H

Privacy Policy

Last updated: April 30, 2026

This Privacy Policy explains what personal information Hunt ("Hunt", "we") collects when you use huntcompute.ai, the Hunt API, or the Hunt Python SDK, how we use it, and your rights over it. By using the Service, you agree to this Policy.

1. Information We Collect

Account information

When you sign up we collect your email address and authentication credentials through Supabase. We do not collect a password directly; Supabase stores a salted hash of it. We may collect your name if you provide it.

Billing information

Payment details (card number, expiry, CVC, billing address) are collected and stored exclusively by Stripe, our payment processor. Hunt only stores the Stripe customer identifier (cus_*) and a flag indicating whether a default payment method is attached. We never see or store the full card number.

Usage data

For each agent run we record: the model used, the tier, token counts (input, output, total), latency, cost, status, and a timestamp. By default we do not retain prompt or completion content beyond the duration of the run. If you enable session memory (memory=True), we store the messages associated with the session for up to 30 days or until you call clear_session.

Operational data

Standard server logs (IP address, user-agent, request path, response code) are retained for up to 30 days for security and abuse prevention.

2. How We Use Information

  • To operate the Service, route requests, and bill consumption.
  • To enforce rate limits, prevent abuse, and investigate security incidents.
  • To send you transactional email (welcome, payment confirmations, payment failures, free-credit notifications). We do not send marketing email unless you explicitly opt in.
  • To improve the Service in aggregate. We do not train models on your prompts or completions.

3. How We Share Information

We share information only with these categories of processors:

  • Supabase — authentication and database hosting (United States).
  • Stripe — payment processing (United States).
  • Resend — transactional email delivery.
  • Cloudflare — DNS, CDN, and tunnel ingress to our inference servers.
  • Vercel — frontend hosting and analytics (privacy-friendly, cookie-free by default).
  • Oracle Cloud Infrastructure — current host of our backend and inference (Always Free tier, ARM Ampere).

We do not sell or rent personal information. We may disclose information in response to lawful requests from authorities, in which case we will notify you unless legally prohibited.

4. Data Retention

  • Account record: retained while your account is active.
  • Run metadata (cost, tokens, latency): 30 days.
  • Prompt/completion bodies: only retained if you opt in to session memory, then 30 days or until you delete the session.
  • Server logs: 30 days.
  • Billing records: as required by law, typically 7 years.

5. Your Rights

Depending on your jurisdiction (including under the EU General Data Protection Regulation and the California Consumer Privacy Act), you may have the right to access, correct, port, restrict, or delete the personal information we hold about you, and to object to certain processing. To exercise these rights, contact filipe@huntcompute.ai. We will respond within 30 days.

California residents may opt out of any "sale" or "sharing" of personal information; we do not engage in either.

6. International Transfers

Hunt is operated from Brazil and uses processors located in the United States and the European Union. Where personal data is transferred from the European Economic Area, we rely on the European Commission's Standard Contractual Clauses with our sub-processors.

7. Security

Authentication tokens use industry-standard JWT signing. API keys are stored as salted hashes; we never store plaintext after the moment of issuance. Network ingress is TLS-only via Cloudflare Tunnel. Backups are encrypted at rest. Despite these measures, no system is impervious; if you suspect a compromise, contact us at once.

8. Children

The Service is not directed at children under 18. We do not knowingly collect personal information from children.

9. Changes

Material changes to this Policy will be announced by email at least 14 days before they take effect.

10. Contact

Privacy inquiries: filipe@huntcompute.ai.

This Policy is a working draft. It does not constitute legal advice.