Kaivion
Back home

Privacy Policy

Last updated: May 1, 2026

Kaivion is a small, independent product. This policy describes what we collect, why, and how we handle it. We try to keep it short and plainly worded. If anything here is unclear, email us at thepointedglobetrotter@gmail.com.

What we collect

  • Account info: the email address and password you use to sign up. Passwords are stored hashed by our auth provider (Supabase). We never see the plaintext password.
  • Loyalty data you enter: the program names, point balances, and expiration dates you manually add to your dashboard. We never connect to your bank, airline, or hotel accounts directly.
  • Usage data: anonymized event data such as which pages you view, when you log in, when you add or remove a program. We use this to understand which features are useful and which are not.
  • Cookies: a session cookie that keeps you logged in, plus an analytics cookie set by our analytics provider.

What we do not collect

  • Your bank account numbers or credit card numbers.
  • Your airline or hotel account passwords.
  • Your physical address, date of birth, or government ID.
  • Your location data.

Service providers we use

Kaivion is built on third-party infrastructure. The following companies process your data on our behalf:

  • Supabase (database and authentication, US-East region). Stores your email, hashed password, and the loyalty data you enter.
  • Vercel (hosting). Serves the website and processes your requests.
  • Resend (transactional email). Sends signup confirmation and expiration alert emails to your inbox.
  • PostHog (product analytics, US Cloud). Receives anonymized event data and your account email so we can debug and improve the product.
  • Cloudflare (DNS). Resolves the kaivion.net domain.

How we use your data

  • To run the product (show you your dashboard, send your alerts).
  • To debug problems and improve features.
  • To contact you about your account when needed.

We do not sell your data. We do not share it with advertisers. We do not use it to train AI models.

Your rights

You can:

  • Delete any program from your dashboard at any time.
  • Request that we delete your entire account and all associated data by emailing us at the address above. We will complete deletion within 30 days.
  • Request a copy of the data we hold about you.

Security

All traffic is encrypted in transit using HTTPS. Database access is restricted by row-level security so users can only see their own data. Passwords are hashed using industry-standard algorithms by Supabase. No system is perfectly secure, but we take reasonable steps to protect what you give us.

Children

Kaivion is not intended for users under 18. We do not knowingly collect data from minors.

Changes to this policy

If we change how we handle data, we will update this page and update the date at the top. For significant changes, we will email registered users.

Contact

Questions about this policy go to thepointedglobetrotter@gmail.com.