Privacy Policy

helve is an ad-creative pipeline that turns a brand profile into scored ad briefs and creative, and (on Pro) connects to Meta Ads to publish paused campaigns and sync performance. This policy explains what we collect, why, and how we protect it. For privacy questions email privacy@helve.app; for anything else, support@helve.app.

• Account data: Your email address and a securely hashed password.
• Workspace content: Brands, products, personas, briefs, runs, and generated assets you create in the product.
• API keys you connect: Keys for the AI and ad providers you choose to use (e.g. Anthropic, OpenAI, Google, Apify, Higgsfield, ElevenLabs). These are encrypted at rest and never shown again in full after you save them.
• Meta (Facebook) data: If you connect Meta Ads, we receive an access token and your ad account information through Meta's authorization flow, and we read ad performance metrics (such as spend, impressions, and ROAS) to power your dashboards. We only access the ad accounts you authorize.
• Technical data: Standard server logs (such as IP address and request metadata) used for security, rate limiting, and debugging.

• Run the pipeline and generate briefs and creative for your brands.
• Publish paused campaigns to Meta Ads and sync their performance, when you connect Meta.
• Authenticate you, secure your account, and prevent abuse.
• Operate, maintain, and improve the service.

We do not sell your data, and we do not use your content or connected ad data to train our own models.

Data obtained through Meta's APIs is used solely to provide the features you enabled: publishing campaigns and showing your performance dashboards. We store the access token encrypted, use it only for your account, and do not share Meta data with third parties. You can disconnect Meta at any time in Settings, which deletes the stored token; we also remove it if your plan no longer includes the Meta connection. You may revoke helve's access directly from your Facebook account settings.

The pipeline runs on the API providers you connect with your own keys. When you run a pipeline, the relevant content is sent to those providers to fulfill your request, subject to each provider's own terms and privacy policy. We add no markup and act on your instruction.

Data is stored in a managed database. Connected API keys and tokens are encrypted at rest and decrypted only when needed to run your pipeline or calls you initiate. Access is restricted, traffic is served over HTTPS, and we apply standard security controls including session protection and rate limiting.

We keep your data while your account is active. You can delete brands, connections, and other content from within the product. To delete your account and associated data entirely, email privacy@helve.app and we will remove it, except where we are required to retain certain records by law.

Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. Contact privacy@helve.app to exercise these rights.

We may update this policy as the product evolves. Material changes will be reflected by the "last updated" date above and, where appropriate, communicated to you.