Security & Privacy
Your privacy and security are our top priorities. Here's how HAINT protects your data.
Core Security Principles
- Local Processing: All audio processing happens on your device. No audio is sent to our servers.
- No Recording: HAINT does not record or store any conversation data.
- End-to-End Encryption: Communication with OpenAI is encrypted using industry-standard TLS.
- No PII Collection: We do not collect personal identifiable information beyond what's necessary for account management.
How Data Flows
1. Audio Capture
When you hold Shift, HAINT captures audio from your microphone. This audio is processed locally on your device and converted to text using OpenAI's Whisper model.
2. AI Processing
The transcribed text is sent securely to OpenAI's API (using your API key) for generating contextual hints. No audio files are transmitted.
3. Hint Delivery
AI-generated hints are converted to speech locally on your device and played through your headphones. No hint data is stored.
What We Store
- Account Information: Email address and encrypted password for authentication
- Subscription Data: Payment history and subscription status (processed securely via payment provider)
- Usage Metrics: Anonymized usage statistics (number of sessions, duration) for service improvement
- API Key: Your OpenAI API key is encrypted and stored locally on your device only
What We Don't Store
- Audio recordings of your conversations
- Transcriptions of your calls
- AI-generated hints or responses
- Names or details of people you talk to
- Content of your meetings or negotiations
Third-Party Services
HAINT integrates with the following third-party services:
OpenAI
- Used for speech-to-text (Whisper) and AI hint generation (GPT models)
- You use your own API key and are subject to OpenAI's terms and privacy policy
- See OpenAI Privacy Policy
Payment Processor
- We use Stripe for secure payment processing
- We do not store credit card information
- See Stripe Privacy Policy
Your Rights
You have the right to:
- Access: Request a copy of your account data
- Delete: Request deletion of your account and associated data
- Correct: Update your account information at any time
- Export: Download your usage history and subscription data
To exercise any of these rights, contact us at privacy@haint.tech
Compliance
- GDPR: We comply with EU General Data Protection Regulation
- CCPA: We comply with California Consumer Privacy Act
- SOC 2: Our infrastructure partners are SOC 2 certified
Security Contact
If you have security concerns or wish to report a vulnerability, please contact:
Email: security@haint.tech
We take all security reports seriously and will respond within 48 hours.
Last updated: January 27, 2025