Privacy Policy

Hodar AI ("we", "our", or "us") is a product of Fintech LLC, a company registered in Oman. We provide an AI-powered omnichannel messaging platform that helps businesses manage customer conversations across WhatsApp and Instagram.

This Privacy Policy explains how we collect, use, store, and protect information when you use our platform at www.hodar.ai and related services (collectively, the "Service").

By using the Service, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

2.1 Account Information

When you register, we collect your name, email address, business name, and password (stored in hashed form).

2.2 Customer Conversation Data

When you connect your WhatsApp or Instagram accounts, the Service processes messages sent to and received from your customers. This includes message content, sender identifiers (phone numbers, Instagram usernames), timestamps, and media attachments.

2.3 Usage & Analytics Data

We collect information about how you interact with the Service, including pages visited, features used, response times, and error logs.

2.4 Device & Connection Data

We automatically collect IP addresses, browser type, operating system, and device identifiers to maintain security and diagnose issues.

• Service delivery — routing, storing, and displaying messages between your business and your customers.
• AI processing — sending message content to OpenAI's API to generate suggested or automatic responses on your behalf.
• Analytics & insights — providing dashboards, reports, and performance metrics for your messaging channels.
• Service improvement — analysing aggregated, de-identified data to improve features, reliability, and performance.
• Security & fraud prevention — detecting abuse, preventing unauthorized access, and enforcing our Terms of Service.
• Communications — sending you transactional emails (e.g., password resets, billing receipts) and, with consent, product updates.

We do not sell your data. We share data only in the following circumstances:

• OpenAI — message content is sent to OpenAI's API for AI response generation. OpenAI processes this data under their API data usage policy, which states that data sent through the API is not used to train their models.
• Meta Platforms — we interact with Meta's APIs to send and receive messages on WhatsApp and Instagram on your behalf.
• Infrastructure providers — we use cloud hosting, database, and monitoring services that may process data on our behalf under strict data processing agreements.
• Legal obligations — we may disclose data if required by law, regulation, or valid legal process.

We retain your account data for as long as your account is active. Conversation data is retained for the duration of your subscription plus 30 days after account deletion to allow for data export.

You may request earlier deletion of specific data by contacting us. Aggregated, de-identified analytics data may be retained indefinitely.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate data.
• Deletion — request deletion of your personal data, subject to legal retention obligations.
• Portability — request your data in a structured, machine-readable format.
• Objection — object to certain types of processing, such as direct marketing.
• Restriction — request that we limit how we process your data in certain circumstances.

To exercise any of these rights, email us at support@hodar.ai. We will respond within 30 days.

We use only essential session cookies required for authentication and security. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS) and at rest.
• Hashed passwords using modern algorithms (bcrypt).
• Role-based access controls and multi-tenant data isolation.
• Regular security audits and monitoring.

No system is perfectly secure. If you discover a vulnerability, please report it to support@hodar.ai.

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for any international transfers, including standard contractual clauses where applicable.

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy, contact us at: