日本語 Back to Home

Privacy Policy

Privacy Policy

Last updated: May 26, 2026
Service: HyperAILab
Contact Channel: contact@hyperailab.com

1. Overview

This Privacy Policy describes how information is collected, used, stored, protected, shared, retained, exported, erased, and deleted when you use HyperAILab and related websites, credential-gated portfolio areas, AI solution demos, consulting services, production AI platforms, automation systems, advisory services, enterprise governance materials, lifecycle support services, contact forms, documentation, APIs, integrations, project workspaces, and related services (collectively, the "Service").

HyperAILab provides AI solutions and consulting services. The Service may process contact information, account information, access information, project information, client materials, prompts, messages, files, documents, use-case descriptions, technical data, business data, operational data, derived data, and website usage data.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Service Provider

Service Operator: HyperAILab operator
Legal Entity / Business Name: Provided upon legitimate request where legally required.
Registered Address: Provided upon legitimate request where legally required.
Contact Channel: contact@hyperailab.com

Additional contact methods may be provided on the website, inside the Service, at checkout, in an order form, in a statement of work, on an invoice, or through another official channel.

3. Information Collected

3.1 Contact and Inquiry Information

The Service may collect information submitted through website forms, email, consultation requests, project inquiries, or other communication channels, including:

  • name;
  • email address;
  • organization name;
  • role or title;
  • phone number if provided;
  • message content;
  • project description;
  • use-case description;
  • preferred contact method;
  • consultation, proposal, or support request details;
  • communication timestamps and response history.

3.2 Account and Access Information

Where account functionality, credential-gated portfolio access, demos, project spaces, or restricted materials are available, the Service may collect:

  • account identifier;
  • username or display name;
  • email address;
  • password or authentication data;
  • authentication status;
  • session information;
  • login timestamps;
  • account creation, update, deletion, and access timestamps;
  • organization, project, role, invitation, whitelist, beta, pilot, admin, or access status;
  • failed login, security, and verification events.

Passwords should not be reused from financial accounts, government systems, client systems, production systems, cloud systems, or other important services.

3.3 Client, Project, and Business Information

To provide consulting, implementation, AI platform, automation, governance, or support services, the Service may collect or process:

  • organization profile and business context;
  • use cases, requirements, constraints, and objectives;
  • process descriptions and operating models;
  • technical architecture, system descriptions, data schemas, logs, API details, and integration requirements;
  • project documents, files, datasets, URLs, knowledge bases, policies, procedures, reports, diagrams, screenshots, and meeting notes;
  • stakeholder information and communication records;
  • project plans, milestones, deliverables, acceptance records, support requests, issue reports, and change requests;
  • billing, checkout, subscription, invoice, contract, order form, and statement-of-work status if paid services are introduced.

You should not submit sensitive personal data, regulated data, confidential third-party data, production secrets, credentials, private keys, access tokens, or unnecessary restricted information unless required for an agreed project and authorized under applicable law and contract.

3.4 User Content and Communications

The Service may collect and process content you submit, upload, create, or send, including:

  • prompts;
  • questions;
  • chat messages;
  • support messages;
  • email messages;
  • feedback;
  • notes;
  • uploaded or submitted files where such features are available;
  • URLs or documents submitted for analysis;
  • research context;
  • project context;
  • business logic;
  • preferences, language selection, and display settings.

User Content may include sensitive information if you choose to submit it. You are responsible for ensuring that you have the right to process submitted information through the Service.

3.5 Derived, Analytical, and Operational Data

To provide and improve the Service, HyperAILab may create, store, or process derived data, including:

  • AI summaries;
  • embeddings or indexed context where applicable;
  • retrieved snippets and source references;
  • prompt-response logs;
  • automation outputs;
  • model outputs;
  • code, configuration, workflow, and integration artifacts;
  • evaluation results;
  • performance metrics;
  • usage metrics;
  • error records;
  • audit records;
  • access-control records;
  • feature usage records;
  • project-specific dashboard states or system states.

3.6 Automatically Collected Information

The Service may automatically collect:

  • IP address;
  • device type;
  • operating system;
  • browser type and version;
  • language setting;
  • timezone;
  • access times;
  • pages and features used;
  • request metadata;
  • referral source;
  • session identifiers;
  • cookies and similar identifiers;
  • upload, query, search, chat, AI-processing, dashboard, API, and integration usage data;
  • error logs;
  • rate-limit counters;
  • security events;
  • audit logs;
  • operational status and performance logs.

3.7 Cookies and Similar Technologies

The Service may use cookies, local storage, session storage, and similar technologies for:

  • authentication;
  • session management;
  • CSRF protection;
  • security;
  • account access;
  • language selection;
  • website functionality;
  • portfolio access;
  • form functionality;
  • usage analysis;
  • performance improvement;
  • abuse prevention.

You may control cookies through browser settings. Some features may not function correctly if cookies are disabled.

3.8 Payment Information

If paid services, subscriptions, purchases, consulting engagements, pilot deployments, implementation services, support services, or paid digital features are introduced, payment data may be processed by third-party payment providers, banks, invoice systems, or a Merchant of Record.

The Service does not intend to store full payment card details unless expressly stated. Payment providers may process billing information, payment method details, tax information, fraud-prevention data, transaction history, invoices, receipts, refunds, disputes, and subscription status under their own terms and privacy policies.

4. Purpose of Use

Information is used for:

  • operating and maintaining the Service;
  • providing the website, contact forms, portfolio access, demos, account access, and project spaces;
  • responding to inquiries;
  • scheduling consultations;
  • evaluating use cases;
  • preparing proposals, order forms, statements of work, invoices, and project plans;
  • delivering AI consulting, implementation, automation, governance, support, and lifecycle services;
  • creating, configuring, testing, deploying, maintaining, and supporting AI platforms, workflows, integrations, dashboards, models, and project artifacts;
  • processing prompts, messages, files, documents, URLs, data, and project context;
  • authenticating users and enforcing access controls;
  • processing payments, subscriptions, cancellations, and refunds where applicable;
  • monitoring abuse, security risks, fraud risks, and operational integrity;
  • applying rate limits and access restrictions;
  • maintaining audit logs for sensitive actions;
  • improving performance, reliability, usability, safety, and security;
  • complying with legal obligations;
  • enforcing Terms of Service and related policies;
  • resolving disputes;
  • protecting the rights, safety, confidentiality, and security of users, clients, the operator, infrastructure, and third parties.

5. AI Processing

The Service may use AI systems and third-party AI providers for:

  • summarization;
  • embeddings;
  • semantic search;
  • question answering;
  • document analysis;
  • code generation or code review;
  • data extraction;
  • workflow generation;
  • automation design;
  • classification;
  • anomaly or pattern analysis;
  • proposal and documentation drafting;
  • project analysis;
  • chat over ingested context;
  • fallback or degraded processing where available.

User Content, client materials, project context, derived data, and metadata may be sent to AI providers only as needed to provide these functions, subject to applicable provider terms, security measures, contracts, and legal requirements.

AI outputs may be inaccurate or incomplete. The Service treats AI outputs as informational and operational aids, not final truth, legal advice, medical advice, financial advice, regulated compliance advice, or professional certification.

6. Legal Basis Where Applicable

Where a legal basis is required, processing may be conducted based on:

  • user consent;
  • contractual necessity to provide the Service;
  • steps taken before entering into a contract;
  • legitimate interests in operating, securing, improving, and protecting the Service;
  • compliance with legal obligations;
  • protection of rights, safety, security, fraud prevention, and dispute resolution.

7. Sharing of Information

Personal information is not sold.

Information may be shared with:

  • hosting and infrastructure providers;
  • database, storage, backup, and security providers;
  • identity, authentication, and account-access providers;
  • AI, embedding, summarization, model, and automation providers;
  • analytics, monitoring, logging, and performance providers;
  • cloud, API, integration, and software providers;
  • email, communication, meeting, and support platforms;
  • payment providers, banks, invoice systems, or Merchants of Record if paid services are introduced;
  • professional advisers where necessary;
  • client-designated systems, vendors, or stakeholders where needed for an authorized project;
  • legal authorities, regulators, courts, law enforcement, platforms, providers, affected clients, or affected parties where required by law or necessary to protect rights, safety, confidentiality, security, operational integrity, or prevent abuse;
  • parties involved in a business transfer, restructuring, merger, acquisition, sale, or similar transaction, subject to appropriate protections.

Third parties are expected to handle information in accordance with applicable laws and their own contractual obligations.

8. International Data Transfers

Data may be processed or stored outside your country of residence depending on the providers, infrastructure, AI services, cloud services, communication platforms, and project requirements used.

Where required by law, appropriate safeguards will be used for international transfers. By using the Service, you acknowledge that information may be transferred, processed, and stored in jurisdictions outside your country of residence where permitted by law.

9. Data Retention

Information is retained only for as long as necessary to:

  • provide the Service;
  • maintain account access and project records;
  • provide consulting, implementation, support, AI processing, and restricted features;
  • maintain payment, subscription, billing, tax, accounting, contract, and project records where applicable;
  • comply with legal, tax, accounting, billing, security, confidentiality, and audit obligations;
  • resolve disputes;
  • enforce agreements and policies;
  • monitor abuse, fraud, security, and operational integrity.

Retention periods may differ by data type. Contact records, account records, project records, submitted materials, support messages, security logs, operational logs, AI-processing logs, prompt-response logs, derived data, payment records, and contract records may be retained for different periods depending on function, contract terms, technical feasibility, and legal requirements.

10. Data Export, Erasure, and Account Deletion

Where available and technically feasible, the Service may provide account controls or support processes that allow users to:

  • request access to account data;
  • request correction of inaccurate data;
  • request deletion of account data;
  • request export of account data;
  • close an account.

Some information may remain where retention is required by law, tax, accounting, billing, security, fraud prevention, sanctions compliance, dispute resolution, backup integrity, audit obligations, project continuity, contract obligations, or legitimate operational needs.

Deletion may not immediately remove every historical trace from backups, logs, third-party systems, AI-provider logs, client systems, email records, project archives, or records that must be retained for lawful purposes.

11. Data Security

Reasonable technical and organizational measures are used to protect information from unauthorized access, disclosure, alteration, or destruction.

Security measures may include:

  • authentication controls;
  • password controls;
  • role and access controls;
  • admin restrictions;
  • credential-gated access controls;
  • CSRF protections;
  • rate limits;
  • request validation;
  • parser limits;
  • audit logs;
  • database access controls;
  • backup and restore procedures;
  • operational monitoring;
  • security event logging;
  • project access restrictions;
  • provider access controls.

No method of transmission, processing, or storage is completely secure. The operator cannot guarantee absolute security.

12. User and Client Responsibilities

You are responsible for:

  • submitting only information you have the right to process;
  • avoiding unnecessary submission of sensitive personal, medical, financial, government, biometric, confidential, regulated, client, or third-party information;
  • maintaining account, email, cloud, API, device, and project security;
  • using unique passwords;
  • not submitting passwords, private keys, seed phrases, production secrets, access tokens, or unnecessary credentials;
  • reviewing AI outputs and project materials critically;
  • complying with applicable privacy, confidentiality, employment, procurement, cybersecurity, industry, market, professional, and data-protection obligations;
  • obtaining required notices, consents, approvals, contracts, data processing agreements, or transfer mechanisms before submitting data.

13. User Rights

Subject to applicable law, you may request:

  • access to your personal data;
  • correction of inaccurate data;
  • deletion of your data;
  • restriction of processing;
  • objection to processing;
  • data portability;
  • withdrawal of consent where processing is based on consent.

Requests can be submitted through:

Email: contact@hyperailab.com

The operator may need to verify your identity before responding.

14. Children's Privacy

The Service is not intended for individuals under 18 years of age or under the legal age required in their jurisdiction. Personal information from minors is not knowingly collected.

If you believe a minor has provided personal information through the Service, contact contact@hyperailab.com.

15. Third-Party Links and Services

The Service may contain links to or integrate with third-party websites, services, communities, AI providers, cloud providers, software providers, communication platforms, payment providers, hosting providers, infrastructure providers, analytics providers, and other services.

The operator is not responsible for third-party privacy practices, security practices, content, policies, outages, processing delays, fees, rules, or actions.

16. Enterprise and Project-Specific Terms

For enterprise, government, regulated, or custom projects, additional privacy, confidentiality, security, data processing, retention, access, audit, deletion, and incident-response terms may be stated in a signed agreement, data processing agreement, order form, statement of work, or security addendum. Where those terms conflict with this Privacy Policy, the more specific signed terms govern to the extent permitted by law.

17. Changes to This Privacy Policy

This Privacy Policy may be updated at any time. Updated versions will be published on the website, inside the Service, or through another reasonable notice method.

Continued use of the Service after an update constitutes acceptance of the updated Privacy Policy where permitted by law.

18. Contact Information

For privacy-related inquiries, requests, or complaints, contact:

Email: contact@hyperailab.com