Krux
Get Started Free

Privacy Policy

Last updated: October 2025

Krux AI ("we", "our", or "us") provides tools that help users analyse product experiences through AI-assisted video and transcript analysis ("the Service").

We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the rights you have under applicable data protection laws, including the UK GDPR and EU GDPR.

1. Who We Are

Krux AI is the data controller responsible for your personal data.

You can contact us at: privacy@trykrux.ai

When Krux AI Ltd is incorporated, it will assume data controller responsibilities for the Service.

2. Data We Collect

We collect and process the following categories of data when you use our Service:

Account Information

  • Email address (collected through Google Sign-In or email OTP).
  • Authentication tokens managed by Supabase (we do not store your Google credentials).

Uploaded Content

  • Screen recordings, audio, screenshots, and text transcripts you upload or generate through the platform.
  • These may contain visual or spoken information about your product or workflow.

Feedback Messages

Messages, support requests, or feedback you send us.

Payment Information

  • Payments are processed securely by Stripe.
  • We do not store credit or debit card details. Stripe may collect identifying and billing information as required to process transactions.

Technical and Usage Data

  • We use Plausible Analytics, a privacy-friendly analytics service, to understand how visitors use our website and improve the Service.
  • Plausible collects anonymous usage data including page views, referrer sources, country, device type, and browser information.
  • Plausible does not use cookies, does not track users across websites, and does not collect any personally identifiable information.
  • All data collected is aggregated and cannot be used to identify individual users.
  • Plausible is fully GDPR, CCPA, and PECR compliant and does not require cookie consent banners.

3. How We Use Your Data

We use the data described above to:

  • Provide and operate the Service (e.g. process your uploads, run AI analysis, deliver results).
  • Authenticate and secure user accounts.
  • Communicate essential product updates (e.g. "your video is ready").
  • Respond to support and feedback messages.
  • Process payments and manage subscriptions.
  • Improve reliability and functionality of the platform.

We do not sell or rent user data.

4. AI Processing

We use OpenAI services to process some user data:

  • Whisper – audio from uploaded recordings is transcribed into text.
  • GPT models (ChatGPT) – transcripts and screenshots are analysed to generate UX feedback.

Data sent to OpenAI is handled under their API terms and retained temporarily for processing only. Krux AI does not use these outputs for model training and limits the scope of data shared to what is necessary for providing the Service.

5. Legal Bases for Processing

Under the UK GDPR, we rely on the following legal bases:

  • Performance of a contract – to provide the Service to registered users.
  • Legitimate interests – to maintain and improve our systems, communicate essential updates, and prevent abuse.
  • Consent – where required for analytics or marketing communications.

6. Data Storage and Security

Your data is securely stored and processed through the following providers:

  • Supabase – authentication, database, and file storage.
  • Stripe – payments and billing.
  • n8n – workflow automation.
  • Elestio – hosting infrastructure.

We implement encryption, access controls, and database row-level security (RLS) to protect user data.

7. Data Retention

  • Uploaded recordings and derived data (transcripts, screenshots) are retained until you delete them from your account.
  • Account and billing records may be retained as required by law or for legitimate business needs.
  • You can request deletion of your data at any time (see Section 10).

8. International Transfers

Your data may be processed outside the UK or EU (e.g. by OpenAI or Supabase), in jurisdictions that ensure adequate protection under applicable law. We use providers that implement appropriate safeguards such as Standard Contractual Clauses (SCCs).

9. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect or process children's data.

10. Your Rights

Under data protection law, you have the right to:

  • Access a copy of your data.
  • Request correction or deletion of your data.
  • Object to certain processing.
  • Withdraw consent where processing is based on consent.

To exercise these rights, contact privacy@trykrux.ai

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "last updated" date above will always indicate the latest version. Significant changes will be communicated through the platform or by email.

12. Contact

If you have questions or concerns about this policy or how your data is handled, contact: privacy@trykrux.ai