Legal

Privacy Policy

This policy explains how we handle data on the Heliarko website and in the optional cloud subscription. The most important point: the personal content inside your local capsule stays on your device and is not collected by us.

Fully local

Your capsule lives on your computer or an external drive.

A keeper inside

The keeper works only with the local material in your capsule.

Sample screens only

Every screen on the site uses sample data.

Your capsule is yours - we do not collect it.

Your capsule and everything in it - your files, voice, memory, and search by meaning - are created and stored on your own computer or external drive. They are never uploaded to or collected by Heliarko. No one here holds a key, there is no back door, and we cannot open, read, or copy your capsule. This policy therefore covers only the public website and the optional cloud subscription.

Controller.

The controller responsible for processing under the GDPR is Heliarko, operated during the testing period under CEIDG, Poland. Business address: Aleje Jerozolimskie 85/21, 02-001 Warszawa, Poland. Email: info@heliarko.com. No separate Data Protection Officer contact is published for the testing period; privacy requests go to info@heliarko.com.

Website data we process.

When you visit the site, the web server (nginx, on a server rented from Hetzner Online GmbH, Nuremberg, Germany) writes technical access-log entries: your IP address, the date and time of the request, the requested path, the referring page, and your browser and operating system (the user agent). This is necessary to deliver the site securely and reliably; the logs are kept for operation and security and leave on the server's default log-rotation cycle. Downloads of the program are logged the same way. As currently built, the website sets no tracking cookies and runs no analytics or advertising tools.

When you contact us.

If you write to info@heliarko.com or another listed address, we process your email address, your message, and any details you choose to share, solely to handle your enquiry and any follow-up.

Testing period and payments.

Free during the testing period. Payments are not accepted during testing. If commercial terms are introduced later, this policy and the terms will be updated before paid use starts.

The optional cloud subscription (the living conversation).

The capsule works offline as a letter you can read and search. The living conversation is an optional, separate cloud feature. When it is used, your question and the answer may be relayed to a third-party cloud AI provider that generates the response. The relay is designed to carry the question and the answer without storing a copy of your capsule content. Provider-specific processing and retention terms depend on the provider active at the time of use and will be reflected before commercial operation.

Purposes and legal bases (GDPR Art. 6).

Operating and securing the website: our legitimate interest (Art. 6(1)(f)). Responding to your enquiries: pre-contractual or contractual steps and our legitimate interest (Art. 6(1)(b) and (f)). Providing the cloud subscription: performance of a contract (Art. 6(1)(b)). Anything based on consent (none required as currently built): your consent (Art. 6(1)(a)), which you may withdraw at any time.

Recipients and processors.

We share data only with service providers acting on our behalf: Hetzner Online GmbH (Nuremberg, Germany) provides the server that hosts the website and the program downloads, email providers are used to receive and answer messages, and - only for the living conversation when enabled - a third-party cloud AI provider. These providers act as processors or independent parties under their own terms and applicable agreements.

International transfers.

Some providers may process data outside the European Economic Area, including in the United States. Where this happens, transfers should be protected by appropriate safeguards such as European Commission Standard Contractual Clauses, an adequacy framework, or equivalent provider safeguards required by applicable law.

Retention.

This static website does not run its own application database. The web server's technical access logs are kept for operation and security and are deleted on the default log-rotation cycle. Enquiry emails are kept only as long as needed to handle the matter and meet any legal retention duties.

Your rights under the GDPR.

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection, and the right to withdraw consent at any time. To exercise any right, email info@heliarko.com. You also have the right to lodge a complaint with the Polish supervisory authority: Prezes Urzędu Ochrony Danych Osobowych, ul. Stanisława Moniuszki 1A, 00-014 Warszawa, Poland.

US privacy rights (CCPA/CPRA and similar).

If you are a US resident, you may have rights to know, access, correct, and delete personal information, and to opt out of its sale or sharing. We do not sell your personal information and do not share it for cross-context behavioural advertising. We honour verifiable requests and will not discriminate against you for exercising these rights. To make a request, email info@heliarko.com.

Children.

The website and product are not directed to children. We do not knowingly collect personal data from children under 16, or the applicable age in your jurisdiction such as 13 in the United States. If you believe a child has provided us data, contact us and we will delete it.

Security.

We use reasonable technical and organisational measures to protect the data we process. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Changes and contact.

We may update this policy as the product, providers, and law evolve. Effective date: 7 July 2026. Questions: info@heliarko.com.

Review note.

This policy reflects the current static website and free testing period. It should be reviewed again before paid service, analytics, account login, forms, or additional processors are introduced.