This Privacy Policy explains what personal data Halvern collects, why we collect it, how we use it, and what rights you have.
Effective date: April 29, 2026
Halvern is operated by Ali Toman as an individual sole proprietor (not a corporation). We do not sell, rent, license, or share your personal data with third parties for commercial or marketing purposes.
We collect information you provide directly, including your name, work email address, organization name, billing and invoicing details, and the content of messages you send to us.
If you use Halvern, we process usage data such as pages visited, features used, workspace settings, prompts, search activity, support requests, and service telemetry needed to operate and improve the service.
We also collect technical data such as IP address, cookies, server log files, browser type, and device information to maintain security, reliability, and abuse prevention.
Payment processing is handled by third-party payment providers. We do not store full card details on Halvern systems.
We use information to operate, maintain, and improve Halvern.
We use information to send transactional emails such as account notices, billing notices, and security alerts.
We use information to respond to support requests and maintain service reliability.
Customer documents and workspace data are processed to provide document indexing, search, retrieval, summarization, and source citation features requested by the customer.
We do not use your personal data for advertising.
We retain personal data only for as long as needed for the purposes described in this Policy, including contractual, legal, accounting, security, and dispute-resolution requirements.
Because Halvern operates internationally, personal data may be processed in countries outside your own. Where required, we use appropriate transfer safeguards, such as contractual protections, before transferring personal data across borders.
You can request deletion of your account data, subject to legal exceptions and legitimate business needs such as fraud prevention, security logging, and compliance obligations.
Depending on your location, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing.
For California residents, we provide rights to know, delete, and correct personal information, and the right to non-discrimination for exercising privacy rights. We do not sell or share personal information as defined by California law.
To exercise privacy rights, contact hello@halvern.com. We may verify your identity before fulfilling a request and will respond within applicable legal timelines.
For EU/EEA users, our legal bases under GDPR Article 6 are performance of a contract (Article 6(1)(b)) and legitimate interests (Article 6(1)(f)) for service security, fraud prevention, and operations. You may lodge a complaint with your local data protection authority.
For California users, you have the right to know what personal information we collect and the right to request deletion, subject to legal exceptions. Because we do not sell personal information, no sale opt-out is required.
Halvern is not intended for users under 13 years old.
We do not knowingly collect personal data from children under 13.
For privacy questions, rights requests, or complaints, contact hello@halvern.com.
We may update this Privacy Policy from time to time. We will communicate material changes by email or in-app notice. The updated version is effective when posted on this page, unless a later date is stated.
If your organization signs a separate agreement, including a data processing addendum (DPA), that agreement governs to the extent of any conflict for that customer relationship.