H
HEVFY

Privacy Policy

Last updated: February 15, 2026

1. Introduction

HEVFY ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our report automation platform at hevyf.com (the "Service").

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Workspace Information: Workspace name, settings, and configuration preferences
  • Files You Upload: CSV, Excel, and other data files you upload for report generation
  • Generated Reports: Reports and scripts created through our platform
  • Chat Messages: Conversations with our AI assistant to describe your report requirements

2.2 Automatically Collected Information

  • Usage Data: How you interact with the Service, features used, and execution history
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and pages viewed

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Generate Python scripts based on your data and requirements
  • Process and execute your report generation requests
  • Communicate with you about the Service, updates, and support
  • Analyze usage patterns to improve our AI models and features
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service

4. Data Storage and Security

4.1 Where Your Data is Stored

  • Database: Supabase (PostgreSQL) with encryption at rest
  • File Storage: Cloudflare R2 with secure, private buckets
  • Processing: Modal.com or your own infrastructure (self-hosted option)

4.2 Security Measures

  • Industry-standard encryption for data in transit (TLS/HTTPS)
  • Encryption at rest for all stored data
  • Row Level Security (RLS) to isolate workspace data
  • Regular security audits and vulnerability assessments
  • Secure authentication via Supabase Auth

Important: While we implement industry-standard security measures, no method of transmission over the Internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Supabase, Cloudflare, Modal.com, and OpenAI for service operation
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share information

Third-Party Services

  • OpenAI: Processes your file samples (first 25 rows only) and requirements to generate scripts
  • Supabase: Hosts your database with PostgreSQL and handles authentication
  • Cloudflare R2: Stores your uploaded and generated files
  • Modal.com: Executes Python scripts (optional - you can self-host)

6. Your Data Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and associated data
  • Export: Download all your reports, scripts, and execution history
  • Objection: Object to certain processing of your data

To exercise these rights, contact us at info@hevyf.com

7. Data Retention

  • Account data is retained while your account is active
  • Uploaded files and generated reports are retained indefinitely unless you delete them
  • Chat history is stored locally in your browser (localStorage)
  • Execution logs are retained for 90 days
  • After account deletion, data is purged within 30 days

8. Cookies and Tracking

We use minimal cookies and local storage:

  • Authentication: Session cookies for login (Supabase)
  • Preferences: Theme settings and UI state in localStorage
  • Chat History: Stored locally in your browser

We do not use third-party analytics or advertising cookies.

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction. By using the Service, you consent to this transfer.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Email: info@hevyf.com
Website: hevyf.com

← Back to Home