Website Privacy Policy
Effective Date: November 22, 2025
Applies to: Visitors and business contacts using helikai.ai and related pages (the “Site”).
Does not apply to: Use of Helikai’s software products (Helikai SPRAG, Helibots, KaiFlow, Mālama) in customer environments—these are governed by the EULA and any product-specific privacy notices.
1) Who We Are
Helikai Inc. (“Helikai”, “we”, “us”, “our”) operates the Site to market and provide information about our AI solutions and programs. We are the controller for personal data collected via this Site.
2) Scope & Relationship to Other Terms
This Privacy Policy governs personal data collected through the Site (e.g., contact forms, newsletter signups, partner/technology alliance and sales program interest forms, cookies/analytics). It does not govern data processed by deployed products or customer tenants.
Use of the Site is also subject to our Terms & Conditions, including cookie disclosures there.
Where relevant, we may reference the EULA for product use; however, product processing is addressed in product-specific customer agreements and notices.
3) Categories of Data We Collect via the Site
We collect the following categories when you interact with the Site:
A. Information you provide:
Lead/contact details (name, business email, phone, company, role/title), form content (free-text inquiries), newsletter preferences, program interest submissions (channel partner, technology alliance, sales), and product interest submissions (particular industries, specific products).
B. Automatically collected data:
Device/usage data: IP address, browser, time zone, pages viewed, referring URLs, cookie and similar identifiers. Used for security, operations, and analytics.
Cookies/trackers: Necessary, preferences, statistics/analytics, and (if enabled) marketing cookies. See Cookies below.
C. Communications/Support metadata:
Time stamps and minimal context needed to respond to website inquiries and route them internally (e.g., to partner or alliance teams).
We generally do not seek sensitive personal data on the Site. Please avoid including sensitive information in web forms.
4) Purposes of Use
We use Site-collected data to:
Respond to inquiries and qualify B2B leads; schedule demos or meetings; route requests to appropriate teams (sales, partner, alliance).
Administer subscriptions to marketing communications (newsletters, event announcements) in compliance with applicable laws.
Operate and secure the Site (fraud detection, logs); conduct analytics to improve content and campaigns.
Comply with law and requests from regulators or authorities, and maintain records of consents and opt-outs.
5) Legal Bases (GDPR/EEA visitors)
Where GDPR applies, our processing relies on:
Consent for optional cookies and marketing communications (withdrawable at any time).
Legitimate interests to operate the Site, prevent abuse, and perform B2B analytics proportionately.
Performance of a contract or steps prior to entering a contract (e.g., replying to demo or partnership requests).
Compliance with legal obligations (e.g., honoring rights requests, record-keeping).
6) Cookies & Similar Technologies
We use cookies and similar technologies:
Strictly necessary cookies to operate core site features (no consent required; still disclosed).
Optional cookies (preferences, analytics, marketing) require prior consent for EEA visitors per applicable law; consent can be withdrawn anytime.
Our Terms & Conditions also describe cookie usage and third-party embeds (e.g., video/analytics) which may set cookies.
Your controls: Use the cookie banner and browser settings to manage preferences. We honor applicable opt-out signals where required (e.g., Global Privacy Control for CPRA contexts).
7) Sharing & Disclosures
We do not sell personal data collected on the Site. If we share data with service providers (marketing/email, analytics, CRM), they act under contractual restrictions with strict Non-Disclosure Agreements in place, and are not permitted to use data outside our instructions. Where CPRA applies, if we engage in “sharing” for cross-context behavioral advertising, we will provide a “Do Not Sell or Share My Personal Information” link and honor opt-out requests, including browser signals.
We may disclose information to:
Vendors that host the Site, deliver email, provide analytics, or manage leads (subject to agreements).
Affiliates and internal teams (sales, partner, alliance) for routing and follow-up.
Regulators or law enforcement when legally required.
8) International Data Transfers
If data is transferred outside your jurisdiction (e.g., from EEA to U.S.), we implement appropriate safeguards such as the EU Standard Contractual Clauses and conduct transfer risk assessments as needed.
9) Data Retention
We retain inquiry and marketing data only as long as necessary for: responding to requests, maintaining accurate suppression lists, complying with applicable laws, and for reasonable B2B sales cycles; then we delete or de-identify it consistent with our policy. For CPRA, we disclose retention periods by category upon request and avoid retaining data longer than reasonably necessary.
10) Marketing Communications Compliance
CAN-SPAM (U.S.): commercial emails include sender identity and a clear unsubscribe mechanism; we honor opt-outs promptly.
CASL (Canada): we obtain express or implied consent before sending commercial electronic messages, include identification and unsubscribe in every message, and keep consent records; implied consent is time-limited.
GDPR/ePrivacy (EEA): we obtain prior consent for non-essential cookies and opt-in for marketing emails where required; you may withdraw consent anytime.
11) Your Rights
GDPR (EEA): access, rectification, erasure, restriction, portability, objection, and transparent notices with clear language; we respond within statutory timelines.
California (CCPA/CPRA): right to know, delete, correct, opt-out of sale/share, limit use/disclosure of sensitive personal information, and non-discrimination. We provide required notices and opt-out methods (including “Do Not Sell/Share” if applicable).
Canada (PIPEDA/CASL): consent, access, correction, and unsubscribe rights for commercial electronic messages.
How to exercise rights or unsubscribe: use Site links (cookie banner, unsubscribe) or contact Legal@helikai.ai.
12) Security
We apply reasonable technical and organizational measures (e.g., encryption in transit and at rest where applicable, access controls, MFA) to protect Site-collected data and continuously improve our practices in line with industry guidance.
13) Children’s Privacy
The Site targets business professionals. We do not knowingly collect data from children under age 16 via the Site; please contact us to request deletion if you believe a minor provided information.
14) Updates to this Policy
We may update this Privacy Policy to reflect changes in laws or our practices. Material changes will be announced on the Site; continued use indicates acceptance.
15) Contact
Helikai Inc.
Email: Legal@helikai.ai
General Inquiry: info@helikai.ai
16) Links to Other Referenced Terms
Helikai Product EULA: Product licensing and customer responsibilities. Link provided for clarity; product processing is covered separately and is not part of this Privacy Policy.
