Privacy Policy

Last updated: March 8, 2026

1. Introduction

he110.me, operated by Tal Frider ("we", "us", or "our"), operates the he110.me website and service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

We collect the following information:

  • Google Account Data: When you sign in with Google, we receive your name, email address, and profile photo.
  • Profile Information: Information you provide for your public page, including job title, company name, bio, about section, icebreakers, and social links.
  • Calendar URL: If you add a Google Calendar booking link, we store and display it on your page.
  • Company URL: If provided, we use it to extract brand colors for your page theme.
  • Uploaded Media: Profile photos, company logos, and brand assets you upload are stored in our cloud blob storage (Vercel Blob).
  • Subscription & Billing Data: When you subscribe to a paid plan, our payment processor Paddle.com collects your payment information. We store your subscription status, plan type, billing interval, and Paddle customer/subscription identifiers in our database. We do not store your credit card number or full payment details — those are handled entirely by Paddle.
  • Usage Data: We may collect analytics data about how you interact with our service.

3. How We Use Your Information

  • To create and maintain your public he110.me page
  • To authenticate your identity via Google Sign-In
  • To display your profile information to visitors of your page
  • To provide AI-powered features such as profile generation and voice transcription
  • To extract brand colors from your company website
  • To improve and maintain our service

4. Data Storage & Security

Your data is stored securely using Google Firebase (Firestore) for profile data and Vercel Blob for uploaded media (profile photos, logos, and brand assets). We implement appropriate technical and organizational measures to protect your personal data. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

5. Data Sharing

We do not sell your personal data. We may share your information with:

  • Google/Firebase: For authentication and data storage
  • Google Gemini: For AI-powered profile generation and voice transcription (text data only, processed in real-time and not stored by the AI provider)
  • Vercel: For cloud storage of uploaded media (profile photos, logos, brand assets)
  • Paddle.com: Our payment processor and Merchant of Record, who handles billing, invoicing, and refunds
  • Page Visitors: Information you add to your public page is visible to anyone with your page link

6. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability

You can delete your account and all associated data at any time using the "Delete Account" option at the bottom of your page editor. This permanently removes your profile, uploaded images, username, and authentication data. For other data rights requests, please contact us at the email address on our Contact page.

7. Data Retention & Deletion

We retain your data for as long as your account is active. When you delete your account, the following data is permanently and immediately removed:

  • Your profile content (name, bio, about section, icebreakers, social links, calendar URL)
  • All uploaded media (profile photos, company logos, brand assets) from our blob storage
  • Your username mapping (username becomes available for others to claim)
  • Your Firebase Authentication record
  • Your active Paddle subscription (cancelled automatically upon account deletion)

Billing data retention: In accordance with tax and accounting legal obligations, we retain a limited set of billing and subscription records (such as your email, subscription identifiers, payment transaction IDs, and subscription dates) for up to 7 years after account deletion. This data is stored separately and is used solely for tax compliance, accounting, refund eligibility verification, and dispute resolution. No personal profile content is retained.

Anonymized AI processing traces (used for service improvement and debugging) may persist in third-party logging services but contain no personally identifiable information. Cached or CDN-served copies of previously public page content may persist briefly until cache expiry.

Account deletion is irreversible.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

9. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect personal data from children under 16.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page.

11. Contact Us

If you have questions about this Privacy Policy, please visit our Contact page.