really blurred abstract wave

Privacy Policy

Effective date: 14th of November, 2025

At First Batch, Inc. ("FirstBatch"), we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use, and share your information as described in this Privacy Policy.

Remember that your use of FirstBatch's Services is at all times subject to our Terms of Service. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Service.

What this Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

For clarity, “Services” includes Kai, an AI-based codebase analysis and evolutionary coding tool integrated with GitHub and VS Code, developed and operated by FirstBatch, Inc.

Personal Data

Categories of Personal Data We Collect

Kai may collect the following categories of Personal Data, strictly limited to what is necessary to provide the Service:

Profile or Contact Data

Examples of Personal Data We Collect

  • Name (if provided during account creation or support communication)

  • Email address (used for authentication, support, or GitHub account connection)

  • GitHub username and GitHub User ID

  • Organization affiliation information (if using GitHub organizations)

Device / Technical Data

Examples of Personal Data We Collect

  • IP address

  • Operating system and device type

  • Browser or VS Code version

  • Extension version and diagnostic IDs

  • Log data related to usage (timestamps, performance metrics, error logs)

Repository & Code Data (may contain Personal Data)

Examples of Personal Data We Collect

  • Repository names and metadata provided through GitHub App permissions

  • File paths, commit metadata, pull request metadata

  • Code snippets and files selected by the user for analysis

  • Temporary copies of code required to provide analysis outputs

  • Commit messages or PR comments, which may contain Personal Data

Usage & Interaction Data

Examples of Personal Data We Collect

  • Log data relating to when and how features in the Service are used

  • Execution metrics (e.g., “analysis initiated”, “analysis completed”, error codes)

  • Information about integrations (e.g., GitHub installation status, VS Code activation events)

Support and Communication Data

Examples of Personal Data We Collect

  • Information voluntarily provided via email, support requests, or feedback messages

  • Diagnostic files or screenshots shared by the user

  • Metadata associated with communications

Special Note on Code and Repository Data

Customer code, repository metadata, and commit information may incidentally include personal data such as names, email addresses, or comments.

Kai processes this data solely for the purpose of providing the Service and does not store or reuse it for model training, product development, or any secondary purpose.

Temporary processing occurs only for:

  • generating analysis and code evolution outputs,

  • performing requested tasks within VS Code or GitHub, and

  • ensuring the security and integrity of the Service.

Categories of Sources of Personal Data

We collect Personal Data about you from the following categories of sources:

  • When you provide information directly to us (such as when creating an account, contacting support, or submitting feedback).

  • When you voluntarily provide code, repository selections, or commands through the Service, including through the VS Code extension.

  • When you connect your GitHub account and authorize Kai to access certain repositories or metadata.

  • When you provide information through free-form text boxes, uploaded files, or via email.

  • When you use the Service, and such information is collected automatically through logs, diagnostics, and technical telemetry.

  • When you authorize our GitHub App to access repository metadata, code content, commit data, pull requests, or organizational information that you permit via GitHub’s permission model.

  • When GitHub provides identity-related information such as username, user ID, or email (where permitted by GitHub and your account settings).

  • When your Organization’s GitHub administrators grant access on your behalf.

  • Through Cookies or similar technologies when using the website (if applicable).

  • Through the VS Code extension, which collects limited diagnostic and technical information necessary to operate the Service.

  • Through server logs, including IP address, browser or device information, timestamps, and performance data.

  • From analytics providers, hosting providers, and error-tracking services that help us understand usage patterns or diagnose technical issues.

When you use Kai, we automatically collect certain technical information that helps us operate and secure the Service. This includes device and environment data such as your operating system, browser or editor version (for example, the Kai VS Code extension version), basic system configuration, and limited usage logs indicating how the Service performs. We may also collect anonymized event data—such as feature usage patterns or error diagnostics—to maintain stability and improve functionality. These logs do not include your code content and are retained only for short periods (generally 7–30 days). Additional information related to cookies or similar technologies, where applicable on our website or dashboard, is described in the Cookie section below.

Our Commercial or Business Purposes for Collecting Personal Data

We use the Personal Data we collect for the following commercial or business purposes:

Providing, Customizing, and Improving the Service

  • Operating, maintaining, and supporting Kai’s code analysis and evolutionary coding features.

  • Connecting to and interacting with your GitHub account and repositories as authorized.

  • Enabling the Kai VS Code extension to run analysis tasks, provide outputs, and perform requested actions.

  • Processing your commands, running analyses on selected code, and generating results.

  • Improving the accuracy, stability, and performance of the Service, including internal testing, debugging, and diagnostics.

  • Personalizing certain features or settings based on your interactions with the Service.

Managing Your Account and Pilot Projects

  • Creating and managing your user account.

  • Conducting pilot evaluations, including processing repository data and generating deliverables.

  • Communicating with you regarding pilot results, feedback cycles, and next steps.

  • Providing you with information or content you request.

Security, Fraud Prevention, and Service Integrity

  • Protecting the security and availability of the Service.

  • Detecting, preventing, and responding to security incidents.

  • Monitoring system performance and preventing abuse of the Service.

  • Ensuring repository access is authorized and used as intended.

Corresponding With You

  • Responding to support inquiries, feedback, and requests.

  • Sending administrative messages such as updates, notices, or changes to the Service.

  • Contacting you when necessary during a pilot project or when troubleshooting.

Marketing (Minimal and Optional)

  • Providing information about Kai or pilot opportunities, only according to your communication preferences.

  • Notifying you about new features, improvements, or relevant product updates.

Meeting Legal Requirements and Enforcing Legal Terms

  • Complying with applicable laws, regulations, and legal processes.

  • Protecting our rights, property, and the safety of users or third parties.

  • Enforcing our agreements and resolving disputes.

Service Improvement and Research (Non-Training Use Only)

  • Performing internal analytics to understand usage patterns and improve the Service.

  • Enhancing system reliability and reducing error rates.

  • Maintaining aggregated or anonymized statistics for product development purposes.

How We Share Your Personal Data

We share Personal Data only in limited circumstances and always in a manner consistent with this Privacy Policy. Kai operates on a minimal-data model, and we do not sell, rent, or otherwise monetize Personal Data.

We may disclose Personal Data to carefully selected service providers who help us operate Kai, including cloud hosting providers, authentication and security vendors, analytics services that process only aggregated or de-identified information, and customer-support tools used solely if you choose to contact us. These service providers act strictly on our behalf, under written instructions, and are prohibited from using Personal Data for independent purposes such as training machine-learning models.

Depending on your configuration, Kai may interact with third-party inference providers (for example, LLM or model-hosting APIs). In such cases, we share only the minimum data required to generate an output, and these providers are contractually restricted from retaining, training on, or repurposing such data. If you authorize integrations such as the Kai GitHub App or the Kai VS Code extension, the Personal Data shared with those platforms is limited to the exact permissions you grant. Kai does not expand, alter, or bypass those permissions; it simply operates within the scope you approve.

We may also disclose Personal Data when required to comply with applicable law, legal process, or governmental requests, or when necessary to detect, prevent, or address security incidents or protect the rights, property, or safety of Kai, our users, or the public. When legally allowed, we will attempt to notify you before making such disclosures. In the context of a merger, acquisition, or similar transaction involving FirstBatch, Personal Data may be transferred to the successor entity, but the data will remain subject to the protections set out in this Privacy Policy.

Finally, we may create and share aggregated or de-identified information that cannot be used to identify you or your code. This may include generalized usage statistics, performance metrics, or product-level insights that help us understand how Kai functions across different environments. Such information does not reveal individual users or any customer-specific code or identifiers.

Data Security and Retention

We use industry-standard technical and organizational measures to protect your Personal Data from unauthorized access, loss, misuse, or disclosure. These safeguards include encrypted communications, secure credential storage, short-lived authentication tokens, and restricted internal access on a need-to-know basis. For users of our developer tools, such as the Kai VS Code extension or GitHub App, we rely on the security controls provided by those platforms, and we do not store your code content or repository data on our systems.

Although we take reasonable steps to safeguard information processed through our Service, no method of data transmission or storage can be guaranteed to be completely secure.

We retain Personal Data only for as long as necessary to operate the Service, fulfill the purposes described in this Privacy Policy, or comply with applicable legal obligations. Operational event logs and diagnostic information are retained for short periods (generally 7–30 days) to maintain the stability and security of the Service, after which they are automatically deleted. We may retain information in aggregated or anonymized form for product improvement, provided that it cannot be used to identify you or your code.

Tracking Tools and Opt-Out

Our website and dashboard (if used) may rely on a limited set of essential Cookies to operate and maintain basic functionality, such as ensuring secure access or remembering your session settings. These Cookies are strictly necessary for the Service to function and cannot be disabled through general browser tools.

We do not use advertising Cookies or cross-site tracking technologies. Analytics Cookies are used only if you access areas of our Service where basic usage analytics are enabled, and these analytics do not include your code content or any information processed through Kai’s code-analysis workflows.

In addition, our VS Code extension may collect optional, anonymized telemetry to help us understand performance issues and improve stability. This telemetry can be disabled at any time through your editor or system settings. The extension does not collect your code, file content, repository data, or any identifiers that link your usage to your codebase.

You can manage or delete Cookies through your browser settings. Disabling Cookies may affect certain website features, but it will not affect the functionality of the Kai extension or GitHub App.

Personal Data of Children

Our Service is not directed to individuals under the age of 18, and we do not knowingly collect Personal Data from anyone under that age. If you believe that a person under 18 has provided Personal Data to us through the Service, please contact us, and we will take reasonable steps to delete that information from our systems.

Transfers of Personal Data

FirstBatch is based in the United States, and the infrastructure supporting Kai may be operated from the U.S. or other countries where our service providers are located. As a result, your Personal Data may be transferred to and processed in jurisdictions that may have data protection laws different from those in your country of residence.

Whenever we transfer Personal Data internationally, we do so in accordance with applicable data protection laws. For individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), such transfers are carried out using lawful transfer mechanisms, which may include the European Commission’s Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or other appropriate safeguards permitted under GDPR and the UK GDPR.

We transfer only the minimum Personal Data necessary to operate the Service, and we implement technical and organizational measures designed to ensure your data remains protected regardless of where it is processed.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services or applicable laws. When we make material updates, we will post the revised version on our website and indicate the date of the latest revision. In some cases, we may also provide additional notice (such as within the Kai extension or GitHub App interface) where appropriate.

Your continued use of the Service after a revised Privacy Policy is posted means that you accept the updated terms. The use of Personal Data we collect is governed by the Privacy Policy in effect at the time such information is collected.

Contact Information

If you have questions about this Privacy Policy or would like to exercise any privacy rights available to you under applicable laws (including GDPR, UK GDPR, CCPA/CPRA, or other data protection regulations), you may contact us at:

Email: legal@dria.co Address: 16192 Coastal Hwy Lewes, Delaware 19958

Copyright © 2026 DRIA. All Rights Reserved.
PrivacyTerms
Follow Kai:
GitHubX