Kinship Privacy Policy

What this policy covers

This policy explains how we — S4 Solutions, LLC ("S4", "we", "us") — handle personal data on the public website at kinship.app during the pre-launch invite-collection phase.

It covers what we collect when you visit the site, what happens when you request early access through the invite form, and how we treat the information you give us. It does not yet cover the Kinship application itself (which is invite-only and not yet generally available); a separate, longer Privacy Policy will accompany the product launch and will be linked from this page when ready.

If anything below is unclear, write to us at privacy@kinship.app and we will explain it in plain English.

The short version

• The only personal data we collect from you on kinship.app is what you choose to give us in the Request an Invite form: your email address and (optionally) a short answer to "What brought you here?".
• We use it to follow up with you about early access to Kinship. Nothing else.
• We store it on infrastructure we control (Supabase, US region). We do not pass it to advertising networks, data brokers, or any third party that is not directly required to operate the site.
• We do not sell, rent, license, or share your information with employers, recruiters, or anyone else.
• You can ask us to delete it at any time by emailing privacy@kinship.app. We will confirm deletion within 30 days.

The rest of this policy is the detail.

1. Who we are

The controller of your personal data is S4 Solutions, LLC, a Georgia limited liability company, operating the website at kinship.app.

• Privacy contact (and DSAR requests): privacy@kinship.app
• General contact: support@kinship.app

We commit to responding to privacy questions within 48 hours, and to completing data-rights requests within 30 days.

2. What we collect

2.1 Information you give us through the invite form

When you submit the Request an Invite form, we collect:

• Your email address (required). We use this to follow up about early access.
• An optional answer to "What brought you here?" — one of a fixed list of options (e.g. "I recently changed jobs and lost my relationship history") or the option to write your own short answer. This helps us prioritize and personalize follow-up.

We do not collect your name, employer, phone number, IP-based location, or any other field through the invite form. If you choose to include any other information in the free-text "Something else" answer, we store only what you typed.

2.2 Information we observe automatically

When you visit kinship.app, our hosting provider records standard request data such as your IP address, user-agent string, request path, and timestamps in transient access logs. We use these logs only for security and reliability (e.g. blocking abuse, debugging errors). They are retained for no longer than 30 days and are not joined to your invite-form submission.

We do not use cookies, web beacons, or pixels for advertising or cross-site tracking on kinship.app. We do not use ad networks. We do not build advertising profiles.

If we later add privacy-respecting product analytics (e.g. aggregate page-view counts), we will update this policy and disclose what is collected before turning it on.

2.3 What we do not collect on this site

We do not collect: your contacts, your social-network connections, calendar data, email content, payment information, government identifiers, biometric data, precise geolocation, or any sensitive category of personal data described under GDPR Article 9 or CCPA Section 1798.140.

3. How we use it

We use your invite-form submission only to:

1. Contact you about your invite request and early access to Kinship.
2. Understand, in aggregate, who is asking for access so we can prioritize early invites.
3. Respond to your questions if you write to us directly.

We do not use your information to train AI models. We do not use it for advertising. We do not sell it.

4. Where it is stored, and who has access

Your invite-form submission is stored in a Supabase Postgres database hosted in the United States and operated under S4's account. The connection is encrypted in transit (TLS), the database is encrypted at rest, and access is restricted via row-level security and least-privilege service credentials.

Access to invite submissions is limited to the small set of S4 personnel responsible for processing invite requests. We log access internally. We do not grant access to your employer, to potential employers, to recruiters, to outplacement firms, or to anyone else.

Subprocessors used by kinship.app (pre-launch invite phase)

We will keep this list current. When Kinship the product launches, additional subprocessors (e.g. our transactional email vendor, our AI provider) will be disclosed in the product Privacy Policy and a public subprocessors page; none of those are used by kinship.app today.

5. How long we keep it

• Invite submissions are retained until earliest of: (a) you ask us to delete them, (b) you create a Kinship account (at which point your account record supersedes the invite record), or (c) 24 months from submission with no further contact, after which we delete them automatically.
• Server access logs are retained no longer than 30 days.
• Email correspondence with us (e.g. privacy questions) is retained as long as needed to resolve your request, then deleted on request or per our internal retention schedule (no longer than 36 months).

If you ask us to delete your data, we will delete it from active systems within 30 days and from routine backups within the backup retention window (no longer than 35 days).

6. Your rights

Regardless of where you live, you have the following rights with respect to data we hold about you. Email privacy@kinship.app to exercise any of them and we will confirm action within 30 days.

• Access — request a copy of the data we hold about you.
• Delete — request that we delete your data. We honor deletion requests without conditions, fees, or hold periods.
• Correct — ask us to correct any inaccurate data (most commonly, an email address).
• Withdraw consent — withdraw your consent to be contacted at any time. Doing so does not affect prior lawful processing.

If you are in the EU/EEA, UK, or Switzerland, your legal basis under GDPR Art. 6 is consent (Art. 6(1)(a)) for adding you to the invite list and legitimate interest (Art. 6(1)(f)) for keeping minimal security logs. You additionally have the right to lodge a complaint with your local supervisory authority. If you are in California, you have the rights described in the CCPA/CPRA — including the right to know, the right to delete, and the right not to be discriminated against for exercising your rights. We do not sell or share personal information as defined by the CCPA.

We do not currently offer the Kinship product in Australia, so this site is not directed at Australian residents; the Australian Privacy Principles will be addressed in the product Privacy Policy before opening AU signup.

7. Children

kinship.app is intended for adults considering a personal relationship-management tool for their own professional life. We do not knowingly collect data from anyone under 18. If you believe a minor has submitted the form, write to privacy@kinship.app and we will delete the record.

8. Security

We protect your data with industry-standard controls including TLS in transit, encryption at rest, least-privilege access, and audit logging. No system is perfectly secure; if we ever experience a security incident affecting your data, we will notify you in line with applicable law and our internal incident-response process.

9. International transfers

If you are outside the United States, your invite submission will be transferred to and stored on servers located in the United States. For transfers from the EU/EEA, UK, and Switzerland, we rely on the EU Standard Contractual Clauses (Module 2 — Controller to Processor) with our subprocessors, along with the UK International Data Transfer Addendum and the Swiss FDPIC adaptation. You may request a copy of the relevant transfer mechanism by emailing privacy@kinship.app.

10. Changes to this policy

We may update this policy as our pre-launch site evolves and again when the Kinship product launches. When we make a material change, we will update the Last updated date at the top of this page and, if you have submitted an invite request, email you a summary of what changed.

The full version of this policy applicable to the Kinship product (account, contacts, AI features, integrations, retention schedule by data category, DSAR procedure, subprocessor list, international transfers, US state-specific notices) will be published at this URL before any product account is opened.

11. Contact us

Privacy / data rights: privacy@kinship.app
General questions: support@kinship.app
Postal: S4 Solutions, LLC — postal address available on request from privacy@kinship.app.

We aim to respond to all privacy email within 48 hours.