Privacy Policy

Last updated: May 2026

1. Information We Collect

When you engage Helix, we collect information you provide directly: your company profile, your offers, your ideal customer profiles, your brand voice, and the prospects, signals, and content you approve or reject. If you license the software, we collect operator account data (name, email, role). If we run the service for you, we also collect the strategy decisions and approvals from your weekly reviews.

We collect operational data such as which signals were detected, which outreach drafts were generated, which content was published, and which channels are active. This data is used solely to operate Helix on your behalf.

2. How We Use Your Information

We use your data to:

  • Run the agents that detect signals, draft outreach, ship content, and synthesize pipeline
  • Connect to the third-party platforms you authorize
  • Surface drafts, signals, and recommendations to your approval queue
  • Learn from your approvals, rejections, and edits so the system compounds in your favor
  • Generate the weekly strategy synthesis we bring to you (service engagements)
  • Process payments via Stripe

3. Platform Connections

Helix connects to your existing tools (Gmail, LinkedIn, Reddit, HubSpot, Salesforce, Google Ads, Meta Ads, GA4, Search Console, and others) via OAuth flows managed by Composio. We store OAuth access tokens, not your platform credentials. You can revoke any connection at any time from Settings · Connections.

4. Data Storage and Security

All data is stored in Supabase with row-level security (RLS) enforced at the database level. Each organization is a separate tenant; your data cannot be accessed by other organizations. We use industry-standard encryption in transit (TLS 1.2+) and at rest (AES-256). See our Security page for more detail.

5. AI Processing

We use AI models from Anthropic to detect signals, draft outreach, generate content, draft community responses, and synthesize analytics. These models receive only the data necessary for the task and are not used to train third-party models on your behalf.

You retain full control. Every AI-generated artifact (outreach, content, community reply) lands in your approval queue before it leaves in your name. AI does not see your platform credentials; those remain held by Composio under your OAuth grant.

6. Subprocessors

We do not sell your data. We share data only with the subprocessors necessary to operate Helix:

  • Supabase: database and authentication
  • Anthropic: AI generation across all agents
  • Composio: OAuth bridge to Gmail, LinkedIn, CRM, ad platforms, and others
  • Apify: signal collection from public sources (Reddit, news, reviews, etc.)
  • Postmark: transactional and broadcast email delivery
  • AWS Lightsail: hosting for the worker that runs your agents
  • Stripe: subscription billing
  • Vercel: hosting for the operator portal

Each subprocessor is bound by a data processing agreement and used only for the stated purpose.

7. Your Rights

You have the right to:

  • Access all data we hold about your organization (request an export at any time)
  • Correct inaccurate data via the operator portal
  • Delete your account and all associated data (Settings · Organization)
  • Withdraw consent for processing at any time by deleting your account
  • Revoke any third-party platform connection at any time (Settings · Connections)

8. Data Retention

We retain your data for as long as your engagement is active. When you delete your account, all associated data is deleted immediately from our production systems. Encrypted backups are purged on a rolling 30-day schedule.

9. Outreach Sent on Your Behalf

When Helix sends outreach, content, or community replies in your name, it does so under your authorization via OAuth-connected accounts. Every send is approved by an operator (you, or our team when we run the service). You are responsible for the content of messages sent through your account and for compliance with anti-spam laws (CAN-SPAM, CASL, GDPR) including honoring unsubscribe requests.

10. Contact

For privacy questions or to exercise your rights, contact us at privacy@getlatest.ai.