California Privacy Policy
Last updated: March 1, 2026
This California Privacy Policy describes how Hex42 Ventures LLC (the “Company,” “we,” or “us”) collects and processes personal information about our consumers who reside in California (“consumers” or “you”) in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”). This California Privacy Policy supplements our general Privacy Policy and applies solely to California residents.
This Privacy Policy does not apply to our collection and use of personal information from residents outside of California. Consumers residing in other locations should see our general privacy notice at: https://kyssy.ai/privacy.
Personal Information Collected
“Personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include:
- Publicly available information from government records
- De-identified or aggregated consumer information
- Information excluded from the CCPA’s scope, such as health or medical information covered by HIPAA or the CMIA, clinical trial data, or personal information covered by certain sector-specific privacy laws (e.g., FCRA, GLBA, DPPA)
- Information collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act
Personal Information Categories Chart
The following table describes the categories of personal information we have collected from consumers within the last twelve (12) months.
| Category | Examples | Collected | Retention Period |
|---|---|---|---|
| A. Identifiers | Real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers | YES | Duration of account plus 30 days, or as required by law |
| B. Personal information under Cal. Civ. Code § 1798.80(e) | Name, address, telephone number, credit card number, debit card number, or any other financial information. Some personal information in this category may overlap with other categories | YES | Duration of account plus 30 days, or as required by law |
| C. Protected classification characteristics | Age (40 or older), race, color, ancestry, national origin, citizenship, religion, marital status, medical condition, physical or mental disability, sex, gender identity, gender expression, sexual orientation, veteran or military status, genetic information | NO | N/A |
| D. Commercial information | Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies | YES | Duration of account plus 30 days, or as required by law |
| E. Biometric information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier; fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, sleep, health, or exercise data | NO | N/A |
| F. Internet or network activity | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement | YES | Duration of account plus 30 days, or as required by law |
| G. Geolocation data | Approximate physical location (e.g., city or region derived from IP address) | YES | Duration of account plus 30 days, or as required by law |
| H. Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information | NO | N/A |
| I. Professional or employment-related information | Current or past job history, performance evaluations | NO | N/A |
| J. Non-public education information | Education records directly related to a student maintained by an educational institution or party acting on its behalf (per FERPA) | NO | N/A |
| K. Inferences drawn from other PI | Profile reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes | YES | Duration of account plus 30 days, or as required by law |
| L. Sensitive personal information | See Sensitive Personal Information Categories Chart below | YES | Duration of account plus 30 days, or as required by law |
Sensitive Personal Information Categories Chart
The following table describes the categories of sensitive personal information we have collected from consumers within the last twelve (12) months and whether such information is collected for the purpose of inferring characteristics about a consumer.
| Category | Collected to Infer? | Retention Period |
|---|---|---|
| L.1. Social Security, driver’s license, state ID, or passport number | NO | N/A |
| L.2. Account log-in, financial account, debit card, or credit card number with required security or access code, password, or credentials | NO | N/A |
| L.3. Precise geolocation | NO | N/A |
| L.4. Racial or ethnic origin | NO | N/A |
| L.5. Religious or philosophical beliefs | NO | N/A |
| L.6. Union membership | NO | N/A |
| L.7. Mail, email, or text message contents (unless directed to the Company) | NO | N/A |
| L.8. Genetic data | NO | N/A |
| L.9. Biometric information for unique identification | NO | N/A |
| L.10. Health information | NO | N/A |
| L.11. Sex life or sexual orientation information | NO | N/A |
| L.12. Citizenship or immigration status | NO | N/A |
| L.13. Contents of consumer’s mail, email, and text messages (where Company is not the intended recipient) | NO | N/A |
Sources of Personal Information
We obtain the categories of personal information listed above from the following sources:
- Directly from you. For example, when you create an account, make a purchase, contact us, or otherwise interact with the Service.
- Indirectly from you. For example, from observing your activity on our Service, such as pages visited, features used, and interactions with AI companions.
- From service providers. For example, from payment processors, analytics providers, and hosting providers that assist us in operating the Service.
- From other customers. For example, if another user provides your information in the context of a referral or shared interaction.
- From inferences. We may generate inferences about you based on information we collect, such as your preferences, characteristics, and behavior on the Service.
How We Use Personal Information
Collection, Use, and Disclosure Purposes
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information, such as creating and maintaining your account
- To provide, support, personalize, and develop our Service, products, and features
- To process your requests, purchases, transactions, and payments and prevent transactional fraud
- To provide you with support and to respond to your inquiries, including investigating and addressing your concerns
- To personalize your experience on the Service and deliver content and product offerings relevant to your interests
- To help maintain the safety, security, and integrity of our Service, databases, technology assets, and business
- To detect, prevent, and respond to security incidents, fraud, and other illegal or harmful activity
- For testing, research, analysis, and product development, including to develop and improve our Service
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulation
- As described to you when collecting your personal information or as otherwise set forth in the CCPA
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets
- To send you promotional communications, such as information about features, newsletters, offers, promotions, contests, and events (where permitted by law)
- To create, maintain, customize, and secure your account with us
- To process and deliver contest entries and rewards
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including billing and collections
- For short-term, transient use, including but not limited to non-personalized advertising shown as part of your current interaction with the Service
- For any other purpose with your consent
Sensitive Personal Information Use and Disclosure Purposes
To the extent we collect sensitive personal information, we only use or disclose it for the following Permitted Purposes under the CCPA:
- To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services
- For example, to process and fulfill your account registration and subscription transactions
- To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information
- For example, to detect unauthorized access to your account
- To resist malicious, deceptive, fraudulent, or illegal actions directed at the business, and to prosecute those responsible
- To ensure the physical safety of natural persons
- For short-term, transient use, such as non-personalized advertising
- We do not use sensitive personal information for advertising profiling
- To perform services on behalf of the business, such as customer service, order processing, and payment processing
- Including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, and processing payments
- To verify or maintain the quality and safety of the Service, and to improve, upgrade, or enhance the Service
- For purposes that do not involve inferring characteristics about the consumer
- We do not use sensitive personal information to infer characteristics about consumers
Additional Categories or Other Purposes
If we decide to collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes, we will update this California Privacy Policy and provide you with notice as required by law.
Disclosing, Selling, or Sharing Personal Information
Business Purpose Disclosures
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
| Category of Recipients | PI Categories Disclosed | Sensitive PI Disclosed | Business Purpose |
|---|---|---|---|
| Cloud hosting and infrastructure providers | A, B, D, F, G, K | None | Hosting, storage, and delivery of the Service |
| Payment processors | A, B, D | None | Processing payments and preventing fraud |
| Analytics and monitoring providers | A, F, G, K | None | Understanding usage patterns, improving the Service, and ensuring performance |
| Customer support tools | A, B, D, F | None | Providing customer support and resolving issues |
| AI model and content providers | A, F, K | None | Generating AI companion responses and operating core Service features |
| Legal and regulatory authorities | A, B, D, F, G, K | As required by law | Compliance with legal obligations, responding to lawful requests, and protecting our rights |
Selling or Sharing
We do not sell your personal information to third parties. We do not share your personal information with third parties for cross-context behavioral advertising purposes. In the preceding twelve (12) months, we have not sold or shared personal information of consumers, including personal information of consumers under 16 years of age.
Your Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. The following describes your rights and explains how to exercise those rights.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you
- The categories of sources for the personal information we collected about you
- Our business or commercial purpose for collecting or selling that personal information
- The categories of third parties with whom we share that personal information
- The specific pieces of personal information we collected about you (a data portability request)
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: sales (identifying the PI categories each recipient purchased) and disclosures for a business purpose (identifying the PI categories each recipient obtained)
Right to Delete and Right to Correct
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service providers to comply with legal obligations, exercise legal claims, or for other purposes permitted by the CCPA.
You also have the right to request that we correct inaccurate personal information that we maintain about you, subject to certain exceptions.
Right to Limit Sensitive Personal Information
You have the right to limit our use and disclosure of your sensitive personal information to only those uses that are necessary to perform the services or provide the goods reasonably expected by an average consumer, or as otherwise permitted by the CCPA. As described above, we only use sensitive personal information for Permitted Purposes under the CCPA.
Personal Information Sales and Sharing Opt-Out and Opt-In
We do not sell or share your personal information. Therefore, we do not offer an opt-out mechanism for sales or sharing. If our practices change in the future, we will update this California Privacy Policy and provide a “Do Not Sell or Share My Personal Information” link on our homepage.
Right to Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
- Provide you a different level or quality of goods or services
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services
How to Exercise Your Rights
To exercise the rights described above, please submit a verifiable consumer request to us by emailing [email protected]. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a twelve (12)-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information (or an authorized representative) and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Verification Process and Authorized Agents
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password-protected account sufficiently verified when the request relates to personal information associated with that account.
If you use an authorized agent to submit a request, we may require that you: (a) provide the authorized agent written permission to do so, and (b) verify your own identity directly with us. These requirements do not apply if you have provided the authorized agent with a power of attorney pursuant to California Probate Code sections 4000–4465.
Responding to Your Requests
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to an additional 45 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will cover only the twelve (12)-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
How We Protect Your Personal Data
We implement reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit and at rest, access controls, regular security assessments, and employee training. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.
Privacy Policy Changes
We reserve the right to amend this California Privacy Policy at our discretion and at any time. When we make material changes to this California Privacy Policy, we will post the updated California Privacy Policy on our website and update the “Last Updated” date. Your continued use of the Service after such changes constitutes your acceptance of the updated policy.
Contact Information
If you have any questions or comments about this California Privacy Policy, the ways in which Hex42 Ventures LLC collects and uses your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please contact us at:
- Email: [email protected]
- Accessibility: If you need this policy in an alternative format due to a disability, please contact us at [email protected]