On this page
Data Privacy
Data Privacy
How Karolina handles and protects your data.
| Data Type |
Examples |
| Account Data |
Company info, contacts, MRR |
| Activity Data |
Emails, meetings, support tickets |
| Usage Data |
Product interactions, feature usage |
| Communication |
Email content, chat messages |
| Use |
Purpose |
| Service delivery |
Provide our services |
| Improvements |
Product development |
| Analytics |
Usage insights |
| Security |
Fraud prevention |
| Region |
Location |
| US |
AWS us-east-1 |
| EU |
AWS eu-west-1 |
| Layer |
Standard |
| In transit |
TLS 1.3 |
| At rest |
AES-256 |
| Backups |
AES-256 |
| Data Type |
Retention Period |
| Account data |
While active |
| Activity logs |
2 years |
| Audit logs |
7 years |
| Deleted accounts |
30 days |
| Role |
Access Level |
| Your users |
Your organization data only |
| Karolina engineers |
System access, limited, logged |
| Third parties |
None without consent |
| Control |
Description |
| Authentication |
SSO, MFA required |
| Authorization |
Role-based permissions |
| Audit logging |
All access logged |
| Encryption |
Data encrypted |
Export your data:
- Go to Settings → Organization
- Click Export Data
- Select format and data
- Download
Request data deletion:
- Contact [email protected]
- Verify ownership
- Data deleted within 30 days
Delete your account:
- Go to Settings → Profile
- Click Delete Account
- Confirm action
- Account and data deleted
| Certification |
Status |
| SOC 2 Type II |
✓ |
| GDPR |
✓ |
| CCPA |
✓ |
Your rights under GDPR:
| Right |
Description |
| Access |
View your data |
| Rectification |
Correct errors |
| Erasure |
Delete your data |
| Restriction |
Limit processing |
| Portability |
Export your data |
| Objection |
Stop processing |
| Practice |
Description |
| Background checks |
Required for all |
| Security training |
Annual mandatory |
| Access reviews |
Quarterly |
| Least privilege |
Minimum needed |
| Measure |
Description |
| Firewalls |
Network segmentation |
| DDoS protection |
CloudFlare |
| Vulnerability scans |
Weekly automated |
| Penetration testing |
Annual |
| Incident response |
24/7 on-call |
Third-party services we use:
| Processor |
Purpose |
Data Shared |
| AWS |
Cloud hosting |
All |
| Stripe |
Payments |
Billing only |
| SendGrid |
Email |
Transactional |
| Slack |
Notifications |
Alerts only |
Privacy questions:
We update this policy periodically. Last updated: March 2024.
Last updated on July 14, 2026
Was this page helpful?
Thanks for your feedback!