HookHero

Privacy Policy

Effective date: May 2026

1. Who we are

HookHero AI Suite ("we", "us", or "our") is the data controller for the personal data collected through the HookHero website and services. If you have questions about this policy, please contact us through the support channels available on our website.

2. What personal data we collect

  • Account data: name, email address, and password (hashed) when you register for an account.
  • Usage data: how you interact with our tools, including prompts, generated outputs, and feature usage.
  • Device and log data: IP address, browser type, operating system, and access times.
  • Support data: messages and correspondence when you contact us for help.
  • Payment data: handled by our Merchant of Record, Paddle. We do not store full payment card details on our servers.

3. How we use your data

  • To create and manage your account.
  • To provide, maintain, and improve our AI content generation services.
  • To process payments and manage subscriptions.
  • To detect fraud, abuse, and security threats.
  • To send service-related updates and, where permitted, product news.
  • To respond to your support requests.

4. Legal basis for processing

We process personal data on the following legal bases: (a) performance of a contract with you; (b) our legitimate interests in operating and improving our services; (c) compliance with legal obligations; and (d) your consent, where specifically requested (for example, for marketing emails).

5. Data sharing

We share personal data with the following categories of recipients:

  • Service providers: hosting, analytics, email delivery, and customer support tooling.
  • Merchant of Record (Paddle.com): for payment processing, subscription management, tax compliance, and invoicing. Paddle operates as an independent reseller and processes payment data under its own privacy practices.
  • Professional advisers: legal and accounting professionals, where necessary.
  • Authorities: when required by applicable law or to protect our rights.

6. Data retention

We keep your personal data for as long as your account is active or as needed to provide you with our services. After account deletion, we retain certain data for legal, tax, and fraud-prevention purposes for a reasonable period, then delete or anonymise it.

7. Your rights

Depending on your location, you may have the right to access, correct, delete, restrict, or port your personal data, and to object to certain processing. To exercise these rights, contact us through the support channels on our website. We will respond within one month.

8. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit and at rest, access controls, and regular security reviews. No method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

9. Cookies and tracking

We use essential cookies to keep you signed in and maintain session state. We may use analytics cookies to understand how visitors use our site. You can manage cookie preferences through your browser settings.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page with an updated effective date. Continued use of the service after changes constitutes acceptance of the updated policy.