Privacy Policy (U.S. Version)

Effective Date: [Month Day, Year]

Last Updated: [Month Day, Year]

Introduction:
 Your privacy is important to Rootinger LLC (“Rootinger,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use theKKACHII platform (the “Platform” or “Service”), which is operated by Rootinger LLC. KKACHII connects restaurants and other businesses (“Restaurants”) with social media influencers and content creators (“Influencers”) for collaborations. This U.S. Privacy Policy applies to users, visitors, and others in the United States. If you are outside the U.S., please refer to the relevant version of our Privacy Policy (if applicable). By using KKACHII, you agree to the collection and use of information in accordance with this Privacy Policy.

Scope: This Policy covers information collected through our website, mobile applications, and related services under the KKACHII platform. It does not cover any third-party sites or services that you may access through KKACHII, except as stated (for example, if we direct you to a payment processor’s terms or a partner’s policy). Those have their own privacy practices. If you have any questions about our Privacy Policy, please contact us atprivacy@kkachii.com.

1. Information We Collect

We collect several categories of information from and about our users. In the past 12 months, we have collected the following types of personal information:

1.1 Information You Provide to Us:

• Account Registration Data: When you sign up as a Restaurant or Influencer, we ask for basic contact and account details. This may include your name, email address, phone number, business name (for Restaurants), username, password, and profile information. Influencers might provide social media handles, follower counts, categories of content, and a profile bio. Restaurants might provide business type, address(es), description of offers, logos, etc.
  
• Identification and Verification Data: In some cases, we may request additional verification info. For example, we might ask Influencers for a form of government ID or social media account authentication to verify identity or age. We may also collect date of birth (to ensure 18+ requirement) or the last four of an SSN if needed for payment/tax forms. If we cannot automatically verify your identity when required (such as for payout compliance), we might use third-party services to confirm.
  
• Collaboration Information: When you create or apply to a collaboration (Offer details for Restaurants, application messages from Influencers), you provide information about the campaign. This can include the content requirements, the compensation offered, location of promotion, and any files or media you upload (e.g., images of your product, or an influencer’s example content). Communications between users through our Platform (messages, chat logs) are also collected. This can contain any information you choose to share. Please be mindful not to share sensitive personal info in these communications unless necessary.
  
• Payment and Payout Information: If you are a Restaurant making payments, or an Influencer receiving payouts, we (or our payment processor) will collect information to facilitate those transactions. Restaurants might provide payment method details (credit card number, billing address) – note we typically use third-party processors so we may not store full card numbers, just tokens. Influencers will provide payout details like bank account info, PayPal email, or other payment account details. We also collect any necessary information for tax reporting (e.g., W-9 form details for U.S. influencers such as legal name, EIN or SSN, and mailing address).
  
• Support and Contact Info: If you contact us for support or with inquiries, we collect the information you provide in that correspondence. For example, if you email support, we’ll collect your email and the content of your message, and any attachments or screenshots you send. If we have a chat support, we collect that transcript.
  
• Other Voluntary Info: We may collect any other information you voluntarily provide on the Platform. This could include survey responses, feedback forms, contest entries, or when you submit a testimonial or review. For example, if we run a survey asking for your experience, and you respond, we collect that info. Or if you participate in a forum or comment section we might offer, what you post is collected.
  

1.2 Information We Collect Automatically:
 Like many online services, KKACHII automatically collects some information about your device and usage of our Platform:

• Device and Technical Data: We collect information about the device and software you use to access the Platform. This includes IP address, device type (e.g., laptop, iPhone), operating system and version, browser type and version, screen resolution, language settings, and device identifiers or advertising IDs. If you use our mobile app, we might collect unique device IDs or the advertising ID provided by your OS. We also log the date and time you accessed the Platform and how long you used it, and other performance data (like app crash logs).
  
• Usage Information: We collect data about your interactions with the Platform. This includes what pages or screens you viewed, what features you used, the links or buttons you clicked, the search queries you input, and how you navigate from page to page. For example, we may know that you browsed certain categories of offers, or that you spent X minutes on the messaging page, etc. We also track when you open our emails or click links in them (via pixels or link tracking) to gauge engagement.
  
• Transactional Data: If you perform transactions on the Platform (e.g., hire an Influencer, or get paid), we keep records of those transactions. This would include the date/time of transaction, parties involved, amount paid, and the description of the service (like the campaign title). Payment card details themselves are typically handled by the processor, but we retain minimal data like last 4 digits or card brand and expiration (for display and to manage your saved methods). Similarly for payouts, we might store that a certain bank account ending in 1234 was used.
  
• Cookies and Tracking Technologies: We (and service providers on our behalf) use cookies, beacons, and similar tracking tech to automatically collect information on our website. Cookies are small files placed on your browser to store preferences and track some information. For example, cookies help us keep you logged in, remember your site preferences, and understand how you use our site so we can improve. We may use session cookies (that expire when you close browser) and persistent cookies (that remain until deleted or expiry). Relatedly, we might use pixel tags in emails or on pages to count users or measure popularity. (Our separate Cookie Policy gives more details and choices.)
  
  Typical info from cookies/tracking might include: which pages you visit, how long on each, what site or ad brought you to us, and your general location (via IP mapping to city/region). We also gather analytics about click rates, conversion events (like completing profile or posting an offer), etc. For advertising or referral tracking, cookies might assign an ID to you to match across sessions or sites. See Section 5 for how we use cookies and how to opt-out of certain tracking.
  
• Geolocation: We do not typically collect precise GPS location unless you give permission (say if our app had a “find local influencers near me” feature, which we currently do not). However, we may infer approximate location from your IP address (e.g., determine city and country). That helps with site language, content relevant to region, and fraud checks (like unusual login locations). If in future we offer location-based features, we would ask permission to use device GPS.
  

1.3 Information from Third Parties:
 We may receive information about you from other sources to supplement our data:

• Third-Party Services You Link: If you link or log into KKACHII via a third-party account (e.g., sign in with Google, Facebook, or connect your Instagram account for influencer profile verification or analytics), the third-party will send us certain information you authorized. For example, if an Influencer connects their Instagram, we might receive stats like number of followers, engagement metrics, profile picture, etc., and permission to periodically fetch updates. For "Sign in with Google/Facebook," we get basics like your name, email, profile photo (depending on what you allow). We use this to streamline registration and possibly verify identity. Always check what information the third-party says it will share in the OAuth process. You can unlink such accounts in settings.
  
• Other Users: We might receive information about you from other users. For example, a Restaurant might mention an Influencer within a campaign report or review, providing feedback data which we store. If a user refers you via an invite feature, they might give us your email to send an invitation. If you’re part of an agency or team account, one member may provide info about another. Similarly, if a user flags content of yours or files a dispute, we will receive whatever information they provide about you in that context.
  
• Service Providers: Certain service providers might provide additional data. For instance, our payment processor might return verification results or risk scores (e.g., flagged if a card is stolen). Or identity verification services might tell us if an ID was validated. We could also get data from marketing partners (like if we run ad campaigns and a user came via an ad, the partner might tell us which campaign source).
  
• Public Sources: We may use publicly available information to supplement profiles. E.g., we might look at an influencer’s publicly available social media metrics to cross-check their provided data, or use LinkedIn to confirm a business owner’s identity. If an influencer has a public page listing their email or stats, we might collect that to invite them to our platform or verify info. Similarly, if you have a public business listing on Google or Yelp, we might fetch things like address or website to enrich your KKACHII profile.
  
• Affiliates: If Rootinger LLC has affiliate or subsidiary companies (currently Rootinger is a standalone LLC), we might share data within our corporate family. For example, if Rootinger separately runs a marketing agency, and you’ve given permission, they might share your info with KKACHII if relevant (like an influencer database). Right now, Rootinger LLC’s operations around KKACHII would be covered fully here. Should we expand, we’ll update accordingly.
  

1.4 Sensitive Personal Information:
 We do not proactively seek or require any “sensitive” personal data (like Social Security numbers beyond last 4 for identity if needed, full financial account numbers aside from what payment processors handle, racial or ethnic origin, health info, biometric identifiers, etc.) for the general use of the Platform. However:

• Identity Verification might involve government-issued ID (which can include things like driver’s license number, photo, date of birth). We treat such data with high security and only use it for verification.
  
• Demographic Info: If voluntarily provided (like you share your race in a profile bio or a photo reveals information), it’s at your discretion. We do not ask for these categories except possibly general region or language for service matching.
  
• Financial Info: Payment card numbers and bank accounts are processed by third-party PCI-compliant processors, not stored fully on our servers. We might see last4 and billing zip.
  
• Geolocation: As stated, we don't gather precise geolocation by default.
  

We do not use or disclose sensitive personal info except as necessary to provide the services (e.g., using a SSN for tax form to comply with IRS, using ID to verify age/identity, etc.), and with appropriate security safeguards.

1.5 Children’s Privacy:
 Our Platform is not intended for children under 18 and we do not knowingly collect personal information from anyone under 18 years of age. If you are under 18, do not use or provide any information on KKACHII. If we learn we have collected personal data from a child under 18 (or under 13 for any reason), we will delete it. However, because our target user base (influencers and restaurants) is inherently adult, this is rarely an issue. If a minor somehow needs to be involved (e.g., a 17-year-old influencer with parental consent, which is currently not allowed by our terms anyway), we'd handle via parent or not at all. If you believe we might have any information from a child, please contact us and we will take prompt action.

2. How We Use Your Information

We use the information we collect for various business and commercial purposes, including:

2.1 To Provide and Maintain the Platform:

• Account Creation & Management: We use personal info to create your account and allow you to log in. For example, your email and password let you authenticate; your profile info is displayed to others as appropriate. We maintain your account preferences and settings using your data.
  
• Facilitate Collaborations: We process information to enable interactions between Influencers and Restaurants. For instance, we use profile data and platform activity to match and recommend potential partnerships (like showing relevant offers to influencers). We route your communications through the Platform (so we use your name and message content to deliver chat to the recipient). We use your information to generate and display campaign pages, proposals, and to manage the workflow (e.g., timeline tracking, content submissions).
  
• Transactions: We use payment-related information to process payments and payouts. That includes charging Restaurant payment methods for influencer fees and our fees, and instructing payouts to influencer accounts. We send necessary info to payment processors (like your card details or account ID) and record transactions. We also use data to calculate any applicable taxes, and to generate invoices or receipts as needed.
  
• Service Functionality: Pretty much all core features rely on using collected info: if you upload content (photos, texts) we store and display it; if you set filters (like an influencer indicates categories of interest), we use that to filter what offers to show; if you put a location, we might show local opportunities first. We might use your email to send necessary communications like verification codes or updates about your collaborations. We keep track of your login sessions via cookies to keep you logged in. Essentially, without using your personal info, the service cannot function as intended.
  

2.2 To Improve and Personalize the Platform:

• Analytics: We internally analyze usage data (page views, clicks, session length, etc.) to understand how the Platform is performing. This helps us identify issues (like a confusing UI step where many drop off), gauge the success of new features, and find overall usage trends (e.g., which categories of offers are most active). We might use third-party analytics tools like Google Analytics to assist with this. These insights allow us to improve our user interface, add or remove features, and optimize performance.
  
• Personalization: We use collected data to customize your experience. For example, we may suggest content or opportunities based on your profile and past activity (“Recommended for you”). We might remember your preferences like language or whether you prefer list vs. grid view and use that each time you log in. We may tailor what emails you get (an influencer might get tips on making their profile stand out if our data shows they haven’t completed it; a restaurant in a certain region might get an email highlighting new local influencers). We also could use your browsing behavior to show you relevant content on the dashboard (like “You recently viewed these offers, here are similar ones”).
  
• Feedback and Surveys: If you provide feedback or answer surveys, we use that data to improve our services. For instance, if many users request a certain feature or express confusion about a process, we’ll work on those areas. Survey results might be aggregated to inform product strategy.
  
• Testing & Development: Information like crash logs or error reports are used to debug and improve app stability. We might run beta features for a subset of users; usage data helps determine if those features become permanent. We sometimes might contact you to ask about your user experience, if you consent to such communications.
  

2.3 To Communicate with You:

• Account and Transactional Communications: We use your email (and possibly phone for SMS, if provided/consented) to send important account-related messages. This includes confirmations (sign-up confirmation, payment receipts, payout confirmations), updates on collaborations (like "Your proposal was accepted", "New message from X", or reminders "Your deliverable is due in 2 days"), security alerts ("New login from device", password reset emails, etc.), and changes to terms or policies. These are not promotional, but rather essential communications to operate the service; you generally cannot opt out of these except by closing your account.
  
• Promotional & Newsletter Communications: With your consent or as otherwise permitted, we may send marketing emails to our users. These could be newsletters with platform tips, new feature announcements, or special promotions (like referral incentives, or highlighting cool successful collabs as inspiration). Influencers might get emails like "Top offers in your category this week", Restaurants might get "We have X new influencers who joined in your area". You can opt out of marketing emails at any time by clicking the unsubscribe link in the email or adjusting settings. Note: opting out of marketing does not opt you out of transactional emails as described above.
  
• Surveys and Feedback Requests: We might email you to ask for your feedback on the Platform or specific transactions (“How was your experience with this collaboration? Rate the other party!” or general satisfaction surveys). It’s up to you to respond. Often these help build our review system or gauge NPS (Net Promoter Score) etc.
  
• Customer Support: If you reach out to us with a problem, we will use your provided info to respond and help. We might contact you via email, phone, or in-app messaging depending on what you provided and the urgency. Support logs are retained to track issues and ensure service quality. Sometimes, if an issue is widespread (like "some users aren’t receiving payouts due to an outage"), we may proactively email all affected users.
  
• Legal or Policy Communications: We may send notices about changes in our terms, privacy policy, or other legal updates. We might also communicate regarding enforcement of our terms (like if we need to warn or suspend an account, we’ll email you about that with reasons).
  

2.4 For Security and Fraud Prevention:

• Fraud Monitoring: We use data (IP, device, behavioral patterns) to detect and prevent fraudulent or unauthorized activities. For instance, if an account suddenly logs in from a new country and tries to withdraw funds, our systems might flag that for review. We might also track if multiple accounts share the same device or IP in suspicious ways (possible sockpuppets), or if content posted suggests a scam (like someone spamming external links). If we suspect fraud, we may use personal info to further investigate (e.g., verifying identity documents, cross-checking info with public databases).
  
• Account Security: We may use your email or phone to send security codes for multi-factor authentication or to verify a login attempt. We maintain logs of logins and changes to help identify unauthorized access. If we believe an account is compromised, we might temporarily lock it and reach out to confirm identity, using personal data on file.
  
• Enforcing Policies: Information is used to enforce our Terms of Service and other policies. For example, if someone is reported for harassing messages, we review the message content (User Content) and take appropriate action using that info. We also might use automated systems to scan for certain policy violations (like scanning messages for payment details to prevent off-platform transactions, or scanning posts for hate speech). This involves processing user data for compliance reasons.
  
• Protecting Rights and Safety: We may process personal information when necessary to protect the rights, property, or safety of our users, ourselves, or others. This could mean using info to block an abusive user, or providing relevant details to law enforcement if someone is threatening harm. We also might use personal data in legal claims to defend ourselves or assert our rights (like in a lawsuit situation we might use logs or records to demonstrate facts).
  

2.5 To Comply with Legal Obligations:

• We use and retain personal data as needed to comply with various laws and regulations. For example, financial transaction records and associated personal data might be kept to satisfy tax, accounting, and anti-money laundering laws. If authorities require user information via subpoena or similar, we may use and disclose data as legally required (see Section 4 for sharing). We also handle user data requests (like access or deletion requests under privacy laws) as required by regulations such as CCPA or others.
  
• If you're a California resident, we ensure your data usage aligns with CCPA definitions of business purpose. The purposes listed here generally fall under those recognized purposes: providing the service, security, analytics, etc. We donot use personal data for any purposes that are incompatible with the ones listed without obtaining additional consent.
  

2.6 De-identified or Aggregated Data:
 We may aggregate or anonymize personal information so it no longer identifies individuals, and use that data for any purpose. For instance, we might compile statistics like "Average campaign payment is $X" or "% of collaborations that are local vs remote", or overall site metrics. This aggregated data could be used in marketing (like showing success stats), product improvement, or shared with partners. It contains no personal identifiers. If we de-identify info, we commit not to re-identify it, and if sharing with third parties, we will require they also not attempt re-identification.

2.7 Use of Cookies and Similar Tech (Detailed in Cookie Policy):
 In summary, we use these for things like keeping you logged in, remembering preferences, analyzing usage trends, and personalized advertising (if any). For instance, Google Analytics cookies help us see how users move through the site, and marketing cookies might help display our ads to you on other websites after you visited (retargeting). Section 5 and Cookie Policy have more specifics on types and choices.

Our usage of your info is all directed to giving you a functional, safe, and improving service, while also fulfilling business and legal requirements. We do not sell personal information to third parties for money. If we ever consider new uses, we'll update this policy and/or ask for consent if needed.

3. How We Share Your Information

We may share personal information with the following categories of recipients for the purposes described above (note: in the last 12 months, we have disclosed these categories as detailed):

3.1 Sharing between Users:

• Profile Information: By nature of the platform, certain info is shared with other users. Restaurants can see relevant profile details of Influencers and vice versa. For example, if you are an Influencer, Restaurants can see your profile name, photo, bio, follower stats, and past collaboration metrics (like number of completed campaigns, average rating from partners). If you are a Restaurant, Influencers can see your business name, description, perhaps logo, and reviews from influencers who've worked with you, etc. We design profiles such that contact details like email or phone are not publicly displayed unless you choose to put them in a public field. We encourage keeping communications on-platform. But any info you put in the profile fields will be visible to appropriate users.
  
• Collaboration Data: When an Influencer applies to an Offer, the Restaurant will see the info in that application (perhaps a cover message, example content, etc., plus the influencer’s profile as above). When a collaboration is agreed, the two parties may gain access to each other’s contact info as needed (for example, we might share an Influencer’s email or phone with a Restaurant post-deal, or a Restaurant’s address if the Influencer needs to go on-site, etc.). But we handle that carefully: we might facilitate messaging such that you don't need direct email sharing; however, for some collabs, direct contact is useful, so either user might share it themselves or request it.
  
• Messaging: Messages exchanged between users via our Platform are obviously shared with the intended recipient(s). We do not share your private messages with anyone except the conversing users (and our internal processes for monitoring as needed). If a user is in a multi-user chat (not common on our platform, but maybe a group chat if multiple influencers in a campaign), those messages go to all participants.
  
• Reviews/Feedback: If you rate or review a collaboration, that feedback will likely be shared publicly or at least with the other party. For example, an Influencer might see the star rating a Restaurant gave them (and possibly the comment), and vice versa. We might display aggregated ratings on profiles (e.g., "4.9 stars from 20 collaborations"). Reviews help users decide who to work with, so they are usually public within the community. We might also showcase particularly positive testimonials on marketing materials (with permission).
  
• Disputes: If there's a dispute, information you provide may be shared with the other party to attempt resolution (like evidence you submit may be shown to them for rebuttal). Also our support might mediate and thus see both sides' info and share necessary bits across to clarify issues.
  

3.2 Service Providers (Processors):
 We share personal information with trusted third-party service providers who perform services on our behalf, under binding agreements that prevent them from using the info for unrelated purposes. Key service providers include:

• Payment Processors: We use companies like Stripe or PayPal to handle payment transactions. If you pay or get paid through KKACHII, relevant personal and financial info goes to the processor: e.g., your name, card details, billing address, amount, email/phone (for receipts or 3DS verification), possibly IP (for fraud checks). They use this to process the transaction and comply with regulations (like anti-fraud). These processors are PCI-DSS compliant. They may also store your payment method for future use if you opt in.
  
• Cloud Hosting and Storage: Our platform likely runs on cloud infrastructure (such asAmazon Web Services (AWS) or Google Cloud). Thus, personal data (database info, images you upload, messages) is stored and processed on their servers. They technically have the ability to access data stored but contractually they do not access or use it except to maintain the service.
  
• Analytics Providers: We utilize tools like Google Analytics and potentially others (e.g., Mixpanel, Hotjar, etc.) to collect and analyze usage data. These providers set cookies or tags and get info like your IP, device, pages visited, etc. They provide us aggregated insights. We ensure they do not share our data or try to identify individual users beyond providing us the service. Google Analytics may use data for their own improvements, but we can use settings to limit data sharing.
  
• Email / Communication Tools: We might use a service like SendGrid, Mailchimp, or Sendinblue to send out emails and possibly SMS providers for text messages. They get your email address (and name for personalization, content of emails) to deliver communications. Similarly, if we have in-app chat reliant on a third-party SDK, that provider processes message content to deliver them. We ensure they treat it confidentially.
  
• Customer Support Systems: If we use a CRM or helpdesk system likeZendesk or Intercom for support tickets and live chat, they will store the info you give in support requests (contact info, message logs). This helps us manage support interactions.
  
• ID Verification / Fraud Prevention: To verify identity or detect fraud, we may use providers such asJumio, Onfido, Sift, etc. These may receive data like your ID scan, selfie, or certain behavior data to verify identity or assess fraud risk. They return results (verified/not, risk scores). They are restricted to using it for that service only.
  
• Advertisers and Marketing Partners: If we run targeted advertising campaigns, we may use platforms likeFacebook Ads, Google Ads. We might share hashed identifiers or cookie info to retarget ads (e.g., giving Facebook a list of user emails hashed to show ads to similar audiences, or using the Facebook Pixel to know you visited our site and then show you our ad on Facebook). We do not share raw personal info with advertisers beyond what's needed for these targeting processes (which often are privacy-safe like hashing or through code they provide on our site). See Cookie Policy for more on advertising cookies.
  
• Other SaaS tools: We could use various software for operations that might involve personal data. For example, if we survey users via Typeform or Google Forms, data goes through them. Or if we maintain internal analytics dashboards, maybe we use a tool like Metabase or Data Studio which might import some data (with restrictions). All such providers are bound by terms to only use data to provide the service to us.
  We pick reputable providers with appropriate security measures. We only share what's necessary (principle of least privilege).
  

3.3 Business Transactions:
 If Rootinger LLC is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider,your information may be transferred as part of that transaction. For example, if another company acquires KKACHII, your data will likely be one of the assets transferred so they can continue operating the service. In such events, we will ensure that the successor entity either continues to honor this Privacy Policy or notifies you of any changes. Similarly, if we bring on investors or partners, we might share aggregated or business-level data (e.g., total user counts, revenue) and possibly some user info in due diligence under confidentiality (like showing a sample of user demographics or major clients with contact redacted or not without NDA). But an outright share of personal info in an acquisition will be governed by agreements requiring the new owner to treat it consistently with our commitments. If a bankruptcy or similar event occurs, personal data might be considered an asset but any sale of it would presumably require notifying affected individuals if outside normal expectations.

3.4 Legal Compliance and Protection:
 We may disclose personal information if required to do so by law or in the good faith belief that such action is necessary:

• Legal Obligations: To comply with a legal obligation, such as responding to subpoenas, court orders, or legal process. If law enforcement or government agencies legally require user data (and we verify the request is valid and within their power), we will disclose what is requested (provided it's not overly broad or we may attempt to narrow it). We'll try to notify users of requests for their info before disclosure if allowed by law and feasible.
  
• Protecting Rights and Safety: To protect and defend the rights, property, or safety of Rootinger, our users, or others. This includes investigating and helping prevent security issues or abuse. If someone is threatening other users or using KKACHII to commit illegal acts, we may provide data to authorities. Or if a user engages in actions that breach our terms resulting in legal threats, we may share their contact info with complaining parties (for instance, if a content owner sends a DMCA subpoena wanting an uploader's identity, we'd comply as required).
  
• Enforcing Agreements: To enforce our Terms of Service, Influencer/Restaurant Agreements, or other contracts (e.g., using personal info as evidence in a legal dispute or arbitration between us and a user). If we need to seek legal remedies or defend ourselves in litigation, we might use or disclose relevant user data as needed. For example, showing communications or logs to prove what happened.
  
• Emergency Situations: If we believe in good faith that disclosure is needed to prevent an imminent threat of harm, death, or property damage (like suspected human trafficking or exploitation going through our platform, or credible threats of violence), we might alert relevant authorities with available info urgently.
  

We attempt to limit disclosure to what is necessary in each case. And we keep records of any major disclosures.

3.5 Affiliated Businesses:
 If in the future we have any subsidiaries, joint ventures, or other companies under common control (collectively, "affiliates"), we might share information with them to streamline services or for internal administrative purposes. They would be bound to treat such info in line with this Privacy Policy. As of now, Rootinger LLC's primary business is KKACHII itself, but if, say, Rootinger starts a separate but related service (like a tool for influencers), we might share basic account data so users can have a unified login or be aware of features. We will clarify any such relationship when/if it arises.

3.6 With Your Consent or at Your Direction:
 We may share your information with third partieswhen you explicitly consent to or request such sharing. For instance:

• If you instruct us to share feedback as a testimonial on our site or with a media outlet, we will do so.
  
• If you participate in a co-sponsored event or integration, you might agree that info goes to the partner (we would let you know and usually have you opt in).
  
• If you use any integrations that pull your data (like an API or export feature to third-party), by enabling that you direct us to share accordingly.
  
• If a scenario arises outside the above reasons, we'll ask for permission before sharing in a new way.
  

3.7 De-identified or Aggregated Data:
 As mentioned, we share aggregate or anonymous information (which is not personal data) freely. For example, telling a prospective partner "We have X thousand influencers with average Y followers" or publishing trend reports. This data does not identify individuals and thus isn't limited by privacy laws on personal info.

3.8 Sale of Personal Information:
 We want to clarify, particularly under California law, wedo not sell personal information to third parties for monetary compensation. California defines "sell" broadly to include some sharing for benefit, so specifically:

• We do not provide personal data to third parties for their own direct marketing.
  
• The only "sharing" that might be considered sale under some definitions could be the use of analytics and ad cookies (which track you and possibly use that data commercially). Under CPRA, sharing for cross-context behavioral advertising is considered "sharing" but not sale; still we provide an opt-out for that (see Cookie Policy and “Do Not Sell or Share” link if applicable).
  
• If this changes, we'll implement the required opt-ins or opt-outs.
  

In summary, we primarily share data to run our service, not to let others market to you without involvement in our service.

3.9 CCPA Categories of Disclosures: For transparency, in the preceding 12 months, we have disclosed the following categories of personal information (from CCPA categories) for business purposes to the categories of service providers mentioned:

• Identifiers (name, email, IP, etc.) – to service providers like hosting, analytics, email delivery, payment processors.
  
• Customer records (contact info, payment info) – to payment processors, support tools.
  
• Commercial information (transaction history) – to payment processor, possibly analytics (in aggregated form).
  
• Internet/electronic activity (usage data, cookies) – to analytics providers and security tools.
  
• Geolocation (approximate from IP) – to analytics and security.
  
• Professional info (for influencers, e.g. social stats) – within platform and to any verification service.
  We have not disclosed sensitive personal info aside from what was necessary for operations (e.g., SSN to tax processor, ID to verifier) purely to those service providers under contract.
  We will update this as needed to reflect any new sharing practices.
  

4. Your Choices and Rights

You have certain choices and rights regarding your personal information. Here’s how you can exercise them:

4.1 Access and Update:

• Accessing Your Account Info: You can access and update much of your personal information directly by logging into your KKACHII account. For example, you can edit your profile details (name, bio, picture), change your email or phone in settings, update business info, etc. We encourage you to keep info current. If some information is not editable by you (like ratings you received, or transaction logs), you can request access by contacting us as described below. We will provide you a copy of personal data we hold about you, often in electronic format, subject to some exceptions (e.g., we might not include proprietary logs or data that includes others' info).
  
• Rectification: If any of your personal info is inaccurate or incomplete, you have the right to correct it. The easiest method is editing through your account. If you need help (say you can’t change your email because the system doesn’t allow email change directly for security reasons), contact support and we’ll assist with verifying identity and making the change. We may ask for documentation if necessary (for instance, if you claim a legal name change).
  
• California Residents (and similar state laws): Under CCPA/CPRA, you have the right to request that we disclose to you certain information about our collection and use of your personal info over the past 12 months. This includes the categories of personal info collected, sources, purposes, categories of third parties we shared with, and specific pieces of personal info we have about you. Essentially an access request. You may also request correction of inaccurate personal info (CPRA added a right to correct) – we will correct it taking into account the nature of the info and purpose of processing.
  

4.2 Deletion of Data:

• Account Deletion: You may request to delete your account (and thus your personal data) by contacting us atprivacy@kkachii.com or via account settings if such option is provided. When we receive a verified deletion request, we will delete your personal info from our records, and instruct service providers to do the same, except for information we are required or permitted to retain by law. For example, we might keep transaction records for accounting or disputes, or keep information needed for security (like banning a fraudulent user). Also note, complete removal may have exceptions like:
  

• We cannot remove data that has been stored in backups immediately (it will be deleted when backups are rotated out).
  
• We may retain correspondence or support tickets for recordkeeping.
  
• Reviews or content you've provided that is part of another user's experience might not be fully erasable (for example, if you participated in a collab, a basic record that "A did a collab with B" might be retained but without personal identifiers if possible).
  
• We also must keep certain financial info for tax/regulatory reasons (e.g., records of payments).
  

• We will let you know what info we must retain if any. We will comply within the time frame required by law (usually within 45 days for CCPA requests, with possible extension). Deleting your data will likely disable your account and you will lose access to our services.
  
• Partial Deletion/Unlinking: You can also remove or unlink certain information without deleting entire account. For instance, you can delete a profile photo, or unlink a social media account from KKACHII. You can also ask us to remove specific content you posted (like if you accidentally posted personal info in a bio or message that you can't edit now, you can ask support to remove it).
  
• California "Shine the Light": Separate from CCPA, California's "Shine the Light" law allows customers to ask for a list of personal info (if any) we disclosed to third parties for their direct marketing in the prior year. We do not share info with third parties for their own direct marketing as we state. So effectively we have nothing to report for that.
  

4.3 Opt-Out of Marketing Communications:

• Email Marketing: You can opt out of marketing or newsletter emails at any time by clicking the "unsubscribe" link in those emails or adjusting your notification preferences in your account. Note that if you unsubscribe from marketing emails, we may still send you important transactional or service emails (as noted, those are not optional if you want to use the service – like payment receipts, account alerts). If you have multiple email addresses with us, ensure to unsubscribe each or let us know to remove all.
  
• SMS: If we send promotional SMS (rare, and only if you opted in), you can opt out by replying STOP or as instructed. For necessary SMS like verification codes, you can't opt out while using that feature aside from not using the feature.
  
• Push Notifications: If you installed our mobile app, you can control push notification preferences via the app settings or your device settings.
  
• Do Not Track: DNT signals from browsers are not consistently honored by the advertising industry. At this time, our site does not respond to DNT signals specifically, but you can use our cookie preference tools to manage tracking (see below), which is an equivalent approach.
  

4.4 Cookies & Advertising Opt-Outs:

• Cookie Controls: Our Cookie Policy provides information on how to manage cookie preferences. When you first visit, you likely saw a cookie banner allowing you to accept or adjust non-essential cookies. You can also use browser settings to delete or reject cookies. If you do so, note some functionalities might break (like staying logged in). We also provide a link "Your Privacy Choices" or similar if required (for California "Do Not Sell/Share" and global privacy control signals) that allows you to opt out of any selling/sharing of personal info for advertising. Under CPRA, sharing for targeted advertising can be opted out; we have implemented that mechanism. If you use a recognized opt-out preference signal (like Global Privacy Control (GPC) in your browser), we treat that as a valid request to opt out of sale/sharing for that browser, as required.
  
• Analytics Opt-Out: Google offers a browser add-on to opt out of Google Analytics tracking, which you can install if desired. We may also respect DNT-like or GPC signals for analytics if feasible.
  
• Interest-Based Ads: For third-party ad networks (like Google or Facebook), you can opt out of personalized ads via industry sites like the DAA opt-out site (http://optout.aboutads.info) or NAI site (http://optout.networkadvertising.org), or use settings in Google/Facebook accounts to adjust ad preferences. These help ensure if we or others have cookies on our site for ad targeting, you can stop that targeting.
  

4.5 California Privacy Rights:
 If you are a California resident, the CCPA/CPRA grants you specific rights, some already described above:

• Right to Know: You can request that we disclose to you the categories and specific pieces of personal info we have collected about you, the categories of sources, the business purpose for collection, the categories of third parties with whom we share, etc. Much of that is covered in this Policy's sections. Upon verifiable request, we can provide the specific data (over last 12 months by default).
  
• Right to Delete: You can request deletion of personal info we collected from you, with certain exceptions (like those legal retention reasons mentioned). We will treat deletion requests with the same process as above (account closure and wiping data not needed).
  
• Right to Correct: If personal info we maintain is inaccurate, you can request we correct it. We will verify and correct as appropriate.
  
• Right to Opt-Out of Sale/Sharing: As stated, we do not "sell" data in the traditional sense. As for "sharing" for cross-context advertising, we provide the Do Not Sell or Share link and honor signals like GPC to opt out of use of cookies that track for advertising. If you opt out, our site will try to not load third-party advertising cookies or trackers beyond what’s needed for core functions.
  
• Sensitive PI Use: CPRA says if we use or disclose sensitive personal info for purposes beyond what is reasonably expected for providing services, we'd need to allow you to limit that. We only use sensitive data (like an ID or SSN for tax) for the necessary purpose (ID verification, tax compliance). We don’t use, say, precise geolocation or race or biometric for anything. So there's no separate "limit use of sensitive PI" link because we don't use it in a secondary manner (like profiling or advertising).
  
• Non-Discrimination: We will not discriminate against you for exercising any of these rights. That means we won't deny you service or provide different quality of service solely because you made a privacy rights request. However, if deletion of data means we cannot provide the service (like you delete your account), that's a consequence you choose. But we wouldn't do things like charging different prices or limiting features just because someone opted out of sale.
  
• How to Submit Requests: You (or an authorized agent) can submit requests to know, delete, or correct by emailingprivacy@kkachii.com with subject "California Privacy Rights Request" and specifying which right you want to exercise. We will need to verify your identity. Usually that means at least verifying control of the email associated with your account and potentially asking for additional info (like last login date, etc.) if needed to confirm identity. If you are not logged in, provide enough info so we can locate your account (name, email, maybe username). If you use an agent, we may require a signed permission from you or power of attorney, and we may still verify you directly to be sure.
  We aim to respond within 45 days of receiving a verifiable request, extendable by another 45 with notice if necessary.
  

4.6 Nevada Residents: Nevada law gives residents the right to opt out of sale of certain data. As noted, we don't sell data for monetary consideration, but if you want to be extra sure, you can email us to register an opt-out preference for any potential sale (we'll mark it and if our practices ever change we'll honor that and also update policy and consents).

4.7 European Users (GDPR): Though this is a U.S.-focused policy, if any EU users were to use a U.S. version, note you have rights of access, rectification, erasure, restriction, objection, data portability, and to lodge a complaint with a supervisory authority. We would uphold those similarly. Also, our processing would have legal bases like contract necessity (for providing service), legitimate interests (for improvement and security), consent (for marketing cookies, etc.), and legal obligations. We do not typically transfer EU data internationally under this U.S. context except to U.S. (which might rely on standard contractual clauses if applicable).

4.8 Authorized Agents: If you want someone else (like an attorney or family member) to make a privacy request on your behalf, please send us a written authorization or power of attorney documentation. We’ll still need to verify you (or if power of attorney is provided, that might suffice combined with agent's identity verification). This is mainly a California concept, but in general if you need representation, we can work with that within legal allowances.

4.9 Do-Not-Call: If at any point we do telemarketing (not in plan), we would adhere to do-not-call list requests. Right now, we rarely, if ever, call users unless it's a scheduled conversation or urgent account issue, but not for cold marketing.

4.10 Social Media and Third-Party Links: If you connect with us on social media (like joining a KKACHII community group or interacting on our pages), your interactions are subject to both this policy and the network's privacy settings. If you share content from KKACHII externally, that's your choice; we recommend caution if it involves personal info.

4.11 Additional State Privacy Rights: States like Virginia, Colorado, Connecticut, and Utah have passed privacy laws (coming into effect around 2023) with rights similar to CCPA. We intend to apply consistent practices. If you're a resident of those states, you can also request access, deletion, correction, and opt out of targeted advertising or sale of personal data. Use the same contact method (privacy@kkachii.com). If we were to do profiling with legal effects (we don't currently), you'd have a right to opt out. If we deny a request, those laws have appeal processes. We will inform you how to appeal if needed (like reply to the denial email stating you appeal, and we'll escalate internally). We are striving to build a privacy-respecting service across all jurisdictions.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our Platform to enhance user experience, analyze usage, and for marketing purposes. By using KKACHII, you agree to our use of cookies as described here and in our Cookie Policy. Key points:

5.1 What are Cookies: Cookies are small text files stored on your device (computer or mobile) by websites you visit. They allow the website to recognize your browser and remember info like user preferences. Other tracking tech includes web beacons (pixel tags), which are tiny images or code fragments that can log when you view a page or email, and local storage in browsers which can store data similarly.

5.2 Types of Cookies We Use:

• Necessary Cookies: These are essential for the Platform to function properly. For example, session cookies keep you logged in as you navigate, or remember items you’ve input in forms. Without these, the service may not work. They are typically first-party cookies (set by our domain). Example: a cookie to remember your login token.
  
• Preferences Cookies: These allow our site to remember choices you make to personalize experience (like language, or if you dismissed a tooltip already). While not strictly necessary, they improve usability.
  
• Analytics Cookies: We use these to collect information about how users interact with the Platform (which pages are popular, how long, etc.). We primarily use third-party analytics providers (like Google Analytics). These cookies may track things like which site you came from, and your interactions on our site. Data collected is typically aggregated and help us improve site features and content.
  
• Advertising Cookies: We may use advertising or remarketing cookies to show you KKACHII ads on other websites or to measure performance of our ad campaigns. For example, the Facebook Pixel or Google Ads tag may set a cookie when you visit our site, which helps us later display an ad to you on Facebook or Google networks. These cookies might also track how you respond to ads (did you click an ad and then sign up? That gets recorded for our metrics). We also might utilize cookies to limit how many times you see an ad (frequency capping).
  
• Security Cookies: Some cookies help with security, such as detecting malicious activity or abuse. For instance, we might use a cookie to determine if it’s the same device making many rapid requests (possible bot).
  
• Third-Party Social Plugins: If our site allows login or share via social networks, those networks might set cookies. For example, clicking a "Share on Twitter" button might set a cookie that Twitter uses to see that you are logged in there. Or if we embed a YouTube video, YouTube may set cookies for video playback and tracking usage.
  

5.3 How We Use These:
 Cookies help us:

• Keep you logged in and maintain session state (so you don’t have to login on every page or action).
  
• Save preferences (e.g., remember which tab you last looked at on a dashboard).
  
• Provide analytics about usage to improve our service (like see overall user flows).
  
• Assist in marketing efforts by remembering if you visited and perhaps targeting you with follow-up ads, or conversely, not showing you our sign-up ad if you're already a user.
  
• Ensure security by authenticating requests and preventing fraud.
  

5.4 Your Choices:

• When you first visit, we present a cookie notice (and possibly a preference center) giving you the choice to accept or manage cookies (especially non-essential ones like analytics/advertising). You can adjust preferences there or later via a "Cookies" link or your account settings if provided.
  
• Browser Controls: Most web browsers allow you to refuse or delete cookies. Methods vary by browser; check your browser’s help. If you block all cookies, some features of our Platform may not work (like login might break or preferences not saved).
  
• Opt-Out of Analytics: You can install Google Analytics opt-out extension, as mentioned, to prevent GA from using your data.
  
• Opt-Out of Ads: Use the DAA or NAI links to opt-out of interest-based advertising by participating networks, which should include our usage if any.
  
• Global Privacy Control: If your browser has GPC enabled, we treat that as an opt-out of sale/sharing for that device, as said.
  

5.5 Do Not Track: We currently do not respond differently to a “Do Not Track” header due to lack of standard, but as described, we provide other means to opt-out of tracking.

5.6 Social Media Widgets: If our site includes social media features (like a Facebook Like button or a Twitter widget), these may set cookies and gather data (e.g., your IP, page you’re on) directly through those third parties. They operate under the privacy policies of those social networks. We advise caution when using those if you have privacy concerns; interacting with them might allow the third party to link your behavior on our site to your profile on their service.

5.7 More Info: For detailed info on exactly which cookies we use and their lifespans, see our separate Cookie Policy document.

By continuing to use our Platform, you consent to the placement of cookies and similar tech as described, unless you disable them through your browser or preferences.

6. Security

We take the security of your personal information seriously and implement reasonable administrative, technical, and physical security measures to protect it. However, no method of transmission over the Internet or electronic storage is 100% secure, so we cannot guarantee its absolute security.

6.1 Measures We Use:

• Encryption: Our website and apps are served over HTTPS, which encrypts data in transit between your device and our servers. Any sensitive data (like passwords, certain personal details) are typically protected via encryption or hashing. For example, we hash passwords so even we cannot read them. Payment information is transmitted securely to payment processors which are PCI compliant; we do not store full card numbers on our systems.
  
• Access Controls: Internally, we restrict access to personal information to employees, contractors, and agents who need to know that info in order to operate or develop our service. They are bound by confidentiality obligations. We segment duties (for example, support staff can view info needed to help you, but perhaps not extremely sensitive data unless necessary). We use two-factor authentication for our admin accounts where possible and maintain secure credentials.
  
• Storage Security: We use reputable cloud services (like AWS) that maintain robust security certifications and protections. Data is stored in secure data centers with physical security controls. We backup data to ensure recoverability. Backup data is also protected. Some particularly sensitive fields might be encrypted at rest when feasible (especially if mandated by law or standard, like possibly SSNs).
  
• Monitoring: We monitor our systems for vulnerabilities and attacks. We maintain logs of system access and have alerts for unusual activity. We may use intrusion detection systems or web app firewalls to mitigate threats. Regular software updates are applied to patch known security issues.
  
• Training: Our team members are trained on data security and privacy best practices, including identifying phishing attempts and secure handling of user data.
  
• Penetration Testing: Periodically, we may employ security experts to perform penetration tests on our platform to find and fix vulnerabilities.
  

6.2 Your Responsibilities:

• Account Security: You are responsible for keeping your account login credentials (username & password) confidential. Do not share them with anyone. Choose a unique strong password. If you suspect someone has gained access to your account, change your password immediately and notify us.
  
• 2FA: If we offer two-factor authentication (via SMS or app code), we recommend enabling it to add an extra layer of security to your account.
  
• Phishing Awareness: We will never ask you for your password via email or phone. Beware of phishing attempts that impersonate KKACHII or Rootinger. Always check that emails come from our official domain (e.g., @kkachii.com). If you're unsure about a communication claiming to be from us, reach out to our support directly to verify.
  
• Secure Devices: Use our service from devices with updated antivirus, and ensure your own network is secure (especially be careful when using public Wi-Fi; consider using a VPN).
  
• Log Out: If using a shared or public computer, log out from your account when done and clear cookies if needed.
  

6.3 Data Breach Procedures:
 In the unlikely event of a data breach that affects your personal information, we will promptly notify affected users and relevant authorities as required by law. We have an incident response plan: if a breach occurs, we identify the scope, contain it, and then work to remediate. We will communicate to users what data was involved and steps we recommend (like resetting password if credential leak, etc.). We'll also take measures to prevent future incidents.

6.4 No Guarantee: While we aim to protect information, we cannot guarantee absolute security because new threats emerge and no service is impervious. However, we will always act quickly on any security issues and continuously improve our measures. By using KKACHII, you acknowledge that you understand these risks.

6.5 Reporting Security Issues: If you discover a vulnerability or security issue in our Platform, please notify us immediately atsecurity@kkachii.com or through our support channels. We appreciate help from the community in making our service safer. We won't take legal action against good-faith security researchers who point out issues responsibly (our pseudo "bug bounty" approach).

7. International Data Transfers

KKACHII is operated from the United States, and any information we collect will be transferred to and processed in the United States and potentially other countries. If you are accessing the Platform from outside the U.S., be aware that your information will be transferred to the U.S. and possibly to servers located in other countries where our service providers are located.

7.1 Adequacy and Safeguards: The U.S. (and other countries) may not have the same data protection laws as your jurisdiction (for example, the EU). We will ensure that appropriate safeguards are in place for cross-border transfers as required by applicable law. This could include usingEuropean Commission-approved Standard Contractual Clauses (SCCs) or verifying providers are certified under frameworks like theEU-U.S. Data Privacy Framework (once fully implemented) or other adequacy mechanisms.

• For example, if we have EU users, and we store data in the U.S., we rely on SCCs between our entity and any EU branch or partner. Similarly, our service providers (e.g., cloud hosts, analytics) that process EU data would sign SCCs or have an approved certification.
  
• We also limit data to what's necessary and pseudonymize where possible to mitigate risk.
  

7.2 Consent and Necessary Transfers: By providing your information to us or using the Platform, you consent to the transfer of your personal data to the U.S. and any other country where we or our vendors operate, and to the use and disclosure as described in this policy. We primarily store data in U.S. but may have backups or support in other regions (like an EU support agent might access a user's data if supporting them, that’s a transfer back to EU - which is fine, or if our email provider’s servers are in another country).
If you are in a region like the EU or UK, we will ensure a legal basis: typically the data transfer is necessary for the performance of the contract (since we can't provide the service otherwise) or based on your consent (which you can withdraw, but that may mean not using the service).

7.3 Regional Adjustments:

• For users in Canada or other countries with cross-border rules, note that your personal info may be accessible by U.S. authorities under U.S. law. We'll always protect it as per this policy regardless of where processed.
  
• For Australian users, data may be stored in US (with similar note).
  
• If in future we store data in other countries (like say we use a European data center for EU users), we'll mention that. But currently U.S. is main.
  
• Some of our service providers might use multi-region setups (like Cloudflare could cache data globally; we try to configure any such tools in privacy-friendly ways, e.g., we might restrict some data to U.S. region if possible for services like AWS or others).
  

7.4 Privacy Shield (if applicable): Rootinger LLC currently isn't listed in Privacy Shield (the old EU-US framework) since it was invalidated. If a new Data Privacy Framework is recognized, we may consider certifying under it to simplify EU transfers. Meanwhile, we rely on SCCs and other measures.

You have a right to know details of our transfer safeguards and can contact us if you need more specifics (like a copy of SCC terms, though they'll be standard terms with some commercial info redacted if needed).

8. Retention of Data

We retain personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

8.1 Retention Criteria:

• Account Data: We keep your account information while your account is active. If you choose to deactivate or delete your account, we will begin the deletion process for personal data as described. However, we may retain certain data for a period after deletion for reasons like enabling easy reactivation (if you change mind shortly after), or to finish any transactions/due obligations (if an influencer deletes account but had a pending payout, we hold relevant info until resolved).
  
• Transaction Records: We are often required by law to retain financial and transactional records for a certain time (e.g., U.S. tax law, or any audit requirements). Typically, we might retain transaction and payment records for at least 7 years. This may include user identification (to document who was paid).
  
• Communications and Content: Messages and content posted might be retained as long as the user's account is active and not deleted. If you delete your account, we purge personal content from accessible areas, but some communications might be retained in case of disputes or as part of other user records (for example, if you sent a message that is relevant to another user's legitimate interest, we might keep it in their message history unless they also delete). But generally, after account deletion, we try to remove content not needed.
  
• Analytics Data: We may keep aggregated analytics indefinitely for historical trends. Personal usage logs (with IP addresses etc.) we might purge or anonymize after a period (e.g., raw logs kept for a few months for security, then aggregated).
  
• Legal Holds: If we're involved in an ongoing legal issue or investigation, we will retain any relevant information until it is resolved, even if that extends beyond usual retention. For instance, if a user is banned for fraud, we might keep their data to help prevent re-registration and to assist law enforcement if needed.
  
• Backup Data: Data in backups might remain until backup cycles out. We maintain backups for disaster recovery which could hold data for some extra time beyond active deletion. We secure those backups carefully.
  

8.2 Deletion Procedures: When data is no longer needed, we will either securely delete it or anonymize it so it cannot be linked to individuals. Deletion might be through erasure, de-identification, or destruction of physical media if any. We maintain logs of deletion requests and confirm when done.

8.3 Inactive Accounts: If an account has been inactive for a very long time, we may remove or anonymize its data as per our data minimization practices, after trying to notify the user. For example, if someone hasn't logged in for 3+ years, we might delete their personal info but perhaps keep minimal for preventing reuse of the username or for archive. If we plan a purge, we’d email with a chance to reactivate.

8.4 Note on Backups and Delays: Even when we delete data from production, it might persist in secure backups for a period until those backups are cycled out, as mentioned. We also might delay final deletion for a short while to ensure it’s not erroneously done or to allow recovery if it was a mistake (like a cooling-off period). But during that time, it's not accessible via the platform.

8.5 Compliance Storage: Data needed for compliance (IDs for KYC, tax forms, etc.) will be retained as long as mandated. E.g., W-9 forms or similar might be kept for years in our secure compliance files even if account is gone, just in case of audits.

We periodically review our data and ensure we aren't holding onto personal info longer than necessary.

9. Additional Privacy Information

9.1 Third-Party Websites: The Platform may contain links to third-party sites or services that we do not own or control (for example, a Restaurant’s website link, or a link to an influencer’s blog, or our pages on social media). This Privacy Policy does not apply to those websites. If you follow a link to any of those websites, we encourage you to read their own privacy policies. We are not responsible for the privacy practices or content of third-party sites.

9.2 User Profiles and Public Content: As noted, certain information you post on KKACHII (like profile content, listings, reviews) can be visible to others. Please be aware of your privacy when posting any content. Avoid posting personal contact info or sensitive details publicly. Even in private communications, share carefully. We provide a platform, but cannot control how others use info you share with them (though misuse might violate our terms, always use caution). If you inadvertently posted something you want removed, contact us and we'll do our best to assist.

9.3 Do Not Disturb: If you would like to limit certain communications beyond our provided settings (like not being shown on certain lists, or using pseudonym), discuss with us if possible. For instance, an influencer can control how much of their real name is shown by using a stage name in profile. We respect user decisions to maintain some privacy (except where legal names needed for payment/tax but those are not displayed to the public).

9.4 Changes to Our Privacy Policy:
 We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by appropriate means – typically by posting the revised policy on this page with a new "Last Updated" date, and by an in-app notification or email for major changes. It's important you review any changes. If you continue to use KKACHII after changes take effect, it means you accept the updated policy. If you do not agree with changes, you should stop using the Platform and may request deletion of your data. Minor changes that do not materially impact privacy (like clarifications) might not be broadly notified but still updated here. We encourage users to periodically review this page for the latest info on our privacy practices.

9.5 Contact Information:
 If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

• By Email: privacy@kkachii.com (for privacy-specific queries) or support@kkachii.com for general inquiries.
  
• By Mail: Rootinger LLC (KKACHII) – Privacy Department, 1301 W. Valencia Dr. Ste 127, Fullerton, CA 92833, USA.
  
• By Phone: If we have a support line, it's listed in the contact page (currently we primarily use email for record).
  

We will address your inquiry promptly and work to resolve any concerns. If you're not satisfied with our response and you’re in a jurisdiction with privacy regulators (like EU), you have the right to lodge a complaint with a supervisory authority.

Thank you for entrusting KKACHII with your information. We are committed to protecting your privacy.