top of page

Privacy Policy

Effective: November 03, 2025

Operated by: Dynasas Applied Systems, DIFC

Contact: legal@huse.ai

1. What We Collect

We may collect the following categories of data:

Category                                                                                   Examples

Identity                                                                             Name, email, phone

Org Data                                                           Role, manager, team structure

Usage Logs                                              Task actions, messages, timestamps

Attendance                                           Check-in/out time, location, if authorized

Behavior Signals                  Productivity trends, patterns, consistency markers

Device Data                                                                  IP, OS/device type

Security Logs                                                          Audit trails, login logs

Docs & Media                                               SOPs, documents, attachments

Billing Data                                                      Stripe-processed payment info

Calendar Data                                    Event metadata, scheduling preferences

We never collect passwords for third-party services.

2. Purpose of Processing

We process data to:

  • Provide AI automation and orchestration

  • Execute workflows and daily operations

  • Improve productivity and reduce operational friction

  • Deliver insights and reporting

  • Enable time & attendance workflows

  • Power routing, approvals & follow-ups

  • Maintain platform security

  • Ensure audit trail integrity

We follow data minimization principles and purge non-essential data routinely.

3. AI Processing & Human Oversight

AI may analyze:

  • Work patterns

  • Execution reliability

  • Engagement shifts

  • Sentiment signals

  • Operational bottlenecks

We do not use personal content to train global AI models.

AI may produce errors ("hallucinations"). Human oversight is required.

4. Legal Basis

We process data under:

  • Contract necessity

  • Legitimate business interest

  • User consent for specific operations (e.g., location)

Legal obligations where applicable

5. Data Retention & Deletion

We retain data only while account is active, then purge it.

Users and clients may request:

  • Data export (portable format)

  • Correction

Full deletion, subject to employer approval

6. Security and Hosting

Hosted in AWS Bahrain, Postgres DB, encrypted.

Enterprise options available:

  • Dedicated private cloud

  • On-prem deployment

  • Region-specific data residency
     

Security practices include:

  • Access controls & audit logging

  • Encryption in transit & at rest

  • Scoped API permissions

  • Vendor due diligence

ISO27001 compliance roadmap is active.

7. Sharing & Third Parties

We may share encrypted data only with processors needed to operate HÜSE, such as:

  • AWS

  • WhatsApp Business API

  • Google Workspace & Microsoft Outlook integrations

  • Stripe

  • OpenAI (strict prompt safety, no training)

  • SMS/email vendors if used for verification

We never sell data or share for advertising.

8. Employee Monitoring Notice

Employers control:

  • Whether GPS is required for attendance

  • Who sees productivity & sentiment data

  • What workflows are automated

Employers must follow labor regulations & notification requirements.

9. International Data Transfers

Cross-border transfer safeguards include contractual DPAs and secure routing protocols.

10. Changes to Policy

We will notify users before material updates.

11. Contact

Data Protection Officer
Ruhban Gill
Email: legal@huse.ai
Jurisdiction: DIFC

Summary (Simple English)

  • We only collect what’s needed to run your workflows.

  • You own your data — we don’t sell it or train global models on it.

  • You can export or delete your data anytime.

  • Employers must use HÜSE legally and ethically.

We secure everything with modern cloud and encryption methods.

bottom of page