HCE Secure IT Services Private Limited
JaiAI Privacy Policy
Effective: 17 July 2026 · Version 1.0
1. Scope and controller
This policy explains how HCE Secure IT Services Private Limited (“HCE Secure”, “we”, “us”) handles information when you use the JaiAI desktop application, jai-ai.com, SecureChatGPTHost services and authorised Jai AI Command Centres. HCE Secure IT Services Private Limited, with its registered office in Indore, Madhya Pradesh, India, is the controller for personal data described here unless an enterprise contract states otherwise.
2. Information processed
Guest operation
You may use supported guest features without creating an account. The service still processes technical routing, security and diagnostic information needed to establish and protect a session.
Optional account information
If you create an account, we process the details you choose to provide, such as your name, email address, telephone number and account identifier, to register, authenticate and support your account.
User content
Prompts, messages, selected documents, images, audio and other files are processed only as needed to provide the feature you request. Generated responses and artifacts may be stored on your device or configured Host until you delete them or your organisation applies its retention policy.
Technical and security information
We may process app and operating-system versions, device capability results, session and route identifiers, Internet Protocol address, security negotiation events, artifact integrity records, feature interactions, crash information, performance data and diagnostic logs. Device capability checks are used to determine whether optional local models are suitable for the machine.
Support communications
We process the contact details and information you provide when you request technical or customer support.
JaiAI V10.5.9 does not require payment-card or bank-account data and does not include the planned HCEwallet service. Any future payment service will receive a separate notice before activation.
3. How processing routes work
- Local routes: compatible Jai AI models operate on the configured local SecureChatGPTHost. Their prompts are not sent to an external model provider.
- Command Centre routes: when you select a supported external model, Internet query or centrally hosted function, the content needed to fulfil the request is encrypted in transit to an authorised HCE Secure Command Centre and may then be sent to the selected provider.
- User-selected files: files are accessed only after a user action. Governed transfers use integrity controls, and returned artifacts are verified by SHA-256 where the feature supports it.
4. Purposes and legal grounds
We process information to provide requested functions; establish signed sessions; authenticate optional accounts; route model and Internet requests; generate and transfer artifacts; protect users and infrastructure; diagnose faults; provide support; meet contractual commitments; and comply with law. Depending on location and context, the legal ground is performance of a contract, steps requested before a contract, legitimate interests in operating and securing the service, compliance with legal obligations, or consent where required.
5. Service providers and disclosures
We disclose information only as needed to operate a selected feature, meet legal duties or protect the service. Relevant recipients may include infrastructure and distribution providers, authorised HCE Secure Command Centres, and an external AI or search provider deliberately selected through JaiAI. Supported providers can include OpenAI, Google Gemini and Brave Search. Their processing is governed by applicable contracts and their own privacy terms.
We may also disclose information to professional advisers, regulators, courts or law-enforcement authorities when lawfully required, or during a corporate transaction subject to appropriate safeguards. We do not sell personal information, use it for cross-company behavioural tracking or provide third-party advertising in JaiAI.
6. Retention
Local conversations and artifacts remain under the user’s or organisation’s control until deleted or governed by the configured retention policy. We retain account, support, security and audit records only for as long as reasonably necessary for the stated purpose, contractual requirements, dispute resolution and applicable law. Enterprise deployments may apply a documented organisation-specific schedule.
7. Security
JaiAI uses signed SWIM-MEP/TMH transport, access controls, encryption in transit, governed routing and artifact-integrity verification. External-provider credentials are held in authorised Command Centres rather than distributed with the desktop application. No system can guarantee absolute security; users should protect their device, account and recovery credentials and promptly install authorised updates.
8. International transfers
Depending on the selected route and deployment, information may be processed in India or in another country where HCE Secure or an authorised service provider operates. Where required, we use contractual and organisational safeguards for cross-border transfers.
9. Your choices and rights
You can use supported guest functions, choose local rather than Command Centre routes, decline optional model downloads, control file selection and delete local content. Subject to applicable law, you may request access, correction, deletion, restriction, portability, withdrawal of consent or objection to processing. You may also complain to the data-protection authority responsible for your location.
Send privacy requests to support@hcesecure.com. We may need to verify identity before completing a request.
10. Children
JaiAI is not directed to children. A minor should use it only with the involvement of a parent, guardian, school or responsible organisation and in accordance with the minimum consent age in the relevant jurisdiction. We do not knowingly create an independent account for a child where parental or institutional authorisation is legally required.
11. Changes and contact
We may update this policy as the service and law evolve. Material changes will be identified by a revised effective date and, where required, an in-app or account notice.
HCE Secure IT Services Private LimitedRegistered Office: Indore, Madhya Pradesh, India
Email: support@hcesecure.com