Privacy Policy | Kathara

Overview

Kathara is designed with privacy as a core principle. We believe your data should remain yours.

This privacy policy explains how Kathara operates and what data is processed.

How Your Data is Handled

API Key Management

Kathara does not store user API keys client-side. The Anthropic API key is stored securely on our server as a Vercel environment variable. Users never need to provide or manage their own API keys.

Server-Side API Proxy

When you interact with Kathara, API calls are routed through our server-side proxy (/api/chat) which forwards requests to Anthropic's API. This architecture allows us to enforce rate limiting and manage API authentication securely.

User Context Storage

User context is handled as follows:

Anonymous Users: Context is stored locally in your browser's localStorage for convenience
Registered Users: If you create an account, your context can be synced to our secure server-side database (Upstash Redis/Vercel KV) for persistence across devices

Account System

If you choose to create an account, the following data is stored securely on the server:

Username
Hashed passphrase (never stored in plain text)
Session token for authentication
Optional user context (if synced)

Chat History

Chat history is stored locally in your browser only. We do not store conversation logs on our servers.

Rate Limiting

To prevent abuse, Kathara enforces server-side rate limiting: 20 queries per day per IP address.

No Tracking Cookies

We do not use cookies for tracking or analytics. Kathara operates without collecting behavioral data or user identifiers.

No Personal Data Collection

Kathara does not collect:

Email addresses
Personal names or identifiers (beyond optional username for account creation)
Usage patterns or interaction logs
Device information
Location data
Or any other personal information unrelated to account functionality

Important: By using Anthropic's API through Kathara, your requests are subject to Anthropic's privacy policy and terms of service. Please review Anthropic's documentation for details on how they handle API requests and any data retention policies they may have.

Your Control Over Data

You have complete control over all data stored by Kathara:

All local data is kept in your browser's localStorage — you can clear it anytime
If you have a registered account, you can request deletion of your account and all associated data by contacting us
To clear all Kathara data, simply clear your browser's site data/cookies for kathara.vercel.app

Third-Party Services

Kathara communicates with:

Anthropic's API (api.anthropic.com) — for AI processing and responses
Upstash Redis (Vercel KV) — for optional server-side user account and context storage (only if you create an account)

Kathara itself does not share data with analytics services, advertising networks, or other third parties.

Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be noted with an updated date. Your continued use of Kathara after changes constitutes acceptance of the updated policy.

Questions?

If you have questions about how Kathara handles your data, please reach out:

Contact

poppyandcy@gmail.com

Last updated: February 8, 2026