KŌDOCrisis help

Version 1.0

Privacy Policy

1. Who we are. KŌDO is operated from Singapore. Contact: privacy@kodo.app.

2. What we collect

We collect only what we need:

  • School email address (eligibility verification)
  • Chosen display name and avatar colour
  • Age band (13-15, 16-17, or 18+) — not exact date of birth
  • Squad membership and activity metadata
  • Codebook metadata (word count, health score, lifespan)
  • Encrypted message content (we cannot read your messages)
  • Safety event logs (metadata only, never message content)
  • Consent records (legally required)
  • Device type and country code

We do NOT collect: real name or NRIC, phone number, location or GPS, photos or biometrics, the actual words in your codebook, or plaintext message content — ever.

3. How we use your data

  • To deliver the KŌDO messaging service
  • To enforce age eligibility and child safety requirements
  • To maintain legal consent records
  • To investigate safety reports and protect users
  • To comply with Singapore law and legal obligations
  • To generate anonymous product analytics (with permission only)

4. Children's privacy

KŌDO serves users aged 13 and above. Users under 18 require verifiable parental consent. We apply enhanced protections to all minor user data: restricted data sharing (none without legal obligation), mandatory parental consent workflows, no advertising of any kind to under-18 users, enhanced content filtering and safety monitoring, and mandatory crisis resource display for self-harm flags.

5. Safety & law enforcement disclosure

KŌDO may disclose user information to Singapore authorities (Singapore Police Force, Ministry of Social and Family Development, or other relevant bodies) without notice where we have reasonable grounds to believe a child is at risk, where required by law or legal process, or where necessary to prevent serious harm to any person.

6. Your rights under PDPA (Singapore)

  • Access your personal data
  • Correct inaccurate data
  • Withdraw consent (may affect service)
  • Request data portability
  • File a complaint with the PDPC (pdpc.gov.sg)

7. Your rights under GDPR (EU/EEA users)

Erasure (Article 17), restriction of processing (Article 18), objection (Article 21), and lodging a complaint with your supervisory authority. Exercise rights via Settings → Data Rights or email privacy@kodo.app. Response within 30 days.

8. Data retention

  • Messages: deleted 90 days after codebook burn/expiry
  • Profile data: retained while account active
  • Safety event logs: retained 7 years (legal obligation)
  • Consent logs: retained 7 years (legal obligation)
  • Anonymised analytics: retained indefinitely (no PII)
  • Account deletion: PII hard-deleted within 30 days

9. Data security

All messages AES-256 encrypted client-side. Server never receives or stores plaintext content. Row Level Security on all database tables. Service role keys never exposed to client.

10. Changes

Material changes notified via in-app notice. Fresh consent required where legally mandated.