Privacy Policy

HumanRaj Technologies ("HumanRaj", "we", "us", "our") operates the platform at humanraj.com. We are built on a single commitment: technology that helps humans grow rather than exploiting them.

This platform does not show third-party advertisements. We do not sell, rent, or broker your personal data to any third party for advertising or commercial profiling purposes.

This policy applies to all visitors and registered users of humanraj.com, regardless of where you are located. Users must be 13 years or older (or the minimum digital-consent age in their country) to create an account. We do not knowingly collect data from children under 13.

3.1 Account data

• Full name and display name
• Email address (your sign-up email and/or your HumanRaj-branded email)
• Phone number (if provided for 2FA or SMS notifications)
• Profile photo (if uploaded)
• Password (stored as a salted bcrypt hash — never in plain text)

3.2 Content you create

• Emails stored in your HumanRaj Inbox
• Social and Professional posts, comments, and reactions
• Blog articles and drafts
• Channel videos and descriptions
• Marketplace listings
• Drive files
• Chat messages (encrypted in transit)

3.3 Usage and device data

• IP address and approximate location (country/city level)
• Device type, operating system, and browser
• Pages viewed and features used (aggregate analytics only)
• AI assistant conversation history (stored to give you context continuity)

3.4 Third-party sign-in data

If you sign in with Google, Apple, or Facebook OAuth, we receive your name and email address from that provider as permitted by their OAuth scopes. We do not receive access to your full social graph or contacts from these providers.

• To create and manage your account and authenticate your identity.
• To deliver, operate, and improve the ten HumanRaj tools (Inbox, Chat, Drive, Social, Professional, Channel, Marketplace, Blog, AI Assistant, Controls).
• To send transactional emails (email verification, password reset, notifications) via AWS SES.
• To power the AI Personal Assistant — your conversation history is used only to give you better answers; it is never used to train third-party AI models.
• To detect and prevent fraud, spam, and abuse.
• To comply with applicable law and respond to lawful requests from authorities.

We share minimum necessary data with the following services to operate the platform:

We do not use Google Analytics, Meta Pixel, or any behavioural advertising trackers.

Your data is stored on Supabase servers located in Singapore (ap-southeast-1 region). Media assets (images and videos) are delivered via Bunny CDN, which caches content at Points of Presence globally to reduce latency. No personally identifiable data is stored on CDN edge nodes — only public media files.

If you are located in the European Economic Area (EEA) or India, and your data is transferred outside your jurisdiction, we rely on the relevant Standard Contractual Clauses or adequacy decisions where required.

• Active accounts: data is retained as long as your account is active.
• Deleted accounts: data is permanently purged within 30 days of account deletion. You can restore your account within this grace period by signing back in.
• Backups: encrypted backups may retain data for up to 90 days after deletion before being overwritten.
• Legal holds: we may retain certain data longer if required by applicable law.

Depending on where you are located, you have the following rights:

8.1 All users

• Access: Download all your data from Controls → "Download my data".
• Deletion: Delete your account from Controls → Account → Delete. A 30-day grace period applies.
• Correction: Update your profile information at any time.
• Portability: Export your content as a structured JSON/CSV archive.

8.2 EEA / UK users (GDPR / UK GDPR)

• Right to object to processing and right to restrict processing.
• Right to withdraw consent at any time (this does not affect past processing).
• Right to lodge a complaint with your national supervisory authority.

Our lawful basis for processing is: performance of contract (to deliver the service), legitimate interests (security and fraud prevention), and consent (optional features such as wellness insights and push notifications).

8.3 California users (CCPA / CPRA)

• Right to know what personal information we collect, use, and disclose.
• Right to delete your personal information (subject to limited exceptions).
• Right to opt out of the sale or sharing of personal information. We do not sell or share personal information.
• Right to non-discrimination for exercising your rights.

8.4 India users (DPDP Act 2023)

• Right to obtain information about your personal data being processed.
• Right to correction and erasure of personal data.
• Right to nominate another individual to exercise rights on your behalf.
• Right to grieve — contact our Grievance Officer below.

In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, the following person has been designated as the Grievance Officer:

We use only essential cookies and browser local storage required to keep you signed in and remember your preferences (e.g., theme, notification settings). We do not use advertising cookies or third-party tracking pixels. You can manage cookie preferences via the banner shown on your first visit.

We implement industry-standard security practices: TLS encryption in transit, AES-256 encryption at rest in Supabase, row-level security (RLS) on all database tables, and rate limiting on authentication endpoints. No system is 100% secure; if you discover a vulnerability, please report it to security@humanraj.com.

HumanRaj is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us at privacy@humanraj.com and we will delete it promptly.

We will notify you of material changes by email or by a notice on the platform at least 14 days before the change takes effect. Continued use of HumanRaj after the effective date constitutes acceptance of the revised policy.

• General privacy: privacy@humanraj.com
• Security: security@humanraj.com
• Grievances (India): grievance@humanraj.com
• Legal: legal@humanraj.com