Privacy Policy
Your privacy is our priority. Learn how we collect, use, and protect your data.
Last Updated: January 15, 2025
EU General Data Protection Regulation
California Consumer Privacy Act
Service Organization Control 2
Information Security Management
Our Privacy Principles
🔒 Data Security
Bank-level encryption and SOC 2 certified infrastructure
🚫 No Data Selling
We never sell your personal information to third parties
✅ Your Control
Access, export, or delete your data at any time
1. Information We Collect
1.1 Information You Provide
We collect information you provide directly to us, including: Account information (name, email, password, company name); Payment information (processed securely through third-party payment processors); Workspace data (projects, configurations, AI agent settings); Communication data (support tickets, feedback, correspondence); Profile information (job title, department, preferences).
1.2 Automatically Collected Information
When you use our Service, we automatically collect: Usage data (features used, time spent, interactions with AI agents); Device information (browser type, operating system, IP address); Log data (access times, pages viewed, errors encountered); Performance metrics (API response times, system health); Cookies and similar tracking technologies (see our Cookie Policy).
1.3 AI Training Data
With your explicit consent, we may use anonymized interaction data to improve our AI models. You can opt out at any time through your account settings. We never use personally identifiable information for AI training without explicit consent.
2. How We Use Your Information
2.1 Service Provision
We use your information to: Provide, maintain, and improve the Service; Process transactions and send related information; Enable AI agent functionality and automation; Respond to your comments, questions, and support requests; Send technical notices, updates, and administrative messages.
2.2 Personalization and Analytics
We analyze usage patterns to: Personalize your experience and provide relevant features; Monitor and analyze trends, usage, and activities; Develop new products, services, and features; Detect, prevent, and address technical issues and fraud.
2.3 Marketing Communications
With your consent, we may send you: Product updates and new feature announcements; Educational content and best practices; Special offers and promotions; Surveys and feedback requests. You can opt out of marketing communications at any time through your account settings or by clicking 'unsubscribe' in any email.
3. Information Sharing and Disclosure
3.1 Third-Party Service Providers
We share information with third-party vendors who perform services on our behalf: Cloud infrastructure providers (AWS, Google Cloud); Payment processors (Stripe); Analytics providers (limited to aggregated data); Customer support tools; Email service providers. All service providers are bound by strict confidentiality agreements.
3.2 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
3.3 Legal Requirements
We may disclose your information if required by law or in response to: Valid legal processes (subpoenas, court orders); Protection of our rights, privacy, safety, or property; Investigation of fraud or security issues; Emergency situations involving danger of death or serious physical injury.
3.4 We Never Sell Your Data
We do not and will not sell your personal information to third parties for their marketing purposes. Your data is yours, and we treat it with the utmost respect and security.
4. Data Security
4.1 Security Measures
We implement industry-standard security measures: Encryption in transit (TLS 1.3) and at rest (AES-256); Regular security audits and penetration testing; Access controls and authentication (including 2FA); Secure data centers with SOC 2 Type II certification; Employee training on data protection and privacy; Incident response and breach notification procedures.
4.2 Data Retention
We retain your information for as long as your account is active or as needed to provide services. Upon account deletion, we delete or anonymize your data within 30 days, except where required by law to retain certain records.
5. Your Rights and Choices
5.1 GDPR Rights (EU Users)
If you are in the European Economic Area, you have the right to: Access your personal data; Rectify inaccurate data; Erase your data ('right to be forgotten'); Restrict processing of your data; Data portability (receive your data in a structured format); Object to processing; Withdraw consent at any time; Lodge a complaint with a supervisory authority.
5.2 CCPA Rights (California Users)
If you are a California resident, you have the right to: Know what personal information is collected; Know whether your information is sold or disclosed; Opt out of the sale of personal information (we don't sell); Request deletion of your information; Non-discrimination for exercising your rights.
5.3 Exercising Your Rights
To exercise any of these rights, contact us at privacy@hermescloud.ai or use the Privacy Center in your account settings. We will respond within 30 days of receiving your request.
6. International Data Transfers
6.1 Data Localization
Your data is primarily stored in data centers located in the United States. We comply with EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and implement Standard Contractual Clauses (SCCs) for international transfers.
6.2 Cross-Border Safeguards
When we transfer data internationally, we ensure: Adequate protection mechanisms are in place; Recipients are bound by data protection obligations; You retain all rights under applicable privacy laws.
7. Cookies and Tracking Technologies
7.1 Types of Cookies
We use: Essential cookies (required for service functionality); Performance cookies (analytics and optimization); Functional cookies (preferences and settings); Marketing cookies (with your consent, for personalized content). See our Cookie Policy for detailed information.
7.2 Cookie Management
You can control cookies through: Browser settings (block or delete cookies); Our Cookie Consent Manager; Opt-out links for specific analytics providers. Note that blocking essential cookies may affect service functionality.
8. Children's Privacy
8.1 Age Restrictions
Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@hermescloud.ai and we will delete such information.
9. Changes to This Privacy Policy
9.1 Updates
We may update this Privacy Policy from time to time. We will notify you of material changes by: Posting the new Privacy Policy on this page; Updating the 'Last Updated' date; Sending an email notification (for significant changes); Providing in-app notifications. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.
10. Contact Information
10.1 Data Protection Officer
For privacy-related questions or concerns, contact our Data Protection Officer: Email: privacy@hermescloud.ai; Address: HermesCloud AI, Inc., Privacy Office, [Address]; Phone: [Phone Number]. For general inquiries, visit our Contact page or Support Center.
Privacy Questions or Concerns?
Our Data Protection Officer and privacy team are here to help answer your questions and address your concerns.