Hub.ai

1. Introduction

Welcome to Hub.ai, a service operated by Hub Cloud, Inc., a Delaware corporation ("Hub Cloud," "we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how Hub Cloud collects, uses, discloses, and safeguards your information when you visit our website (hub.ai) and use our services (collectively, the "Service").

By using the Service, you agree to the collection and use of information by Hub Cloud in accordance with this policy. If you have any questions or concerns about this privacy notice or our practices regarding your personal information, please contact us at [email protected].

2. Information We Collect

We collect personal information that you voluntarily provide to us or that is collected automatically when you use the Service.

The types of personal information we may collect include:

• Personal Information Provided by You:
  • Account Information: When you register for an account, we may collect your name, email address, and username. If you register using a third-party service like GitHub or Google, we collect information provided by that service according to your privacy settings on that platform (typically including your name, email, and public profile information).
  • Payment Information: When you purchase credits, we utilize third-party payment processors (e.g., Stripe, PayPal). We do not directly collect or store your full credit card number or financial details, but we may receive transaction identifiers and summary information from the processor necessary to manage your purchases and credits.
  • Communications: If you contact us directly (e.g., via email for support), we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
• Information Automatically Collected:
  • Log and Usage Data: We automatically collect log information when you access and use the Service. This information may include your IP address, browser type, operating system, referring URLs, pages viewed, links clicked, time spent on pages, actions taken (like starting/stopping instances, deploying repos), and timestamps.
  • Device Information: We may collect information about the computer or mobile device you use to access the Service, such as the hardware model, operating system and version, unique device identifiers, and mobile network information.
  • Cookies and Similar Technologies: We use cookies (small text files stored on your device) and similar tracking technologies (like web beacons or pixels) to operate and administer the Service, gather usage data, and improve your experience. This includes essential cookies for authentication and security, preference cookies, and analytics cookies. See Section 5 for more details.
• Information Collected Regarding Deployed Repositories:
  • Repository URLs: We collect the URLs of the public GitHub repositories you choose to deploy.
  • Instance Data: We store metadata about the virtual machine instances created for your deployments, including configuration details, status, and resource usage metrics. We do not typically access the specific code or data within your running instances unless required for troubleshooting, security purposes, or with your explicit consent.

3. How We Use Your Information

We use the information we collect for various purposes, including:

• To Provide and Maintain the Service: To create and manage your account, facilitate the deployment of repositories, provision and manage VM instances, and process credit purchases and usage.
• To Improve and Personalize the Service: To understand how users interact with the Service, identify usage trends, develop new features, and personalize your experience.
• To Communicate With You: To send you administrative information (e.g., updates to terms, security alerts, support messages), respond to your comments and questions, and provide customer support.
• For Security and Fraud Prevention: To monitor for and prevent fraudulent activity, enforce our Terms of Service, protect the security and integrity of our Service and users, and comply with legal obligations.
• To Manage Billing and Accounts: To process payments, track credit usage, manage subscriptions (if any), and handle billing inquiries.
• For Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.

4. Legal Basis for Processing Personal Information (GDPR/UK/Swiss)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only:

• Where we need the personal information to perform a contract with you (e.g., to provide the Service, manage your account, process payments, facilitate deployments).
• Where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g., for analytics, service improvement, security monitoring, fraud prevention, responding to your inquiries, enforcing our terms).
• Where we have your consent to do so (e.g., for non-essential cookies or specific marketing communications, if applicable).
• Where we need to comply with a legal obligation (e.g., responding to legal process or governmental requests, tax requirements).

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the details provided below.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following situations:

• With Service Providers: We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf. These may include payment processors, cloud hosting providers (for infrastructure), data analytics providers, email delivery services, and customer support tools. These providers are contractually obligated to protect your data and use it only for the purposes for which we disclose it to them.
• For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), such as to comply with a subpoena, or similar legal process, or to protect the rights, property, or safety of Hub Cloud, our users, or the public.
• During Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of Hub Cloud's business by another company.
• With Your Consent: We may disclose your personal information for any other purpose with your explicit consent.
• With Your Consent: We may disclose your personal information for any other purpose with your explicit consent.
• Affiliate Program: If you participate in our Affiliate Program, we may share necessary information (like referral status or aggregated earnings data) with the referring user, but we will not share the specific identity or purchase details of referred users without consent.

Key Third-Party Service Providers: While this list may not be exhaustive and can change, our key third-party service providers include:

• Cloud Infrastructure: Providers like AWS, Google Cloud, or Azure for hosting the Service and running Instances.
• Payment Processing: Providers like Stripe or PayPal to handle credit purchases.
• Authentication Services: Providers like Google or GitHub if you use them to sign in.
• Analytics Providers: Services like Google Analytics to understand service usage.
• Communication Tools: Services for email delivery or customer support management.

These providers are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

6. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there. Our primary cloud infrastructure providers also operate globally, which may involve data transfers.

We will take appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Policy and applicable law. For transfers from the EEA, UK, or Switzerland, this may include relying on Adequacy Decisions, implementing Standard Contractual Clauses, or other valid transfer mechanisms.

7. Cookies and Other Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information.

• What are Cookies: Cookies are small files placed on your device. They enable us to recognize your browser or device, remember your preferences (like login status), and collect information about how you use the Service.
• Types of Cookies We Use:
  • Essential Cookies: Necessary for the Service to function properly (e.g., authentication, security).
  • Preference Cookies: Remember your settings and preferences.
  • Analytics Cookies: Help us understand how the Service is being used (e.g., Google Analytics).
• Your Choices: Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Service. For more information about managing cookies, check your browser or device's settings.

8. Data Security

We implement administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, or destruction. We use industry-standard practices like encryption (for data in transit and potentially at rest), access controls, and secure development practices.

However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Data Within Instances: We treat the code and data you deploy within your Instances as confidential. We do not access the content of your running Instances except where necessary for providing the Service (e.g., infrastructure monitoring), troubleshooting technical issues, ensuring security, enforcing our Terms of Service, or if required by law. Access is strictly controlled and logged.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

Generally, this means we keep your account information for as long as you have an active account with us. Usage logs and analytics data may be retained for a period necessary for analysis, security, and service improvement. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

10. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information. These may include the right to:

• Access: Request access to the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information, subject to certain exceptions.
• Object to Processing: Object to our processing of your personal information under certain circumstances.
• Restrict Processing: Request restriction of processing of your personal information under certain circumstances.
• Data Portability: Request a copy of your personal information in a structured, machine-readable format.
• Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your personal information.

To exercise these rights, please contact us at [email protected]. We may need to verify your identity before responding to your request. Please note that some rights may be limited, for example, if fulfilling your request would adversely affect other individuals or our legal obligations.

If you are a resident of California, you may have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), such as the right to know, delete, correct, and opt-out of the sale or sharing of your personal information (though we reiterate, we do not sell your personal information).

Residents of other jurisdictions may have similar rights under their local laws.

11. Children's Privacy

Our Service is not intended for use by children under the age of 13 (or the equivalent minimum age in the relevant jurisdiction). We do not knowingly collect personal information from children under this age. If you become aware that a child has provided us with personal information without parental consent, please contact us. If we become aware that we have collected personal information from a child without verification of parental consent, we take steps to remove that information from our servers.

12. Changes to This Privacy Notice

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this page. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification.

We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

13. Contact Us

Hub Cloud, Inc. is the data controller for the personal information collected through the Hub.ai Service.

If you have questions or comments about this Privacy Policy, or our data practices, please contact us at:

[email protected]