HELP.AI
Get early access

HELP.AI

Privacy Policy

How HelpAI Global Inc. ("HelpAI", "we", "us") collects, uses, protects, shares, and lets you control information when you use our websites, applications, and AI agent platform (the "Services").

Last updated July 6, 2026

1. Who we are

HelpAI Global Inc. ("HelpAI") is a Canadian company and is the organization responsible for the personal information described in this policy. For privacy questions or to exercise your rights, contact our Privacy Officer at privacy@help.ai.

2. Scope and your role

  • If you create an account, manage a workspace, or buy a plan, HelpAI is the organization / controller responsible for your personal information and this policy applies to you directly.
  • If you are an end visitor chatting with an AI agent that a HelpAI customer deployed, that customer is responsible for your conversation data; HelpAI processes it on their behalf under a data processing agreement, and the customer's own privacy notice governs.
  • This policy does not change any separate written agreement (e.g., a Master Services Agreement or Data Processing Agreement) you have with HelpAI, which prevails if it conflicts.

3. Information we collect

  • Account & profile: name, email, password/authentication credentials, workspace and team membership, roles, and preferences.
  • Workspace content: agents, prompts, knowledge Library items and uploaded files, forms and submissions, content, deployments, and configuration you create.
  • Conversation data: messages, attachments, feedback, and metadata exchanged with AI agents (including end-visitor conversations processed for our customers).
  • Connected-integration data: information we access, with your authorization, from third-party services you link via OAuth (e.g., Google, Meta/Facebook, GitHub, Slack) — see §6.
  • Billing data: plan, transaction and invoice metadata, and limited card details handled by our payment processor (we do not store full card numbers).
  • Technical & usage data: device, browser, IP address, approximate location, log data, product events, and diagnostics.
  • Cookies and similar technologies (see §15).
  • Support and communications: messages you send us and their contents.

4. How we collect it and consent

We collect information directly from you (when you register, configure the product, or contact us); automatically (through logs, cookies, and product telemetry); from integrations you explicitly connect (via OAuth, only within the scopes you grant); and from our customers or their end visitors when we act as a processor. Consistent with Canada's PIPEDA, we obtain your consent to collect, use, and disclose personal information for the purposes we identify, and you may withdraw consent (subject to legal or contractual limits) at any time by contacting privacy@help.ai.

5. Why we use information (purposes and legal bases)

  • To create your account and provide, maintain, and bill for the Services (performance of a contract).
  • To secure the Services, prevent abuse, debug, and measure and improve reliability and features — using aggregated or de-identified data where feasible (legitimate interests).
  • For optional cookies/analytics, marketing where required, and connecting a third-party integration (consent, which you may withdraw).
  • To meet tax, accounting, security, and lawful-request obligations (legal obligation).
  • For EEA/UK users, these correspond to the GDPR legal bases; for all users, we limit use to purposes a reasonable person would consider appropriate under PIPEDA.

6. Third-party integrations and OAuth data access

When you connect a third-party account, you authorize HelpAI to access data from that service using the specific OAuth scopes you approve, solely to operate the feature you enabled (for example, retrieving documents to answer questions, or sending a message you asked an agent to send). We request the least access necessary, access data only while the connection is active, and you can disconnect at any time in the product or in the provider's security settings, which revokes our access going forward. We never sell connected-integration data, do not use it for advertising, and do not use it to train generalized or foundation AI models (see §8).

  • Google: our access to and use of data from Google APIs follows the Google API Services User Data Policy, including the Limited Use requirements — detailed in §7.
  • Meta / Facebook: we comply with the Meta Platform Terms and Developer Policies, use only the permissions you granted, and use Meta data only to provide the features you enabled.
  • GitHub: we use GitHub OAuth and API data (e.g., repositories or issues you authorize) only to power the connected feature, in line with the GitHub Terms of Service and Acceptable Use Policies.
  • Slack: we use Slack OAuth scopes only to deliver the connected functionality (e.g., posting or reading messages you authorize), in line with the Slack API Terms of Service.
  • You can review and revoke HelpAI's access from each provider's connected-apps/security page at any time.

7. Google API Services — Limited Use

HelpAI's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve the user-facing features you enabled in HelpAI.
  • We do not transfer or sell Google user data, except as necessary to provide or improve those features, to comply with applicable law, or as part of a merger/acquisition (with continued protection).
  • We do not use Google user data for advertising, and do not transfer it to determine creditworthiness or for lending.
  • We do not allow humans to read Google user data unless: we have your explicit consent to view specific data; it is necessary for security purposes (e.g., investigating abuse); to comply with applicable law; or the data is aggregated and anonymized for internal operations.
  • We do not use Google user data to develop, improve, or train generalized/non-personalized AI or machine-learning models.

8. AI, machine learning, and your data

HelpAI does not use your workspace content, conversation data, or connected-integration data to train, fine-tune, or improve any generalized or foundation AI/ML models, and we do not permit our model providers to do so. To generate responses, relevant context is sent to AI model providers acting as our sub-processors under agreements that prohibit using your data to train their models. Model output is provided "as is" and may be inaccurate; you are responsible for reviewing it before you rely on it.

9. How we use information

We use information to operate, secure, and provide the Services; authenticate accounts and enforce roles; run AI agents and integrations you configure; process billing; provide support; detect, prevent, and investigate fraud, abuse, and security incidents; measure and improve reliability, performance, and features (using aggregated/de-identified data where feasible); and send service, security, and — where permitted — product communications.

10. Sharing and service providers

We do not sell personal information. We share information only with service providers that help us run the Services, under contracts that limit them to processing on our instructions and to standards comparable to our own.

  • Cloud hosting and infrastructure providers.
  • AI model providers (to generate agent responses, under no-training terms).
  • Payment processors (billing) and email/notification providers.
  • Analytics, error-monitoring, and security providers.
  • Support tooling.
  • Professional advisors, and authorities where required by law or to protect rights and safety.
  • A successor entity in connection with a merger, acquisition, or asset sale, with continued protection of your information.

11. International storage and transfers

HelpAI is based in Canada and may process and store information in Canada, the United States, and other countries where we or our service providers operate. While information is outside your country, it may be accessible to courts, law enforcement, and authorities under applicable law. Where we transfer personal data out of the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum. We remain accountable for information transferred to our service providers, consistent with PIPEDA.

12. How long we keep information

We keep personal information only as long as needed for the purposes above, then delete or de-identify it. Retention depends on your account and workspace status and settings, the type of data, backup cycles, and our legal, tax, security, and dispute-resolution obligations. When you delete workspace content or close an account, we delete or anonymize associated personal information within a commercially reasonable period, subject to backups and legal holds.

13. Security and accuracy

We use technical, organizational, and physical safeguards appropriate to the sensitivity of the information, including encryption in transit and at rest, access controls and least-privilege, network protections, logging and monitoring, and periodic review. We take reasonable steps to keep personal information accurate and up to date. No method of transmission or storage is perfectly secure, but we work to protect your data and to notify affected individuals and regulators of qualifying breaches as required by applicable law (including PIPEDA's breach-of-security-safeguards obligations).

14. Your privacy rights

  • Canada (PIPEDA): you may request access to the personal information we hold about you and how it has been used and disclosed, ask us to correct inaccuracies, and withdraw consent (subject to legal/contractual limits). If you have an unresolved concern you may contact the Office of the Privacy Commissioner of Canada.
  • EEA / UK / Switzerland (GDPR): rights of access, rectification, erasure, restriction, objection, portability, and to withdraw consent; and to complain to your local supervisory authority.
  • California (CCPA/CPRA) and other US states: rights to know, delete, and correct personal information; to opt out of the "sale" or "sharing" of personal information (HelpAI does not sell or share your personal information as those terms are defined); and to non-discrimination for exercising your rights.
  • To exercise any of these rights, email privacy@help.ai (an authorized agent may act for you). We will verify your request and respond within the time required by applicable law.

15. Cookies and similar technologies

We use strictly necessary cookies to run the Services and, with your consent where required, functional and analytics cookies to remember preferences and understand usage. You can manage non-essential cookies through our cookie controls and your browser settings. See our Cookies page for details.

16. Children

The Services are not directed to children under 16, and we do not knowingly collect their personal information. If you believe a child provided us personal information, contact privacy@help.ai and we will delete it.

17. Changes to this policy

We may update this policy to reflect changes to the Services or the law. We will post the updated version with a new "Last updated" date and, for material changes, provide additional notice where required.

18. Contact us

  • Privacy requests, questions, and to reach our Privacy Officer: privacy@help.ai.
  • General support: support@help.ai.
  • We respond to verified requests within the time required by applicable law.