hebra AI Privacy Policy

Hebra AI Inc.
Effective Date: September 5, 2025
Last Updated: September 5, 2025

1. Introduction

hebra AI Inc. ("we," "us," or "our") operates the hebra AI platform and website at hebra.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered fashion intelligence platform.

2. Information We Collect

2.1 Personal Information

• Contact Information: Name, email address, phone number, company name, job title
• Account Information: Login credentials, user preferences, profile information
• Communication Data: Messages, support requests, feedback, and correspondence

2.2 Business Data

• Retail/Fashion Data: Sales data, inventory information, SKU details, customer purchasing patterns
• ERP/CRM Data: Information from integrated systems (SAP, NetSuite, Salesforce, etc.)
• E-commerce Data: Platform integrations (Shopify, Magento, WooCommerce)
• Marketing Data: Campaign performance, social media analytics, ROI metrics
• Supply Chain Data: Supplier information, material sourcing, sustainability metrics

2.3 Platform Usage Data

• Analytics: Feature usage, dashboard interactions, query patterns
• Technical Data: IP addresses, device information, browser type, access logs
• Performance Data: System response times, error reports, usage statistics

3. How We Use Your Information

3.1 Service Delivery

• Provide AI-powered forecasting, inventory optimization, and business intelligence
• Generate personalized dashboards, reports, and recommendations
• Enable integrations with your existing business systems
• Process and analyze your fashion/retail data for actionable insights

3.2 Platform Improvement

• Enhance AI model accuracy and performance
• Develop new features and capabilities
• Conduct research and analytics to improve service quality
• Optimize user experience and platform functionality

3.3 Communication

• Send service updates, feature announcements, and security notifications
• Provide customer support and technical assistance
• Respond to inquiries and feedback
• Share relevant industry insights and best practices

3.4 Legal and Security

• Comply with legal obligations and regulatory requirements
• Protect against fraud, security threats, and unauthorized access
• Enforce our Terms of Service and other policies
• Respond to legal requests and court orders

4. Information Sharing and Disclosure

4.1 We Do Not Sell Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 Service Providers

We may share information with trusted third-party service providers who assist us in:

• Cloud hosting and data storage:
  • AWS (Amazon Web Services): Primary cloud infrastructure for data storage, processing, and application hosting
  • Google Cloud Platform: AI/ML workloads, data analytics, and machine learning model deployment
  • Microsoft Azure: Enterprise integration services and hybrid cloud connectivity
  • Nvidia: GPU-accelerated computing infrastructure for AI model training and inference
• Analytics and monitoring services
• Customer support platforms
• Payment processing (for subscription services)

Data Protection: All service providers are contractually bound to maintain the same level of data protection and security as outlined in this privacy policy. They are prohibited from using your information for any purpose other than providing services to hebra AI.

4.3 Business Transfers

Information may be transferred in connection with mergers, acquisitions, or asset sales, with continued protection under this policy.

4.4 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights, safety, or the rights of others.

5. Data Security

5.1 Technical Safeguards

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Infrastructure: SOC 2 Type II compliant cloud infrastructure
• Monitoring: 24/7 security monitoring and threat detection

5.2 Cloud Hosting and Data Storage

hebra AI utilizes enterprise-grade cloud infrastructure to ensure the highest levels of security, reliability, and performance for your data:

• AWS (Amazon Web Services): Primary cloud infrastructure provider with global data centers, offering advanced security features including VPC isolation, IAM access controls, and CloudTrail logging
• Google Cloud Platform: Secondary infrastructure for AI/ML workloads and data analytics, providing specialized tools for machine learning and big data processing
• Microsoft Azure: Enterprise integration services and hybrid cloud capabilities for seamless connectivity with existing business systems
• Nvidia Infrastructure: GPU-accelerated computing resources for AI model training and inference, ensuring optimal performance for our Woven Intelligence platform

Data Location and Compliance: Your data is stored in geographically distributed data centers with redundancy and backup systems. All cloud providers maintain industry-standard certifications including SOC 2, ISO 27001, and GDPR compliance frameworks.

5.3 Organizational Measures

• Employee security training and background checks
• Data handling policies and procedures
• Regular security audits and penetration testing
• Incident response and breach notification procedures

6. Data Retention

• Account Data: Retained while your account is active, plus 90 days after termination
• Business Data: Retained according to your subscription terms, typically 30 days post-termination
• Analytics Data: Aggregated, non-personal data may be retained indefinitely for service improvement
• Legal Requirements: Some data may be retained longer to comply with legal obligations

7. Your Rights and Choices

7.1 Access and Control

• Access: Request copies of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data (subject to legal requirements)
• Portability: Export your data in common formats

7.2 Communication Preferences

• Opt out of marketing communications
• Customize notification settings
• Update contact preferences

7.3 Account Management

• Modify privacy settings
• Manage data sharing preferences
• Close your account

8. International Data Transfers

hebra AI operates globally. Your information may be transferred to and processed in countries other than your residence. We ensure appropriate safeguards for international transfers through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by relevant authorities
• Other legally approved transfer mechanisms

9. Children's Privacy

Our services are not intended for individuals under 18. We do not knowingly collect personal information from children under 18.

10. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

• Post updated policies on our website
• Notify users of material changes via email or platform notifications
• Provide 30 days' notice for significant changes affecting data use

11. Contact Information

For privacy-related questions or requests:
Hebra AI Inc.
Email: privacy@hebra.ai
Address:
455 Market St Ste 1940
PMB 821158
San Francisco, California 94105-2448 US
Data Protection Officer: dpo@hebra.ai

12. Regional Privacy Rights

12.1 European Union (GDPR)

If you are in the EU, you have additional rights under GDPR, including:

• Right to object to processing
• Right to restrict processing
• Right to lodge complaints with supervisory authorities

12.2 California (CCPA)

California residents have rights including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale (we do not sell personal information)
• Right to non-discrimination

12.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate.