Privacy Policy

1. Who We Are

Klyo ("we", "us", "our") is a LinkedIn content creation and analytics platform accessible at app.tryklyo.com. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use Klyo.

By using Klyo, you agree to the practices described in this policy. If you do not agree, please discontinue use.

2. Data We Collect

2.1 Data You Provide via LinkedIn OAuth

Klyo authenticates exclusively through LinkedIn's official OAuth 2.0 flow. When you connect your LinkedIn account, we receive and store the following data with your explicit consent:

• Full name and profile headline
• Profile photo URL
• LinkedIn member ID (internal identifier)
• Email address associated with your LinkedIn account
• LinkedIn OAuth access token (used to perform actions on your behalf)

2.2 LinkedIn Content & Analytics Data

With your OAuth consent, we access LinkedIn data through LinkedIn's official APIs to provide Klyo's features:

• Posts published through Klyo (content, timestamps, post URNs)
• Post performance analytics: impressions, members reached, reactions, comments, reshares, saves, sends, link clicks, followers gained from content, and profile views driven by content - retrieved via LinkedIn's Member Post Analytics API
• Profile analytics: profile viewer counts, follower counts, and search appearances
• Engagement data on posts in the LinkedIn feed (likes, comments, shares)

All LinkedIn data is accessed solely with your explicit permission via the LinkedIn OAuth consent screen. You can revoke this access at any time through your LinkedIn account settings.

2.3 Data You Enter in Klyo

• Profile preferences: your role, industry, company, tone, and content topics
• Writing samples and voice training content you upload
• Posts you draft, schedule, or publish through Klyo
• Instructions and refinement requests for AI-generated content

2.4 Usage & Technical Data

• Pages visited and features used within the app
• Device type, browser, and operating system
• IP address and approximate geographic location (country level)
• Session timestamps and error logs

3. How We Use Your Data

We use the data we collect solely to provide, maintain, and improve Klyo's services:

• Authenticate your identity and maintain your session
• Generate AI-powered LinkedIn content tailored to your voice and preferences
• Publish, schedule, and manage posts on your LinkedIn profile on your behalf
• Display your post analytics and performance insights within your Klyo dashboard
• Track your posting consistency, engagement trends, and content performance
• Send transactional emails (account confirmation, billing receipts)
• Diagnose technical issues and improve platform stability
• Comply with our obligations under LinkedIn's API Terms of Service

We do not use your data for advertising, profiling for third-party purposes, or any purpose beyond providing Klyo's stated features.

4. LinkedIn API Data - Specific Obligations

Klyo integrates with LinkedIn's official APIs under LinkedIn's API Terms of Service. With respect to LinkedIn data, we commit to the following:

• We only access LinkedIn data that you have explicitly authorised through the LinkedIn OAuth consent screen
• We use LinkedIn data exclusively to provide features within your personal Klyo dashboard - never for advertising, resale, or third-party sharing
• We do not aggregate or combine LinkedIn member data across users to create audience profiles
• We do not scrape LinkedIn pages, use automation bots, or access LinkedIn data through unofficial means
• LinkedIn access tokens are stored securely and never shared with third parties
• You can revoke Klyo's LinkedIn access at any time at linkedin.com/settings → Data Privacy → Permitted Services
• Upon account deletion, all LinkedIn-derived data is permanently removed from our systems within 30 days

5. How We Store and Protect Your Data

Your data is stored on secure cloud infrastructure. We implement the following safeguards:

• All data is encrypted in transit using TLS 1.2+
• Database access is restricted by row-level security policies - each user can only access their own data
• OAuth access tokens are stored encrypted and never exposed in client-side code or logs
• We do not store LinkedIn passwords or credentials of any kind
• Access to production systems is limited to authorised personnel only

While we take reasonable steps to protect your data, no system is completely secure. We will notify you promptly in the event of a data breach affecting your personal information.

6. Data Retention

• Your account data and preferences are retained for as long as your account is active
• Post analytics snapshots are retained for 12 months from the date of collection
• If you delete your account, all personal data is permanently deleted within 30 days
• We may retain anonymised, aggregated data (not linked to any individual) for product analytics indefinitely

7. Third-Party Services

Klyo uses third-party services to operate, including authentication providers, cloud infrastructure, AI inference, and transactional email delivery. We do not sell, rent, or share your personal data with any third party for their own marketing or commercial purposes.

LinkedIn (Microsoft) authentication and API access is governed by LinkedIn's own Privacy Policy.

8. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you
• Correction: request correction of inaccurate or incomplete data
• Deletion: request deletion of your account and all associated personal data
• Portability: request your data in a machine-readable format
• Restriction: request that we restrict processing of your data in certain circumstances
• Objection: object to processing of your data based on legitimate interests
• LinkedIn access revocation: disconnect Klyo from your LinkedIn account at any time via LinkedIn's settings

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. Cookies

Klyo uses a minimal session cookie to maintain your authenticated session. We do not use advertising cookies, tracking pixels, or third-party cookies for analytics or profiling. You can disable cookies in your browser settings, but this will prevent you from logging in to Klyo.

10. Children's Privacy

Klyo is intended for professional use and is not directed at individuals under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us personal data, please contact us and we will delete it immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice within the app at least 14 days before the changes take effect. Continued use of Klyo after the effective date constitutes acceptance of the updated policy.

12. Contact Us

For any privacy-related questions, requests, or concerns, please contact:

Email: [email protected]
Website: tryklyo.com