This policy explains how Hugo (referred to below as we or Hugo AI) handles your data. Hugo is a personal assistant that works inside WhatsApp and Telegram, and is rolling out to native iOS, Android and Meta Glasses experiences over time.
Who we are
Hugo AI is operated by [Company Name BV], KvK [number], based in the Netherlands. For privacy questions, contact privacy@mani-ai.com.
What data we collect
- Identification: name, phone number, email
- Conversations: every message you send to and receive from Hugo, including voice-note transcripts and parsed content of photos and PDFs
- Preferences: anything you explicitly ask Hugo to remember (seat preference, passport, frequent contacts, etc.)
- Bookings: details of flights, hotels, trains and restaurants we arrange on your behalf
- Connected accounts: OAuth tokens for Google (Calendar, Gmail) — only if you explicitly link them
- Payment information: your credit card is stored by Duffel (not by us) under PCI DSS. We only see a token. Stripe processes subscriptions.
What we use it for
- To personalise Hugo's replies
- To execute bookings, emails and calendar actions on your behalf
- To send proactive, relevant notifications (briefings, flight alerts)
- To prevent abuse and fraud
- To improve the service (anonymised, opt-out available)
Who sees your data
We share data only with partners required to deliver the service:
| Partner | Purpose | Location |
|---|---|---|
| Meta Platforms (WhatsApp) | Message delivery | EU/US |
| Telegram | Message delivery | EU |
| OpenAI / Anthropic | LLM for understanding & generation | US |
| Groq | Speech-to-text | US |
| ElevenLabs | Text-to-speech | US |
| Vapi | Voice agent (outbound calls) | US |
| Duffel | Flights & hotels booking + saved card | EU/UK |
| Calendar + Gmail (only if you connect) | EU/US | |
| Stripe | Subscription processing | EU/US |
| Hetzner | Server hosting | EU (Germany/Finland) |
| Sentry | Error reporting | EU |
| Resend | HTML emails (optional) | EU/US |
DPAs are in place with all of these partners. Your data is always encrypted in transit (TLS 1.3) and at rest (AES-256-GCM for OAuth tokens and vault documents).
How long we keep data
| Type | Retention |
|---|---|
| Conversation text | 90 days, then automatically deleted |
| Voice memos (audio) | 24 hours, then transcript only |
| Photos / PDFs | 7 days, then extracted text only |
| Bookings | 7 years (tax requirement) |
| OAuth tokens | Until you disconnect the account |
| Audit log | 1 year |
Your GDPR rights
At any time you have the right to:
- Access your data (
/data exportcommand in chat) - Rectification if something is incorrect
- Erasure (
/data delete— we wipe everything within 30 days) - Objection to processing (cancel your account)
- Data portability (export in machine-readable JSON)
- File a complaint with the Dutch Data Protection Authority
Send /data delete in WhatsApp or Telegram to wipe everything,
or email privacy@mani-ai.com.
International transfers
Some of our suppliers (OpenAI, Anthropic, Groq, ElevenLabs, Vapi) are based in the United States. For transfers to third countries we rely on Standard Contractual Clauses (SCCs) and the EU–US Data Privacy Framework adequacy decisions.
Security
- TLS 1.3 on every connection
- AES-256-GCM encryption for OAuth tokens, vault documents and sensitive fields
- Postgres with row-level security and a separate service role
- Passwords / PINs are never stored or requested by us
- Webhook signatures are verified cryptographically (HMAC-SHA256)
Changes
We may update this policy. Material changes are announced via WhatsApp + email at least 30 days in advance.
Contact
privacy@mani-ai.com — we respond within 5 working days.