Privacy & GDPR
How Katura handles data privacy.
Overview
Katura takes data privacy seriously. Here's how we handle customer data and how you can meet your privacy obligations.
GDPR compliance
If you sell to EU customers, GDPR requires you to:
- Inform β tell customers what data you collect and why (privacy policy)
- Consent β get explicit consent for marketing communications
- Access β provide customers their data upon request
- Delete β delete customer data upon request (right to be forgotten)
- Portability β export customer data in a standard format
How Katura protects data
- Encrypted connections β all data transmitted over HTTPS/TLS
- Supabase security β Row Level Security (RLS) on all database tables
- No card data β credit card data never touches Katura servers (Stripe handles it)
- Sentry privacy β configured to scrub personally identifiable information
CCPA compliance
California customers have the right to know what data is collected, request deletion, and opt out of data selling. Katura does not sell customer data to third parties.