HeyFloe← Back

Last updated · 22 April 2026

Privacy Policy

Who we are

HeyFloe is a product of Sanbots Technologies Pvt Ltd, a company incorporated in India with its registered office at Ranka Junction, Krishna Reddy Industrial Estate, Dooravani Nagar, Bengaluru, Karnataka 560016. GSTIN: 29AAYCS0623A1ZB. Contact: hello@heyfloe.ai.

What we collect

We collect only what we need to run HeyFloe:

  • Account data — name, email address, password hash (via Clerk), and profile information you add.
  • Channel data — YouTube/Instagram handles you connect, public video metadata we fetch to understand your content.
  • Creative content — ideas, stories, scripts, images, videos, voiceovers, music, and editor projects you create inside HeyFloe.
  • Billing data — subscription plan, payment status, floe balance, transaction history. Payment card details are never stored on our servers; they're handled by our payment processor (Razorpay).
  • Usage telemetry — which features you use, errors encountered, latency, cost tracking for AI calls. Aggregated and pseudonymised where possible.
  • Device data — browser type, IP address, screen resolution, captured automatically via standard web logs.

How we use your data

  • To deliver the product — generate AI content per your prompts, store your projects, display them back to you, and power your creative pipeline.
  • To bill — calculate your floe usage, process subscriptions and top-ups through Razorpay, send invoices.
  • To support — respond to your emails, fix bugs, recover stuck workflows.
  • To improve HeyFloe — analyse aggregated usage patterns. We do NOT train models on your individual content without your explicit opt-in consent.
  • To comply with law — if legally required to retain or disclose information (tax, fraud investigation, court order).

Who we share your data with

Your data leaves our servers only when absolutely required to deliver the product:

  • AI model providers — Anthropic (Claude), Google (Gemini, Veo, Lyria, Nano Banana), Voyage AI (embeddings). Your prompts pass through them to generate output. These providers do not store or train on your input beyond short-term processing logs per their own policies.
  • Payment processor — Razorpay processes payment cards and UPI. We receive only the transaction status and reference ID, never the card details.
  • Auth provider — Clerk handles login, password management, and session security.
  • Infrastructure providers — Supabase (database + storage), Vercel (hosting), Inngest (background jobs), Cloudflare (DNS + CDN).
  • Analytics — we run server-side logging only. No ad networks, no third-party tracking pixels, no data brokers. Ever.

How long we keep your data

Your account and content stay as long as your account is active. If you delete your account, we remove your personal data and content within 30 days, except where we must retain billing records for tax compliance (up to 8 years under Indian tax law). Anonymised usage metrics may be kept indefinitely for product analytics.

Your rights

You can at any time:

  • Access your data — see everything we have on file.
  • Export your content — download your ideas, scripts, generated assets.
  • Correct inaccurate information.
  • Delete your account and content.
  • Object to specific processing.
  • Withdraw consent where we rely on it.

Email hello@heyfloe.ai and we'll respond within 7 working days.

Data security

All data is transmitted over HTTPS. Service-role database credentials are stored as encrypted environment variables. Clerk handles password hashing with industry- standard algorithms (bcrypt). Supabase encrypts data at rest. Payment data never reaches our servers. If a security incident affecting your data occurs, we will notify you within 72 hours of confirming the breach.

Cookies

We use the minimum set of cookies needed to run the product: session cookies (Clerk auth), preference cookies (your UI choices). No advertising cookies. No third-party trackers.

International transfers

HeyFloe's primary data storage is in Asia (Supabase Asia Pacific). Some processing happens in other regions via our AI model providers (United States, Europe). By using HeyFloe you consent to your data being processed in these regions.

Children

HeyFloe is not intended for anyone under 13. If you believe a child has created an account, email us and we'll delete it.

Changes to this policy

We update this policy as the product evolves. The "Last updated" date at the top reflects the most recent change. Material changes will be emailed to active users before taking effect.

Questions

Email hello@heyfloe.ai. For formal complaints under Indian data protection law, write to the registered office address above.