KAVIM
ResearchIndexCoverageCompliancePricingTerminal →
Legal

Privacy Policy

Last updated: May 2026. This policy applies to kavim.io and all Kavim services.

1. Who we are

Kavim is an institutional art market intelligence platform. We provide quantitative signal and analytical tools to advisors, family offices, and institutional collectors. Our registered address and data controller details are available on request at [email protected].

2. What data we collect

We collect the following categories of personal data:

  • Account data: name, email address, organization — provided when you create an account or start an Advisor trial.
  • Usage data: pages visited, features used, session duration — collected via analytics (Manus Analytics, Google Analytics).
  • Payment data: billing information is processed by Stripe and never stored on our servers.
  • Communication data: emails you send us, including trial-related correspondence.

3. How we use your data

  • To provide and improve the Kavim platform and services.
  • To process trial activations and communicate with subscribers.
  • To send service-related communications (account updates, billing).
  • To analyze usage patterns and improve product quality.
  • To comply with legal obligations.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal basis (GDPR)

We process your data under the following legal bases:

  • Contract performance: account creation, subscription management.
  • Legitimate interests: product analytics, security monitoring.
  • Legal obligation: tax records, compliance requirements.
  • Consent: marketing communications (opt-in only).

5. Data retention

Account data is retained for the duration of your subscription plus 3 years. Usage logs are retained for 12 months. You may request deletion at any time by contacting [email protected].

6. Data hosting and transfers

Kavim is hosted on EU-based infrastructure. We do not transfer personal data outside the European Economic Area without appropriate safeguards. Our subprocessors include Stripe (payments, US — Standard Contractual Clauses apply) and Google Analytics (analytics, US — SCCs apply).

7. Your rights

Under GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Request erasure ("right to be forgotten").
  • Restrict or object to processing.
  • Data portability.
  • Lodge a complaint with your national supervisory authority.

To exercise any of these rights, contact [email protected]. We respond within 30 days.

8. Cookies

We use strictly necessary cookies for authentication and session management. Analytics cookies are used with your consent. You may manage cookie preferences through your browser settings.

9. Data Processing Agreement

Institutional clients requiring a Data Processing Agreement (DPA) may request one at [email protected].

10. Changes to this policy

We may update this policy periodically. Material changes will be communicated by email to registered users. The date at the top of this page reflects the most recent revision.

11. Contact

For all privacy-related inquiries: [email protected]