Privacy
Privacy policy.
We built Kasah so ChatGPT does not receive your real private data. The configured Kasah privacy engine processes originals only to decide what must be protected before the protected version continues to ChatGPT.
- Kasah protects prompts before they reach ChatGPT
- The desktop app manages local vault restoration for reversible fakes
- The privacy engine receives the original prompt only to produce protection operations
- No prompt/content telemetry, no behavioral analytics, no prompt training
- ChatGPT receives the protected prompt with private values replaced or generalized
- The privacy engine processes prompts only to create protected versions; prompts are not used for training or behavioral tracking
- Private-pilot telemetry is metadata-only: setup state, error class, latency, route outcome, file size bucket, and protected item counts
Infrastructure & subprocessors
The Kasah privacy engine is an open-weight model operated by Kasah on zero-data-retention inference infrastructure (currently Groq, Inc.). Prompts are processed in memory for the duration of the request only — they are not stored, logged, or used for training by Kasah or by the infrastructure provider. Kasah's website and API run on Vercel; rate-limit counters are stored in Upstash Redis as hashed metadata only, never prompt content.
Account data
We use Clerk for authentication. No payment information is required for the private pilot. When paid billing launches, payment processing will be handled by Stripe under Stripe's privacy policy.