Privacy Policy

We collect the following types of information:

• Account Information: Your name, email address, and company details when you register.
• Usage Data: How you interact with our platform, including pages visited, features used, and API calls made.
• AI Chat Messages: Conversations between your AI agents and end users, stored to provide the service and improve response quality.
• Technical Data: IP addresses, browser type, device information, and cookies for security and analytics.
• Billing Information: Payment details processed securely by Stripe (we do not store full card numbers).

We use your data to:

• Provide and maintain the OpenHelix AI service
• Process transactions and manage billing
• Improve AI response quality and platform features
• Communicate with you about your account and service updates
• Ensure security and prevent fraud
• Comply with legal obligations

Your data is stored in PostgreSQL databases hosted on US-based servers (Hetzner Cloud, Virginia region). All data is encrypted at rest using AES-256 and in transit via TLS 1.3.

API keys for AI providers (OpenAI, Anthropic, etc.) are encrypted with AES-256-GCM and only decrypted when needed to process requests. We never store raw API keys in plaintext.

We share limited data with trusted third parties solely to operate our service:

• OpenAI / Anthropic: AI chat messages are sent to your configured AI provider to generate responses.
• Stripe: Processes all payments and stores billing information securely.
• Resend: Handles transactional and notification emails.
• Hetzner: Cloud infrastructure and server hosting.

We never sell your data to third parties for marketing purposes.

You have the right to:

• Access: Request a copy of all data we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Delete your account and all associated data
• Export: Download your data in a portable format
• Object: Opt-out of certain data processing activities
• Withdraw Consent: Revoke permissions at any time

To exercise these rights, contact us at privacy@openhelixai.com. We respond to all requests within 30 days.

We retain your data for as long as your account is active. Upon account deletion, all personal data is permanently removed within 30 days, except where we are legally obligated to retain records (e.g., billing information for tax purposes, retained for 7 years).

We use essential cookies for authentication and session management. Analytics cookies are optional and can be disabled. See our Cookie Policy for details.

For privacy-related questions or to exercise your rights, contact our Data Protection Officer:

Email: privacy@openhelixai.com

OpenHelix AI — Alicante, Spain