Legal

Privacy Policy

Effective July 4, 2026

HumanAuth lets humans approve AI-agent actions from their phone. To do that we collect the minimum we need to route an approval request to you and prove your decision. This page lists exactly what that is.

What we collect
What we don't do

This marketing website (humanauth.ai) uses Google Analytics to measure aggregate site traffic. The mobile app does not.

Who processes your data

We use three service providers to run HumanAuth. Each processes data only to provide its service to us.

Security

All data in transit is protected with TLS. Approval decisions are signed with an ed25519 key that is generated and stored on your device.

Retention

We keep your account data until you delete your account. Signed approval receipts are retained for integrity and audit purposes, so that past approvals remain verifiable. After you delete your account, these receipts keep only a pseudonymous account reference — needed to verify their original signature — and we sever its link to your email and identity by deleting your account record.

Deleting your account

You can delete your account in the app (Settings → Delete account) or by following the steps on our account deletion page, which also covers what to do if you no longer have access to your device.

Changes to this policy

If we change this policy we will update it here and revise the effective date above.

Contact

Questions about this policy or your data: support@humanauth.ai