Privacy Policy

Personal Information

We may collect personal information that you voluntarily provide to us, including but not limited to:

• Name and contact information (email, phone number)
• Company name and job title
• Account credentials
• Payment and billing information

Automatically Collected Information

When you access our services, we automatically collect certain information:

• IP address and device information
• Browser type and version
• Usage data and analytics
• Cookies and similar tracking technologies

Use of Prompts and AI Inputs

When you interact with our AI services, the prompts, questions, and other inputs you provide may be processed and stored for the following purposes:

• To provide you with AI-generated responses and fulfill your immediate requests
• To improve the quality, accuracy, and safety of our AI models
• To detect and prevent abuse, harmful content, or misuse of our services
• To comply with legal obligations and enforce our terms of service

AI Model Training

Your prompts and interactions with our AI services may be used to train and improve our AI models, unless you have opted out or are using a service tier that specifically excludes training data usage. This helps us:

• Enhance model performance and accuracy
• Reduce biases and improve fairness
• Develop new features and capabilities
• Ensure models remain current and effective

Before using your data for model training, we take steps to minimize privacy risks, including:

• Removing or anonymizing personally identifiable information where possible
• Implementing technical safeguards to protect training data
• Reviewing data for sensitive or confidential information

Your Control Over AI Training Data

Depending on the product or service you use, you may have options to control how your prompts and AI interactions are used:

• Opt-Out Options: Some services allow you to opt out of having your data used for model training
• Enterprise Plans: Business and enterprise customers may have contractual agreements that exclude their data from training sets
• Data Deletion: You may request deletion of your prompts and interaction history, subject to legal and operational requirements

Please consult the privacy policy specific to the product or service you are using for detailed information about available controls and options.

Best Practices for Users

To protect your privacy when using AI services, we recommend:

• Avoid sharing sensitive personal information, financial data, or confidential business information in prompts
• Review your organization's data handling policies before using AI tools for work
• Use enterprise or business plans if you require stronger data protection guarantees
• Regularly review and delete your conversation history if available

Service Providers

We may share data with trusted third-party service providers who assist us in operating our business, such as cloud hosting, analytics, and payment processing.

Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or to protect our rights and safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

Data Controller Information

For the purposes of GDPR, Hardmax LLC acts as the data controller for personal data collected from EU and UK residents. You can contact our Data Protection Officer using the contact information provided in the Contact Us section.

Legal Basis for Processing

We process your personal data under the following legal bases as defined by GDPR:

• Consent: When you have given explicit consent for specific processing activities
• Contract Performance: When processing is necessary to fulfill our contractual obligations to you
• Legal Obligation: When we must process data to comply with legal requirements
• Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms

Your GDPR Rights

Under GDPR, EU and UK residents have enhanced rights regarding their personal data:

• Right to Access: Obtain confirmation of processing and access to your personal data
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request limitation of processing in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing
• Right to Lodge a Complaint: File a complaint with your local supervisory authority

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Our retention periods are determined based on:

• The nature of the data collected
• The purposes for which it was collected
• Legal and regulatory requirements
• Legitimate business needs and interests

International Data Transfers

When we transfer personal data from the EU or UK to countries outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

• European Commission-approved Standard Contractual Clauses (SCCs)
• Transfers to countries with adequacy decisions
• Other legally recognized transfer mechanisms under GDPR

Automated Decision-Making

We may use automated processing and profiling for certain AI-powered features. You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significant effects. When we use such processes, we will inform you and provide an opportunity to contest the decision.

Google Analytics 4

We use Google Analytics 4 to collect anonymous usage statistics, including:

• Pages visited and time spent on each page
• Geographic location (country/city level)
• Browser type and device information
• Traffic sources and referrers

This data helps us understand how visitors interact with our website and identify areas for improvement. Google Analytics uses cookies to track user behavior across sessions.

Google Consent Mode v2

We implement Google Consent Mode v2, which means:

• Default Denied: Analytics cookies are NOT set until you explicitly accept
• Cookieless Pings: If you decline, only anonymous, non-personalized data is sent
• Full Respect: Your choice is immediately honored across all Google services

Consent Preference Storage

Your cookie consent choice is stored in your browser's localStorage (not a cookie). This preference persists across sessions but is device-specific. You can change your choice by clearing your browser data, which will show the consent banner again.

No Other Tracking

We do NOT use:

• Third-party advertising cookies
• Social media tracking pixels
• Cross-site tracking technologies
• Fingerprinting or invasive tracking methods

Our only analytics tool is Google Analytics 4, and only when you consent.

GDPR Supervisory Authorities

If you are an EU or UK resident and wish to lodge a complaint regarding our data processing practices, you have the right to contact your local supervisory authority or the relevant Bulgarian authority: