Privacy Policy

Last updated: 2026-04-26

KMBoards ("we", "our", the "Service") is operated by Kivi Media. This Privacy Policy explains what information we collect when you use KMBoards, how we use it, how we protect it, and the choices you have.

1. Who we are

KMBoards is a project-management and performance-marketing platform for marketing agencies. Agencies connect their own and their clients' advertising and social accounts to KMBoards to run analyses, manage tasks, and execute approved changes.

2. Information we collect

2.1 Account information

Your name and email address, used for authentication.
Your workspace and board data that you create inside KMBoards.

2.2 Data from connected third-party platforms

When you connect a third-party platform such as Meta (Facebook & Instagram), we store:

An encrypted long-lived access token issued to KMBoards by Meta for the account you connected. Tokens are encrypted at rest using AES-GCM with a key held only on our server.
Metadata about the connected account: app id, ad account ids, page ids, Instagram account ids, granted scopes, token expiry.
Performance and configuration data fetched from Meta to produce the analyses you view inside KMBoards: campaigns, ad sets, ads, insights (reach, impressions, spend, CPM, CPC, CTR, ROAS, frequency, quality rankings), creatives, and audiences. This data is stored against your workspace and is visible only to members of your workspace.

2.3 Audit logs

Every write action initiated from KMBoards against a connected platform is recorded in an audit log: who initiated it, when, what was changed (before / after), and whether it succeeded, failed, or was rolled back. This is part of the Service's safety model.

2.4 Usage and technical data

We log standard web server information (IP address, user agent, timestamps) to debug, prevent abuse, and secure the Service. We do not sell this data.

3. How we use your information

To provide the Service: authenticate you, show your boards, generate analyses from connected platforms, execute the writes you explicitly confirm.
To operate and improve the Service: debug errors, prevent abuse, monitor performance.
To comply with legal obligations and enforce our Terms of Service.

We do not sell your data. We do not use Meta data to train generalized advertising or AI models beyond what is necessary to deliver the Service you requested.

4. Meta platform data — specific commitments

When you connect a Meta Business account to KMBoards, the following rules apply:

Read access is used only to populate analyses and UI surfaces you view inside KMBoards.
Write access (pause / resume, budget changes, duplicating ads, creating new ads with rewritten copy or updated visuals) is used only after a human in your workspace clicks "Confirm" on a preview card that shows exactly what will change.
Every write is logged with before/after state and reason, and is reversible via a Rollback action in your audit log.
We honor disconnect: when you remove KMBoards from your Meta Business Settings or delete the connection inside KMBoards, we stop making any calls on your behalf and begin deletion as described in Section 8.
We do not share Meta data with third parties except processors strictly required to run the Service (see Section 6).

4a. Zoom platform data — specific commitments

When you connect a Zoom account to KMBoards (via the KM Note Taker integration), the following rules apply:

OAuth tokens. We store an encrypted access token and refresh token issued to KMBoards by Zoom for the account you connected. Tokens are encrypted at rest using AES-GCM with a key held only on our server.
Account metadata. Zoom user identifier, account identifier, email address, granted scopes, token expiry.
Meeting metadata. Meeting identifier, UUID, topic, host, start and end times, participant counts. Used to organise and label your meeting records inside KMBoards.
Meeting content (real-time). When you have authorised KM Note Taker to receive a meeting's real-time stream, we receive transcripts and chat events from Zoom's Realtime Media Stream API while the meeting is in progress. We do not retain raw audio or video.
Meeting content (post-call). When a Zoom cloud recording completes, we may fetch the resulting transcript file to produce a post-call report. Audio and video files are not downloaded or stored.
AI processing. Transcripts are processed through Anthropic and OpenAI under contractual terms that prohibit using your content to train their models. Processing produces summaries, live coaching suggestions, and post-call reports visible only to you and authorised members of your KMBoards workspace.
Disconnect. When you remove KMBoards from your Zoom Marketplace authorizations or delete the connection inside KMBoards, we revoke our access tokens, stop receiving any further data, and begin deletion as described in Section 8.
We do not share Zoom data with third parties except processors strictly required to run the Service (see Section 6).

4b. Google platform data — specific commitments

When you connect a Google account to KMBoards, we request access to Google APIs that power specific features inside the product. The data flow, retention, and usage rules below apply.

4b.1 Scopes we request and why

Gmail (read-only) (https://www.googleapis.com/auth/gmail.readonly) — used to surface unread inbox items inside the KMBoards email triage view. We only read message metadata and snippets shown in the triage UI; full message bodies are fetched only when you click into a specific message.
Google Ads (https://www.googleapis.com/auth/adwords) — used to read campaign performance for the agency dashboards and, only on your explicit confirmation, to apply campaign-level changes (pause, resume, budget adjustments).
Google Calendar (read-only) (https://www.googleapis.com/auth/calendar.readonly) — used to display your upcoming events in the KMBoards calendar panel and to detect meeting conflicts.
Google Drive (read-only) (https://www.googleapis.com/auth/drive.readonly) — used to list and read documents you explicitly attach to a board card. We only access files the user picks via the Google Drive file picker; we never enumerate your full Drive.
Google Drive (file scope) (https://www.googleapis.com/auth/drive.file) — used to create new Drive files that KMBoards generates on your behalf (export reports, generated decks). We can only see and modify files KMBoards itself created with this scope.
Google Search Console (read-only) (https://www.googleapis.com/auth/webmasters.readonly) — used to read SEO performance data (queries, clicks, impressions, CTR, position) for properties you own and have connected, to power the SEO dashboards.
Google Site Verification (https://www.googleapis.com/auth/siteverification) — used to verify domain ownership when you add a new property to the SEO module. No site content is read or modified.
Google Photos (read-only) (https://www.googleapis.com/auth/photoslibrary.readonly) — used only when you explicitly pick a photo from your library as a source asset for a creative inside KMBoards. We do not enumerate your full Photos library and we do not read photo metadata beyond what is needed to display the picker thumbnails.
Google Sheets (https://www.googleapis.com/auth/spreadsheets) — used to read and write spreadsheets you explicitly link to a board (for example, importing a lead list into a board, or exporting board data to a sheet you specify).

4b.2 What we store

An encrypted OAuth access token and refresh token issued to KMBoards by Google for the account you connected. Tokens are encrypted at rest using AES-GCM with a key held only on our server.
Account metadata: Google account email address, granted scopes, token expiry, and the resource identifiers (customer IDs, calendar IDs, sheet IDs, property URLs) you explicitly connect.
Cached query results from the read-only scopes (campaign metrics, calendar events, search console rows) used to populate KMBoards dashboards. These are scoped to your workspace and visible only to authorized members of that workspace.

4b.3 What we never do

We do not sell, rent, or share Google user data with third parties beyond the processors strictly required to deliver the Service (see Section 6).
We do not use Google user data for advertising or audience targeting.
We do not use Google user data to train, fine-tune, or evaluate any AI or machine learning model.
We do not write to Gmail. Gmail access is read-only for triage; we never send, draft, or modify messages.
We do not enumerate your full Drive or Photos library. Access is limited to files you explicitly pick via Google's native picker.

4b.4 Disconnect and deletion

You can revoke KMBoards' access to your Google account at any time from myaccount.google.com/permissions, or from the Integrations tab inside KMBoards. When you disconnect, we revoke the stored tokens, stop making any further calls on your behalf, and begin deletion of stored Google data as described in Section 8.

4c. LinkedIn platform data — specific commitments

When you connect a LinkedIn account to KMBoards, we use LinkedIn’s official OAuth APIs (“Sign In with LinkedIn using OpenID Connect” and “Share on LinkedIn”) to enable scheduling content to your LinkedIn feed.

4c.1 Scopes we request and why

openid, profile, email — identify your LinkedIn account so we know which feed to publish to and can display your name + profile picture inside KMBoards.
w_member_social — publish text, image, and video posts to your personal LinkedIn feed at the times you scheduled inside KMBuffer.

We do not read your direct messages, your connections list, or other members’ posts via these scopes. We do not have access to LinkedIn ad accounts, Recruiter, or Sales Navigator.

4c.2 What we store and how it’s protected

OAuth access token + refresh token, encrypted at rest with AES-256-GCM. Tokens are decrypted only inside server-side code paths that publish a post or perform a health check.
Your LinkedIn member URN (e.g. urn:li:person:<id>) so we know where to publish.
The text, hashtags, and any images / videos you authored inside KMBuffer for posts you scheduled to LinkedIn.
The LinkedIn-side post URN we get back after a successful publish, for status mirroring.

4c.3 Retention and deletion

You can revoke KMBoards’ access at any time at linkedin.com/psettings/permitted-services, or by clicking Disconnect inside KMBoards. When you disconnect, we revoke the stored tokens, stop making any further calls on your behalf, and begin deletion of stored LinkedIn data as described in Section 8. We do not share your LinkedIn data with third parties.

5. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies on KMBoards.

6. Processors and sub-processors

We use the following processors to deliver the Service. Each is bound by contract to protect your data:

Supabase — database + authentication hosting (US region).
Vercel — application hosting (Stockholm region).
Hetzner — worker VPS hosting.
Anthropic — large language model provider, used for copy rewrites on creatives you explicitly select and for summarising connected meeting transcripts.
OpenAI — used for transcription and summarisation of connected meeting content where applicable.

7. Data retention

Analysis data and audit logs are retained for the duration of your workspace's active subscription, plus 90 days. After that, we archive and then delete them within 30 days. You can delete specific runs, findings, or action rows from the UI at any time.

8. Deleting your data

You can delete your data at any time by any of these means:

Disconnect Meta inside KMBoards:/settings/integrations/meta → Disconnect. Stops all Meta calls immediately. Associated analyses and tokens are purged within 30 days.
Remove KMBoards from Meta: Facebook → Settings → Business Integrations → KMBoards → Remove. We receive notification from Meta and begin deletion.
Disconnect Zoom inside KMBoards:/sales-coach/integrations → Disconnect. Stops all Zoom calls immediately and revokes our access tokens. Associated transcripts and reports are purged within 30 days.
Remove KM Note Taker from Zoom: zoom.us → My Apps → KM Note Taker → Remove. We receive notification from Zoom and begin deletion.
Disconnect Google inside KMBoards: /settings/integrations/google → Disconnect. Stops all Google API calls immediately and revokes our access tokens. Cached Google data is purged within 30 days.
Revoke KMBoards from your Google Account: myaccount.google.com/permissions → KMBoards → Remove access. Our tokens are invalidated immediately and we begin deletion of stored Google data.
Email us: ziv@kivimedia.co with subject "Data deletion request". See our Data Deletion page.

9. Security

TLS for all traffic in and out of the Service.
Encrypted OAuth tokens at rest (AES-GCM).
Row-level security in our database — users can read only their own workspace's data.
Secrets (API keys, tokens) are never exposed to the browser or to logs.

10. International transfers

KMBoards is operated from Israel with infrastructure in the EU and US. By using the Service you consent to your data being processed in these regions.

11. Children

KMBoards is a B2B tool for marketing agencies. The Service is not directed to children under 16 and we do not knowingly collect data from them.

12. Changes

We may update this policy. Material changes will be announced inside the app and/or by email to workspace owners.

13. Contact

Questions or requests: ziv@kivimedia.co
Kivi Media, Israel.