Kilo Gateway
GDPR Compliance
Data Handling
Kilo's privacy policy states the services are hosted in the United States and personal information is stored and processed on servers in the United States. No EU-only processing option was found in the provider's primary-source documentation reviewed.
Kilo says it retains information for as long as the account is active or as needed to provide services, comply with legal obligations, resolve disputes, preserve legal rights, or enforce agreements. It also says limited personal information may be retained indefinitely for open-source community integrity and nonrepudiation.
The Terms state customer data is licensed to Kilo to provide and improve the service and Kilo's other products and services, including development, diagnostic, and corrective purposes, and that AI model providers may use customer data under their own terms. The Terms also say if a customer does not grant an AI model a training license, some AI models may be unavailable.
Certifications & EU AI Act
No certifications disclosed.
Verification
Kilo publicly provides a privacy policy and states services are hosted in the United States, with SCC-based safeguards for transfers from the EEA/UK/Switzerland. No public DPA/AVV, EU-only residency option, or public security certification evidence was found in the primary sources reviewed. The Terms also permit Kilo to use customer data to provide and improve its services, so GDPR-sensitive customers should clarify DPA terms and model-provider data-use settings before adoption.