Go Totus

Privacy Policy

Last Updated: March 12, 2025

At Kukino Ltd, we value your privacy and are committed to protecting the personal information you share with us through Totus (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service. We aim to satisfy all privacy laws around the world.

Quick Overview

We’re Kukino Ltd, behind Totus—an API service that keeps things simple. We collect only what’s needed (like your email for login), process API data briefly and delete it fast, and never use your info for marketing or sell it. This policy details how we protect your privacy under laws like GDPR, CCPA, and LGPD.

1. Information We Collect

We collect only the personal data necessary to provide and maintain our API service. This includes:

  • Login Data: We collect your email address and generate access tokens to authenticate your use of our API service. This is necessary for contract performance under GDPR and UK GDPR (Article 6(1)(b)), and complies with CCPA and LGPD.
  • Temporary Processing Data: We process data you send via the API (e.g., JSON inputs) solely to deliver the requested result, deleting it within seconds of completion, in line with GDPR, UK GDPR, CCPA, and LGPD data minimization requirements.
  • Optional Contact Details: You may optionally provide additional details, such as your name, alternative email address, phone number, or mailing address, to enable us to contact you if needed (e.g., for account recovery, critical service updates, or billing inquiries).
  • Website Analytics: When you visit our website, we collect minimal analytics data (e.g., IP address, browser type, page visits) using tools like [e.g., Google Analytics with anonymization] to improve our site. We don’t use this to track individuals or share it for marketing, aligning with GDPR, UK GDPR, and CCPA.
  • Usage Data: We automatically collect limited technical data (e.g., IP address, device type, API call frequency) to ensure the Service operates securely and efficiently, based on our legitimate interests (GDPR/UK GDPR Article 6(1)(f)).

These collections adhere to the data minimization principles of the UK GDPR, EU GDPR, CCPA, and LGPD. We do not use your data for marketing, nor do we sell it. We may share data with trusted service providers (e.g., payment processors) only as required to deliver the Service, under strict confidentiality agreements compliant with GDPR and similar laws. Beyond these operations, your information remains confidential and is not disclosed to third parties.

2. How We Use Your Information

We use your information solely to provide and support the Service. This includes:

  • Sending you login links to access your account.
  • Contacting you if necessary (e.g., to resolve account issues, respond to your inquiries, or notify you of service changes).
  • Monitoring and improving the Service’s performance and security (e.g., analyzing usage patterns to prevent abuse).

We do not use your information for marketing, profiling, or any purpose unrelated to delivering the Service.

3. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in these limited cases:

  • Service Providers: We may use trusted third-party providers (e.g., email services, hosting providers) to help us operate the Service. These providers are bound by strict agreements to protect your data and use it only on our behalf.
  • AI Providers: To provide the Service, we may share some data with AI providers for processing. These providers have their own privacy policies, which may apply to the data they receive, and we encourage you to review them.
  • Legal Requirements: We may disclose your information if required by law, such as to comply with a subpoena, court order, or government request.
  • Protection of Rights: We may share information to protect our rights, property, or safety, or that of our users or others (e.g., to investigate fraud or security threats).

4. Data Storage and Security

We store your information securely and retain it only as long as necessary to provide the Service or comply with legal obligations. In most cases, and for nearly all data, we do not store your information at all; instead, we use it transiently to deliver the Service (e.g., processing a login request or API call) and then discard it, except in rare cases where retention is required (e.g., for billing or legal purposes). We use industry-standard measures (e.g., encryption, access controls) to protect your data from unauthorized access, loss, or misuse during its brief use. However, no system is completely secure, and we cannot guarantee absolute security.

5. Your Rights and Choices

You have rights under GDPR, UK GDPR, CCPA, LGPD, and similar laws, including:

  • Access and Update: Review or update your details in account settings.
  • Delete: Delete your account anytime via the Service—we’ll remove your data unless legally required to keep it (e.g., billing records).
  • Other Rights: Depending on your region, you may also request correction, restrict processing, or withdraw consent if we use it later (e.g., for new features).
  • Contact Us: For any data questions or requests, email support@gototus.com.

We will respond to requests within one month (GDPR/UK GDPR) or as required by other laws. Some rights may not apply due to our minimal data use, but we will explain if so.

6. Children’s Privacy

The Service is not intended for individuals under 18, and we do not knowingly collect personal information from children. If a child under 18 uses the Service and submits their data (e.g., through API usage), we will take steps to delete it promptly upon discovery, unless required to retain it by law. If you are a parent or guardian and believe your child has provided us with their information, please contact us immediately so we can remove it.

7. International Users

The Service is operated by Kukino Ltd from Panama, with data processed in secure data centers located in Panama, Europe, the United States, or other regions as needed to deliver the Service. We transfer data internationally only to the extent necessary to provide the Service (e.g., authentication, API processing), based on contract performance (GDPR/UK GDPR Article 6(1)(b)). For transfers outside the UK or EEA, we ensure compliance with GDPR and UK GDPR through safeguards like Standard Contractual Clauses, and we align with other laws such as the CCPA and LGPD where applicable. All transferred data is protected with industry-standard encryption (e.g., TLS) during transit.

8. Changes to This Privacy Policy

We may update this Privacy Policy as needed. We will notify you of significant changes via email or through the Service. Your continued use of the Service after such changes means you accept the updated policy.

9. Additional Information for Specific Regions

California (CCPA): If you’re in California, you have rights under the CCPA to know what data we collect, request deletion, and opt out of sales (we don’t sell data).

Brazil (LGPD): Brazilian users can request confirmation of processing, anonymization, or blocking of data under LGPD.

Global: We comply with GDPR, UK GDPR, CCPA, LGPD, and other applicable data protection laws in your region. Contact us for details specific to your location.

10. Contact Us

If you have questions or concerns about this Privacy Policy or your information, please contact us at:

  • By Email: sA4uA4pA4pA4oA4rA4tA4@A4gA4oA4tA4oA4tA4uA4sA4.A4cA4oA4mA4
  • By the Service Console: via its contact form (preferred method)
  • By Post: Unit 81128, PO Box 7169, Poole, BH15 9EL, United Kingdom