KoKonna Information

Data Security Statement

KoKonna team solemnly commits to prioritizing user privacy and data security. Regarding users' concerns about the security of photos, AI-generated content, and related information (collectively referred to as "User Data"), we hereby issue the following statement:

I. Comprehensive Encryption and Security Protection
We have established a robust technical and management system to ensure the highest level of protection for User Data throughout its entire lifecycle. Specific measures include, but are not limited to:

Comprehensive Encryption Protection

  • Static Data Encryption: All User Data stored in the cloud is encrypted using the AES-256 encryption algorithm, which complies with the highest international security standards. This encryption is managed in conjunction with a professional Key Management System (KMS), ensuring that data remains in an unreadable ciphertext state while at rest.

  • Transmission Link Encryption: During data transmission between user devices and our services, we enforce the use of TLS 1.3 and HTTPS protocols for end-to-end encryption. This effectively prevents data from being eavesdropped on, intercepted, or tampered with during transmission.

  • User-Controlled Keys: We support the Bring Your Own Key (BYOK) model. Each user generates and encrypts their own keys, thereby achieving complete control over their data. Under this model, even cloud service providers are unable to decipher the content of User Data.

Strict Access and Privacy Controls

  • Defense Against Unauthorized Access: We have deployed real-time intrusion detection systems, network firewalls, and strict access control mechanisms to continuously monitor and defend against external attacks and internal unauthorized access, minimizing the risk of data breaches.

  • Application of Privacy Protection Technologies: In data processing workflows, we employ advanced technologies such as data masking to provide additional protection for personal information and sensitive content, ensuring user privacy is safeguarded even during necessary internal processing stages.

II. Commitment to Data Localization Storage
To meet the data compliance requirements of users in different regions and further ensure data sovereignty, we commit that: in all countries or regions where we operate, the storage and processing servers for User Data are deployed in local data centers legally recognized within the respective jurisdictions. This measure ensures that User Data is physically stored within the judicial jurisdiction to which it belongs and is subject to the governance of local data protection laws and regulations.

III. Final Interpretation Rights
The right to interpret, modify, and update this statement belongs to Shenzhen Galaxy Guide Technology Co., Ltd. We may revise this statement from time to time based on changes in laws and regulations, technological advancements, or adjustments in business needs. Any modifications will be announced through official platforms. Users are encouraged to review this statement periodically.