HCE Secure IT Services Private Limited

JaiAI Privacy Policy

Effective: 17 July 2026 · Version 1.0

1. Scope and controller

This policy explains how HCE Secure IT Services Private Limited (“HCE Secure”, “we”, “us”) handles information when you use the JaiAI desktop application, jai-ai.com, SecureChatGPTHost services and authorised Jai AI Command Centres. HCE Secure IT Services Private Limited, with its registered office in Indore, Madhya Pradesh, India, is the controller for personal data described here unless an enterprise contract states otherwise.

2. Information processed

Guest operation

You may use supported guest features without creating an account. The service still processes technical routing, security and diagnostic information needed to establish and protect a session.

Optional account information

If you create an account, we process the details you choose to provide, such as your name, email address, telephone number and account identifier, to register, authenticate and support your account.

User content

Prompts, messages, selected documents, images, audio and other files are processed only as needed to provide the feature you request. Generated responses and artifacts may be stored on your device or configured Host until you delete them or your organisation applies its retention policy.

Technical and security information

We may process app and operating-system versions, device capability results, session and route identifiers, Internet Protocol address, security negotiation events, artifact integrity records, feature interactions, crash information, performance data and diagnostic logs. Device capability checks are used to determine whether optional local models are suitable for the machine.

Support communications

We process the contact details and information you provide when you request technical or customer support.

JaiAI V10.5.9 does not require payment-card or bank-account data and does not include the planned HCEwallet service. Any future payment service will receive a separate notice before activation.

3. How processing routes work

4. Purposes and legal grounds

We process information to provide requested functions; establish signed sessions; authenticate optional accounts; route model and Internet requests; generate and transfer artifacts; protect users and infrastructure; diagnose faults; provide support; meet contractual commitments; and comply with law. Depending on location and context, the legal ground is performance of a contract, steps requested before a contract, legitimate interests in operating and securing the service, compliance with legal obligations, or consent where required.

5. Service providers and disclosures

We disclose information only as needed to operate a selected feature, meet legal duties or protect the service. Relevant recipients may include infrastructure and distribution providers, authorised HCE Secure Command Centres, and an external AI or search provider deliberately selected through JaiAI. Supported providers can include OpenAI, Google Gemini and Brave Search. Their processing is governed by applicable contracts and their own privacy terms.

We may also disclose information to professional advisers, regulators, courts or law-enforcement authorities when lawfully required, or during a corporate transaction subject to appropriate safeguards. We do not sell personal information, use it for cross-company behavioural tracking or provide third-party advertising in JaiAI.

6. Retention

Local conversations and artifacts remain under the user’s or organisation’s control until deleted or governed by the configured retention policy. We retain account, support, security and audit records only for as long as reasonably necessary for the stated purpose, contractual requirements, dispute resolution and applicable law. Enterprise deployments may apply a documented organisation-specific schedule.

7. Security

JaiAI uses signed SWIM-MEP/TMH transport, access controls, encryption in transit, governed routing and artifact-integrity verification. External-provider credentials are held in authorised Command Centres rather than distributed with the desktop application. No system can guarantee absolute security; users should protect their device, account and recovery credentials and promptly install authorised updates.

8. International transfers

Depending on the selected route and deployment, information may be processed in India or in another country where HCE Secure or an authorised service provider operates. Where required, we use contractual and organisational safeguards for cross-border transfers.

9. Your choices and rights

You can use supported guest functions, choose local rather than Command Centre routes, decline optional model downloads, control file selection and delete local content. Subject to applicable law, you may request access, correction, deletion, restriction, portability, withdrawal of consent or objection to processing. You may also complain to the data-protection authority responsible for your location.

Send privacy requests to support@hcesecure.com. We may need to verify identity before completing a request.

10. Children

JaiAI is not directed to children. A minor should use it only with the involvement of a parent, guardian, school or responsible organisation and in accordance with the minimum consent age in the relevant jurisdiction. We do not knowingly create an independent account for a child where parental or institutional authorisation is legally required.

11. Changes and contact

We may update this policy as the service and law evolve. Material changes will be identified by a revised effective date and, where required, an in-app or account notice.

HCE Secure IT Services Private Limited
Registered Office: Indore, Madhya Pradesh, India
Email: support@hcesecure.com