Privacy Policy

Effective Date: September 30, 2025.

1. Who we are and scope

Zeus AI Labs, Inc. ("Hercules," "we," "our," "us") operates the web application available at hercules.app (the "Service"). This Privacy Policy explains how we collect, use, share, and protect personal data when you use the Service. It forms part of, and is governed by, our Terms of Service.

We act as the data controller for personal data described here, except where we process Content solely on behalf of a customer under a separate data‑processing addendum—in that case we act as a processor.


2. Personal data we collect and how we use it

Category of informationWhat it includesHow it's being usedSourceLegal basis (GDPR / UK GDPR)
Account & billingName, email, authentication tokens, payment‑method tokens (no full card numbers), postal address, plan tierProvide, maintain, and bill for the ServiceYouContract
ContentPrompts, code, files, AI‑generated outputs ("Content")Provide the Service; improve and train our AI modelsYou / ServiceContract; legitimate interests (users on Team and Enterprise plans can disable training)
TelemetryDevice type, browser, OS, IP address, clickstream, error traces, usage frequencyProduct analytics; security and fraud preventionAutomated (or after cookie consent)Legitimate interests; legal obligation
CommunicationsSupport tickets, feedback, survey responses, bug reportsProvide support; improve the ServiceYouContract; legitimate interests
Cookies & similar techFirst‑party session cookies (authentication state); product analytics cookies (user session data, page views, interactions); advertising technology cookies (ad targeting)Authentication; product analytics; personalized marketingAutomated (browser)Strictly necessary (authentication); consent where required by law (analytics and advertising technology)
Marketing dataEmail address, communication preferences, engagement dataSend promotional emails and product updatesYouConsent where required by law; you have the right to opt‑out (CCPA/CPRA)
Legal & complianceAny personal data relevant to legal proceedings or regulatory requirementsLegal compliance and dispute resolutionVarious sourcesLegal obligation

We do not knowingly collect data from anyone under 13 (under 16 in the EEA/UK).


3. How we share personal data

RecipientRole
Cloud hosting providersHost and store data (e.g. Amazon Web Services, Cloudflare, Fly.io)
Payment processorsProcess payments and billing (e.g. Stripe)
Analytics providersProduct analytics, error monitoring, and usage insights (e.g. PostHog, Sentry, Braintrust)
Email service providersSend transactional emails, newsletters, and onboarding communications (e.g. Customer.io)
Third‑party integrationsProvide requested functionality when you enable integrations (e.g. GitHub, Slack, Linear)
To the publicApp data that you have explicitly designated as public through the Service settings
Successor entitiesBusiness transfers (merger, acquisition, bankruptcy)
Legal & regulatory bodiesCourts, law enforcement, or regulators – only when compelled by valid legal process (subpoena, court order, warrant) or as required by applicable law
Emergency respondersOnly when we have good faith belief that disclosure is necessary to prevent imminent physical harm or death

We may also disclose your personal data to other service providers with your explicit consent or at your direction.

4. Your data rights

You have the following rights regarding your personal data:

  • Access – Request confirmation of what personal data we process about you and obtain a copy, including details about categories, purposes, sources, recipients, retention periods, and any automated decision‑making
  • Portability – Receive your personal data in a structured, machine‑readable format to transfer to another service
  • Rectification – Correct inaccurate or incomplete data. You can update this data yourself from the app settings.
  • Restriction – Limit how we process your data in certain circumstances (e.g., if accuracy is disputed)
  • Object – Object to processing based on legitimate interests or opt out of marketing at any time
  • Withdraw Consent – Withdraw consent where processing relies on it (although this does not affect prior lawful processing)
  • Erasure – Request deletion of your data. You can delete your account yourself in app settings. Data is removed within 30 days.

5. Cookies and related technologies

We use cookies, pixels, web beacons, and similar technologies to collect usage data and provide analytics. Our third‑party partners may also use these technologies for targeted advertising based on your activity across websites and services.

Managing your preferences

Where required by law, you can manage cookie preferences using the "Cookie Preferences" link in our website footer. You can also:

  • Adjust settings in your browser to block or limit cookies
  • Use device settings (like Apple's App Tracking Transparency or Android's opt‑out features) to control targeted advertising
  • Opt out of interest‑based ads through the Digital Advertising Alliance

Note that blocking cookies may affect your experience with the Service.


6. Security

We keep your data secure through technical, organizational, and administrative safeguards

  • Encryption – TLS 1.3 for every connection, AES‑256‑GCM for data at rest and encrypted secrets
  • Segregated environments – production, staging, and development run in isolated environments.
  • Access controls – we mandate MFA for all services
  • Secure software development – static analysis, dependency scanning, and infrastructure‑as‑code checks on every pull request; code reviews are required for all changes.

We continually refine our controls and welcome responsible disclosure of potential issues to hello@hercules.app

7. International transfers

We host primary data in the United States. For EEA/UK data we rely on Standard Contractual Clauses and the UK Addendum. Enterprise customers may choose to store Content exclusively in our EU region.

8. Children's privacy

The Service is intended for users 13 years or older.

9. Changes to this policy

We may update this Privacy Policy from time to time. Changes and policy updates will be handled in accordance with the process outlined in our Terms.

10. Contact us

If you have any questions or concerns or would like to contact our Data Protection Officer, please email hello@hercules.app or write to:

Zeus AI Labs, Inc.
221 Kearny St, Level 3
San Francisco, CA 94108 USA