Legal

Privacy Policy

Last updated: February 18, 2026

1. Introduction

Hylo (“we,” “our,” or “us”) operates hylo.pro and the Hylo Knowledge API at api.hylo.pro. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Hylo, you agree to the collection and use of information described in this policy. If you have questions, contact us at support@hylo.pro.

2. Information We Collect

Account Information

  • Email address and name (provided at signup)
  • GitHub profile data (username, avatar) if you sign in with GitHub OAuth — only what GitHub makes available with your permission

API Usage Data

  • API request logs: endpoint called, timestamp, HTTP response code
  • Daily request counts for rate limiting and usage dashboards

Payment Information

  • Payments are processed by Stripe. We never store credit card numbers directly.
  • We store your Stripe customer ID and subscription status to manage your plan.

Technical Data

  • IP address, user agent, and browser type from standard web server logs

3. How We Use Your Information

  • Provide and maintain the Hylo API service
  • Authenticate API requests via API keys
  • Enforce rate limits and monitor usage
  • Process payments via Stripe
  • Send transactional emails (account confirmations, billing receipts, security alerts)
  • Improve the service and diagnose bugs

4. Data Sharing

We do not sell your personal data. We share information only in the following limited circumstances:

Third-Party Services We Use

  • Supabase — Authentication, database hosting
  • Stripe — Payment processing
  • Vercel — Website hosting

We may also share data when required by law, court order, or to protect the rights and safety of Hylo and its users.

5. Data Retention

  • Account data is retained for as long as your account is active.
  • API request logs are retained for 90 days.
  • You can request deletion of your data at any time by emailing support@hylo.pro.

6. Security

  • API keys are hashed before storage — we cannot read your raw key.
  • All traffic is encrypted in transit via TLS (HTTPS).
  • We follow industry-standard security practices and review them regularly.

7. Your Rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, email us at support@hylo.pro.

If you are in the EU or California, you may have additional rights under GDPR or CCPA. We will honor all lawful requests.

8. Cookies

We use minimal cookies — only what is required for authentication sessions. We do not use third-party tracking, advertising, or analytics cookies.

9. Changes to This Policy

We will notify you by email for any material changes to this policy. Continued use of Hylo after a policy update constitutes acceptance of the updated terms. We encourage you to review this page periodically.

10. Contact

Questions about this Privacy Policy? Email us at support@hylo.pro.

← Back to homeTerms of Service →