HuGR Wallet - Privacy Policy

Effective Date: April 4, 2026

Last Updated: April 4, 2026

Service Provider: HumanGR Labs

1. Introduction

This Privacy Policy explains how HumanGR Labs ("we", "us", "our") collects, uses, stores, and protects your information when you use HuGR Wallet ("the Service"). We are committed to protecting your privacy and have designed the Service with a security-first architecture as a foundational principle.

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

2. Security Architecture

HuGR Wallet is built with a security-first architecture with multiple encryption layers:

2.1 Password Handling

Your master password is hashed client-side using PBKDF2 before it ever leaves your device.
The server receives only the client-side hash and stores a double-hash (a second hash of the already-hashed password).
At no point does HumanGR Labs have access to your plaintext password.
We cannot view or recover your original password. If you configure an email address, you can set a new password via the password reset flow.

2.2 Encrypted Data

Shield credentials (saved passwords, payment cards, browser sessions) are encrypted client-side before transmission. The server stores opaque ciphertext it cannot decrypt.
API secrets stored via Keys are sent to the server and encrypted server-side with AES-256-GCM using per-user derived keys. They exist in plaintext briefly in server memory during proxy requests (~5ms), then the Worker isolate is destroyed.
Email bodies received via Mail are stored in R2 with Cloudflare's at-rest encryption but are not additionally encrypted by HuGR.

3. Information We Collect

3.1 Information You Provide

3.2 Information Collected Automatically

3.3 Information We Do NOT Collect

Plaintext passwords (hashed client-side before transmission)
Browsing history
Email content in plaintext (bodies stored in R2 with Cloudflare at-rest encryption only)
Keystroke data
Location data (beyond IP-derived country for compliance)
Advertising identifiers
Data from other applications on your device

4. How We Use Your Information

We use collected information exclusively for:

1. Account Management - Creating and maintaining your account

2. Authentication - Verifying your identity during login

3. Security - Detecting and preventing unauthorized access, abuse, and fraud

4. Billing - Processing subscription payments through Stripe

5. Communication - Sending account-related notifications (recovery, security alerts)

6. Service Improvement - Analyzing aggregated, anonymized usage patterns

We do not use your information for:

Advertising or ad targeting
Selling to third parties
Profiling or behavioral tracking
Training machine learning models on your personal data

5. Data Storage and Security

5.1 Storage Infrastructure

5.2 Data Location

Your data is stored on the Cloudflare global network. All data is encrypted both in transit (TLS 1.2 or higher) and at rest. Cloudflare's infrastructure spans multiple regions; data may be replicated across locations for reliability. Replicated data remains encrypted and unreadable to infrastructure operators without the server's master key or the user's password.

5.3 Session Storage

Session credentials are stored in your operating system's native secure storage:

macOS: Keychain Access
Windows: Credential Manager
Linux: Secret Service API (libsecret)

Session tokens are never stored in plaintext files, browser cookies, or localStorage.

6. Third-Party Services

We integrate with a limited number of third-party services. Each receives only the minimum data necessary for its function:

6.1 Stripe (Payment Processing)

Data shared: Email address, payment method details
Purpose: Subscription billing and payment processing
Their policy: [stripe.com/privacy](https://stripe.com/privacy)
Note: HumanGR Labs does not directly store your payment card numbers. Card details are handled entirely by Stripe.

6.2 Resend (Email Delivery)

Data shared: Email address, email content (transactional messages only)
Purpose: Sending account recovery emails, security alerts, and notifications
Their policy: [resend.com/legal/privacy-policy](https://resend.com/legal/privacy-policy)

6.3 Google Safe Browsing (Domain Verification)

Data shared: Domain names (not full URLs, not user credentials)
Purpose: Checking domain safety before autofill to protect against phishing
Their policy: [policies.google.com/privacy](https://policies.google.com/privacy)
Note: Only domain names are sent. No user credentials or browsing history is shared.

We do not share your data with any other third parties, data brokers, or advertising networks.

7. Cookies and Tracking

HuGR Wallet uses an API-only architecture. We do not use web cookies, tracking pixels, or browser-based tracking technologies. Authentication is handled via secure tokens stored in your OS keychain (see Section 5.3).

8. Analytics

Our analytics are minimal and privacy-preserving:

We track aggregate signup and login event counts (not individual user behavior).
We do not use third-party analytics platforms (no Google Analytics, no Mixpanel, etc.).
We do not fingerprint devices or browsers.
All usage metrics are aggregated and anonymized before analysis.

9. Data Retention

After the retention period, data is permanently and irreversibly deleted. Deletion is performed at the account level, removing all D1 rows, KV entries, and R2 objects associated with the user.

10. Your Rights

10.1 LGPD Rights (Brazil)

Under the Lei Geral de Protecao de Dados (LGPD - Law No. 13,709/2018), you have the right to:

Access - Confirm and access the personal data we hold about you
Correction - Request correction of inaccurate or incomplete data
Anonymization, Blocking, or Deletion - Request anonymization, blocking, or deletion of unnecessary or excessive data
Portability - Request transfer of your personal data to another service provider
Deletion - Request deletion of personal data processed with your consent
Information - Be informed about third parties with whom your data is shared
Revocation - Revoke your consent at any time

10.2 GDPR Rights (European Union)

Under the General Data Protection Regulation (GDPR), you have the right to:

Access (Art. 15) - Obtain a copy of your personal data
Rectification (Art. 16) - Correct inaccurate personal data
Erasure (Art. 17) - Request deletion of your personal data ("right to be forgotten")
Restriction (Art. 18) - Restrict processing of your personal data
Portability (Art. 20) - Receive your data in a structured, machine-readable format
Objection (Art. 21) - Object to processing of your personal data

10.3 How to Exercise Your Rights

You may exercise your data rights through:

Data Export: `GET /_wallet/export` API endpoint (returns all your data in JSON format)
Account Deletion: `POST /_wallet/delete-account` API endpoint or via account settings
Correction: Update your profile through account settings
Inquiries: Email [email protected]

We will respond to all rights requests within 15 days (LGPD) or 30 days (GDPR).

11. Legal Basis for Processing (GDPR)

12. International Data Transfers

Your data may be processed in countries outside your country of residence due to Cloudflare's global infrastructure. All international transfers are protected by:

Encryption in transit and at rest
Zero-knowledge architecture (data is unreadable without your password)
Standard Contractual Clauses (SCCs) where applicable
Cloudflare's data processing agreements

13. Children's Privacy

HuGR Wallet is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has created an account, we will take steps to delete the account and associated data promptly.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected].

14. Data Breach Notification

In the event of a data breach that affects your personal data, we will:

1. Notify affected users via email (if email is on file) within 72 hours of becoming aware of the breach

2. Notify relevant supervisory authorities as required by LGPD and GDPR

3. Provide details about the nature of the breach, data affected, and remediation steps

4. Publish a notice on humangr.com for transparency

Due to our architecture, a server breach would not expose plaintext passwords (double-hashed) or Shield credentials (client-side encrypted). API secrets stored via Keys and email bodies stored in R2 rely on Cloudflare's infrastructure encryption and the server's master key for protection.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

The updated policy will be posted on [humangr.com](https://humangr.com)
The "Last Updated" date at the top will be revised
We will provide at least 30 days' notice before material changes take effect
For significant changes, we will notify you via email (if an email is on file) or through an in-app notice

16. Data Protection Officer

For LGPD and GDPR compliance inquiries, you may contact our data protection representative:

Email: [email protected]
Response time: Within 15 business days

17. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

Privacy inquiries: [email protected]
Legal inquiries: [email protected]
Website: [humangr.com](https://humangr.com)

*HumanGR Labs - HuGR Wallet Privacy Policy v1.0*