Is Kimi safe with your data?
Kimi
Moonshot AI
Weak disclosure · high confidence
Kimi earns a D (46/100) because it leaves much about its data practices unstated.
Dealbreaker flag
- D1.4: you grant us and our affiliates a non-exclusive, unrestricted, perpetual, free license to use and re-license to third parties
#118
of 211 apps ranked
46
score · Assistant avg 49
-3
vs category average
Kimi trains inputs by default without explicit opt-in, shares with service providers and affiliates, commits only to vague retention practices, and relies on passive child protections, but does disclose data categories, offers core deletion/access rights, and uses minimal named security controls.
What Kimi's privacy policy and terms of service say about your data
D1.4 , Harmful content licence
Policy grants Kimi "a non-exclusive, unrestricted, perpetual, free license to use and re-license to third parties" , a broad, sublicensable clause reserved without user opt-out.
D5.4 , Vague purpose-to-basis links
Policy lists purposes but links inconsistently to legal bases; many purposes reference only "applicable law" or "legitimate interests" without specific justification, falling short of full transparency.
D2.1–2.5 , Core rights present
Access, deletion (with exceptions), portability, correction, and marketing objection all explicitly named with defined scope; deletion right includes legal/fraud exceptions.
D7.2 , Breach notice lacks timeframe
Policy commits to "promptly inform" of breaches but provides no named timeframe (e.g., 72 hours), rendering the commitment vague.
What the policy is silent or vague on
- Not stated: keeping user inputs out of model training
- Not stated: a way to opt out of training
- Not stated: whether training use differs by plan
- Not stated: your ownership of generated outputs
Kimi privacy rating
Details
- Category
- Assistant
- Modalities
- text
- Processes biometrics
- No
- Policy last updated
- 2025-07-07
- Region scored
- Global / US-default
- Last assessed
- 2026-07-08
Documents examined
Other assistant apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.