K Kincab
Legal

Privacy Policy

This page explains what Kincab handles, why it handles it, and how Kincab is designed to keep live location sharing temporary and tightly scoped.

Last updated: March 26, 2026

In plain words

Kincab is built for temporary live location sharing, not long-term tracking.

The product is designed around short sessions that you start when needed and end when the handoff or meetup is done.

Your live location is encrypted on-device before it is sent to the server.

The iPhone app creates a session key, encrypts location updates with that key, and viewers use the shared link fragment to decrypt them.

The server stores active live session state in memory, not as a location history database.

In the current implementation, the server keeps the latest encrypted location for an active session in memory and removes the session when it ends.

We do not build Kincab around accounts, contact uploads, or ad-tech.

Kincab is focused on short-lived session sharing. We do not use it as a profile, social graph, or advertising product.

Some security and anti-abuse data is stored.

The backend stores App Attest records and short-lived authentication challenge records so it can verify that protected requests came from the iOS app.

Like any internet service, basic network metadata may still be processed.

When your device or browser connects to Kincab, the server and hosting providers may necessarily receive things like IP address, timestamps, and user-agent data.

Privacy Policy

1. Who this policy applies to

This policy applies to the Kincab iOS app, the Kincab web session viewer, and the Kincab backend services that support them.

2. What Kincab collects

Kincab currently handles a narrow set of data tied to making temporary live sessions work:

  • Live location data from the host device when a host starts sharing. In the current app, this is gathered from iOS location services only after the user grants location permission.
  • Session identifiers used to create and route temporary live sharing sessions.
  • Session keys used to encrypt and decrypt live location updates. In the current design, the viewer key is carried in the shared URL fragment rather than the path itself.
  • App Attest identifiers and related verification data used to confirm certain protected requests came from the iOS app.
  • Short-lived authentication challenge records and short-lived bearer tokens used to issue and authenticate sessions.
  • Standard technical request metadata that a server typically receives when devices or browsers connect, such as IP address, timestamps, and user-agent information.

3. What we do not build Kincab around

Kincab is not designed around:

  • User account registration or account profiles.
  • Contact list uploads or address book syncing.
  • Advertising SDKs or ad targeting systems.
  • A separate historical location timeline stored as a permanent database record.

If Kincab changes in those areas, we will update this policy to match the product.

4. How live location sharing works

When a host starts a session, the iOS app creates a temporary session and generates a 32-byte session key on the device. The app encrypts location updates on-device before sending them to the backend. The server then broadcasts the encrypted payload to connected viewers. A viewer with the shared link fragment can use that key to decrypt the live location update.

In other words, the backend is used to relay and coordinate the session, but the location payload itself is designed to be encrypted before it reaches the server.

5. How Kincab uses data

Kincab uses the data it handles to:

  • Create and operate temporary live location sessions.
  • Show a host’s current shared location to authorized viewers.
  • Let the host end a session and close viewer access.
  • Verify app integrity and protect certain backend endpoints using App Attest.
  • Prevent misuse, debug service issues, and keep the service working.

6. Storage and retention

In the current backend implementation, active session state, including the latest encrypted location for a session, is stored in server memory inside the running application process. When the host ends the session, that session record is removed from memory.

The backend also stores App Attest key records in the database, including the key ID, public key, environment, status, receipt if present, assertion counter, and related timestamps. It also stores authentication challenge records in the database, including the challenge ID, challenge bytes, optional key ID binding, expiration, usage state, and creation time.

We may refine retention periods for App Attest and challenge records over time. When we do, we will update this policy to reflect that change.

7. Data stored on your device

The iOS app stores the verified App Attest key ID in the device Keychain. Kincab is not designed around local profile storage, contact syncing, or a local archive of location history as part of the main product flow.

8. Sharing and disclosure

Kincab shares data in a limited way to make the product function:

  • The host intentionally shares a session link with a viewer.
  • The backend transmits encrypted location payloads to viewers connected to that session.
  • Infrastructure and hosting providers may process the network traffic needed to operate the service.

We do not sell personal information, and we do not share Kincab data with advertising partners as part of the product described here.

9. Security

The current design includes several privacy and security choices: App Attest-backed request verification for protected app flows, short-lived authentication challenges, short-lived session bearer tokens, encryption of location payloads before upload, and placement of the viewer key in the link fragment rather than the main route.

No system is perfect, and we cannot promise that any service is impossible to misuse, intercept, or break. But we do design Kincab to limit exposure and keep sharing temporary.

10. Your choices

  • You can decline location permission, in which case hosting a live session will not work.
  • You can stop sharing by ending the session.
  • You can stop opening or forwarding session links.
  • You can remove the app from your device if you no longer want to use Kincab.

11. Children

Kincab is not designed for children. If we expand into use cases that require additional children’s privacy language, we will update this policy accordingly.

12. Changes to this policy

Kincab may update this policy as the product evolves. If the data flows, retention, or third-party services change, this page should be updated before or at the time those changes go live.

13. Contact

For privacy questions, contact hello@kincab.com.