Privacy Policy

1.1 Account Credentials

Google Login: To access the Services, Users must authenticate using Google credentials. We collect your email address and basic profile information (e.g., name, profile picture) for identity verification. We do not store your Google password.

API Key: A unique API key is issued to each account's designated Account Owner. The Account Owner is responsible for safeguarding the API key to prevent unauthorized use.

1.2 Billing and Transaction Data

Credit Purchases: Payments are processed through Stripe. While we do not store full payment details, Stripe may collect and retain personal and financial information for payment processing.

Billing Records: We track transaction details, such as credit purchases, GPU-hour consumption, and timestamps, to ensure accurate billing and resolve disputes.

1.3 Usage and Technical Data

Simulation Logs: We collect timestamps and resource usage metrics (e.g., GPU hours) for accurate billing and operational insights.

Device Information: Limited technical details, such as IP addresses and browser types, may be collected to secure the platform and improve the user experience.

1.4 User-Provided Content

Designs and Simulation Inputs: HyperWave operates on a stateless model. Any designs or data you upload are processed in real time and discarded immediately upon simulation completion. We do not store or retain these files.

Support Communications: If you contact us, we may collect your name, email address, and other details you voluntarily provide to assist with your inquiry or resolve issues.

3.1 When We Share Your Information

We may share data with:

• Service Providers: Third-party vendors, such as payment processors and hosting providers, under strict confidentiality agreements.
• Legal Authorities: To comply with applicable laws, court orders, or legal requests.
• Business Transactions: In the event of a merger, acquisition, or sale of assets, user data may be transferred in accordance with applicable laws.

3.2 International Transfers

If you access the Services from outside the United States, your data will be transferred to and processed on servers located in the U.S. These jurisdictions may have different data protection standards than your country of residence. By using the Services, you consent to such transfers.

5.1 Data Retention

We retain personal information for as long as necessary to provide the Services or comply with legal requirements. When data is no longer needed, it is securely deleted or anonymized. Data stored in backup archives is restricted from further processing until deletion is possible.

5.2 Cookies and Tracking Technologies

Our Services may use cookies and similar technologies to enhance functionality and gather insights about site usage. These include:

• Authentication Cookies: To maintain login sessions.
• Analytics Tools: To track performance and identify areas for improvement.

Most browsers allow you to manage or disable cookies, though doing so may impact certain features of the Services.

6.1 Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

• Access & Portability: Request a copy of the personal data we hold about you, often provided in a commonly used format.
• Rectification & Deletion: Update inaccurate data or request erasure of certain personal information.
• Restriction & Objection: Ask us to limit the processing of your data in specific circumstances or object to certain uses.

California Residents: Under the California Consumer Privacy Act (CCPA), you can request disclosures regarding data collection, sharing, and deletion. Minors can ask for removal of publicly posted information.

EEA/UK Residents: If you believe we are misusing your data, you may lodge a complaint with your local data protection authority.

We will handle valid requests in line with applicable data protection laws, typically within 30 days. If we cannot fulfill your request for legal or operational reasons, we will notify you and explain why.

6.2 Do-Not-Track (DNT) Signals

Currently, no global standard defines how websites should respond to DNT signals. We therefore do not alter our practices upon receiving such signals. If a recognized standard emerges, we will update our approach and revise this Policy accordingly.

6.3 Policy Updates

We reserve the right to modify or update this Policy at any time to reflect evolving practices, technologies, or legal requirements. When significant changes occur, we will revise the "Effective Date" and, if appropriate, notify you through the Services or via email. Continued use of our Services following such updates signals your acceptance of the revised Policy.