Lokio

Privacy Policy

Last updated: March 10, 2026

Lokio ("we", "us", "our") operates the lokio.ai website and service. This Privacy Policy explains how we collect, use, and protect your information when you use our AI-powered Google Business Profile automation platform.

1. Information We Collect

Account Data

When you sign in with Google, we receive your name, email address, and profile photo from your Google account. We do not store your Google password.

Business Profile Data

With your authorization, we access your Google Business Profile data including business name, address, category, customer reviews, ratings, and existing posts. This data is used to provide the service.

Usage Data

We collect basic usage information such as pages visited, features used, and device/browser type to improve the service.

2. How We Use Your Data

  • Generate AI-powered review responses and business posts based on your profile and reviews
  • Analyze competitor profiles to provide insights and content recommendations
  • Improve, maintain, and fix bugs in the service
  • Send you service-related communications (account updates, security alerts)

3. AI Processing

To generate review replies and business posts, we send relevant data (such as review text, business name, and industry) to third-party AI providers for processing. Important details:

  • All AI-generated content is presented as a draft for your review — nothing is published without your explicit approval
  • We do not use your business data or reviews to train AI models
  • AI providers process your data only to fulfill requests and do not retain it

4. Data Sharing

We do not sell your personal data. We share data only with the following categories of service providers, solely to operate Lokio:

  • Google — authentication and Business Profile API access
  • Supabase — database hosting and authentication
  • Vercel — application hosting
  • AI Providers — content generation (Anthropic, OpenAI)

We may also disclose data if required by law or to protect our rights.

5. Data Storage & Security

Your data is stored in a PostgreSQL database hosted by Supabase with row-level security policies. All data is encrypted in transit via HTTPS. Our infrastructure is hosted in the United States. While no system is 100% secure, we implement industry-standard measures to protect your data.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data and account
  • Export your data in a portable format

To exercise any of these rights, contact us at [email protected].

7. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies.

8. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you via email or a prominent notice in the service. Continued use after changes constitutes acceptance.

9. Contact Us

If you have questions about this Privacy Policy, contact us at [email protected].