Privacy Policy for Kinaia Office Add-ins
Last Updated: May 18, 2026
This Privacy Policy describes how Kinaia (“we,” “us,” or “our”) collects, uses, stores, and shares information when you use our Microsoft Office Add-ins — Kinaia for Word, Kinaia for Excel, and Kinaia for PowerPoint (collectively, the “Add-ins”). This policy also explains your choices and rights regarding your information.
By installing or using the Add-ins, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Add-ins.
1. Overview
Kinaia is an AI-powered assistant that runs inside Microsoft Office applications. A core design principle of Kinaia is data minimization: your document content and API credentials are processed and stored locally on your device. We do not operate central servers that process your documents or conversations.
However, to function, the Add-ins do transmit certain data to third-party AI service providers that you configure. This policy transparently describes all data practices.
2. Information We Collect
2.1 Information You Provide Directly
| Data | Purpose | Stored Where |
|---|---|---|
| AI provider API keys and credentials | To authenticate with your chosen AI service provider | Locally on your device (browser localStorage) |
| AI provider OAuth tokens | For providers that support OAuth login (e.g., Anthropic, OpenAI) | Locally on your device (browser localStorage) |
| Web search API keys | To use web search/fetch features with providers like Brave or Serper | Locally on your device (browser localStorage) |
| Casdoor login credentials | If your organization uses Casdoor authentication | Sent to your organization’s Casdoor server; password is never stored locally |
| Microsoft account credentials | If your organization uses Microsoft sign-in | Handled entirely by Microsoft’s MSAL library; we never see or store your password |
2.2 Information Collected Automatically During Use
| Data | Purpose | Stored Where |
|---|---|---|
| Chat conversation history | To maintain context within a session and allow you to review past conversations | Locally on your device (IndexedDB) |
| Document metadata | Sheet names, range references, and document structure are included in AI prompts for context | Sent to your configured AI provider as part of the conversation; stored locally in IndexedDB |
| Uploaded files | Files you attach to conversations for the AI to reference | Locally on your device (IndexedDB) |
| User preferences | Theme, font size, provider configuration, and other settings | Locally on your device (browser localStorage) |
| Onboarding responses | How you discovered the add-in, your role, and specialty | Locally on your device (browser localStorage) |
| Per-document identifiers | A randomly generated UUID linking an Office document to its chat session | In the Office document’s settings and in local IndexedDB |
2.3 Information We Do NOT Collect
We do not collect:
- Your document content on our servers
- Your AI provider API keys on our servers (unless you explicitly enable server-side settings sync via Casdoor authentication)
- Telemetry, analytics, or tracking data
- Crash reports (unless you enable the local Bridge debugging tool)
- Your precise geographic location
- Device identifiers for advertising purposes
3. How Your Information Is Used
3.1 Local Processing
Most data processing happens entirely on your device:
- Chat sessions are stored in your browser’s IndexedDB and never leave your device unless you transmit them as part of an AI conversation.
- API keys and credentials are stored in your browser’s localStorage and are only sent to the respective service provider for authentication.
- Settings and preferences are stored locally and used to personalize your experience.
3.2 Data Sent to Third-Party AI Providers
When you send a message through the Add-ins, the following information is transmitted to your chosen AI service provider (e.g., OpenAI, Anthropic, Google):
- Your message and the full conversation history for the current session
- Document context — metadata such as sheet names, range references, and structural information about the active document, injected as contextual XML
- Uploaded file paths and content — files you attach to the conversation
- System instructions — prompts that guide the AI’s behavior within the Add-in
- Your API key — for authentication with the provider
Important: We do not intercept, read, log, or store the data exchanged between you and your AI provider. All communication happens directly from your device to the AI provider’s API endpoint. The AI provider’s own privacy policy applies to the data they receive.
3.3 Web Search and Fetch
If you use the web search or fetch features, your search queries may be sent to:
- DuckDuckGo (default, no API key required)
- Brave Search (requires your API key)
- Serper / Google (requires your API key)
- Exa (requires your API key)
Each provider’s privacy policy governs the data they collect. We recommend reviewing their policies when configuring these services.
3.4 Authentication Services
If your organization configures authentication:
- Casdoor: Your username and password are sent directly to your organization’s Casdoor server. We receive only an access token and your profile information (name, display name, email, avatar). Your password is never stored on your device.
- Microsoft: Sign-in is handled entirely by Microsoft’s MSAL library using a popup or Office Dialog. We receive only an access token and basic profile information (name, email). Your password is never accessible to the Add-ins.
4. Data Storage and Security
4.1 Local Storage
Your data is stored locally in the following browser storage mechanisms:
| Storage | Data | Encryption |
|---|---|---|
| localStorage | API keys, OAuth tokens, settings, preferences, authentication state | Protected by your browser’s same-origin policy |
| IndexedDB | Chat sessions, uploaded files, skill packages | Protected by your browser’s same-origin policy |
| sessionStorage | Temporary Microsoft authentication cache | Cleared when you close the browser tab |
| Office Document Settings | Per-document session identifier | Managed by the Office host application |
4.2 Security Measures
- All communication with AI providers and authentication services uses HTTPS encryption (TLS).
- API keys and tokens are stored in your browser’s localStorage, which is protected by the browser’s same-origin policy — other websites and add-ins cannot access this data.
- The Add-ins do not include any third-party analytics, advertising, or tracking SDKs.
- If you configure a CORS proxy, your AI provider requests are routed through that proxy. The security of that proxy is your responsibility.
4.3 Limitations
While we take reasonable measures to protect your data, no method of electronic storage is 100% secure. API keys stored in localStorage are stored in plaintext and could potentially be accessed by malicious browser extensions or compromised browser environments. We recommend using provider-specific API keys with minimal permissions and spending limits.
5. Data Sharing
We do not sell, rent, trade, or otherwise share your personal information with third parties for marketing or advertising purposes.
Your data may be shared only in the following circumstances:
5.1 AI Service Providers (Chosen by You)
Data is transmitted to AI providers only when you configure an API key or OAuth connection and send a message. The provider you choose controls how they process and retain your data. We encourage you to review their privacy policies:
5.2 Authentication Providers (Configured by Your Organization)
If your organization enables Casdoor or Microsoft authentication, your login credentials and basic profile information are shared with the respective authentication provider as described in Section 3.4.
5.3 Server-Side Settings Sync (Optional)
If you authenticate via Casdoor, your settings (including API keys) may be synced to a server-side key-value store hosted by your organization. This is an optional feature controlled by your organization’s administrator.
5.4 Legal Requirements
We may disclose information if required by law, regulation, legal process, or governmental request.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Chat sessions (IndexedDB) | Until you delete the session or clear browser data |
| API keys and settings (localStorage) | Until you clear browser data or uninstall the Add-in |
| Authentication tokens | Until you log out or tokens expire |
| Uploaded files (IndexedDB) | Until you delete the session or clear browser data |
| Onboarding responses (localStorage) | Until you clear browser data or uninstall the Add-in |
You can delete all locally stored data at any time by clearing your browser’s site data for the domain where the Add-in is hosted, or by using the settings panel within the Add-in to reset your configuration.
7. Your Rights and Choices
7.1 Data Control
You have full control over your data:
- Delete chat sessions: Use the session management interface within the Add-in to delete individual sessions.
- Clear settings: Use the settings panel to reset your configuration, which removes stored API keys and preferences.
- Clear all data: Clear your browser’s site data for the Add-in’s domain to remove everything (localStorage, IndexedDB, sessionStorage).
- Revoke AI provider access: Delete or regenerate your API keys in your AI provider’s dashboard at any time.
7.2 Opt-Out of Features
- Web search/fetch: These features are only active when you have configured an API key. Simply do not configure a search provider to opt out.
- Bridge debugging tool: This local development tool is disabled by default and only activates when explicitly enabled. It is intended for development use only.
7.3 Third-Party Provider Rights
To exercise data rights (access, deletion, correction) regarding data held by AI providers, you must contact those providers directly. We have no access to the data they process on your behalf.
8. Children’s Privacy
The Add-ins are not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you are under 16, please do not use the Add-ins.
9. International Users
The Add-ins are hosted on servers that may be located outside your country of residence. By using the Add-ins, you consent to the transfer of data to your chosen AI providers, which may process data in jurisdictions with different data protection laws. We encourage you to review the privacy policies of your chosen providers.
10. Microsoft API Compliance
The Add-ins comply with the Microsoft AppSource and Office Store validation policies:
- We access only the Microsoft Graph and Office.js APIs required for the Add-in’s core functionality.
- We do not access, collect, or transmit Microsoft account credentials.
- We do not access data from other Office Add-ins or extensions.
- We follow the principle of least privilege for all API permissions.
Permissions Used
| Permission | Purpose |
|---|---|
| ReadWriteDocument | To read and modify document content (text, tables, slides, ranges) as directed by the user through AI commands |
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the “Last Updated” date at the top of this page
- Posting the revised version at kinaia.app/privacy
Your continued use of the Add-ins after any changes constitutes your acceptance of the updated Privacy Policy.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
Kinaia
Website: kinaia.app
Support: kinaia.app/support
We will respond to verified requests within 30 days.