Privacy Policy
Last updated: December 2025
1. Introduction
At Helio, we take your privacy seriously. This privacy policy describes how we collect, use and protect personal data when you use our services. Privacy by design is not a slogan for us ā it's a core value that comes back in every decision.
2. What data we collect
Account data: Email address and name when you create an account.
Conversations: The content of your conversations with heliobuddy and Discover sessions. These are end-to-end encrypted.
Workbooks: Generated workbooks and your completed answers.
Technical data: Anonymous usage statistics via privacy-friendly analytics (Plausible).
3. How we use your data
- To provide and improve our services
- To generate personalised workbooks
- To manage and secure your account
- To comply with legal obligations
4. Data security
All your conversations and personal data are stored encrypted with AES-256 encryption. We exclusively use servers within the European Union, specifically in the Netherlands.
- End-to-end encryption of conversations
- Data storage in Dutch data centres
- Regular security audits
- NEN 7510 compliant
5. Sharing with third parties
We never sell your data to third parties. Data is only shared with your explicit consent, for example when you choose to share a report with your GP.
6. Your rights
Under GDPR you have the following rights:
- Access: You can request what data we have about you
- Correction: You can have incorrect data corrected
- Deletion: You can have your data deleted
- Export: You can download your data in a standard format
- Objection: You can object to certain processing
7. Retention periods
Conversations are retained for 2 years by default, unless you opt for automatic deletion after 30 days. You can manually delete your data at any time via your account settings.
8. Contact
For questions about this privacy policy or to exercise your rights, contact us at privacy@heliobuddy.com.