Legal
Privacy Policy
When you use Kai, you are trusting us, Morgen AG, with some of your information. We understand that this is a big responsibility, and we work hard to protect your information and put you in control.
This Privacy Policy explains what information we collect, why we collect it, how we use AI in Kai, when we share information with service providers, and how you can access, manage, export, or delete your information.
This Privacy Policy applies to Kai, including the Kai web app, desktop app, Slack bot where available, public booking and meeting-share pages, hirekai.ai, the waitlist, the demo chat, and the free tools we provide.
Information We Collect
We collect information to run Kai, provide the product, prevent abuse, comply with legal obligations, and improve the service.
Basic information
To create or use a Kai account, you may provide your email address, name, company, workspace, profile information, and authentication information. Your email address is used to identify your Kai account across devices and to communicate with you about the service.
We also collect technical information about the devices and browsers you use, such as operating system, app version, browser version, language, time zone, approximate location, IP address, device identifiers, and log-in activity.
Connected account metadata
When you connect an external service, such as Google Calendar, Outlook / Microsoft 365 Calendar, Gmail, Outlook email, Zoom, or Slack, we collect the information needed to identify and maintain that connection. This can include the provider name, account email address, provider account ID, calendar or mailbox names, connection status, permissions granted, and OAuth tokens or similar credentials required to keep the connection working.
Kai never sees your password for these services. You authorize access through the provider's own OAuth or authorization flow.
Calendar data
If you connect Google Calendar or Outlook / Microsoft 365 Calendar, Kai processes calendar information so it can show your schedule, compute availability, detect conflicts, prepare for meetings, create or update events, add conferencing links, and help you manage your day.
Calendar data may include event titles, descriptions, dates, times, recurrence rules, attendees, attendee email addresses, locations, conferencing links, calendar names, calendar settings, reminders, availability, free/busy information, and related contacts or people data made available by the provider.
Kai stores calendar data locally on your device so the product can work quickly and consistently. Calendar data may also be synced through Morgen's infrastructure where needed to keep Kai current across devices, provide scheduling, support booking links, and carry out actions you request.
Email data
If you connect Gmail or Outlook email, Kai processes your mailbox to provide email triage, search, reply drafting, task extraction, and email actions you approve.
Email data may include message sender and recipient information, subject lines, message bodies, thread history, timestamps, labels or categories, folders, attachments metadata, drafts, and provider links. Kai may classify emails, create summaries, extract tasks, apply labels or categories, and draft replies. When you send, forward, or discard an email through Kai, the action is performed through your connected mailbox.
We do not store a copy of your mailbox or email content on our servers as a general email archive. Email content is fetched from your provider as needed to provide Kai features. We may store metadata, labels or categories, AI-generated summaries, draft content, task links, feedback, and logs needed to operate and improve the service.
Kai does not send emails without your explicit action or approval.
Meeting, audio, and transcription data
If you use Kai's meeting features, Kai may process audio from your microphone and, in the desktop app where supported, system audio from your device. This is used to generate live transcripts, speaker labels, meeting summaries, action items, and follow-up drafts.
Audio is processed to provide transcription, but Morgen does not store the underlying audio recording in the normal live meeting flow. We do store the transcript, summary, action items, and meeting records described below.
Kai stores meeting records such as meeting title, participants, transcript, summary, action items, private notes, linked calendar event, and sharing settings. If you create a public meeting link, anyone with that link may view the shared meeting content made available through that page, such as the summary, action items, and transcript. Private notes are not included in the public page.
Kai may show consent reminders before recording. You are responsible for making sure meeting participants have given any consent required by applicable law.
Kai tasks, routines, memories, and preferences
Kai includes a native task system and personalization features. We store tasks, task notes, due dates, priorities, estimates, tags, recurrence, completion status, linked meetings or emails, calendar sessions, routines, settings, and Kai memories or preferences you create.
Kai memories may include information you explicitly provide or approve, such as scheduling preferences, communication preferences, work patterns, planning preferences, and relationship context. These are used to personalize Kai's responses and actions.
Slack data
Where Kai for Slack is available and connected, Kai processes Slack data only as needed to respond to interactions with Kai. For example, when you mention Kai in a thread, Kai may read the recent thread or channel context, user display names, message text, timestamps, channel information, and a link back to the source thread.
Kai does not passively read all Slack messages. It is designed around explicit interactions, such as an @Kai mention.
Website, waitlist, demo chat, and free tools
If you use hirekai.ai, join the waitlist, book a call, contact us, use the demo chat, or use one of our free tools, we collect the information needed for that interaction.
This may include email address, name, company, waitlist position, referral code, referral source, attribution data, booking information, support messages, feedback, free-tool inputs and outputs, demo chat messages, and technical request information.
Some free tools run in your browser. Some may call our servers or AI providers to generate an output. We do not use free-tool inputs to train AI models.
Usage logs, surveys, research, and feedback
We collect information about how Kai and hirekai.ai are used, such as features used, actions taken, pages visited, app events, performance data, error logs, model and tool-call metadata, and timestamps. If you answer surveys, join research calls, submit feedback, or contact support, we collect the information you choose to provide.
AI Input and Output
Kai is an AI-powered executive assistant. As such, we use large language models, or LLMs, extensively to understand requests, reason over context, draft responses, summarize information, and carry out actions you ask Kai to perform.
When you use AI features, we process the information you provide to Kai, the relevant context Kai needs to answer or act, tool calls, retrieved data, generated responses, drafts, summaries, classifications, transcripts, and feedback you provide on AI outputs.
AI input and output may include information from your connected calendar, email, tasks, meetings, Slack threads, preferences, and files you attach, depending on what you ask Kai to do and which accounts you have connected.
To generate Kai's replies, your messages, calendar events, tasks, and chat messages are routed through OpenRouter to one of our AI text providers: Anthropic, OpenAI, Cerebras, or Google. Which provider handles a given request depends on what is fastest and available at the time. Meeting and voice audio, including the audio and transcripts from your recordings and dictation, is sent to AssemblyAI to be turned into text.
We do not use your data to train our own general-purpose AI models. We also configure or contract with these AI providers so they do not use Kai customer data to train their general-purpose models, where supported by their terms and our agreements.
We may retain AI logs, traces, inputs, outputs, tool calls, metadata, and quality signals for compliance with our Terms of Use, abuse prevention, safety review, debugging, automatic quality assessment, and product improvement. These logs are retained for up to 90 days. Access to these logs is limited to authorized personnel and systems.
How We Use Information
We use your information for the following purposes and legal bases under GDPR and Swiss data protection law:
- To provide and operate Kai, including account access, sync, AI assistance, calendar, email, meetings, tasks, Slack interactions, booking links, and free tools. Legal basis: performance of a contract.
- To connect to services you authorize, such as Google, Microsoft, Zoom, and Slack. Legal basis: performance of a contract and your authorization through the provider.
- To personalize Kai, including memories, preferences, scheduling behavior, email drafting, and recommendations. Legal basis: performance of a contract and legitimate interests.
- To communicate with you about Kai, support requests, service messages, security issues, product updates, and policy changes. Legal basis: performance of a contract, legitimate interests, and consent where required for marketing.
- To process payments, invoices, subscriptions, taxes, and fraud checks. Legal basis: performance of a contract and legal obligations.
- To protect Kai, our users, and the public, including abuse prevention, rate limiting, security monitoring, fraud detection, incident response, and enforcement of our Terms of Use. Legal basis: legitimate interests and legal obligations.
- To improve Kai, including debugging, analytics, AI quality assessment, user research, and product development. Legal basis: legitimate interests, and consent where required for optional analytics or marketing cookies.
- To comply with law, respond to lawful requests, preserve records, and establish, exercise, or defend legal claims. Legal basis: legal obligations and legitimate interests.
You can withdraw consent where processing is based on consent. Withdrawal does not affect processing that happened before withdrawal.
Kai Chrome extension — anonymous usage analytics
To understand how much the Kai Chrome extension is used, it sends two anonymous events: when a recording starts, and when it finishes (with the length of the meeting in minutes and a coarse language code). These contain no transcript, no audio, no meeting title or link, and no account or device identifier. They are processed by Plausible Analytics, which is cookieless and does not store your IP address. You can turn this off in the extension settings.
Service Providers
We use subprocessors and service providers to host, secure, operate, monitor, and improve Kai. These may include:
We require service providers to process personal data only for the purposes we specify and to protect it appropriately.
International Transfers
Morgen AG is based in Switzerland. Some of our service providers process data in Switzerland, the European Union, the United Kingdom, or the United States.
Where personal data is transferred internationally, we rely on adequacy decisions, Standard Contractual Clauses, the Swiss data transfer framework, data processing agreements, and other safeguards required by applicable law.
Security of Information
We work to keep your information safe. We use technical and organizational measures such as access controls, authentication, transport encryption, monitoring, rate limiting, logging, least-privilege access, and vendor security reviews.
No system can be guaranteed to be perfectly secure. If we become aware of a data breach that creates a risk to your rights or freedoms, we will notify the relevant authorities and affected users where required by law.
Data Retention
We keep personal data only for as long as needed for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Account data, connected-account metadata, tasks, calendar data, meetings, transcripts, summaries, memories, and settings are generally retained while your account is active. You can request deletion of your account or specific data.
Some operational records, security logs, AI logs, billing records, and backup copies may be retained for a limited period after deletion where needed for security, fraud prevention, legal compliance, accounting, dispute resolution, abuse prevention, or enforcement of our terms.
AI logs, traces, inputs, outputs, tool calls, metadata, and quality signals are retained for up to 90 days.
Website demo and waitlist data may have shorter retention periods. For example, demo chat sessions and messages may be retained temporarily for operation, abuse prevention, and quality review.
Children
Kai is not intended for anyone under the age of 16, and we do not knowingly collect personal information from children under 16, or a higher age where required by local law. If we learn that we have collected such information, we will delete it.
Changes to This Policy
We may revise this Privacy Policy from time to time. We will post the updated version on our website and, where changes are material, we may notify you by email or in the product. Your continued use of Kai after the effective date means you accept the updated Privacy Policy. If you do not agree, you should stop using Kai.
Your Rights
If you are in the EU, EEA, Switzerland, the UK, or another jurisdiction with similar rights, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete personal data.
- Delete your personal data.
- Restrict or object to certain processing.
- Receive a portable copy of your data.
- Withdraw consent where processing is based on consent.
- Object to direct marketing.
- Lodge a complaint with your local data protection authority.
To exercise these rights, use our contact page.
Data controller
Morgen AGFörrlibuckstrasse 223
8005 Zürich, Switzerland
CHE-216.439.443