Skip to main content

Kilo Apps Privacy Hub

Last Updated: May 29, 2026

This notice supplements the Kilo Code Privacy Policy, and it explains how Kilo Code processes your data when you interact with the Kilo App — your companion chat interface for the Kilo Code platform — through the services listed here (the "Kilo Apps" or "Kilo App" for short) while signed in. The Kilo Code Privacy Policy explains how Kilo Code processes your data more generally, including when you use the Services while signed out.

The Kilo Apps are provided by Kilo Code Inc. and/or any of its affiliates. We refer to these companies as "Kilo Code", "we", or "us" below.

What data is collected

Information you provide the Kilo Apps

  • What you say to the Kilo Apps (like the prompts you submit or speak, and the tasks you ask a bot to do for you)
  • What you share with the Kilo Apps (like files, code, screens, photos, imported chats, and page content you share)
  • Transcripts of your interactions with bots in the Kilo App
  • Your feedback
  • Instructions and settings you provide, including secrets and configuration you choose to store
  • Account credentials you use to connect the Kilo App to your existing Kilo account

Information we collect as you use the Kilo Apps

  • Content that the Kilo Apps generate (like text, code, and model responses to your prompts)
  • Information about the steps our technologies take to do tasks for you or respond to your prompts, like model thinking steps
  • Information from the connected services you use with the Kilo Apps (such as the AI provider you select per request)
  • Information about the apps, browsers, and devices you use to access the Kilo Apps (such as identifiers, device type and settings, and operating system)
  • Interaction of your apps, browsers, and devices with the Kilo Apps (such as interaction logs, performance metrics, and crash and debug information)
  • App events and attribution data used to measure app performance and understand which channels bring new users. This information does not include prompt or conversation content.
  • Location information: the general area derived from your device or IP address.
  • Subscription information: if you have a paid Kilo Code subscription, subscription-related information.

How your data flows

The Kilo App is a companion chat interface for the Kilo Code platform. It connects to your existing Kilo account and lets you chat with bots, manage settings, and manage secrets. The Kilo App involves the following data flows:

  • AI providers (via OpenRouter) — Prompts and conversation content are sent to the AI provider you select per request, routed through OpenRouter. This information is used only to generate the response. The specific provider used for each request depends on the model you select, and may include Anthropic, OpenAI, Google, xAI, Mistral, Meta, and other providers listed at https://openrouter.ai/models.
  • Kilo Gateway — Account ID and request metadata are sent to Kilo Gateway, our backend, for authentication, request routing, and billing reconciliation.
  • Sentry — Crash and performance diagnostics are sent to Sentry. This information is anonymous and does not include prompt or conversation content.
  • AppsFlyer (mobile only) — App events and attribution data are sent to AppsFlyer. This information is used to measure app performance and understand which channels bring new users. It does not include prompt or conversation content.

The app shows a consent screen on first launch describing each data flow. No data is shared with third parties until consent is granted. Users can revoke consent at any time in Settings → Privacy & data sharing.

On iOS, the Kilo App uses Apple's App Tracking Transparency framework to request your permission before AppsFlyer accesses your device's advertising identifier (IDFA) for attribution. If you decline, AppsFlyer continues to measure aggregate app performance using non-identifying signals but does not link events to your advertising identifier. You can change this permission at any time in iOS Settings → Privacy & Security → Tracking.

How your data is used

Kilo Code uses this data, as described in our Privacy Policy.

Service providers

Each service provider listed above is contractually required to safeguard personal information they receive from us and to provide protection equivalent to what is described in this policy. They are prohibited from using personal information for any purpose other than performing services for Kilo Code.

  • OpenRouter — Routing layer that forwards your request to the AI provider you select per request, including Anthropic, OpenAI, Google, xAI, Mistral, Meta, and other providers listed at https://openrouter.ai/models. OpenRouter and the downstream providers are bound by data protection terms equivalent to those described in this policy.
  • Anthropic, OpenAI, Google, and other AI providers — Generate AI responses to your prompts. The specific provider used for each request depends on the model you select.
  • AppsFlyer (mobile only) — Mobile attribution and analytics. Does not receive prompt or conversation content.
  • Sentry — Crash reporting and performance monitoring. Does not receive prompt or conversation content.

Data retention and deletion

You can request account deletion by emailing support@kilo.ai. If you use the Kilo App, you can also request account deletion from your profile in the app. Once deletion is confirmed, your Kilo account, prompts, conversation history, and account metadata are removed from Kilo's systems.

Data already shared with third-party AI providers to generate responses is governed by those providers' retention policies, including those linked from the OpenRouter model list and the providers' own privacy documentation. Sentry retention varies by data type and plan; errors, session replays, uptime data, and attachments are generally retained for 30 to 90 days, logs, profiles, crons, application metrics, and most spans are generally retained for 30 days, and some sampled span data may be retained for up to 13 months on Business or Enterprise plans. AppsFlyer user-level raw data retention varies by integration type and partner requirements; raw data is typically available to advertisers during a 90-day access window, and aggregated data is retained for up to 25 months.

Contacting Kilo Code about your privacy

This notice is an addendum to, and should be read together with, the Kilo Code Privacy Policy. Where this notice and the Privacy Policy address the same topic, this notice governs your use of the Kilo Apps.

If you have any questions about this notice or our privacy and security practices, or you wish to exercise your privacy rights, contact us at support@kilo.ai.