Privacy Policy

For Homepreneur Solutions Private Limited

At Homepreneur Solutions Private Limited (hereafter referred to as 'Heyhomie,' for the purposes of this document in heyhomie.me website), accessible from heyhomie.me, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by Heyhomie and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Heyhomie. This policy is not applicable to any information collected offline or via channels other than this website.

1. Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Information we collect

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.

How we use your information

We use the information we collect in various ways, including to:

Provide, operate, and maintain our website
Improve, personalize, and expand our website
Understand and analyze how you use our website
Develop new products, services, features, and functionality
Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
Send you emails
Find and prevent fraud

2. Log Files

Heyhomie follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

3. Cookies and Web Beacons

Like any other website, Heyhomie uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.

4. Advertising Partners Privacy Policies

You may consult this list to find the Privacy Policy for each of the advertising partners of Heyhomie.

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Heyhomie, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Note that Heyhomie has no access to or control over these cookies that are used by third-party advertisers.

5. Third Party Privacy Policies

Heyhomie's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.

6. CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

Request that a business delete any personal data about the consumer that a business has collected.

Request that a business that sells a consumer's personal data, not sell the consumer's personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

7. GDPR Data Protection Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access - You have the right to request copies of your personal data. We may charge you a small fee for this service.

The right to rectification - You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete.

The right to erasure - You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing - You have the right to object to our processing of your personal data, under certain conditions.

The right to data portability - You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

8. Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

Heyhomie does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

10. Google API Services Compliance

Overview

Heyhomie is a WhatsApp-based booking chatbot that helps sellers (our customers) share availability calendars via Google Sheets and schedule appointments. We use Google Sign-In for authentication and only access Google data that you explicitly authorize. This section explains what information we collect, how we use it, and how we protect it, in accordance with Google's API Services User Data Policy. We clearly disclose all uses of Google user data, and we limit our access strictly to the data needed for the booking service.

Information We Collect and How We Use It

Google Account Information: When you sign in with Google, we receive basic profile information (such as your Google account ID, name, and email) needed to create and manage your heyhomie account. We use this data solely to authenticate you and personalize your experience. We do not access or store any additional Google account data beyond these basic profile fields.
Google Sheets Data (Availability Calendar): You can connect a Google Sheets file that contains your availability calendar. We use the Google Drive API "drive.file" scope to access these files. This non-sensitive scope only allows heyhomie to see and edit the specific Google Sheets file(s) you choose. With your permission, we will read your availability from the selected file and write appointment bookings into it. We use this data only to display your availability to interested buyers and to record new bookings; we do not use it for any other purpose. For example, we will add a booked time slot to your sheet so you can keep track of appointments. We never collect or transfer data from your Sheets to any unrelated services.
Customer/Lead Data: You (the seller) may provide personal contact details of your customers or leads into the heyhomie chatbot. That information (names, phone numbers, etc.) is visible only to you within the app. heyhomie as a platform does not store, share, or process your customers' personal data beyond temporarily holding it to facilitate the conversation. Only you have access to that data. heyhomie does not see, sell, or analyze your customers' PII in any way.

Data Sharing and Disclosure

We do not sell, rent, or share any Google user data or customer data with third parties. The only entities with access to your Google Sheets data are you and your Google account. We do not send your Google data to any external services, advertisers, or AI platforms. Any data written to your Google Sheets (such as a booked appointment) remains under your control. We will only share information if required by law or in response to a valid legal request.

Limited Use Commitment: In line with Google's policies, we use all Google user data solely to provide and improve heyhomie's scheduling features. We do not use Google data for advertising, analytics beyond our service, or any purpose not described here. For example, we do not use your Sheets content to train any algorithms or to build user profiles for marketing. Our use of Google data is transparent and limited to the functionalities you see in our app.

Security Measures

We implement industry-standard security measures to protect all data, including Google user data:

Encryption in Transit: All communication with Google APIs and between heyhomie's servers is encrypted using TLS 1.2 or higher (HTTPS). This ensures that data cannot be intercepted during transmission.
Encryption at Rest: Sensitive information, including OAuth tokens and authentication credentials, is encrypted at rest using AES-256 encryption. This protects data stored on our servers from unauthorized access.
Access Control: Access to our systems and your data is strictly limited through role-based access control (RBAC). Only authorized heyhomie engineers with specific operational needs have access to the minimal production environment required to operate the service. All access is logged and audited regularly. We do not allow arbitrary or unauthorized access to user data.
Token Handling: If we store a Google OAuth refresh token (to maintain your session), it is encrypted using AES-256 and stored securely in an encrypted database. These tokens are used only to refresh your login session and access your selected Sheets when needed. Tokens are never shared with third parties or used for any purpose other than the intended Google API operations. You can revoke our access at any time through your Google account permissions or by disconnecting within the app; upon revocation, we immediately delete any stored tokens.
Network Security: Our infrastructure is protected by firewalls, intrusion detection systems, and regular security audits. We follow security best practices including regular security patches and updates.

Data Retention

Google Data: We do not retain your Google Sheets content on our servers. We only fetch or update your Sheets in real time as you use the booking service, then discard that data immediately after processing. We may store non-sensitive metadata (such as a file ID reference) only for the brief time needed to maintain your session and allow you to easily reconnect the same file. Once you disconnect your Google account or the session ends, we delete all associated tokens and references within 24 hours.
Customer/Lead Data: Any personal information about your customers that you enter into heyhomie is held only for the duration of the chat session or booking process and is never stored permanently. We retain only what is necessary for the immediate function (e.g., to confirm an appointment time), then discard it.

Overall, our data retention practices comply with Google's Limited Use requirements. If you have any questions about data retention, please contact us using the information provided in the Contact Us section below.

Use of AI and Automated Processing

We do not use any artificial intelligence (AI) or machine learning (ML) services on your Google user data. In particular:

We never send your Google Sheets data to any AI platform for analysis, model training, or any other purpose.
We never send your Google account information to any AI services.
All data processing is rule-based and only for delivering the booking and scheduling features. This means your data is used solely for the purposes you see (sharing availability and booking appointments) and not for any hidden AI-driven analysis.
If heyhomie uses AI services for other features (such as WhatsApp chatbot responses), those AI services operate completely separately from Google user data and never receive or process any information obtained from Google APIs.

Your Role as Data Controller

As a heyhomie user (seller), you act as the primary data controller of the personal data of your customers and leads. In other words, you decide what customer information is collected and input into the system, and you are responsible for any consents you obtain from them. heyhomie (the platform) acts only as a data processor in providing the scheduling service. We do not claim ownership or control over your customers' personal data. You retain full control: you can view, edit, or delete any customer/lead information through the app, and we do not have independent access to it.

Google OAuth and API Scopes

We strictly follow Google's guidance to use minimum necessary permissions. We authenticate users via Google Sign-In (OAuth) and request only the scopes needed for our features. Specifically, we use the drive.file scope, which is a limited Google Drive scope that lets us see and manage only the files the user explicitly selects. We do not request any broad or sensitive scopes like full Drive access or general Sheets scopes. This approach gives you greater control: you choose which specific sheet to share with us, and Google clearly shows that consent during the OAuth flow.

Our OAuth consent screen clearly identifies the heyhomie app name and logo, and it links to this privacy policy as required by Google's verification process. We ensure that the consent screen lists exactly the data we access and why, so that you can make an informed choice (for example, "View and manage the Google Drive files you have opened or created with this app").

11. Contact Us

If you have any questions or suggestions about our Privacy Policy, including questions about our use of Google APIs or your data, do not hesitate to contact us at privacy@heyhomie.me. You can also find our full privacy policy on our website and linked on the Google OAuth consent screen.