Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last Updated: December 22, 2025

Introduction

Hey Andrew ("we," "us," or "our") operates the heyandrew.io website and conversational AI platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Information You Provide

1.2 Automatically Collected Information

1.3 Voice and Audio Data

2. How We Use Your Information

3. Third-Party Services

We Use the Following Third-Party Services:

🤖 OpenAI

Provides GPT-4o-mini (chat), Whisper (speech-to-text), and TTS (text-to-speech) APIs.

Privacy Policy: https://openai.com/policies/privacy-policy

☁️ Google Firebase

Authentication, cloud storage (Firestore), and serverless functions (Cloud Functions).

Privacy Policy: https://firebase.google.com/support/privacy

💳 Stripe

Secure payment processing for token purchases.

Privacy Policy: https://stripe.com/privacy

🌐 Web Speech API

Browser-based speech recognition and synthesis (free mode). Processed by your browser vendor (Chrome/Google, Safari/Apple, etc.).

Note: We do not control these third-party services and are not responsible for their privacy practices. Please review their privacy policies.

4. Data Storage and Security

4.1 Where Your Data is Stored

4.2 Security Measures

Note: No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

6. Your Rights

You have the following rights regarding your personal data:

To exercise these rights, delete your account from the Settings menu or contact us at heyaiandrew@gmail.com.

7. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately.

8. International Users

Your data may be transferred to and processed in the United States or other countries where our service providers operate. By using the Service, you consent to this transfer. We comply with applicable data protection laws, including GDPR for EU users.

9. Do Not Track Signals

We do not currently respond to "Do Not Track" browser signals. You can control cookies through your browser settings.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending an email. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, please contact us: