Privacy & Terms

We value your privacy and want to ensure you understand the terms of using our site and Human-Enhanced Agents (HEAs).

For full details, please refer to our Privacy Policy (EN) and Terms & Conditions (EN).

Privacy Policy

Controller & Contact

For this website and our own marketing activities, the data controller is NPE Holding B.V., trading as HEA World, based in Naarden, Netherlands. For data processed on behalf of our customers’ websites (when visitors interact with a deployed HEA), our customers act as data controllers and HEA World acts as processor, as described in our Privacy Policy. For all privacy inquiries, please contact: privacy@hea-world.com.

Data Collection

On this public website, HEA World collects only pseudonymous analytics such as session ID and visitor ID to measure usage, improve service quality, and debug errors. No personally identifiable information (PII) is stored unless you explicitly provide it (for example, by filling in a form).

When you create an account, subscribe to a plan, or deploy an HEA on your own website, we additionally process account, billing, usage, and content data as described in our Privacy Policy.

Cookies and Local Storage

We use first-party storage (localStorage and sessionStorage) to manage chat and session experience. Google Tag Manager (GTM) is loaded for analytics and site performance measurement. In its current configuration, GTM does not deploy advertising or third-party cookies. If additional tags are introduced in the future, we will request consent before activation.

Third-Party Services

We use OpenAI's API to generate AI responses. We do not add names, emails, or other direct identifiers to the messages we send to OpenAI, and we instruct customers not to include unnecessary personal data in prompts. Data is processed under OpenAI’s enterprise-grade terms and, to our knowledge, is not used to train their models.

Data Storage

Usage logs are stored in Cloudflare R2 (Frankfurt region), ensuring all data remains within the EU. Logs are retained only for analytics, troubleshooting, and improving services.

Data Retention

Usage logs are retained for a maximum of 12 months unless required for security or diagnostics.

Legal Basis for Processing

We process data based on legitimate interest (site functionality, analytics). We do not use non-essential cookies or rely on consent where not legally required.

Your Rights

You have the right to request access, correction, deletion, or limitation of processing of your data. Simply contact privacy@hea-world.com. All requests will be handled within GDPR timelines.

Supervisory Authority

You may lodge a complaint with your local data protection authority or with the Autoriteit Persoonsgegevens (Netherlands).

Terms of Use

Use of the Website

By accessing this site, you agree to comply with these terms and applicable laws. You must not misuse the content or functionality of HEA World.

Use of Human-Enhanced Agents (HEAs)

HEAs are provided for informational and demonstration purposes. They do not provide legal, financial, or medical advice, and users remain responsible for how they interpret responses.

Subscriptions & Billing

Paid plans and subscriptions are managed through Stripe. By subscribing, you agree to Stripe’s terms of service and applicable taxes. Refunds are handled in accordance with our Terms & Conditions and any mandatory consumer protection rules that apply to you.

Intellectual Property

All site content, software, and HEA World branding remain the property of their respective creators and licensors. Content and knowledge that you provide to build your HEA remain yours; you simply grant us the rights necessary to operate the Service. Unauthorized reproduction or redistribution of our software or branding is prohibited.

Acceptable Use

You may not deploy or prompt HEAs for illegal or high-risk purposes such as medical diagnosis, credit scoring, or critical infrastructure operations. Additional constraints are described in our Terms & Conditions.

Governing Law

These terms are governed by Dutch law. Any disputes will be subject to the competent courts in the Netherlands.

Modifications

We may update these terms periodically. Continued use of the site after updates constitutes acceptance of the new version.

EU AI Act – Transparency & Compliance

Last reviewed: 17 Oct 2025

HEA World designs Human-Enhanced Agents (HEAs) to meet the transparency duties under the EU Artificial Intelligence Act (Regulation (EU) 2024/1689). In plain terms: when you chat with an HEA on our site, you’re interacting with an AI system.

What we do by default

AI disclosure
HEA chat clearly indicates that replies are AI-generated and offers a visible hand-off to a human on request.
Synthetic content
Any auto-generated image, audio, or video is labelled as AI-generated, per the Act’s transparency rules.
Model provenance
HEAs run on trusted foundation models (currently OpenAI). We do not fine-tune models on your conversations.
EU data location
Operational logs are stored in the EU (Cloudflare R2 – Frankfurt) and retained for up to 12 months for reliability and abuse detection.

Scope & risk level

Our HEAs are general-purpose conversational assistants for websites and content guidance. They are not intended for “high-risk” Annex III uses (e.g., credit scoring, employment screening, education grading, biometric identification, medical diagnosis, or critical infrastructure control).

Your controls

  • Human alternative: Request human assistance via our contact links.
  • Data rights: Access, correction, or deletion: privacy@hea-world.com.

Contact & notices

For AI Act or GDPR inquiries, contact privacy@hea-world.com. We update this notice as EU guidance and standards evolve.