back to sign in

hiro

Privacy Policy

Last updated: March 25, 2026

1. Introduction

Hiro ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service, including when you sign in via Google OAuth or email-based authentication. By using Hiro, you agree to the practices described in this policy.

2. Information We Collect

We may collect the following types of information:

  • Account information: When you sign up or sign in (including via Google), we receive your name, email address, and profile picture. We do not receive or store your Google password.
  • Usage data: Information about how you interact with the Service, such as call history, feature usage, and session data. This data is anonymized and aggregated wherever possible.
  • Call data: Details related to calls made through Hiro, including call descriptions, transcripts, and outcomes. This data is encrypted at rest and in transit.
  • Device and browser data: Basic technical information such as browser type, operating system, and IP address, collected automatically for security and service improvement purposes.

3. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Service
  • Authenticate your identity and manage your account
  • Process and execute AI-powered phone calls on your behalf
  • Improve and optimize the Service through anonymized analytics
  • Communicate with you about your account or the Service
  • Detect and prevent fraud, abuse, or security incidents

4. Data Protection and Security

We take the security of your data seriously and implement industry-standard measures to protect it:

  • Encryption: All data is encrypted both in transit (TLS/SSL) and at rest using AES-256 encryption.
  • Anonymization: Personal data is anonymized wherever possible. Analytics and usage data are aggregated so that individual users cannot be identified.
  • Access controls: Your personal data is not accessed, viewed, or reviewed by Hiro staff unless strictly required for technical support you have explicitly requested, or to comply with legal obligations.
  • Infrastructure: We use secure, reputable cloud infrastructure with regular security audits and monitoring.

5. Google OAuth and Third-Party Authentication

When you sign in with Google, we use Google OAuth 2.0 to authenticate your identity. We only request the minimum scopes necessary (your email address and basic profile information). We do not access your Google contacts, calendar, drive, or any other Google services. Your Google credentials are never stored on our servers — authentication is handled securely through Google's OAuth protocol.

6. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share data only in the following circumstances:

  • With service providers who help us operate the Service (e.g., cloud hosting, authentication), bound by strict data processing agreements
  • When required by law, regulation, or legal process
  • To protect the rights, safety, or property of Hiro, our users, or the public

7. Data Retention

We retain your personal data only for as long as necessary to provide the Service and fulfill the purposes described in this policy. When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing of your data
  • Request a portable copy of your data
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at support@hiro.ai.

9. Cookies and Local Storage

We use browser local storage to maintain your session and preferences. We do not use third-party tracking cookies. Any analytics data collected is anonymized and used solely for improving the Service.

10. Children's Privacy

Hiro is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

12. Contact

If you have questions or concerns about this Privacy Policy, please contact us at support@hiro.ai.