (IP, user-agent, timestamps) used to keep the service healthy and detect abuse.

How we use it

To run the app, deliver invites + reset emails (via SendGrid), notify you of family activity, fulfill photo-book orders (via Gelato), process payments (via Stripe), and prevent abuse. We never sell your data and we never use it to train AI on third parties.

Sharing

Only people invited to your family see your content. We share data with these processors only as needed to operate the service:

  • Stripe, Inc. — payments & subscription management
  • SendGrid (Twilio) — transactional email
  • Gelato (Print-on-Demand) — physical photo book fulfillment, only when you order one
  • MongoDB Atlas + cloud hosting — encrypted storage of your data

Your rights

  • Access & correction — see and edit your data in Profile.
  • Deletion — delete your account from Profile → Danger zone. We remove your personal content immediately. Family-only admins who delete will also remove the family if they are the only member left.
  • Export — email support@kinsy.io for a JSON export of your content.
  • EU/UK/CA residents — GDPR/UK-GDPR/PIPEDA rights including data portability, restriction and complaint to your supervisory authority.

Retention

Account data lives until you delete it. Backups roll off after 30 days. Stripe transaction records are kept 7 years for tax compliance.

Children

Kinsy is intended for family members of all ages, but accounts must be created by someone aged 13 or older (16 in the EU/UK). Younger family members can be added as placeholder tree nodes without an account.

Security

We use TLS for all traffic, bcrypt for password hashing, signed JWT cookies for sessions, rate limiting on auth endpoints, and daily encrypted backups. No system is perfect — please report security issues to support@kinsy.io.

Changes

If we materially change this policy we'll notify you in-app. Continued use means you accept the updated policy.

Contact

Kinsy LLC
support@kinsy.io