Privacy Policy.

This Privacy Policy explains how MindHYVE.ai, Inc. (“MindHYVE,” “we,” “us”) handles personal data when you use our websites and products. It applies across our product lines (ArthurAI™, ChironAI™, JustineAI™, TheoAI™). Where a product processes regulated data, a product-specific notice or data-protection agreement supplements this Policy.

1. Data we collect

• Account data — name, email, organization, and authentication identifiers (via Microsoft Entra ID).
• Payment data — billing details processed by our payment processor, Stripe, Inc. We do not store full card numbers; Stripe handles card data under PCI-DSS.
• Usage data — logs, device and diagnostic information used to operate and secure the Services.
• Customer Content — the prompts, documents, and data you submit to the Services, which may include regulated data depending on the product.

2. How we use data

• Provide, operate, secure, and improve the Services.
• Process payments, manage subscriptions, and prevent fraud.
• Provide support and send service-related communications.
• Comply with legal obligations and enforce our terms.

We do not sell personal data. We do not use Customer Content to train shared foundation models without a lawful basis and, where required, your explicit consent.

3. Legal bases (GDPR)

Where the GDPR applies, we rely on performance of a contract, our legitimate interests in operating and securing the Services, your consent (where required), and compliance with legal obligations.

4. How we share data

We share personal data only with:

• Infrastructure providers — Microsoft Azure (Eve-Grid™) for hosting, storage, identity (Entra ID), and security.
• Payment processor — Stripe, Inc. for billing and fraud prevention.
• Legal and safety — where required by law or to protect rights and safety.

We do not permit subprocessors to use your data for their own purposes. A current subprocessor list is available on request.

5. Regulated data

Some products process data subject to specific laws. Where ChironAI™ processes Protected Health Information, we act as a Business Associate under HIPAA and a Business Associate Agreement governs that processing. Where ArthurAI™ processes student records, we handle them consistent with FERPA. We do not knowingly collect data from children under 13 without verifiable parental consent (COPPA).

6. Data residency and security

Data is encrypted in transit and at rest. Regulated data is kept in the appropriate region — ChironAI™ PHI remains in United States regions. We apply zero-trust access controls, Azure-managed (or customer-managed, for PHI) encryption keys, and audit logging via Azure Monitor.

7. Retention

We retain personal data only as long as needed for the purposes above or as required by law, after which it is deleted or de-identified. Each data store has a defined retention period or lifecycle policy.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to withdraw consent. California residents have rights under the CCPA/CPRA, including the right to know and to delete, and we do not sell or share personal data as defined by that law. To exercise a right, contact us below.

9. International transfers

We operate from the United States with regional operations in Pakistan and Kenya. Where we transfer personal data internationally, we use appropriate safeguards such as Standard Contractual Clauses.

10. Cookies and analytics

Our public websites use first-party cookies and similar technologies to operate the site and to understand how it is used. We use Microsoft Clarity, which records anonymized session interactions and heatmaps using first-party cookies, and Microsoft Azure Application Insights for performance and error diagnostics. We disable cross-advertising identity syncing, do not use third-party advertising trackers, and do not sell personal data. Where consent is legally required for non-essential analytics, we honor it, and you can block or delete cookies through your browser settings.

11. Changes

We may update this Policy. Material changes will be posted here with a new effective date.

12. Contact

For privacy questions or to exercise a right, contact hello@mindhyve.ai or write to MindHYVE.ai, Inc., 1501 Quail St, Suite 130, Newport Beach, CA 92660, USA. See also our Terms of Service.