HEMELION
Back
Legal

Privacy Policy

Last updated: December 2024

1No Account Required

Hemelion does not require you to create an account or provide an email address. Your scan session is identified by a secure, random token stored in your browser. This means you can use Hemelion without sharing any personally identifiable information.

2What We Collect

  • Scan Answers: The responses you provide during a Clarity or MindScan session. Used solely to generate your personalized report.
  • Payment Data: Processed securely by Stripe. We receive a payment confirmation but never see or store your card details, billing address, or bank information.
  • Session Token: A cryptographically random identifier stored as an HttpOnly cookie. Links your browser to your scan session. Contains no personal data.

3How We Use Your Data

Your answers are used exclusively to generate your personalized report through our three-engine system (Scoring Engine, Contradiction Engine, Narrative Engine). We do not use your data for training AI models, advertising, or any purpose other than delivering your report.

Reports are accessible only from the same browser session where you completed the scan, or via an explicit share link you choose to generate. We do not sell, rent, or share your data with third parties for marketing purposes.

4Data Retention

Scan data and generated reports are stored for up to 90 days after generation, then automatically and permanently deleted from our systems. You can request early deletion at any time by contacting us.

5Payment Security

All payments are processed by Stripe, a PCI-DSS Level 1 certified payment processor (the highest level of security certification). We verify payment status server-side before generating any report, but we never have access to your payment card details.

6Cookies

We use a single, essential HttpOnly session cookie to securely link your browser to your scan session. This cookie cannot be accessed by JavaScript and is transmitted only over secure connections. We do not use third-party tracking cookies, advertising cookies, or analytics scripts that track your behavior across websites.

7Your Rights (GDPR)

If you are in the European Economic Area, you have rights under GDPR including: access to your data, rectification, erasure, data portability, and the right to object to processing. Since we don't collect personally identifiable information, most of these rights are automatically fulfilled. For any data-related requests, contact us at the address below.

8Contact

Questions about this privacy policy or your data?
Contact us at: privacy@hemelion.com

Terms of Service →Impressum →