HeliumHelium AI

Privacy & GDPR

Neural Arc Inc is SOC 2 Type 2 and GDPR compliant. All data is encrypted at rest (AES-256) and in transit (TLS).

Data export (DSAR)

Request a full export at any time: Settings → Privacy → Export My Data. You'll receive an email with a download link within 24 hours. Includes session logs, memory files, skills, token usage history, and audit logs.

Right to deletion

Settings → Privacy → Delete My Account triggers a full cascade: subscription cancelled, VM deleted, all encryption keys revoked, all database rows deleted, all S3 objects deleted, OAuth tokens revoked at each provider. A 30-day verification scan checks for any orphaned data.

Data residency

Default region: us-east-1 (US East). EU residency available on request — your VM and all data will be pinned to eu-central-1 (Frankfurt) and will never leave the EU.

We never log PII in plaintext, never share your data with third parties beyond what's required to operate the service (AWS, Stripe, Composio), and never use your data to train AI models.