Hayai

Privacy Policy

Last updated: 2026-05-26

What we collect

  • Account identity (email address, OAuth provider id) via Clerk.
  • The contents of notes you create (markdown, titles, timestamps).
  • Standard server logs (IP address, user agent, request paths) retained for 30 days.

How we use it

  • To provide the Hayai service to you (storage, sync, search).
  • To diagnose errors and improve performance.
  • To prevent abuse of the service.

We do not sell your data, share it with advertisers, or use it to train AI models.

Subprocessors

  • Clerk — authentication and user identity.
  • Neon — Postgres database (data encrypted at rest, AES-256).
  • Vercel — hosting and edge network.

Your rights

  • Export your data at any time from Settings → Data → Download ZIP.
  • Delete your account at any time from Settings → Danger zone. Deletion is immediate and permanent.
  • For other requests (rectification, restriction, objection), email privacy@hayai.app.

Cookies

Hayai uses only essential cookies (session, CSRF) needed for sign-in. We do not use analytics, advertising, or tracking cookies.

Security

Data in transit uses TLS 1.3. Data at rest is encrypted with AES-256. We use Postgres Row-Level Security to enforce tenant isolation at the database layer.

Contact

privacy@hayai.app