Kasero

Kasero · Legal

Privacy Policy

Effective date: 23rd May 2026

1. Introduction & Purpose of This Policy

Welcome to Kasero. This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you interact with our platform — whether you're browsing our site, creating an account, listing your home, or planning your next exchange.

Kasero LLC (“Kasero”, “we”, “us”, or “our”) is a Delaware limited liability company that operates a private, educator-only, non-commercial home-swapping platform at www.kasero.co. Our mission is to make global travel more accessible and meaningful for teachers by enabling home exchanges grounded in trust and community — not profit.

We take privacy seriously. This document sets out our data practices in clear and accessible language. We are committed to complying with global data protection laws, including:

  • The General Data Protection Regulation (EU) 2016/679 (“GDPR”)
  • The California Consumer Privacy Act and California Privacy Rights Act (“CCPA/CPRA”)
  • Singapore's Personal Data Protection Act 2012 (“PDPA SG”)
  • Malaysia's Personal Data Protection Act 2010 (“PDPA MY”)
  • Any other applicable national, regional, or local data protection laws that may govern your use of the Kasero platform based on your country of residence or activity

This Policy is intended to be transparent, fair, and comprehensive. It applies to all users globally, regardless of location, and is integrated into our Terms of Use.

If you have questions, reach us at: privacy@kasero.co

2. Who We Are

Kasero LLC is a U.S.-registered limited liability company, headquartered in the State of Delaware. We build and maintain the Kasero platform to serve a global community of verified educators who voluntarily exchange their homes for travel purposes.

Our role under global privacy law is that of a “data controller” (or equivalent) — meaning we determine the purposes and means of processing your personal data.

Contact Details
Kasero LLC – Privacy Team
16192 Coastal Highway
Lewes, Delaware 19958
Email: privacy@kasero.co

For legal matters, please write to: legal@kasero.co

3. Age Limitations

Kasero is strictly intended for individuals aged 18 years and older. We do not knowingly collect, store, or process personal data from children or minors under any circumstances.

  • If we learn that a user under 18 has created an account or submitted personal data, we will promptly delete that information and may suspend access to the platform.
  • This restriction is in compliance with global child data protection laws, including the U.S. Children's Online Privacy Protection Act (COPPA).

If you believe a minor has used our platform, please contact us immediately at: privacy@kasero.co

4. What This Policy Covers

This Privacy Policy governs how Kasero handles personal information collected through:

  • The Kasero platform (www.kasero.co), including associated domains and subdomains
  • Any mobile or tablet versions of the platform (if launched)
  • In-platform features, such as listing creation, booking, messaging, and verification
  • Our email communications, newsletters, and support interactions

This Policy does not apply to:

  • Third-party websites or services you may access through Kasero (e.g., analytics providers, payment processors if and when offered, or external services you visit via outbound links)
  • Social media platforms you use independently of Kasero
  • Independent communications or agreements between users

We encourage you to review the privacy policies of any third-party services you use in connection with Kasero.

5. What Personal Data We Collect

We collect personal data in three ways: directly from you, automatically, and from third parties. The scope of data depends on how you use the platform.

A. Data You Provide Directly

When you use Kasero, you may provide the following:

  • Contact Information: Name, school email address, recovery email address, and password
  • Educator Verification Data: School email, school name, and (optionally) a LinkedIn profile URL. We may request additional verification materials on a case-by-case basis where automated verification is not possible.
  • Profile Information: Bio, profile photo, location, current school, and any optional profile fields you choose to complete
  • Listings: Property address (generalized), photos, availability, house rules, amenities
  • Booking Data: Travel dates, listing selections, and any messages or notes you provide as part of your booking request
  • Messages: Content of conversations with other users via our platform
  • Support Requests: Information you submit through customer support channels

B. Data We Collect Automatically

When you visit or use Kasero, we may automatically collect:

  • Device & Browser Data: IP address, device type, browser, operating system
  • Usage Logs: Clickstream data, page views, access times, referring URLs
  • Location Data: Approximated from IP address (we do not use GPS or precise geolocation)
  • Cookies & Tracking Technologies: See Section 14 for full cookie disclosures

C. Data from Third Parties

We may receive limited data from:

  • Verification Sources: We may consult publicly available school directories, institution websites, or professional networks to confirm your educator status
  • Analytics Providers: Aggregated usage patterns and traffic insights (see Section 14 and Section 15)
  • Transactional Email Providers: Limited delivery metadata (e.g., whether a verification or booking email was successfully delivered)

We do not collect sensitive personal data such as race, religion, health, or biometric data.

6. Why We Collect Your Data (Purposes of Use)

We collect and use your data to:

  1. Operate the Kasero platform and community
    • Create, maintain, and secure your account
    • Enable listings, bookings, messaging, and credit tracking
    • Verify your eligibility as an educator
  2. Facilitate trust, safety, and community moderation
    • Prevent fraud, abuse, and misuse
    • Detect and investigate policy violations or illegal behavior
    • Maintain platform integrity and uphold educator-only access
  3. Communicate with you
    • Send service updates, booking confirmations, reminders, and support responses
    • Share account-related or policy changes
    • Manage consent, privacy requests, and complaints
  4. Improve platform performance and features
    • Analyze usage to enhance usability and stability
    • Test new features and improve user experience
    • Understand what users value to build a better product
  5. Comply with legal and regulatory obligations
    • Maintain records for tax, legal, and audit purposes
    • Respond to valid government or law enforcement requests
    • Fulfill data protection requirements globally

We do not sell, rent, or share your personal data with third parties for their own marketing or advertising purposes. We share limited data only with the service providers described in Section 8 and Section 15, who are contractually restricted to processing that data on our behalf.

7. Legal Bases for Processing (Global Compliance)

To respect privacy across jurisdictions, we ensure that every use of your personal data is supported by a lawful basis, as required by major privacy regimes:

A. GDPR (EU/EEA)

Under Article 6 of the GDPR, our legal bases include:

  • Contractual necessity – to provide you with our platform and services
  • Consent – for email subscriptions and cookie-based analytics (where required)
  • Legal obligation – for compliance with tax, security, and data rights laws
  • Legitimate interests – to maintain platform functionality, prevent abuse, and serve community needs (balanced against your rights)

B. CCPA/CPRA (California, USA)

We act as a “business” under CCPA. We:

  • Do not sell or share personal data for cross-context behavioral advertising or third-party marketing purposes
  • Provide the right to know, delete, and correct information
  • Offer a “Do Not Sell/Share” mechanism (see Section 18)

C. PDPA (Singapore)

We collect, use, and disclose personal data in accordance with the Purposes Notification Obligation, the Consent Obligation, and the Reasonableness Obligation under Singapore's PDPA. Where consent is required, it will be obtained in advance.

D. PDPA (Malaysia)

We process data under Malaysia's PDPA for lawful and explicit purposes, and we uphold principles of:

  • Notice and Choice
  • Disclosure and Security
  • Data Integrity and Retention

8. How We Share Your Information

We value your trust and do not sell or rent your personal information to third parties for their own marketing or advertising purposes. In order to provide a functioning, secure, and legally compliant service, we share your personal data with the following categories of recipients:

A. Essential Third-Party Service Providers

We share limited personal data with providers who help us deliver our platform, under strict contractual obligations:

  • Hosting & Cloud Infrastructure: providers that store and serve the Platform and its data
  • Authentication & Database Services: providers that secure member accounts and store member-submitted content
  • Transactional Email Delivery: providers that send verification, booking, and notification emails on our behalf
  • Analytics: Google Analytics, used to understand aggregated platform usage and improve Platform features (see Section 14 and Section 15)

These vendors are only allowed to process your data for the specific tasks assigned and must implement appropriate security controls.

B. Platform Users (Limited & Necessary Disclosure)

  • When You Host or Book: Your profile photo, first name, verified educator status, and listing details will be visible to other users.
  • Messaging: Any communication shared via the Platform is accessible by the involved parties and may be monitored for safety or abuse investigations.
  • User Independence: Once you voluntarily share your personal data, contact information, or property details with another Member (e.g., upon confirming a booking or communicating via messaging), Kasero no longer controls that data. We are not responsible for how other Members use, store, or disclose your information off-platform.

C. Legal & Regulatory Disclosures

We may disclose data if required to:

  • Comply with a valid subpoena, warrant, court order, or regulatory request;
  • Protect the safety of any user, member of the public, or Kasero;
  • Investigate suspected violations of our Terms or applicable laws.

D. Business Transfers

If Kasero is involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of the transaction. You will be notified and given options, where required by law.

We never disclose your data without a valid reason, and never for advertising purposes without your explicit consent.

9. International Data Transfers

Kasero is headquartered in the United States, but we serve educators across the globe. To deliver the platform, your data may be transferred to — and processed in — countries outside your country of residence.

These transfers are governed by strong safeguards and are conducted only when necessary and lawful, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for users in the EU/EEA;
  • U.S. adequacy or comparable safeguards for jurisdictions with bilateral data frameworks;
  • Consent-based transfers where appropriate (e.g., users in Singapore, Malaysia, GCC);
  • Contractual assurances with third-party processors to maintain confidentiality, security, and integrity of your data.

Explicit Consent to Transfer: Because Kasero operates from the United States and serves a global community of educators, your personal data may be transferred to and stored on servers located in the United States and/or other jurisdictions where our service providers operate. We implement appropriate safeguards (see Section 21) regardless of the destination jurisdiction.

10. Data Retention & Storage Practices

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law.

Typical Retention Timeframes:

Data CategoryRetention Period
Account data (email, profile, listings)Active + 3 years post-closure
Booking data & messages5 years (for recordkeeping & fraud prevention)
Legal logs, verification, and audit trails7 years
Email communication metadata2 years
Analytics & cookie data (non-identifiable)26 months or less

Once the applicable retention period ends, we will:

  • Anonymize the data (for statistical use), or
  • Securely delete it from our systems and backups

Note: Deletion timelines may be extended in cases of pending litigation, unresolved claims, or regulatory hold requirements.

11. Data Subject Rights

We recognize and honor your rights under applicable privacy laws, depending on your location.

A. If you are in the EU/EEA (GDPR), you have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate or incomplete data;
  • Request deletion (“right to be forgotten”);
  • Restrict or object to data processing;
  • Withdraw your consent at any time;
  • Request data portability to another service;
  • File a complaint with your local Data Protection Authority (DPA).

B. If you are in California (CCPA/CPRA), you may:

  • Request a copy of your data (right to know);
  • Request deletion (with limitations);
  • Correct inaccurate information;
  • Opt out of the sale or sharing of personal data for cross-context behavioral advertising (Kasero does not engage in such practices, but we honor opt-out requests and Global Privacy Control signals);
  • File complaints with the California Privacy Protection Agency (CPPA).

C. If you are in Singapore or Malaysia:

You may request to access, correct, or withdraw your personal data. We will evaluate each request according to national law and will notify you if exceptions apply.

D. Universal Rights (applied globally by Kasero):

We extend the core rights of access, correction, deletion, and objection to all users, regardless of jurisdiction — because privacy is a fundamental right.

To exercise any rights, email us at: privacy@kasero.co
We may request identity verification before processing your request.

12. Your Choices & Controls

You are in control of your data. Kasero gives you practical, built-in options to manage what you share and how it's used:

  • Profile Controls: You can update or delete your profile info, photos, and bio at any time.
  • Listing Visibility: You can unpublish or modify your listing whenever you like.
  • Email Preferences: You can opt out of marketing emails using the “unsubscribe” link.
  • Cookies & Tracking: See Section 14 for opt-out choices and browser settings.
  • Account Deletion: You may request full account closure and data deletion.

We strive to make these choices accessible and honored promptly, typically within 30 days.

13. Security Measures

We take robust steps to secure your personal information against unauthorized access, alteration, loss, or misuse — using both organizational and technical safeguards.

Key Protections in Place:

  • Encrypted data transmission (HTTPS, TLS 1.2+)
  • Encrypted storage of sensitive information
  • Role-based access control (RBAC) for internal data access
  • Regular software and infrastructure security updates
  • Commercially reasonable vulnerability monitoring and secure coding practices
  • DDoS and intrusion prevention systems
  • Secure coding standards and deployment pipelines
  • Secure backups and recovery protocols

Despite our efforts, no online system can guarantee 100% security. If you suspect a security issue or account breach, please contact us immediately at: security@kasero.co

14. Use of Cookies & Similar Technologies

We use cookies and similar tracking technologies to enhance your experience, understand how the Platform is used, and improve our services.

A. What Are Cookies?

Cookies are small data files stored on your device by your web browser. They help us remember you, recognize your preferences, and serve essential features.

B. Types of Cookies We Use:

TypePurpose
Essential CookiesEnable core site features (e.g., login, navigation, security)
Analytics CookiesTrack user behavior (e.g., pages visited, time spent) using tools like Google Analytics
Preference CookiesStore language, timezone, and other user-selected settings
Email Tracking PixelsMay be embedded in some communications to understand engagement levels

We do not use advertising or behavioral tracking cookies for third-party ad networks.

C. Cookie Control

You can manage or delete cookies via your browser settings at any time. Most browsers also offer “Do Not Track” options (see Section 17).

To opt out of Google Analytics, you can install: Google Analytics Opt-out Add-on

Please note that disabling cookies may impair certain Platform features.

15. Third-Party Tools & Integrations

We rely on select third-party services to help operate and optimize the Platform. These services may collect limited personal data subject to their own privacy policies.

A. Providers We Work With:

CategoryPurpose
Analytics (Google Analytics)Aggregated site traffic analytics and feature-usage metrics
Transactional email deliverySending verification, booking, and notification emails to Members
Hosting, content delivery, and DDoS protectionServing the Platform securely and reliably to Members worldwide
Error and performance monitoringDetecting and diagnosing Platform issues

Each service provider is contractually required to:

  • Process data solely on our instructions
  • Use appropriate security safeguards
  • Comply with applicable laws, including GDPR and CCPA

We do not allow third-party advertisers, social plug-ins, or trackers that collect data for resale or remarketing.

16. Children's Privacy

Kasero is a professional platform built only for adult educators. We do not knowingly collect or solicit personal information from anyone under the age of 18.

If you are under the age of 18, you are not authorized to register, use, or access the Platform.

We actively block sign-ups from known child users and take steps to remove any account found to belong to a minor.

If you believe that a child has provided us with personal data, please contact us at privacy@kasero.co, and we will take immediate action to delete the information.

This policy is aligned with:

  • COPPA (U.S. Children's Online Privacy Protection Act)
  • Singapore PDPA – Section 13
  • Malaysia PDPA – First Principle
  • Other regional standards on children's privacy

17. Do Not Track (DNT) & Global Privacy Control (GPC)

Some browsers and extensions allow you to send a “Do Not Track” (DNT) or Global Privacy Control (GPC) signal to websites. These signals indicate your preference to limit certain data collection activities.

Our Policy:

We respect browser-based DNT and GPC signals to the extent required by applicable law. Because Kasero does not sell or share your personal data with third parties for their marketing purposes, these signals will not impact how we handle your data, but we recognize them as a valid expression of your privacy preferences. Please note that some parts of the Platform (e.g., session security, fraud detection) may still require essential cookies or logging for functionality.

18. Non-Discrimination Commitment

Exercising your privacy rights will never result in unfair treatment on Kasero.

We will never:

  • Deny you access to the Platform;
  • Charge you different prices or fees;
  • Provide different levels of service;
  • Impose penalties for data access or deletion requests.

This commitment applies universally, and is explicitly aligned with:

  • CCPA/CPRA – Section 1798.125
  • GDPR – Article 12
  • Singapore PDPA – Section 11

Privacy is a right — not a privilege or paywall feature.

19. Data Accuracy & User Responsibility

We rely on you to provide accurate, current, and complete information. You are responsible for maintaining and updating your personal data.

To ensure your data is reliable:

  • Review and update your profile regularly;
  • Correct outdated or inaccurate listings or content;
  • Notify us if you change your email address, institution, or name.

We are not liable for issues arising from false, misleading, or outdated information provided by users.

We may suspend or limit your account if we reasonably believe the information you've provided is false, unverifiable, or inconsistent with platform use expectations.

20. Automated Decision-Making & Profiling

Kasero uses automated systems to facilitate the operation of the Platform, including verifying educator status, detecting spam, preventing fraud, and ensuring compliance with our Terms of Use.

While we rely on these tools to protect the integrity and safety of the community, we recognize the importance of human oversight. These automated tools are routinely supervised by our team. With the exception of immediate automated blocks executed to prevent severe security threats, suspected fraud, or blatant Terms of Use violations (such as sign-up attempts from comprehensively sanctioned IP addresses or malicious bot activity), we strive to ensure that significant account decisions—such as the permanent ban of a verified Member—involve human review.

If you are located in a jurisdiction that provides specific rights regarding automated processing (such as the EU/EEA or UK), you have the right to request human intervention, express your point of view, and contest decisions made solely by automated means that produce legal or similarly significant effects concerning you. To appeal an automated decision or request human review, please contact us at support@kasero.co.

21. Data Transfers & International Jurisdictions

Kasero operates as a global platform, which means your personal data may be processed in — or transferred to — countries outside of your home jurisdiction, including the United States.

Key Transfers Involve:

  • Hosting infrastructure in the U.S. and Europe
  • Customer service across multiple countries
  • Third-party tools (e.g., Google, email providers) with cross-border processing

We ensure that such transfers are done in compliance with applicable laws by implementing:

JurisdictionTransfer Safeguards Used
EU/EEAStandard Contractual Clauses (SCCs), GDPR Art. 46
UKInternational Data Transfer Addendum
SingaporeReasonable protection under Sec. 13–15 PDPA
MalaysiaBinding conditions under Sec. 129–130 PDPA

By using Kasero, you acknowledge that your data may be transferred to and processed in countries with differing levels of data protection than your own.

We take all reasonable steps to protect your data regardless of destination.

22. Global Privacy Law Alignment

Kasero's Privacy Policy is designed to adhere to internationally recognized privacy principles. While we are a U.S.-based entity, we strive to align our practices with major global frameworks, including:

  • The General Data Protection Regulation (GDPR) for users in the EU/EEA and UK
  • The California Consumer Privacy Act (CCPA/CPRA)
  • Applicable principles under the PDPA frameworks in Singapore and Malaysia

Where a local law mandatorily applies to Kasero and requires additional rights, disclosures, or restrictions, this Policy incorporates them by reference. If any conflict arises between this Policy and a mandatory, applicable right under your jurisdiction, the strictest legally required provision shall prevail.

23. Data Breach Notification & Incident Response

Kasero takes security seriously and maintains incident response protocols aligned with global best practices.

In the unlikely event of a data breach involving your personal information, we will:

  1. Investigate the incident promptly;
  2. Contain and remediate the breach;
  3. Notify affected users without undue delay, if legally required;
  4. Report the breach to relevant authorities (e.g., ICO, PDPC, U.S. State AGs) when thresholds are met.

Notifications will include:

  • A description of the incident
  • The types of data involved
  • What we are doing to mitigate harm
  • Guidance on protective steps you can take

You may also reach out to privacy@kasero.co at any time to inquire about past or present security events.

24. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • Legal requirements;
  • Our data practices;
  • Platform features or partnerships.

We will provide advance notice of material changes via:

  • Email (if we have your address)
  • Platform banner or notification

We encourage you to review this Policy periodically. If you continue using Kasero after updates are posted, you accept the revised Policy.

In the event of a significant change affecting your rights or obligations, we will seek your affirmative consent where required by law (e.g., EU/EEA users).

Effective date of current version: 23rd May 2026

25. Contact Us

If you have questions, requests, complaints, or concerns regarding this Privacy Policy or your personal data, you may contact us at:

Kasero LLC – Data Protection Office
16192 Coastal Highway
Lewes, Delaware 19958
Email: privacy@kasero.co
For general inquiries: support@kasero.co

We aim to respond to verified inquiries within 30 days or sooner, subject to legal requirements and identity verification.

Privacy Policy | Kasero