Privacy Policy

Last Updated: February 19, 2026

1. Introduction

Welcome to HandsOfAI ("HandsOfAI", "we", "us", or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered educational platform and related services (collectively, the "Service").

By accessing or using our Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Key Privacy Disclosures

Data collection: We collect account information (including basic Google profile data when you sign in with Google), content you upload or create, and usage/device information.
Data usage: We use your information to provide the Service, personalize your experience, secure accounts, process payments, and improve product performance.
Data storage: We store account and Service data in our databases and infrastructure providers. We use encryption in transit (TLS) and apply access controls.
Data sharing: We do not sell personal information. We share limited data with service providers (authentication, hosting, analytics, payment processors, and AI processing) only as necessary to operate the Service.
Retention & deletion: We retain data while your account is active (and longer where required for legal/security reasons). You can request deletion by emailing us at support@handsofai.com.

3. Information We Collect

3.1 Information You Provide

Account Information: When you create an account, we collect your name, email address, and profile picture through Google OAuth authentication.
User Content: Documents, research papers, presentations, and other content you create, upload, or generate using our Service.
Communications: Information you provide when you contact us for support or feedback.
Payment Information: If you subscribe to premium features, we collect billing information through our secure payment processors. We do not store complete credit card numbers on our servers.

3.2 Information Collected Automatically

Usage Data: Information about how you interact with our Service, including features used, time spent, and actions taken.
Device Information: Browser type, operating system, device identifiers, and IP address.
Cookies and Similar Technologies: We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns.
Log Data: Server logs that record your interactions with our Service.

3.3 Information from Third Parties

Google OAuth: When you sign in with Google, we receive your basic profile information (name, email, profile picture) as authorized by you.
Research Databases: We access publicly available research databases (PubMed, arXiv) to provide citation and research features.

Google User Data Disclosure

This section specifically addresses how HandsOfAI handles data obtained through Google APIs and Google Sign-In, in compliance with the Google API Services User Data Policy.

We only use Google Sign-In to authenticate you. We do not request access to Gmail, Google Drive, Google Calendar, Contacts, or any other Google services.

Data Accessed

Email Address: Your Google account email address for account identification and communication.
Name: Your display name from your Google profile.
Profile Picture: Your Google profile photo (if available) for display within our application.

Data Usage

Authentication: To verify your identity and create/access your HandsOfAI account.
Account Display: To display your name and profile picture within the application.
Communication: To send you important account notifications and security alerts.

Data Sharing

We do NOT share, sell, rent, or trade your Google user data with any third parties for their commercial purposes. Your Google data may only be shared with:

Service Providers: With our infrastructure providers solely to operate our Service under strict data protection agreements.
Legal Requirements: If required by law, court order, or government regulation.

Data Storage & Protection

Storage: Basic Google profile data is stored in our application database to support account creation and login.
Access Controls: Access to stored user data is restricted to authorized personnel and systems.
Encryption in Transit: We use TLS/SSL to protect data in transit.
Encryption at Rest: Our infrastructure providers encrypt stored data at rest where supported.
OAuth Tokens: We do not store Google OAuth access tokens longer than necessary for authentication.

Data Retention & Deletion

Retention Period: We retain Google profile data for as long as your HandsOfAI account is active.
Deletion Request: You can request deletion by emailing support@handsofai.com.
Deletion Timeline: Upon a verified request, we will permanently remove your data within 30 days.
Revoke Access: You can revoke HandsOfAI's access at any time through your Google Account permissions.

Limited Use Disclosure

HandsOfAI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How We Use Your Information

Provide, maintain, and improve our Service
Process your requests and transactions
Generate AI-powered content, including research papers, presentations, and citations
Personalize your experience and provide relevant recommendations
Communicate with you about updates, security alerts, and support
Analyze usage patterns to improve our Service
Detect, prevent, and address technical issues and security threats
Comply with legal obligations

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers: With third-party vendors who assist us in operating our Service (cloud hosting, payment processing, analytics).
AI Processing: Your content may be processed by AI providers (OpenAI, Google AI) to generate responses. We use enterprise-grade APIs with data protection agreements.
Legal Requirements: When required by law, legal process, or government request.
Business Transfers: In connection with a merger, acquisition, or sale of assets.
With Your Consent: When you explicitly authorize us to share your information.

6. Data Storage

Account data: Stored to manage authentication, authorization, and billing status.
User content: Stored so you can access your files, projects, and generated outputs across sessions and devices.
Operational logs: Stored for security monitoring, abuse prevention, and debugging.

7. Data Security

Encryption of data in transit (TLS/SSL) and at rest
Secure authentication through OAuth 2.0
Regular security audits and vulnerability assessments
Access controls and employee training
Secure cloud infrastructure with SOC 2 compliant providers

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention and Deletion

Account data retention: Retained while your account is active.
Content retention: Retained while your account is active, unless you delete specific content or request account deletion.
Deletion request: To request account deletion, email us at support@handsofai.com.
Deletion timeline: We will delete or anonymize your personal information within 30 days, subject to legal/security exceptions.

9. Your Rights and Choices

Access: Request a copy of your personal information
Correction: Request correction of inaccurate information
Deletion: Request deletion of your personal information
Portability: Request a portable copy of your data
Opt-out: Opt out of marketing communications
Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at support@handsofai.com.

10. Cookies and Tracking Technologies

Essential Cookies: Required for the Service to function properly (authentication, security)
Analytics Cookies: To understand how users interact with our Service
Preference Cookies: To remember your settings and preferences

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

12. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately at support@handsofai.com.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

HandsOfAI

Email: support@handsofai.com

Website: https://handsofai.com

15. Additional Information for EEA/UK Users

Legal Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligations.
Data Protection Officer: You may contact our data protection team at support@handsofai.com.
Supervisory Authority: You have the right to lodge a complaint with your local data protection authority.

16. Additional Information for California Residents

Right to Know: Request information about the categories and specific pieces of personal information we have collected.
Right to Delete: Request deletion of your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
Do Not Sell: We do not sell your personal information to third parties.