What we collect. What we do with it. What we never do.

Hexaxia AI builds AI products under a published governance framework. The same posture applies to how we handle data from the public site: collect what we need to operate, keep it as short as the work allows, and never trade it.

As the site is currently configured, we do not run advertising, we do not sell or rent your data, and we do not load social media tracking pixels or third-party scripts that profile you across sites. Where this policy makes a commitment, it describes current configuration. If a future change adds a new data flow (such as a new analytics provider or a new sub-processor), this policy will be updated and the change summarized at the top of the page.

Service providers acting on our instructions under data processing agreements (such as our hosting platform or email delivery provider) are not third parties for the purposes of this policy. They handle data on our behalf, bound by their own contracts, and may not use it for their own purposes.

Contact form and email data are used to respond to your inquiry and follow up where appropriate. If you become a client, the data flows into our standard client systems under the same posture (no third-party sale, narrow retention, deletion on request).

Server logs are used for security investigation, debugging, and understanding aggregate traffic patterns. They are not used to profile individual visitors.

We use a small number of trusted service providers for hosting, email delivery, and analytics. Each one is bound by its own terms and contracts. We do not give them rights to use your data for their own purposes.

This site uses cookies only in functional categories that the site or its hosting platform needs to operate. The categories currently in use:

• Preference: remembers your theme choice (light or dark) across visits
• Session: keeps you logged in to interactive surfaces during a visit
• Security: tokens that protect against form abuse and cross-site request forgery
• Infrastructure: standard cookies set by our hosting platform for routing, caching, and security

We do not set advertising cookies and we do not set third-party tracking cookies. If we add analytics in the future, we will choose a provider that is consent-based and non-tracking by default, and this policy will be updated to describe the specific provider and the category of cookies it sets.

Hexaxia AI operates from Indianapolis, Indiana, United States. The site is hosted on US infrastructure. Data submitted from outside the United States, including from the European Economic Area, the United Kingdom, and other jurisdictions, will be transferred to and processed in the United States.

By using the site or submitting data through it from outside the United States, you understand that your data will be transferred to the US and that US data protection law differs from the law of your home jurisdiction. Where required, our sub-processors maintain standard contractual clauses or equivalent transfer mechanisms for personal data originating in the EEA or UK.

You can ask us what data we hold about you. You can ask us to correct it. You can ask us to delete it. Send a request to the address below. We will respond within 30 days. We may need to verify your identity before acting on a request, and we may retain limited records where legal or contractual obligations require it.

Legal bases for processing (GDPR Art. 6)

For visitors in the EEA and UK, we process personal data on the following lawful bases: (a) your consent, where you have provided it (such as opting into a future newsletter); (b) our legitimate interests in operating, securing, and improving the site, where those interests are not overridden by your rights; and (c) performance of a contract, where the processing is necessary to respond to your inquiry or to deliver an engagement you have entered into with us.

CCPA / CPRA disclosures

For California residents: we do not sell personal information, and we do not share personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act as amended by CPRA. California residents have the right to request access to, correction of, and deletion of their personal information, and the right not to be discriminated against for exercising these rights. We will not deny services, charge different prices, or provide a different level of quality because you exercised a privacy right.

Data controller

The data controller for personal information collected through this site is Hexaxia AI, LLC, an Indiana limited liability company. Contact information is below.

This policy is versioned. Material changes will be summarized at the top of the page so you can see what shifted without reading the whole document. The Last Updated date at the top of this page reflects the most recent change.