You lead the vision. HeroCrew handles the day-to-day tasks.
You lead the vision. HeroCrew handles the day-to-day tasks.
You lead the vision. HeroCrew handles the day-to-day tasks.
You lead the vision. HeroCrew handles the day-to-day tasks.
Menu
HomeTask forceDocsPricing
(E-mail address)
info@herocrew.com
LOGINFAQ

Privacy policy

Last updated: May 6, 2025

Welcome to HeroCrew.ai (the "Platform"), a service operated by HeroCrew Ltd. ("HeroCrew," "we," "us" or "our"). We respect your privacy and are committed to protecting the Personal  Data* you share with us. This Privacy Policy explains how we collect,  use, disclose, and safeguard your information when you visit our  websites, use the Platform, or otherwise interact with us.

* "Personal Data" means any information that identifies or can reasonably be linked to an individual, as defined under the EU General Data Protection Regulation  ("GDPR") and other applicable privacy laws.

1. Scope

This Policy applies to:

  • Website visitors at herocrew.ai and its sub‑domains;
  • Registered customers and workspace members who use our AI‑powered team‑collaboration tools;
  • Prospective customers, partners and job applicants who contact us by any channel.
  • It does not cover third‑party websites or services that we do not control.

2. Information we collect

2.1. Information we collect automatically

Category
Examples
Purpose
Legal basis†
Typical retention
Account data
Name, business e‑mail, password, profile photo, role, workspace name
Account creation & administration
Contract
Until account deletion + 2 years
Payment data
Billing contact, cardholder name, last 4 digits of card, billing address
Invoicing & fraud prevention
Contract / Legal obligation
10 years (tax law)
Content data
Documents, messages, prompts, files uploaded to the Platform
Deliver core services
Consent / Contract
User‑controlled; deleted within 90 days of workspace deletion
Support & feedback
Tickets, chats, surveys, NPS responses
Customer support & service improvement
Legitimate interest
2 years after last interaction
† See § 4 for details on legal bases.

2.2. Information we collect automatically

When you use the Platform we automatically gather:
  • Log data — IP address, browser type, referring/exit pages, date/time stamps, error logs;
  • Usage analytics — feature interactions, clicks, scrolls, commands run, response times;
  • Device data — OS version, device identifiers, screen resolution;
  • Cookie and similar IDs (see § 7).

2.3 Information from third parties

  • Single Sign‑On (SSO) & OAuth integrations (e.g., Google, Microsoft, GitHub) send us your authenticated e‑mail and profile basics.
  • Payment processors (Stripe, PayPal) send us transaction confirmations—never full card numbers.
  • Marketing partners & social networks may share lead information where you have consented.

3. How we use your information

We use Personal Data to:

  1. Provide and maintain the Platform and related services;
  2. Process transactions, subscriptions and fulfil contractual obligations;
  3. Monitor, analyse and improve performance, security and user experience;
  4. Communicate with you about product updates, security alerts and administrative messages;
  5. Send marketing or promotional content with your consent (opt‑out anytime);
  6. Detect, prevent and respond to fraud, abuse or security incidents;
  7. Comply with legal obligations, enforce our Terms, or defend legal claims;
  8. Create de‑identified or aggregated statistics, which are no longer Personal Data.

4. Legal bases for processing (GDPR)

We rely on one or more of the following bases:

  • Contract – when processing is necessary to deliver the services you request;
  • Consent – for optional features such as marketing e‑mails or connecting third‑party apps;
  • Legitimate interests – e.g., product analytics, protecting the Platform, improving usability;
  • Legal obligation – retaining invoices for tax compliance, responding to lawful requests.
You may withdraw consent at any time (see § 9).

5. Sharing & disclosure

HeroCrew does not sell Personal Data. We disclose it only:

  • To service providers who perform hosting, infrastructure, analytics, communications,  customer‑support, or payment processing on our behalf under strict  confidentiality agreements;
  • To affiliated companies within our corporate group for internal business purposes;
  • In business transfers (e.g., merger, acquisition) where data is part of transferred assets—users will be notified;
  • To competent authorities when we believe disclosure is required by law or to protect rights, property or safety;
  • With your direction or explicit consent (e.g., publishing your testimonial).

6. International data transfers

We are headquartered in Vilnius, Lithuania, and use cloud providers located in the European Economic Area (EEA) and the United States. When we transfer Personal Data outside the EEA/UK we rely on:

  • European Commission adequacy decisions;
  • Standard Contractual Clauses (SCCs) with additional safeguards as needed; or
  • Your explicit consent.

7. Cookies & similar technologies

We use first‑ and third‑party cookies, local storage and pixels to:

  • keep you logged in;
  • measure site traffic and feature adoption (Mixpanel, Microsoft Clarity, Google Analytics);
  • personalise content and marketing (Meta Pixel, LinkedIn Insight, TikTok Pixel).
You can manage or disable cookies in your browser settings. Some features may not work without required cookies.

8. Data security

We implement ISO 27001‑aligned  administrative, technical and physical safeguards including encryption  in transit and at rest, role‑based access controls, least‑privilege  policies, regular penetration testing, and incident‑response procedures. No system is 100 % secure; please use caution when sharing information  online.

9. Your rights

Depending on your location, you may have the right to:

  • Access the Personal Data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase ("right to be forgotten") or restrict processing under certain conditions;
  • Object to processing based on legitimate interests or direct marketing;
  • Port data to another service provider;
  • Lodge a complaint with your supervisory authority;
  • Opt out of "sale" or "sharing" (California & other US state laws);
  • Appeal denials of privacy requests.
To exercise any right, email privacy@herocrew.ai. We will respond within one month (GDPR) or as required by local law.

10. Additional disclosures for California (CCPA / CPRA)

We disclose the categories of Personal Data listed in § 2 for the business purposes described in § 3. We do not sell Personal Data for monetary consideration. California residents may designate an authorized agent, limit the use of sensitive personal  information, or request information about financial incentives. See § 9 for how to submit requests.

11. Data retention

We retain Personal Data only as long as necessary for the purposes  described in this Policy, unless a longer period is required by law.  Aggregated, anonymised data may be retained indefinitely.

12. Children's privacy

The Platform is not directed to children under 16 and we do not knowingly collect their Personal Data. If you believe we have done so inadvertently, please contact privacy@herocrew.ai and we will delete the data promptly.

13. Links to third‑party sites

We may update this Policy from time to time. Material changes will be announced via email or in‑app notice. The "Last updated" date at the  top indicates the current version.

15. Contact us

HeroCrew Ltd.
E‑mail: privacy@herocrew.ai
We aim to respond to all enquiries within 5 business days.

Thinking of working together?

info@herocrew.ai

Services

Ops & strategy stackCreating intelligenceGrowth layer

Explore

Who we areYour powerhouse teamOur manifestLive onTestimonialsCase studiesFAQ

Company

AboutTask forceDocsPricingContact

Social media

LinkedInFacebookInstagramTelegramDiscord
Terms and conditionsPrivacy policy
© 2025 HeroCrew
Privacy policyTerms and conditionsMade by Kikk Agency