Privacy Policy

Account data. When you sign up, we collect your name, email address, and phone number. If you upgrade to a paid plan, billing details are handled by our payment processor (Stripe) — we never store full card numbers.

Business data you upload. Hum processes the files, Google Sheets, and API responses you connect. This may include product catalogs, order records, customer lists, and other operational data. You own this data entirely.

WhatsApp messages. To answer your questions, Hum receives the WhatsApp messages you send to your registered number via the WhatsApp Business API. Message content is processed to generate answers and is not retained beyond the session except where you opt in to query logging.

Usage data. We log which queries ran, response latency, and error rates. We use this to improve the service, not to profile individuals.

Device and browser data. Standard web analytics — browser type, OS, referring URL, and pages visited. We do not use third-party ad trackers.

To deliver the service. We process your data to answer WhatsApp queries, refresh data sources, and display results in your dashboard.

To improve Hum. Aggregate, anonymised query patterns help us tune our AI pipeline. We never train models on your identifiable business data.

To communicate with you. We send transactional emails (receipts, password resets, outage notices). We may send product updates — you can opt out at any time.

To comply with the law. We may process or disclose data where required by applicable law or valid legal process.

Data is stored on servers in [AWS / GCP] within the India (ap-south-1) region. We use encryption at rest (AES-256) and in transit (TLS 1.2+).

Access to production data is restricted to authorised engineers and is logged. We are working toward SOC 2 Type II certification; compliance documentation is available on request under our Scale plan.

We retain your business data for as long as your account is active. Upon account closure, your uploaded data is deleted within 30 days. Query logs are deleted within 90 days.

Hum integrates with the WhatsApp Business Platform, operated by Meta Platforms Ireland Limited. By registering a WhatsApp number with Hum, you agree to comply with Meta's Business Terms of Service and the WhatsApp Business Policy.

We act as a data processor on your behalf for WhatsApp message handling. Your end users who message your WhatsApp number are subject to WhatsApp's own privacy policy.

We do not use WhatsApp message content for advertising, nor do we share it with Meta for marketing purposes.

We use a small set of sub-processors to deliver Hum: cloud infrastructure (AWS / GCP), payment processing (Stripe), transactional email (Resend), and error monitoring (Sentry). Each is bound by a data processing agreement.

Google Sheets integration requires you to grant Hum read-only access to specific sheets via OAuth. We do not access or store any Google data outside the sheets you explicitly connect.

Access and portability. You can export your uploaded data and query history from the dashboard at any time.

Correction. If your account information is incorrect, update it in Settings or contact us.

Deletion. You can delete your account and all associated data from Settings → Account → Delete account. Deletion is irreversible.

Restriction / objection. If you believe we are processing your data unlawfully, contact us. If you are in the EEA or UK, you have the right to lodge a complaint with your local data protection authority.

We use strictly necessary cookies (session management) and optional analytics cookies. You can disable analytics cookies in your browser or via our cookie banner. We do not use third-party advertising cookies.

Hum is not directed at anyone under 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, contact us and we will delete it promptly.

We may update this policy from time to time. Material changes will be notified by email at least 14 days in advance. The 'Last updated' date at the top always reflects the most recent revision.

For privacy questions, data requests, or to exercise your rights, email us at privacy@humapp.ai. We aim to respond within 5 business days.