Last updated: January 2026

Our Commitment

HAL System is built with privacy as a core principle. We believe your data belongs to you, and we’re committed to protecting it.

What We Collect

Information You Provide

  • Signal Phone Number: Used for account identification and messaging
  • Saved Locations: Optional locations you save for weather and navigation
  • Preferences: Language, locale, temperature units, and other settings
  • Messages: Your commands and queries (processed and not stored long-term)

Automatically Collected

  • Usage Statistics: Anonymized service usage for system improvements
  • Error Logs: Technical logs for debugging (no personal content)
  • API Call Metadata: Timestamps and service types for rate limiting

What We DO NOT Collect

  • Message content (beyond processing your commands)
  • Location tracking (only when you explicitly request location services)
  • Contacts or address book
  • Device information
  • Browsing history
  • Any data from Signal beyond your phone number

How We Use Your Data

Primary Uses

  1. Service Delivery: Process your commands and return results
  2. Personalization: Remember your preferences and saved locations
  3. Account Management: Manage subscriptions and billing
  4. Customer Support: Respond to your inquiries

We Never

  • Sell your data to third parties
  • Use your data for advertising
  • Share your data without your explicit consent
  • Track you across other services
  • Mine your conversations for marketing

Data Storage & Security

Storage

  • Location: EU-based servers (GDPR compliant)
  • Duration: Active accounts - indefinitely; Deleted accounts - 30 days grace period
  • Encryption: At rest (AES-256) and in transit (TLS 1.3)

Security Measures

  • Database encryption
  • Secure API connections (HTTPS only)
  • Regular security audits
  • Limited employee access (need-to-know basis)
  • No plain-text password storage (bcrypt hashing)

Third-Party Services

We use these external services to provide our features:

Weather Data

  • Service: Open-Meteo API
  • Data shared: City names, coordinates
  • Privacy: No personal identifiers shared

Geocoding

  • Service: Nominatim (OpenStreetMap)
  • Data shared: Location queries
  • Privacy: No personal identifiers shared

News

  • Service: BBC RSS feeds
  • Data shared: None (public feeds)
  • Privacy: No data shared
  • Service: OpenRouteService
  • Data shared: Start/end coordinates
  • Privacy: No personal identifiers shared

Mapping (Pro plan)

  • Service: Google Maps (link generation only)
  • Data shared: Location coordinates
  • Privacy: Links only, you visit Google Maps separately

Nearby Places (Pro plan)

  • Service: Overpass API (OpenStreetMap)
  • Data shared: Search coordinates and radius
  • Privacy: No personal identifiers shared

Your Rights (GDPR, CCPA, PIPEDA)

You have the right to:

Access Your Data

Send “export my data” via Signal to receive a complete JSON export.

Includes:

  • User profile
  • Saved locations
  • Preferences
  • Account information

Rectify Your Data

Use “settings” command to update your preferences and information.

Delete Your Data

Send “delete-my-account yes” to permanently remove all your data.

Process:

  1. Must cancel active subscriptions first
  2. Data deletion is permanent and cannot be undone
  3. You’ll receive confirmation when complete

Object to Processing

Contact us to object to specific data processing activities.

Data Portability

Export your data in JSON format (machine-readable).

Children’s Privacy

HAL System is not intended for users under 13 years old. We do not knowingly collect data from children.

Cookies & Tracking

Our static website uses:

  • No cookies
  • No tracking scripts
  • No analytics (we respect Do Not Track)

Admin dashboard uses session cookies for authentication only (first-party, no tracking).

Changes to Privacy Policy

We’ll notify you of material changes:

  • Via Signal message to all active users
  • Updated “Last updated” date on this page
  • 30-day notice before changes take effect

International Users

EU Users (GDPR)

  • EU-based servers
  • Data protection officer available
  • Right to lodge complaint with supervisory authority

California Users (CCPA)

  • Right to know what data is collected
  • Right to delete data
  • Right to opt-out of data sales (we don’t sell data)

Canadian Users (PIPEDA)

  • Transparent data practices
  • Consent-based data collection
  • Right to access and correct data

Data Breach Notification

In the unlikely event of a data breach:

  • We’ll notify affected users within 72 hours
  • Provide details of what data was affected
  • Explain remediation steps taken
  • Offer credit monitoring if applicable

Contact Us

Privacy Questions

Email: privacy@yourdomain.com

Data Requests

Send “export my data” via Signal for instant export

General Inquiries

Email: support@yourdomain.com Signal: +46737609889

Data Protection Officer

Email: dpo@yourdomain.com

We will only disclose user data if:

  • Required by valid legal process (court order, subpoena)
  • Necessary to prevent harm or fraud
  • With your explicit consent

We will notify you unless legally prohibited.

Transparency Report

We believe in transparency. View our annual transparency report at /transparency (coming soon).

Last year:

  • Legal requests received: 0
  • Data disclosures: 0
  • User data sold: 0 (and never will)
Back to Home View Features See Pricing