HeyEye Studio

Privacy Policy

Last updated: June 16, 2026

This Privacy Policy explains how HeyEye Studio (“HeyEye,” “we,” “us” or “our”) collects, uses, stores and shares information when you visit hey-eye.ai, interact with The Eye, contact us, subscribe to updates, book a call, or use a HeyEye Client Room.

1. Information we collect

Information you provide

Depending on how you use the site, you may provide:

Name, company, email address, project details, messages and inquiry information.
Newsletter subscription details.
Booking information submitted through our scheduling provider.
Client Room credentials, review decisions, notes, submissions and uploaded files.
Messages, preferences and optional contact details shared with The Eye.

Information collected automatically

Our hosting, security and website systems may automatically process technical information such as browser type, device type, pages visited, timestamps, referral information, network information and error or security events.

We use browser storage, including localStorage and sessionStorage, for functions such as cookie preferences, Client Room sessions, interface state and daily usage limits.

2. The Eye and AI-powered features

The Eye is HeyEye’s interactive portfolio guide. When you send a message, we process the text of your request, limited recent conversation context, the page you are viewing and approved portfolio information so The Eye can respond and navigate the site.

Messages may be processed by Anthropic to generate a reply. Generated reply text may be sent to ElevenLabs to create optional speech. When the animated model experience is enabled, Simli or LiveAvatar may process session and generated audio data required to render the visual character.

If you activate microphone input, speech recognition may be provided by your browser, operating system or a connected speech service. HeyEye may receive the resulting transcript. Availability and processing depend on your device and browser.

To prevent abuse and unexpected service costs, we enforce usage limits. Network information such as an IP address may be processed briefly to create a salted, one-way cryptographic identifier. The raw IP address is not stored in our rate-limit database.

Do not submit confidential trade secrets, highly sensitive personal information, payment-card information, medical information or authentication credentials to The Eye.

3. Client Room, reviews and uploads

HeyEye Client Rooms allow authorized clients to review campaigns, approve or flag work, submit notes, upload references and access released deliverables. We process the information necessary to provide those services, including client identifiers, campaign records, review history, submissions, file metadata and uploaded content.

New client uploads are stored in private Supabase Storage and are accessed through authorization rules or temporary signed links. Some older project files may remain available through legacy public links where the exact link is known. Contact us if you want a legacy file reviewed, migrated or removed.

Existing client access codes are maintained for continuity. Future account systems may use additional authentication methods. Clients are responsible for keeping access credentials confidential and for notifying us of suspected unauthorized use.

4. Cookies and similar technologies

Necessary and functional storage

We use necessary browser storage to remember security sessions, consent choices, interface state, Client Room access and rate-limit information. These functions are required for features you request.

Optional analytics and advertising

Google Analytics, Google Ads and Meta Pixel load only after you click Accept in our cookie banner. These providers may process device, browser, page-view, referral, conversion and advertising information according to their own policies.

Clicking Decline prevents these optional technologies from loading. You may change your choice at any time using Cookie Settings on the main website.

5. Service providers

We use service providers to operate the website and deliver requested features. Depending on your use, information may be processed by:

IONOS Website hosting, webspace and server delivery.

Supabase Database, authentication, Edge Functions, sessions and file storage.

Anthropic Generation of The Eye’s AI responses.

ElevenLabs Optional synthetic voice generation.

Simli / LiveAvatar Optional animated-character session and rendering services.

Formspree Contact, lead and form-submission delivery.

Mailchimp Newsletter subscriptions and email communications.

Cal.com Call scheduling and booking information.

Google Fonts and, after consent, analytics and advertising measurement.

Meta After consent, advertising measurement and conversion tracking.

Providers may process information in the United States or other countries. Their handling of information is governed by their contracts, security practices and privacy policies.

6. How we use information

We may use information to:

Operate, secure, maintain and improve the website and Client Rooms.
Respond to inquiries, prepare proposals and communicate about projects.
Provide AI-guided portfolio navigation and optional voice or avatar features.
Process reviews, approvals, uploads, submissions and deliverables.
Send newsletters or marketing communications you requested.
Measure site performance, conversions and campaigns after consent.
Prevent abuse, fraud, unauthorized access and excessive API usage.
Comply with legal obligations and enforce agreements.

We do not sell personal information for monetary consideration. Optional advertising technologies may be treated as “sharing” or targeted advertising under some privacy laws; you can decline or withdraw consent through Cookie Settings.

7. Retention and security

We retain information only for as long as reasonably necessary for the purposes described in this policy, to provide project services, maintain business records, resolve disputes, enforce agreements and comply with law. Retention varies by record type, project status and contractual requirement.

Client uploads and project records may remain available while a project is active or while continued access is requested. You may contact us to request review or deletion, subject to legal, contractual and backup limitations.

We use measures including HTTPS, authentication, Row Level Security, private file storage, temporary access links, rate limits and restricted administrative permissions. No internet system is completely secure, and we cannot guarantee absolute security.

8. Your choices and rights

Depending on your location, you may have rights to request access, correction, deletion, restriction, portability or objection regarding personal information. You may also withdraw optional tracking consent at any time.

Use Cookie Settings to change optional analytics and advertising consent.
Use the unsubscribe link in marketing emails.
Contact us to request access, correction or deletion.
Contact us if you believe Client Room credentials or files were exposed.

We may need to verify your identity before completing a request. Some information may be retained where required by law, contract, security or legitimate recordkeeping needs.

9. Children

This website and our commercial services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. Contact us if you believe a child submitted information to us.

10. Changes to this policy

We may update this policy as our services, providers or legal obligations change. The revised date at the top indicates when the current version took effect. Material changes may be highlighted on the website where appropriate.

11. Contact

For privacy questions, requests or security concerns, contact:

HeyEye Studio
hello@hey-eye.ai
Miami, Florida, United States