Privacy policy

Your privacy matters to us. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using hito.run ("Service"), you agree to the practices described here.

Last updated: March 2025

1. Information we collect

We collect the minimum data needed to operate and improve the Service:

Account information: name, email address, and company name you provide during Setup.
Payment information: billing details processed by our third-party payment provider. We do not store full credit card numbers on our servers.
Office and Hito data: configuration, preferences, roles, personas, and content you create within your Office.
Usage data: pages visited, features used, browser type, operating system, IP address, referring URL, and timestamps.
Communications: messages you send us via our Contact form or email.
Cookies and similar technologies: see our Cookies page for details.

2. How we use your information

We use the information we collect to:

Provide, operate, and maintain the Service.
Process payments and manage your account.
Send transactional emails (e.g. account confirmation, billing receipts).
Respond to your inquiries and provide support.
Analyze usage patterns to improve the Service and develop new features.
Detect and prevent fraud, abuse, and security incidents.
Comply with legal obligations.

3. AI processing and third-party LLMs

When you use Hito (AI workers), your prompts and related content may be sent to third-party LLM providers (Brains) to generate responses. We select providers that offer appropriate data handling practices, but each provider has its own privacy policy and terms. We encourage you to review those policies. We do not control how third-party LLM providers process data once it leaves our servers. Do not submit sensitive personal data, trade secrets, or confidential information through Hito unless you understand and accept the associated risks.

4. Information sharing

We do not sell your personal information. We may share your data only in the following circumstances:

Service providers: with trusted third parties who assist us in operating the Service (e.g. payment processors, hosting providers, LLM providers), subject to contractual data protection obligations.
Legal compliance: when required by law, regulation, legal process, or governmental request.
Protection of rights: to enforce our Terms, protect our rights, privacy, safety, or property, or that of our users or the public.
Business transfers: in connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.
With your consent: when you explicitly authorize us to share your data.

5. GitHub authentication

If you choose to authenticate with GitHub, we will exchange data with GitHub as needed to complete sign-in and to operate your account. Your use of GitHub is subject to GitHub's own privacy policy and terms.

6. Data retention

We retain your personal information for as long as your account is active or as needed to provide the Service. We may retain certain data as necessary to comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes. When data is no longer needed, we securely delete or anonymize it.

7. Data security

We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security. If you discover a vulnerability, please report it via our Security page.

8. Your rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of your personal data.
Object to or restrict certain processing of your data.
Request portability of your data in a structured, commonly used format.
Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us via our Contact page. We will respond within a reasonable timeframe and in accordance with applicable law.

9. International data transfers

Your information may be transferred to and processed in countries other than your country of residence, including countries that may not provide the same level of data protection. By using the Service, you consent to such transfers. We take steps to ensure that appropriate safeguards are in place.

10. Children's privacy

The Service is not directed to individuals under 18 years of age (or the age of legal majority in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by updating the "Last updated" date above. Your continued use of the Service after changes constitutes acceptance of the revised policy. We encourage you to review this page periodically.

12. Contact

If you have questions or concerns about this Privacy Policy or our data practices, please reach out via our Contact page.

Legal Terms Security Cookies Contact

EN/日本語

1. Information we collect

We collect the minimum data needed to operate and improve the Service:

Account information: name, email address, and company name you provide during Setup.

Payment information: billing details processed by our third-party payment provider. We do not store full credit card numbers on our servers.

Office and Hito data: configuration, preferences, roles, personas, and content you create within your Office.

Usage data: pages visited, features used, browser type, operating system, IP address, referring URL, and timestamps.

Communications: messages you send us via our Contact form or email.

Cookies and similar technologies: see our Cookies page for details.

2. How we use your information

We use the information we collect to:

Provide, operate, and maintain the Service.

Process payments and manage your account.

Send transactional emails (e.g. account confirmation, billing receipts).

Respond to your inquiries and provide support.

Analyze usage patterns to improve the Service and develop new features.

Detect and prevent fraud, abuse, and security incidents.

Comply with legal obligations.

3. AI processing and third-party LLMs

4. Information sharing

We do not sell your personal information. We may share your data only in the following circumstances:

Service providers: with trusted third parties who assist us in operating the Service (e.g. payment processors, hosting providers, LLM providers), subject to contractual data protection obligations.

Legal compliance: when required by law, regulation, legal process, or governmental request.

Protection of rights: to enforce our Terms, protect our rights, privacy, safety, or property, or that of our users or the public.

Business transfers: in connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.

With your consent: when you explicitly authorize us to share your data.

6. Data retention

7. Data security

8. Your rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.

Request correction of inaccurate or incomplete data.

Request deletion of your personal data.

Object to or restrict certain processing of your data.

Request portability of your data in a structured, commonly used format.

Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us via our Contact page. We will respond within a reasonable timeframe and in accordance with applicable law.