Legal

Privacy Policy

Last updated: June 3, 2026

First Word Read is a service operated by Kiraaz, a business registered in India (“we,” “us”). We help appointment-based businesses respond to customer inquiries faster. This policy explains what we collect, how we use it, and the choices you have.

If you are a client, this policy applies to the information you give us about your business. If you are a customer of one of our clients, we generally handle your information on the client's behalf (they are the data controller); please also review their privacy policy.

Information we collect

From our clients. Business contact details, calendar and inbox access scoped to inquiry handling, voice and policy notes you give us so we can draft replies in your style, and billing information.

From your customers, on your behalf. Names, contact details, and the content of inquiries that arrive through channels you connect (e.g., Instagram DMs, email, web forms), together with any scheduling information needed to offer appointment slots.

Automatically. Standard server logs (IP address, user agent, timestamps) when you use our website, and cookies strictly necessary for the site to function.

How we use information

• To draft replies for your review and approval.
• To deliver the weekly summary of inquiries and outcomes.
• To communicate with you about the engagement.
• To improve our service using aggregated, de-identified data.
• To meet legal, accounting, and security obligations.

We do not sell personal information, and we do not use customer inquiry content to train third-party models.

Service providers we rely on

We use a small number of vendors to operate the service, including cloud hosting (e.g., Vercel), AI/LLM providers under enterprise-grade data terms, and the calendar, CRM, or messaging platforms you ask us to connect. Each is bound to confidentiality and uses information only to perform services for us.

Sharing

We share information only with the service providers above, with you and your authorized team members, or where required by law. We do not share or sell personal data for advertising.

Retention

We keep inquiry data for the duration of the engagement plus a short period for backups and dispute resolution, then delete or de-identify it. Aggregated, de-identified analytics may be retained longer.

Security

We use encryption in transit, restricted access on a need-to-know basis, and reputable infrastructure providers. No system is perfectly secure, but we work to reduce risk and respond promptly to incidents.

Your choices

Depending on where you live, you may have rights to access, correct, delete, or port your personal information, or to object to certain processing. Email us at [email protected] and we will respond within a reasonable time.

International data

We operate from India, and several of our vendors (including cloud-hosting and AI providers) are based in the United States and the European Union. Your information may be transferred to and processed in these jurisdictions under safeguards required by applicable law, including India's Digital Personal Data Protection Act, 2023 where it applies.

Children

Our service is not directed to children under 16, and we do not knowingly collect their personal information.

Changes

We may update this policy from time to time. We will revise the “Last updated” date above and, for material changes, provide additional notice.

Contact

Questions or requests: [email protected].