HUGIN
Demo
HomeHow it worksUse casesPricingSecurityCompare
Legal

Privacy Policy

Official Hugin legal terms from Fixeon AI Labs.

Effective date: May 26, 2026

Company/operator: Fixeon AI Labs (“Hugin,” “we,” “us,” or “our”)

Contact: fixeonai@gmail.com

Address: No.2 Haile Selassie Street, Asokoro, Abuja, Nigeria

1. What Hugin Does

Hugin is a context layer for AI tools, agents, copilots, and workflows. Hugin helps teams connect approved business data sources, process and organize that data into reusable context, apply permissions and redaction rules, and provide relevant context to authorized AI tools through product interfaces and MCP/API-style integrations. This Privacy Policy is intended to cover Hugin as it exists today and future Hugin features, connectors, AI capabilities, APIs, billing options, providers, and related services unless we publish a separate privacy notice.

2. Information We Collect

We collect and process information needed to provide, secure, bill for, support, and improve Hugin.

Account and workspace information

This may include names, email addresses, user identifiers, workspace names, workspace memberships, roles, access settings, support level, and related account metadata.

Connected source information

When a customer connects a source, Hugin may process data from approved sources such as Slack, GitHub, Linear, Zendesk, and custom push sources, depending on the connectors enabled for the workspace. The exact data depends on the customer’s configuration and permissions. It may include messages, issues, tickets, documents, records, metadata, permission snapshots, source scope rules, and related content.

Custom source data

If a customer uses Hugin custom source ingestion, Hugin may process records sent by the customer, including external IDs, object types, text content, structured payloads, timestamps, metadata, content hashes, permission information, and tombstone/deletion signals.

Context, processing, and retrieval data

Hugin creates and stores processing artifacts needed to operate the service. This may include raw source object records, normalized Hugin objects, object versions, context blocks, embeddings, entity mentions, relationships, context requests, context packets, selected block IDs, redaction summaries, lineage, trace IDs, and operational metadata.

Billing and subscription information

Hugin uses Polar for billing-related workflows. We may process billing account IDs, checkout session information, subscription status, plan details, add-ons, prepaid context ops packs, usage ledger records, cancellation requests, refund metadata, provider identifiers, and payment-related metadata. Full payment card details are handled by the billing provider and are not intended to be stored directly by Hugin.

Logs, analytics, diagnostics, and security data

We may collect request IDs, trace IDs, safe metadata, rate-limit events, audit events, webhook events, error information, workflow status, provider event IDs, IP-related security metadata, and analytics events. Hugin is designed to store safe operational metadata where possible rather than unnecessary sensitive payloads.

3. How We Use Information

We use information to:

  • provide, operate, maintain, and secure Hugin;
  • connect and synchronize approved customer sources;
  • process, normalize, index, retrieve, and serve context to authorized AI tools;
  • enforce workspace membership, roles, source access rules, object-type limits, and consumer permissions;
  • create traces, evidence bundles, lineage, and audit records;
  • manage subscriptions, entitlements, usage, checkout, cancellations, credits, refunds, and support level;
  • detect, prevent, and respond to misuse, unauthorized access, abuse, rate-limit violations, and service failures;
  • debug, monitor, improve, and develop Hugin;
  • communicate about service, security, billing, legal, and support matters;
  • comply with legal obligations and enforce our agreements.

4. AI and Model Provider Processing

Hugin may send selected customer context to AI model providers only as needed to process, summarize, embed, classify, retrieve, or construct context for authorized use cases. The current codebase includes an OpenRouter adapter that enforces an approved no-retention model allowlist and sets provider preferences to deny data collection where supported.

AI systems can produce inaccurate, incomplete, or unexpected outputs. Customers are responsible for reviewing AI outputs before relying on them, especially for legal, financial, medical, employment, security, or other high-impact decisions.

5. Third-Party Services

Hugin may use third-party service providers to operate the service, including:

  • Supabase for database, authentication, storage, RLS, and related backend services;
  • Composio for source connection workflows and connector access;
  • OpenRouter for approved AI model routing and embeddings;
  • Trigger.dev for workflow execution;
  • Upstash Redis for caching, locks, idempotency, and rate limiting;
  • Polar for checkout, subscriptions, usage billing, cancellations, and refunds;
  • Resend for email and notification delivery;
  • PostHog for analytics and product telemetry.

These providers process information on our behalf or as otherwise described in their own terms and policies. We may add, replace, or remove providers as Hugin evolves, and this Policy applies to those future providers where they support the same or related Hugin services. Customers are also responsible for any third-party services they choose to connect to Hugin.

6. Legal Bases and Business Purposes

Where applicable law requires a legal basis, we process personal information based on one or more of the following: performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of rights, safety, and security.

7. Data Sharing

We may share information with:

  • service providers that help us run Hugin;
  • customer-authorized AI tools, consumers, integrations, and connected sources;
  • administrators or members of the relevant workspace, according to workspace roles and settings;
  • professional advisors, auditors, insurers, and legal representatives;
  • authorities, regulators, courts, or law enforcement when required by law or necessary to protect rights, safety, and security;
  • a successor or buyer in connection with a merger, acquisition, financing, restructuring, or sale of assets.

We do not sell customer content in the ordinary sense of that term. If applicable law defines analytics or advertising cookies as a “sale” or “sharing,” we will provide legally required choices where applicable.

8. Security

Hugin is designed with workspace isolation, role checks, RLS-backed storage/database access controls, service-role server boundaries, credential hashing, webhook signature verification, idempotency, rate limiting, private storage buckets, trace/audit logging, and provider safety boundaries. However, no system is perfectly secure. Customers are responsible for managing their users, credentials, connected sources, source scopes, and consumer tokens securely.

9. Data Retention

We retain information for as long as needed to provide Hugin, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support business operations. Workspace governance settings may define retention periods for traces, audit records, raw objects, backups, and removal behavior. Actual retention may vary depending on customer configuration, legal requirements, and operational needs.

10. Deletion and Removal

Customers may request deletion or removal of certain information, subject to legal, security, billing, backup, audit, abuse-prevention, and operational limits. Hugin includes removal-job concepts and source/object removal workflows. Some information may remain in logs, audit trails, backups, billing records, or provider systems for a limited period or where legally required.

11. International Transfers

Hugin and its providers may process information in countries other than where users are located. Where required, we use appropriate safeguards for international transfers.

12. Children

Hugin is not intended for children under 18. Users must not use Hugin if they are not old enough to consent to online services under applicable law.

13. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of personal information. You may also have the right to withdraw consent or lodge a complaint with a regulator. To exercise rights, contact us at fixeonai@gmail.com. We may need to verify your request.

14. Customer Responsibilities

Customers are responsible for:

  • having proper rights and notices to connect sources and submit data to Hugin;
  • configuring source scopes, permissions, workspaces, consumers, and AI tool access appropriately;
  • deciding what information may be processed by Hugin and connected AI tools;
  • complying with employment, privacy, data protection, AI, communications, and industry-specific laws that apply to their use;
  • reviewing AI outputs and context packets before relying on them.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted with a new effective date. Material changes may be communicated through the service or by email where appropriate.

16. Contact

For privacy questions or requests, contact:

Fixeon AI Labs

No.2 Haile Selassie Street, Asokoro, Abuja, Nigeria

fixeonai@gmail.com