Kepe

Privacy Policy

Effective Date: 12/06/2025 Last Updated: 12/30/2025

1. Introduction

Tokotoko LLC ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, and protect information when you use our link shortening and analytics service.

By creating an account or using our Service, you acknowledge and agree to this Privacy Policy and accept the risks described herein. If you do not agree, do not use our Service.

This Privacy Policy should be read together with our Terms of Service, which contains important provisions including dispute resolution, arbitration requirements, and additional limitations of liability that apply to all privacy-related matters.

2. Data Accuracy and Liability

We strive to keep our systems secure but cannot guarantee absolute security. You acknowledge that you provide information at your own risk. We are not liable for unauthorized access to your data despite reasonable security measures.

3. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (stored encrypted)
  • Account preferences
  • Billing information (for paid plans)

Link Analytics Data

When someone clicks a link you've created or scans your QR code, we collect:

  • IP address (to determine geographic location)
  • Browser and device type
  • Operating system
  • Referring website (where the click came from)
  • Timestamp of the click
  • Country, region, and city (derived from IP address)

Your Content

  • Original URLs you shorten
  • Custom aliases you create
  • QR code customization preferences

4. How We Use Your Information

We use collected information to:

  • Provide and operate the Service
  • Generate analytics reports for your links
  • Process payments for paid subscriptions
  • Send service-related communications
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

5. Cookies

We use cookies for:

  • Functional purposes: Keeping you logged in, remembering preferences, maintaining app state
  • Security purposes: Our infrastructure provider, Cloudflare, places security cookies for bot detection and DDoS protection

Security Cookies from Cloudflare

When you visit our site, Cloudflare may set cookies such as:

  • Bot detection cookies to identify malicious traffic
  • Challenge verification cookies (when CAPTCHA is shown)
  • Load balancing cookies for performance

These are essential for website security and cannot be disabled.

You can disable cookies in your browser, but this may limit your ability to use certain features of the Service.

6. Data Retention

Analytics Data

  • Viewing access: Free accounts (24 hours), Paid accounts (30 days)
  • Storage: We store analytics data but may delete older data at any time, especially for free or inactive accounts. Paid active accounts receive priority for data retention.

Account Data

  • Retained as long as your account is active
  • Deleted within 30 days after account deletion request
  • Some information may be retained as required by law (e.g., billing records for tax purposes)

7. Data Sharing

We do not sell your personal information.

We may share information with:

  • Service providers who help us operate, improve, and market our Service, including:
    • Payment processing
    • Infrastructure and performance monitoring
    • Analytics and product improvement
    • Marketing and advertising services
    • Email and communication services
  • Legal requirements: To comply with legal obligations, subpoenas, or court orders
  • Protection: To protect our rights, safety, or property
  • Business transfers: In connection with a merger, sale, or acquisition

8. Payment Processing

When you provide payment information for paid subscriptions:

  • We use Stripe, a PCI-DSS Level 1 compliant payment processor, to handle all payment transactions
  • We do NOT store your credit card numbers on our servers
  • Your payment information is encrypted and transmitted directly to Stripe
  • Stripe may retain your payment information according to their privacy policy and legal requirements

All payment processing is subject to Stripe's Privacy Policy in addition to this Privacy Policy. We use industry-standard security measures for all payment transactions. You can learn more about Stripe's security practices at stripe.com/security.

9. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of passwords
  • Secure HTTPS connections
  • Regular security updates

However, no method of internet transmission is 100% secure. You use our Service at your own risk.

10. Service Provided "As Is"

Analytics data and all Service features are provided "as is" without warranties of accuracy, completeness, or reliability. We are not responsible for decisions made based on analytics data or any losses resulting from Service interruptions.

11. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data (for paid plans)
  • Opt-out of service-related emails (except critical notices)

To exercise these rights, contact us at: [email protected]

12. Children's Privacy

By using our Service, you represent that you are at least 13 years old. We do not knowingly collect data from children under 13. If we discover a user is under 13, we will immediately delete their account and data. We are not liable for users who misrepresent their age.

13. International Users

Our Service is operated from the United States. If you use our Service from outside the United States, you understand that your information will be transferred to and processed in the United States.

14. Third-Party Links

Our Service allows you to create shortened links to third-party websites. We are not responsible for the privacy practices of these third-party sites. We encourage you to read their privacy policies.

15. California Privacy Rights

California residents may have additional rights under the California Consumer Privacy Act (CCPA). To exercise these rights, contact us at: [email protected]

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting a notice on our website
  • Sending an email (for significant changes)

Continued use after changes constitutes acceptance of the updated policy.

17. Your Responsibilities

You are responsible for:

  • Maintaining your account security
  • Ensuring you have rights to shorten the URLs you submit
  • Obtaining necessary consents from your end users
  • Complying with applicable laws when using our Service
  • Any consequences from content you share through shortened links

We are not liable for your failure to meet these responsibilities.

18. Data Breaches

If a breach occurs that may compromise your personal information:

  • We will notify affected users via email when feasible
  • We will take reasonable steps to investigate and mitigate

We are not responsible for unauthorized access resulting from your failure to maintain account security or from breaches of third-party services.

19. Use of AI Technology

We may use artificial intelligence tools to:

  • Assist with customer support responses
  • Help answer product questions
  • Improve our sales and service communications

When you interact with our support or sales teams, AI may help us provide faster, more accurate responses. Human team members review and oversee AI-assisted communications.

20. Contact Us

For questions about this Privacy Policy or our privacy practices, contact us at:

Email: [email protected]

By using ke.pe, you acknowledge that you have read and understood this Privacy Policy.