Privacy Policy

Heliex.AI, Inc. and its affiliated companies ("Heliex", "we", "our", or "us") respect your privacy and are committed to protecting the personal information we collect from or about you. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you use our websites, mobile applications, desktop applications, software, and related services (collectively, the "Services").

The Services are designed to support personal reflection, mental well-being, and access to AI-powered conversations, Practices, and the Heliex Advanced Safety Protocol™. The Services are not medical, psychological, psychiatric, therapeutic, crisis-response, or emergency services. Our Terms of Use govern your access to and use of the Services.

Some features may process information locally on your device, while other features may require processing by our systems, infrastructure providers, analytics tools, payment processors, app stores, and other service providers described in this Privacy Policy.

1. Data Controller

Heliex.AI, Inc., with its registered office at 254 Chapman Rd, Ste 209, Newark, Delaware 19702, United States, is the controller responsible for the processing of personal information described in this Privacy Policy, unless another controller is identified in a separate notice.

You can contact us about privacy questions or requests at privacy@heliex.ai.

2. Personal Information We Collect

The categories of personal information we collect depend on how you interact with the Services, the features you use, your device settings, and the choices you make.

2.1 Account and Contact Information

When you create an account, verify your identity, contact us, or use account-based features, we may collect information such as your name, email address, phone number, authentication credentials, account identifiers, support messages, and communications with us.

2.2 Content You Provide and Receive

Depending on the features you use, you may provide prompts, messages, reflections, voice inputs, mood or well-being notes, preferences, feedback, and other information ("Input"). The Services may generate text, audio, insights, summaries, recommendations, guidance blocks, or other responses based on that Input ("Output"). Input and Output are referred to together as "Content".

Content may include information about your mental well-being, emotional state, stress, relationships, personal experiences, or other sensitive topics. Please do not provide information that you do not want processed as described in this Privacy Policy.

2.3 Voice and Audio Information

If you use voice features, we may process voice recordings, transcripts, audio metadata, language settings, and related technical information to provide voice conversations, transcription, safety features, troubleshooting, and quality controls. Where required by law, we will request consent before processing voice or audio information.

2.4 Device, Log, and Usage Information

We may collect technical and usage information such as IP address, browser type, device model, operating system, app version, device identifiers, installation identifiers, language settings, time zone, crash reports, diagnostic logs, session dates and times, feature usage, performance data, and how you interact with the Services.

2.5 Trial, Plan, Subscription, and Billing Information

To administer our Free plan, 72-hour trial, and paid Extended Support subscription, we may process information such as your current plan type and status, trial start and end time, feature access status, renewal period, subscription status, transaction identifiers, billing country, tax-related information, app-store receipt data, refund or cancellation status, and limited payment method details where provided by a payment processor or app store.

Payments for mobile applications may be processed by third-party platforms such as the Apple App Store or Google Play. When those platforms process your payment, your payment information is handled by them under their own terms and privacy policies. Heliex does not receive or store your full payment card number, bank account credentials, or card security code.

2.6 Cookies, Analytics, and Similar Technologies

We and our service providers may use cookies, SDKs, pixels, local storage, analytics tools, and similar technologies to operate the Services, remember preferences, measure performance, understand usage, detect fraud or abuse, improve features, and comply with legal obligations. Where required by law, we will request consent for non-essential cookies or similar technologies.

2.7 Information From Third-Party Platforms

If you sign in through, connect, or purchase through a third-party platform, such as Google, Apple, or Google Play, we may receive information that the platform makes available to us, such as account identifiers, email address, profile information, app-store receipt data, transaction status, and other information you authorize or that is necessary to provide the Services.

The Services' use and transfer of information received from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use requirements, where applicable.

3. How We Use Personal Information

We use personal information for the following purposes:

• Provide and operate the Services: to create and manage accounts, authenticate users, provide AI conversations, voice features, Practices, the Heliex Advanced Safety Protocol™, history, synchronization, and customer support.
• Administer plans and subscriptions: to provide the Free plan, manage the 72-hour trial, unlock or restrict Extended Support features, process renewals, verify app-store receipts, communicate about subscription status, and prevent trial or subscription abuse.
• Improve and develop the Services: to understand usage, diagnose issues, conduct research, develop new features, improve performance, and evaluate service quality.
• Safety, integrity, and misuse prevention: to detect, prevent, investigate, and respond to fraud, spam, abuse, security incidents, policy violations, illegal activity, and risks to users, the public, or our Services.
• Communications: to send account, service, security, subscription, trial, billing, support, and policy-related messages. Where permitted by law, we may also send optional marketing communications, which you may opt out of at any time.
• Legal and business purposes: to comply with laws, tax and accounting requirements, app-store obligations, valid legal processes, enforce our Terms of Use, protect rights and property, and support corporate transactions.

4. Sensitive Personal Information and Mental Well-Being Information

Because Heliex is a mental well-being product, the information you choose to provide may reveal sensitive details about your emotional state, mental well-being, health-related concerns, relationships, or personal life. We process this information only as necessary to provide, secure, maintain, and improve the Services, comply with law, enforce our policies, protect users, and fulfill the purposes described in this Privacy Policy.

Where applicable law requires explicit consent for the processing of sensitive personal information, including information related to mental or emotional well-being, we will rely on your explicit consent or another legally available basis. You may withdraw consent where consent is the basis for processing, subject to legal or contractual limitations.

We do not sell your sensitive personal information. We do not use sensitive mental well-being Content for targeted advertising. We do not use your private Content to train public AI models unless you have expressly opted in or we have provided a separate notice and obtained any required consent.

5. Aggregated, De-Identified, and Anonymized Information

We may aggregate, de-identify, or anonymize personal information so that it no longer identifies you, and use that information to evaluate service performance, improve features, conduct research, generate statistics, publish high-level insights, and support business purposes. We will not attempt to re-identify information that we maintain in anonymized form, except where permitted by law for security, compliance, or validation purposes.

6. How We Share Personal Information

We may share personal information in the following circumstances:

• Service providers and processors: with companies that help us provide hosting, cloud infrastructure, analytics, crash reporting, customer support, communications, fraud prevention, security, payments, subscription management, app-store receipt validation, and other operational services.
• App stores and payment processors: with Apple, Google Play, payment processors, and related providers as needed to process payments, verify subscriptions, manage refunds, prevent fraud, and comply with platform requirements.
• Professional advisors: with lawyers, auditors, accountants, insurers, and other advisors where necessary for business, legal, financial, or compliance purposes.
• Corporate transactions: in connection with a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, transition of service, or similar transaction, subject to appropriate safeguards where required by law.
• Legal, safety, and protection purposes: with courts, regulators, law enforcement, government authorities, or other parties when we believe disclosure is required by law or reasonably necessary to protect rights, property, safety, security, users, the public, or the integrity of the Services.
• With your direction or consent: when you instruct us to share information, connect a third-party service, use an integration, or otherwise consent to disclosure.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising unless we provide any notice and opt-out rights required by applicable law.

7. Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, maintain your account, fulfill the purposes described in this Privacy Policy, resolve disputes, enforce agreements, maintain security, prevent fraud or abuse, comply with legal obligations, and protect our rights.

Retention periods depend on the category of information, the purposes of processing, account status, user settings, legal requirements, the sensitivity of the information, and the risk of harm from unauthorized use or disclosure. When information is no longer needed, we will delete it, de-identify it, anonymize it, or retain it only as permitted or required by law.

8. Security

We use reasonable technical, administrative, and organizational measures designed to protect personal information from unauthorized access, disclosure, alteration, loss, misuse, or destruction. These measures may include access controls, encryption in transit or at rest where appropriate, internal policies, monitoring, and vendor review.

No method of transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your account credentials and for using the Services in a secure environment.

9. International Data Transfers

We are based in the United States, and your personal information may be processed in the United States or other countries where we, our affiliates, or our service providers operate. These countries may have data protection laws that differ from those in your country.

Where required by law, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses, the UK International Data Transfer Addendum or Agreement, adequacy decisions, or other legally recognized mechanisms.

10. Your Privacy Rights and Choices

Depending on your location and applicable law, you may have rights to:

• Access or receive a copy of personal information we hold about you.
• Correct inaccurate or incomplete personal information.
• Delete personal information.
• Restrict or object to certain processing.
• Withdraw consent where processing is based on consent.
• Request portability of your personal information.
• Opt out of certain processing, such as sale, sharing, targeted advertising, or certain uses of sensitive personal information, where applicable.
• Appeal a decision we make about a privacy request, where applicable.
• Lodge a complaint with your local data protection authority.

You may exercise privacy rights by contacting us at privacy@heliex.ai. To protect your information, we may need to verify your identity, account ownership, residency, or authority to act on behalf of another person before fulfilling a request. We will not discriminate against you for exercising privacy rights.

11. Legal Bases for Processing in the EEA, UK, and Similar Jurisdictions

If you are located in the European Economic Area, United Kingdom, Switzerland, or another jurisdiction that requires a legal basis for processing, we process personal information under one or more of the following legal bases:

• Performance of a contract: to provide the Services, maintain your account, administer the Free plan, trial, and Extended Support, process subscription status, provide customer support, and enforce the Terms of Use.
• Legitimate interests: to secure, maintain, improve, and analyze the Services; prevent fraud and abuse; protect users and the public; communicate with you; and support business operations, where those interests are not overridden by your rights and interests.
• Consent: where we ask for consent, including where required for sensitive personal information, certain cookies or analytics technologies, marketing communications, or optional features.
• Legal obligations: to comply with tax, accounting, consumer protection, platform, regulatory, court, and other legal requirements.
• Vital interests or public interest: where applicable and legally permitted, to protect someone's life, safety, or essential interests.

If we appoint a Data Protection Officer or representative for a jurisdiction, we will identify that person or entity in this Privacy Policy or another privacy notice. You may contact us at dpo@heliex.ai for GDPR-related questions.

12. Additional Information for Users in the United States

Residents of certain U.S. states may have additional privacy rights under state privacy laws, including rights to know, access, delete, correct, port, opt out of certain processing, limit certain uses of sensitive personal information, and appeal privacy decisions. We will honor applicable rights as required by law.

We do not sell personal information. We do not use sensitive mental well-being information for targeted advertising. If our practices change in a way that requires additional notice, consent, or opt-out rights, we will provide them as required by applicable law.

13. Health Privacy and Breach Notifications

Heliex is not a healthcare provider, and the Services are not intended to create a provider-patient relationship. However, because users may choose to provide information related to mental well-being or emotional state, certain privacy, security, consumer protection, or breach notification laws may apply depending on the facts and your jurisdiction.

If we discover a security incident involving personal information, health-related information, or sensitive information, we will evaluate the incident and provide notices to affected users, regulators, app stores, or other parties where required by applicable law.

14. Children and Minors

The Services are not directed to children under 13. You must be at least 18 years old or meet the minimum age required in your country to use the Services, unless you have valid parental or legal guardian consent where permitted by applicable law and our Terms of Use. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, please contact us at privacy@heliex.ai.

15. Third-Party Links, Platforms, and Services

The Services may include links to third-party websites, platforms, payment systems, app stores, integrations, or services. Their privacy practices are governed by their own policies, not this Privacy Policy. We encourage you to review the privacy policies of third-party services before using them.

16. Subscription, Trial, and Service Communications

We may send you transactional or service messages related to your account, security, 72-hour trial, Free plan, Extended Support subscription, billing status, renewal reminders, cancellations, refunds, price changes, policy updates, or important service notices. These communications are necessary to provide the Services and may not be fully opt-out while you maintain an active account or subscription.

Where permitted by law, we may send optional marketing communications about new features, plans, promotions, or product updates. You can opt out of marketing emails at any time by using the unsubscribe link in the message or by contacting us. Opting out of marketing communications will not affect transactional or service messages.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the "Last updated" date. If a change materially affects your privacy rights or how we process personal information, we will provide additional notice where required by law.

18. Contact Us

Please contact us at privacy@heliex.ai if you have questions, concerns, or requests related to this Privacy Policy or our privacy practices.