Privacy Policy

Effective Date: April 5, 2026 | Version 2.0

At Kore Map ("we," "us," "our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website koremap.com (the "Site") or use our related services (collectively, the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or use our service.

This policy is designed to comply with applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the requirements of advertising partners such as Google AdSense. We reserve the right to update this policy at any time. The "Effective Date" at the top indicates when the latest version was published. Your continued use of the Service after any changes constitutes acceptance of the updated terms.

1. Information We Collect

We collect information that you provide directly to us, information automatically through your use of the Service, and information from third-party sources as permitted by law.

1.1 Personal Information You Provide

When you create an account, contribute to roadmaps, post comments, subscribe to newsletters, or contact support, you may provide us with:

Name, username, email address, profile picture (if you upload one).
Authentication credentials (we store only hashed passwords).
Content you generate: roadmap nodes, projects, Q&A answers, cheatsheets, comments, tips, and other contributions.
Communication data: messages you send to us or other users (via our internal messaging system).
Payment information if you subscribe to premium features (processed by third-party payment processors; we do not store full credit card numbers).

1.2 Automatically Collected Information

When you access or use our Service, we automatically collect certain information about your device and usage, including:

Log data: IP address, browser type and version, operating system, referring/exit pages, clickstream data, date/time stamps, and pages visited.
Device identifiers: Advertising ID (IDFA/AAID) where applicable.
Cookies and similar tracking technologies: We use cookies to remember your preferences, authenticate you, and analyze usage patterns. For more details, see the "Cookies and Tracking" section below.
Usage data: Features you interact with, roadmaps you view, time spent on pages, search queries, and learning progress.

1.3 Information from Third Parties

We may receive information about you from third-party services, such as:

Google (if you sign in with Google OAuth).
GitHub (if you sign in with GitHub).
Payment processors (Stripe, PayPal) – we receive confirmation of payment and limited billing details (last four digits, expiration date, but not full card number).
Advertising partners (e.g., Google AdSense) – they may provide aggregated or anonymized data to help us measure ad performance.

2. How We Use Your Information

We use the information we collect for the following purposes:

Provide, operate, and maintain the Service: authenticate you, display roadmaps, save your progress, enable contributions.
Improve and personalize your experience: recommend relevant roadmaps, suggest content based on your learning history.
Communicate with you: send service announcements, respond to support requests, notify you of changes to our policies, or send newsletters (with your consent).
Analyze usage and trends: understand how users interact with the Service to fix bugs and improve features.
Serve advertisements: display relevant ads (including personalized or non-personalized ads) via Google AdSense and similar networks, based on your consent where required.
Prevent fraud and abuse: detect and block malicious activity, spam, or violations of our Terms of Service.
Comply with legal obligations: respond to lawful requests from public authorities, including to meet national security or law enforcement requirements.

3. Cookies and Similar Tracking Technologies

We use cookies (small text files placed on your device) and similar technologies such as local storage, web beacons, and pixels. Cookies help us remember your login status, preferences, and analyze how you use the Service. You can control cookies through your browser settings; however, disabling certain cookies may affect functionality.

We use the following categories of cookies:

Essential cookies: Required for authentication, security, and basic features (e.g., session cookies).
Preference cookies: Remember your language, theme, and other settings.
Analytics cookies: Collect aggregated data about how visitors use the Service (e.g., Google Analytics).
Advertising cookies: Used by Google AdSense and other ad networks to serve relevant ads, limit the number of times you see an ad, and measure campaign effectiveness. These cookies may track your browsing across different websites.

Your choices: For users in the European Economic Area (EEA), the UK, or Switzerland, we obtain your consent before placing non-essential cookies (analytics, advertising) via a cookie consent banner. You may withdraw consent at any time by adjusting your cookie preferences (link in the footer). For users outside these regions, you can still manage cookies through your browser settings.

4. Advertising (Google AdSense Compliance)

We display advertisements provided by Google AdSense and other third-party ad networks to help keep the Service free for users. To comply with Google's policies and applicable laws, we disclose the following:

Third-party vendors, including Google, use cookies to serve ads based on a user's prior visits to our website or other websites.
Google's use of advertising cookies enables it and its partners to serve ads to our users based on their visit to our site and/or other sites on the Internet.
Users may opt out of personalized advertising by visiting Google Ad Settings. Alternatively, users can opt out of a third-party vendor's use of cookies for personalized advertising by visiting www.aboutads.info.
We do not knowingly show interest-based ads to children under 13.
For users in the EEA, UK, or Switzerland, we request consent to use cookies for personalized advertising via a consent management platform (CMP) that complies with the Transparency and Consent Framework (TCF) of the IAB Europe. You have the right to withdraw consent at any time.
We do not pass any personally identifiable information (PII) to Google AdSense or other ad networks without your explicit consent. However, IP addresses and cookie identifiers may be shared as part of normal ad serving.

You can learn more about how Google uses data from its partners by visiting How Google uses information from sites or apps that use our services.

5. Sharing and Disclosure of Information

We do not sell your personal information (as defined by the CCPA) to third parties. We may share information in the following circumstances:

With your consent: For example, when you choose to share your progress on social media.
Service providers: We engage third-party companies to perform functions on our behalf, such as hosting (Vercel, AWS), analytics (Google Analytics), payment processing (Stripe), email delivery (SendGrid), and advertising (Google AdSense). These providers have access only to the information needed to perform their tasks and are contractually obligated to protect your data.
Legal requirements: We may disclose information if required by law, subpoena, or court order, or to protect the rights, property, or safety of Kore Map, our users, or the public.
Business transfers: In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via prominent notice on the Service.
Aggregated or anonymized data: We may share non-personally identifiable information (e.g., aggregated usage statistics) with partners, researchers, or for marketing purposes.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will remove or anonymize your personal information within 30 days, except for information we are required to keep for legal compliance (e.g., financial transaction records for 7 years), fraud prevention, or legitimate business purposes (e.g., aggregated analytics). User content that you have contributed to public roadmaps (e.g., comments, Q&A answers) may remain visible even after account deletion, but it will be anonymized (username removed).

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right to access: Request a copy of the personal information we hold about you.
Right to rectification: Correct inaccurate or incomplete information.
Right to erasure ("right to be forgotten"): Request deletion of your personal data, subject to certain exceptions.
Right to restrict processing: Limit how we use your data.
Right to data portability: Receive a machine‑readable copy of your data and transfer it to another controller.
Right to object: Object to processing for direct marketing or legitimate interests.
Right to withdraw consent: If we rely on consent (e.g., for cookies or marketing emails), you may withdraw it at any time.
Right to non‑discrimination (CCPA): We will not discriminate against you for exercising any of your privacy rights.

To exercise your rights: Please contact us at [email protected]. We may need to verify your identity before processing your request. We will respond within 30 days (or as required by law). If you are located in the EEA, you also have the right to lodge a complaint with your local data protection authority.

8. Children's Privacy

The Service is not intended for children under 13 years of age (or under 16 in certain jurisdictions for data processing without parental consent). We do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe we might have information from a child under 13, please contact us at [email protected]. Additionally, we comply with the Children's Online Privacy Protection Act (COPPA) and do not serve personalized ads to users known to be under 13.

9. International Data Transfers

Kore Map is based in the United States. If you access the Service from outside the US, your information may be transferred to, stored, and processed in the US, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer. For users in the EEA, we ensure that adequate safeguards (such as Standard Contractual Clauses) are in place for such transfers. You may request a copy of these safeguards by contacting us.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, or disclosure. These include encryption of data in transit (TLS 1.3), hashed passwords, regular security audits, and restricted access to personal data on a need‑to‑know basis. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. In the event of a data breach, we will notify affected users and relevant authorities as required by law.

11. Third-Party Links

The Service may contain links to third‑party websites, plugins, or applications (e.g., references to documentation, YouTube videos). Clicking those links may allow third parties to collect or share data about you. We do not control these third‑party sites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every site you visit.

12. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. Our Service does not currently respond to DNT signals because no uniform standard has been adopted. However, you can opt out of personalized advertising using the methods described in Section 4.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or features. We will notify you of material changes by posting the new policy on this page and updating the "Effective Date." If the changes are significant, we may also provide a more prominent notice (e.g., email or in‑app notification). Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.

14. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Kore Labs Inc.
Attn: Data Protection Officer
123 Learning Lane, Suite 400
Wilmington, DE 19801
USA
Email: [email protected]
Phone: +1 (302) 555‑0199

This Privacy Policy was generated to comply with Google AdSense policies, GDPR, CCPA, and other applicable privacy laws. For any ad‑related inquiries, please also refer to Google's advertising policies.