Privacy Policy

Introduction

Homard Cloud (“we”, “us”, or “our”) operates the homard.cloud platform, a software-as-a-service that enables users to deploy and manage AI assistant bots across messaging channels. We are committed to protecting the privacy and personal information of our users in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec's Act respecting the protection of personal information in the private sector (Law 25), and all applicable Canadian privacy legislation. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services.

Information We Collect

We collect the following categories of personal information in the course of providing our services:

• Account information: your name, email address, and authentication credentials (including OAuth tokens when you sign in via GitHub or Google).
• Billing information: payment details processed securely through Stripe, including subscription plan, billing period, and transaction history. We do not store your full credit card number on our servers.
• Usage data: bot configuration details, messaging channel preferences, LLM routing settings, deployment logs, and service usage metrics necessary to operate and improve our platform.
• Technical data: IP address, browser type, device information, and cookies used to maintain your session and ensure platform security.

How We Use Your Information

We use your personal information for the following purposes, each of which constitutes a legitimate and identified purpose under PIPEDA:

• To provide, operate, and maintain your AI assistant bots and associated platform services, including provisioning infrastructure and managing deployments.
• To process payments, manage your subscription, and send transactional communications such as billing receipts, service alerts, and account notifications.
• To improve the reliability, performance, and security of our platform through aggregated analytics, error monitoring, and audit logging.
• To communicate with you regarding service updates, security advisories, and, with your consent, promotional offers related to our services.

Disclosure of Information

We do not sell, rent, or trade your personal information. We may share your data with trusted third-party service providers who assist us in operating our platform, including: Stripe for payment processing, Fly.io for infrastructure provisioning, Resend for transactional email delivery, Neon for database hosting, and Cloudflare for content delivery and security. These providers are contractually bound to process your data only for the purposes we specify and in accordance with applicable privacy laws. We may also disclose your information where required by law, court order, or governmental regulation, or where necessary to protect the rights, property, or safety of Homard Cloud, our users, or the public.

Cookies and Tracking Technologies

We use strictly necessary cookies to maintain your authenticated session and ensure the proper functioning of our platform. These cookies do not track you across third-party websites and are essential for service delivery. We do not use advertising cookies or third-party tracking scripts. If we introduce optional analytics cookies in the future, we will obtain your express consent before placing them, in compliance with Law 25 and PIPEDA.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Account data is retained for the duration of your active subscription and for a reasonable period thereafter to comply with legal, accounting, and audit obligations. Upon account deletion, we will erase or anonymize your personal data within 30 days, except where retention is required by applicable law. Audit logs and aggregated, de-identified analytics data may be retained for a longer period for security and service improvement purposes.

Your Privacy Rights

Under PIPEDA and Quebec Law 25, you have the following rights with respect to your personal information:

• Right of access: You may request a copy of the personal information we hold about you, and we will respond within 30 days of your request.
• Right of rectification: You may request that we correct any inaccurate or incomplete personal information in our records.
• Right of deletion: You may request the deletion of your personal information, subject to legal retention obligations. You can also delete your account directly from your dashboard settings.
• Right to withdraw consent: You may withdraw your consent to the processing of your personal information at any time by contacting us, understanding that withdrawal may affect your ability to use certain features of the platform.

PIPEDA and Quebec Law 25 Compliance

As a Canadian company, Homard Cloud complies with PIPEDA and Quebec's Law 25 (Act respecting the protection of personal information in the private sector). We have designated a person responsible for the protection of personal information within our organization. We conduct privacy impact assessments for new features and services that involve the collection of personal information. In the event of a confidentiality incident that poses a risk of serious injury, we will notify the Commission d'accès à l'information du Québec and affected individuals in accordance with applicable timelines. Your personal data is primarily stored and processed in Canada and the United States. Where data is transferred outside of Quebec or Canada, we ensure that adequate safeguards are in place as required by applicable law.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or need to report a privacy concern, please contact our privacy officer at contact@homard.cloud. We will acknowledge your request within 10 business days and provide a substantive response within 30 days, as required under PIPEDA.