Privacy Policy

Last updated: April 7, 2026

1. Introduction & Acceptance

Helix Technologies Single Member P.C. ("Helix," "we," "us," or "our") is committed to protecting your privacy in accordance with applicable law. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at helixtechnologies.io, use our technology solutions, access any platforms owned and operated by Helix, or interact with any of our products, services, or applications (collectively, the "Services").

By accessing or using our Services, by creating an account on any Helix platform, or by engaging Helix for any project, you acknowledge that you have read, understood, and unconditionally agree to be bound by this Privacy Policy in its entirety. Your use of the Services constitutes your acceptance of all data collection, processing, and sharing practices described herein, including the use of cookies and tracking technologies. If you do not agree with any provision of this Privacy Policy, you must immediately cease all use of our Services.

We process personal data in accordance with the General Data Protection Regulation (GDPR - Regulation (EU) 2016/679), Greek Law 4624/2019, the California Consumer Privacy Act (CCPA), and other applicable data protection laws. Helix Technologies Single Member P.C. acts as the data controller for the personal data we collect through our Services and our own platforms.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you register for an account, express interest in obtaining information about our Services, participate in activities on our platform, or otherwise contact us. The personal information we collect may include:

• Account Information: Name, email address, phone number, company name, job title, and password when you create an account or request a demo.
• Billing Information: Payment card details, billing address, and transaction history. Payment information is processed securely through our PCI DSS-compliant third-party payment processors and is not stored on our servers.
• Profile Information: Professional background, role, department, and operational preferences you configure within the platform.
• Communications: Records of your correspondence with us, including support tickets, feedback, and any information you provide when contacting us via email, chat, or phone.
• User Content: Data, configurations, workflow definitions, and operational parameters you upload or input into the Helix platform in the course of using our Services.

2.2 Usage Data

We automatically collect certain information when you access, use, or navigate our Services. This usage data does not directly reveal your identity but may include:

• Device Information: Browser type and version, operating system, device type, screen resolution, and unique device identifiers.
• Log Data: IP address, access times, pages viewed, referring URL, the features or areas of our Services you interact with, and the time spent on those pages or features.
• Performance Data: Crash reports, system activity, error logs, and diagnostic information related to your use of the platform.
• Feature Usage: Information about which features you use, how frequently, and your interaction patterns to help us improve the platform experience.

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your browsing activity on our website and platforms. By accessing and continuing to use our Services, you consent to the use of cookies and tracking technologies as described in this section. These technologies serve the following purposes:

• Essential Cookies: Maintain your session, authenticate your identity, and ensure the security of your account. These cookies are strictly necessary for the operation of our Services and cannot be disabled.
• Analytics Cookies: Understand how visitors interact with our website and platforms, enabling us to measure and improve performance. We use Google Analytics (GA4) for this purpose, which may collect data including pages visited, session duration, device information, geographic location (country/city level), and user behavior patterns. Google Analytics data may be processed by Google in accordance with Google's privacy policy.
• Functional Cookies: Remember your preferences, settings, language selection, and customizations to provide a more personalized experience.
• Marketing Cookies: Deliver relevant advertisements and measure the effectiveness of our marketing campaigns. These cookies may be set by third-party advertising partners.

You may manage certain cookie preferences through your browser settings. However, disabling cookies may significantly impair or prevent the functionality of our Services, and Helix shall not be liable for any degradation in service resulting from your decision to disable cookies. Essential cookies cannot be disabled while using our Services.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, operate, maintain, and improve our technology solutions and related Services.
• Account Management: To create and manage your account, process transactions, and send you related information such as purchase confirmations and invoices.
• Communication: To respond to your inquiries, provide customer support, send technical notices, security alerts, and administrative messages.
• Product Improvement: To analyze usage patterns and trends to enhance the functionality, performance, and user experience of our platform.
• AI Model Training & Improvement: To improve the accuracy and effectiveness of our machine learning models, AI systems, and platform features. We may use anonymized and aggregated data for this purpose, including for training and improving AI models, developing new features, conducting research, and benchmarking performance. Helix reserves the right to use anonymized and aggregated data derived from the use of our Services for any lawful purpose, including improving AI models, without restriction.
• Marketing: To send promotional communications about our products, services, and events that may be of interest to you, subject to your marketing preferences.
• Security: To detect, prevent, and address fraud, unauthorized access, and other illegal activities, and to protect the rights and safety of Helix and our users.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

4. Data Sharing

We do not sell your personal information as defined under the CCPA. However, we may share your information with third parties as necessary for the operation of our Services, in the following circumstances:

• Service Providers & Operational Partners: We engage third-party companies and individuals to perform services on our behalf. These include, but are not limited to: cloud hosting and infrastructure providers (AWS, OVH, Hetzner, Google Cloud, DigitalOcean, Cloudflare), payment processors (Stripe, Viva Wallet), analytics services (Google Analytics / GA4), email delivery and communication services (Gmail, SMTP providers, transactional email services), domain registrars and DNS providers, SSL certificate authorities, mobile app distribution platforms (Apple App Store, Google Play), push notification services, SMS gateways, customer support tools, and any other service provider necessary for the operation, maintenance, or improvement of our Services. These service providers may process your data in accordance with their own privacy policies and terms.
• Business Transfers: If Helix is involved in a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will endeavor to notify you via a prominent notice on our website of any change in ownership or use of your personal information.
• Legal Requirements: We may disclose your information if required to do so by law, regulation, or in response to valid legal process, such as a subpoena, court order, or government request. We may also disclose information to regulatory authorities, tax authorities, or law enforcement as required by applicable law.
• Protection of Rights: We may disclose information where we believe, in our sole judgment, it is necessary to investigate, prevent, or take action regarding potential violations of our Terms of Service, suspected fraud, situations involving potential threats to the safety of any person, protection of our rights and property, or as evidence in litigation.
• With Your Consent: We may share your information with third parties when you have given us your consent to do so.
• Aggregated & Anonymized Data: We may use and share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for any purpose whatsoever, including but not limited to research, analysis, benchmarking, industry reporting, improving AI models, developing new products and features, and marketing purposes, without restriction and without compensation to you.

Helix is not liable for the data handling practices, security measures, or data breaches of any third-party service provider, even where Helix selected or recommended such provider. The Client acknowledges that the use of third-party services involves inherent risks and that Helix cannot guarantee the security or privacy practices of third parties.

5. Data Security

We implement commercially reasonable technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• AES-256 encryption for data at rest and TLS 1.3 encryption for data in transit.
• Security-first infrastructure with periodic security reviews.
• Role-based access controls, multi-factor authentication, and least-privilege access principles for internal systems.
• Monitoring, intrusion detection systems, and threat response capabilities.
• Vulnerability assessments and security awareness practices.
• Data center redundancy and disaster recovery protocols.

IMPORTANT: While we take reasonable measures to protect your personal information, no method of electronic transmission, storage, or processing is 100% secure. Helix cannot and does not guarantee absolute security of your data. You acknowledge and accept that there are inherent risks in transmitting information over the internet and storing data electronically, including but not limited to the risk of unauthorized access by third parties through cyberattacks, vulnerabilities in software, or other means beyond Helix's control. Helix shall not be liable for any unauthorized access to, or breach of, your personal data that occurs despite Helix having implemented commercially reasonable security measures. Helix will address security incidents in accordance with applicable breach notification laws, including Article 33 of the GDPR and Greek Law 4624/2019.

6. Your Rights

6.1 Rights Under the GDPR (European Economic Area)

If you are a resident of the European Economic Area (EEA), you have the following data protection rights under the General Data Protection Regulation:

• Right of Access: You have the right to request a copy of the personal data we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
• Right to Erasure: You have the right to request deletion of your personal data, subject to certain legal exceptions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
• Right to Withdraw Consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

Our legal bases for processing personal data include: performance of a contract, compliance with legal obligations, your consent, and our legitimate interests in operating and improving our Services.

6.2 Rights Under the CCPA (California)

If you are a California resident, the California Consumer Privacy Act grants you the following rights:

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share your data.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale: You have the right to opt out of the sale of your personal information. Helix does not sell personal information as defined by the CCPA.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you goods or services, charge different prices, or provide a different level of quality based on your exercise of these rights.

To exercise any of these rights, please contact us at [email protected]. We will acknowledge your request promptly and endeavor to respond within ninety (90) days, which may be extended by a further sixty (60) days where necessary given the complexity and volume of requests, in accordance with Article 12(3) of the GDPR. For CCPA requests, we will respond within forty-five (45) days, extendable by an additional forty-five (45) days. We may need to verify your identity before processing your request and may decline requests that are manifestly unfounded, excessive, or repetitive. Helix reserves the right to charge a reasonable administrative fee for repetitive or excessive requests as permitted by applicable law.

7. Data Retention

We retain your personal information for as long as we deem necessary to fulfill the purposes for which it was collected, to provide our Services, to comply with legal obligations, to resolve disputes, to enforce our agreements, and to protect our legitimate business interests. Helix retains sole discretion in determining appropriate retention periods. Indicative retention periods include:

• Account Data: Retained for the duration of your active account and for a reasonable period after account closure (typically 90 days) to allow for reactivation, support inquiries, and dispute resolution.
• Operational Data: Customer-uploaded operational data is retained in accordance with your subscription agreement. Upon termination, operational data will be deleted within a reasonable timeframe unless a longer retention period is required by law, necessary for dispute resolution, or otherwise justified by Helix's legitimate interests.
• Billing Records: Retained for a minimum of 10 years in accordance with Greek tax and financial reporting obligations (Greek Tax Code, N. 4987/2022).
• Usage and Analytics Data: Retained in identifiable form for as long as necessary for operational and analytical purposes, after which it may be aggregated and anonymized. Anonymized data may be retained indefinitely.
• Support Communications: Retained for 5 years from the date of last interaction to provide context for ongoing support relationships and for legal purposes.
• Marketing Data: Retained until you unsubscribe or request deletion, after which your email address is added to our suppression list. The suppression list is maintained indefinitely to honor your opt-out preference.
• Legal & Compliance Data: Data relevant to legal proceedings, regulatory inquiries, or compliance obligations may be retained for as long as necessary, including beyond the periods stated above.

When personal data is no longer required for any purpose, we securely delete or anonymize it. The timing and method of deletion are at Helix's sole discretion, subject to applicable legal requirements. Helix shall not be liable for retaining data for longer than the indicative periods stated above where such retention serves a legitimate purpose.

8. Children's Privacy

Our Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at [email protected]. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take immediate steps to delete that information from our servers.

9. Platform User Content & Responsibility

For platforms owned and operated by Helix where users can create, upload, publish, or distribute content:

• Users are solely responsible for all content they upload, publish, or distribute through Helix platforms, including its accuracy, legality, and compliance with applicable laws and third-party rights.
• Helix does not pre-screen, monitor, or endorse user-generated content and assumes no liability for such content.
• Helix reserves the right to remove, modify, or restrict access to any user content at its sole discretion, without notice and without liability.
• By uploading content to a Helix platform, users grant Helix a non-exclusive, worldwide, royalty-free license to use, store, process, display, and transmit such content as necessary to operate the platform and provide the Services.

10. International Data Transfers

Your personal data may be transferred to, stored in, and processed in countries outside the European Economic Area (EEA), including countries that may not provide the same level of data protection as your home country. Such transfers may occur when our service providers (including cloud hosting, analytics, payment processing, and email delivery providers) process data in jurisdictions outside the EEA. Where we transfer personal data outside the EEA, we rely on appropriate safeguards as permitted under Chapter V of the GDPR, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission;
• Adequacy decisions by the European Commission;
• Binding Corporate Rules (BCRs) of our service providers;
• Any other legally recognized transfer mechanism.

By using our Services, you consent to the transfer of your data to countries outside the EEA where necessary for the provision of the Services.

11. Changes to This Policy

Helix reserves the right to update, amend, or replace this Privacy Policy at any time, at its sole and absolute discretion, for any reason or no reason. When we make changes, we will:

• Update the "Last updated" date at the top of this page.
• Post the revised Privacy Policy on our website.
• For material changes, endeavor to provide notice via a prominent notice on our website or other reasonable means.

It is your sole responsibility to review this Privacy Policy periodically. Your continued use of our Services after the posting of any changes constitutes your irrevocable acceptance of the revised Privacy Policy. If you do not agree with any changes, your sole remedy is to discontinue use of our Services. Helix shall not be required to obtain individual consent for changes to this Privacy Policy unless specifically required by mandatory applicable law.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Data Protection Officer: [email protected]
• Postal Address: Helix Technologies Single Member P.C., 265 Kifisias Avenue, Kifisia 14561, Athens, Greece

If you are located in the EEA and believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.