1. Controller for data processing
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
TRO GmbH Averio
Mötlas 47
4273 Unterweißenbach, Austria
Email: info@koro.chat
2. What data we process
When you visit this website, we process the following data:
- Server log data: IP address, time of request, transferred data volume, HTTP status code, referrer, user agent.
- Waitlist: first name, last name, email address and optionally phone number — if you submit the waitlist form.
- Cookies and similar technologies: only technically necessary cookies. We use no analytics or tracking cookies.
3. Purpose and legal basis
Server logs are processed to maintain secure operation. Legal basis: legitimate interest under Art. 6(1)(f) GDPR.
Waitlist data is processed to inform you about the launch and grant you early access. Legal basis: consent under Art. 6(1)(a) GDPR. You can withdraw your consent at any time by emailing info@koro.chat .
4. Retention period
Waitlist data is stored until launch and, after successful activation of your account, transferred into the product database. If you remove yourself from the waitlist before launch, we delete your data within 30 days.
5. Processors & recipients
We use the following processors:
- Hosting: Vercel Inc., 440 N Barranca Ave PMB 4133, Covina, CA 91723, USA
- Email delivery (transactional): IONOS, Germany
- CRM / waitlist backend: Averio (TRO GmbH), EU servers
Contracts under Art. 28 GDPR are in place with all processors.
6. Transfer to third countries
As part of web hosting via Vercel Inc., personal data may be transferred to the United States. The transfer takes place on the basis of the EU Standard Contractual Clauses pursuant to Art. 46 GDPR as well as Vercel’s commitment to the EU-US Data Privacy Framework.
7. Your rights
You always have the right to:
- access your stored data (Art. 15 GDPR)
- rectification of inaccurate data (Art. 16 GDPR)
- erasure of your data (Art. 17 GDPR)
- restriction of processing (Art. 18 GDPR)
- data portability (Art. 20 GDPR)
- object to processing (Art. 21 GDPR)
Write to us at info@koro.chat — we’ll reply within 30 days.
You also have the right to file a complaint with the Austrian data protection authority: dsb.gv.at.
8. End-to-end encryption
Once the Koro app is live, messages, calls and files are transmitted exclusively end-to-end encrypted. Cryptographic keys are generated on your device and never leave it. We have no technical way to access the contents of your communication — not even on legal request.
9. Version
This privacy policy is effective from 14 June 2026. We update it for product extensions and mark the change accordingly.