Privacy Policy

Last Updated: January 2025

1. Introduction

AI Hero, Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use AI Hero Studio ("Service"). Our platform operates in compliance with SOC2 standards and applicable data protection regulations.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, job title, and other registration details
  • Payment Information: Billing address and payment method details (processed securely through third-party payment processors)
  • Content and Data: Workflows, business processes, handbooks, AI agent configurations, and any data you input into the Service
  • Communications: Messages, feedback, and support requests

2.2 Automatically Collected Information

  • Usage Data: Features used, actions taken, time and duration of activities
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, pages viewed, errors encountered
  • Cookies and Tracking: As described in our Cookie Policy

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process your transactions and manage your account
  • Improve, personalize, and expand our Service
  • Understand and analyze how you use the Service
  • Develop new features, products, and functionality
  • Communicate with you for customer service, updates, and marketing (with your consent)
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Use

4. AI and Machine Learning

Our Service uses artificial intelligence and machine learning technologies. Regarding your data and AI:

  • Your content and workflows are used solely to provide the Service to you
  • We do not use your proprietary business processes or sensitive data to train our general AI models
  • Aggregated, anonymized usage patterns may be used to improve our Service
  • You maintain ownership of all content, data, and AI agents you create

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

5.1 Service Providers

We engage trusted third-party companies to perform services on our behalf, such as:

  • Cloud infrastructure and hosting (data centers, servers)
  • Payment processing
  • Analytics and monitoring
  • Customer support tools

These service providers are bound by contractual obligations to keep your information confidential and use it only for providing services to us.

5.2 Business Transfers

In connection with any merger, sale of company assets, financing, or acquisition, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

5.4 Your Consent

We may share your information with your explicit consent for specific purposes.

We never sell your personal information to third parties.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • SOC2 compliance standards
  • Employee security training and background checks
  • Incident response and breach notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to:

  • Provide the Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal or regulatory purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Objection: Object to processing of your information for certain purposes
  • Restriction: Request restriction of processing in certain circumstances
  • Withdrawal of Consent: Withdraw consent for processing where we rely on consent

To exercise these rights, please contact us through our support page.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure appropriate safeguards are in place for such transfers in compliance with applicable laws.

10. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us and we will take steps to delete such information.

11. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

Note: We do not sell personal information.

12. GDPR Compliance

If you are located in the European Economic Area (EEA), we process your personal data in compliance with the General Data Protection Regulation (GDPR). Our legal bases for processing include:

  • Contract performance (to provide the Service)
  • Legitimate interests (to improve and secure the Service)
  • Legal compliance (to meet regulatory requirements)
  • Your consent (where specifically requested)

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us: