Privacy Policy

1. Introduction

Harbeni ("we," "us," or "our") is committed to protecting the privacy and security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (harbeni.com) or engage our digital intelligence services, in accordance with applicable data protection laws, including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Information We Collect

• Contact & Account Information: Name, email address, phone number, and billing details when you book a discovery call or become a client.
• Operational & Proprietary Data: Information, documents, and system access you provide to us to build your custom RAG architectures and AI agents (e.g., CRM data, internal wikis).
• Usage Data: Automatically collected data regarding your interaction with our website, including IP addresses, browser types, and navigation paths.

3. How We Use Your Information

We use your information strictly for operational execution:

• To design, deploy, and maintain your custom AI agents and web applications.
• To process payments and manage client relationships.
• To optimize and improve our proprietary system architectures.

4. Third-Party Sub-Processors

To deliver our sophisticated AI architectures, Harbeni utilizes trusted third-party sub-processors, including but not limited to vector database providers and Large Language Model APIs (e.g., Google Gemini, Supabase, Vercel). By using our Services, you consent to the processing of your data by these sub-processors. We ensure that all sub-processors are bound by stringent data protection agreements that comply with applicable privacy laws.

5. Proprietary Data and AI Training

Harbeni utilizes Retrieval-Augmented Generation (RAG) to provide localized context to our AI agents. We do not use your proprietary business data, customer profiles, or private communications to train our own foundational models, nor do we permit our API partners to use your private data to train their public LLMs. Your data remains siloed and is used strictly for your operational workflows.

6. Data Security

We implement industry-standard encryption, secure API architectures, and robust access controls to protect your data against unauthorized access, alteration, or destruction. While we utilize highly secure protocols, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Data Rights

Depending on your jurisdiction, you may have the right to request access to, correction of, or deletion of your personal data held by us. To exercise these rights, please contact our administrative team via the contact methods provided on our website.

8. Changes to this Policy

We may update this Privacy Policy periodically to reflect changes in our operational practices or legal obligations. We will notify you of significant changes by posting the updated policy on this page.