Privacy Policy
Helmlab is built to help freelancers run client work with more clarity, not to harvest data. We only collect what we need to operate the product, secure your account, and deliver the features you explicitly use.
When you sign in with Google OAuth, we only access and store the information required to create and maintain your account: your name and email address. We do not request access to your Google Drive, Gmail, Calendar, or other Google data.
If you sign up with email and password, we store your name, email address, and the authentication data required to keep your account secure. Passwords are never stored in plain text.
When you use AI-powered features such as project parsing or analytics generation, the text you submit is processed by Google Gemini so Helmlab can produce structured outputs and product insights for your workspace.
We do not use your private project descriptions, client notes, or uploads to train public or global AI models. AI processing is used to fulfill your request inside the product experience.
Helmlab stores the client, project, task, budget, and portal data you create so the application can render your workspace, power dashboards, and keep client portals current.
This data is stored on our dedicated application database and is used only to operate Helmlab, support your account, investigate failures, and enforce plan limits or abuse controls when necessary.
Helmlab uses secure authentication cookies, including a refresh token cookie, to keep you signed in across page loads and browser sessions. These cookies are used for authentication and security only.
We do not use advertising cookies, third-party tracking pixels, or cross-site behavioral profiling. The cookies in Helmlab exist to maintain login state, CSRF protection, and session integrity.
We collect limited operational events and client-side error reports to diagnose failures, protect the platform, measure feature health, and improve reliability. These logs may include request metadata such as route, browser user agent, and internal request identifiers.
We keep this telemetry internal. It is not sold, syndicated, or shared for advertising purposes.
For privacy questions, data requests, or account concerns, contact us at hello@helmlab.app. We will respond as quickly as a small product team can, and we aim to keep our answers direct and human.