← Back

Privacy Notice

Last updated: May 2026

1. Who we are

HookTok AI is operated by Nehad Aadnane ("we", "us"). We act as the data controller for personal data processed in connection with the service.

2. Data we collect

  • Account data: name, email address, login credentials.
  • Content data: prompts and inputs you submit, generated outputs, generation history.
  • Usage data: feature usage, quotas, telemetry, device identifiers, IP address.
  • Support data: messages and information you send to us.

Payment data (card details, billing address) is collected by Paddle as Merchant of Record and is not stored by us.

3. Why we use it (purposes & legal bases)

  • Creating and operating your account — contract performance.
  • Generating AI outputs from your prompts — contract performance.
  • Security, abuse prevention, and quota enforcement — legitimate interests.
  • Improving the product and debugging — legitimate interests.
  • Customer support — contract performance / legitimate interests.
  • Marketing communications — consent, where required.
  • Legal and tax obligations — legal obligation.

4. Who we share data with

  • Service providers / subprocessors: hosting, database, AI model providers, analytics, support tooling.
  • Paddle (Merchant of Record): for sale of the product, subscription management, payments, tax compliance, and invoicing.
  • Professional advisers: legal and accounting where necessary.
  • Authorities: where required by law.

5. International transfers

Where data is transferred outside your region, we rely on appropriate safeguards (such as Standard Contractual Clauses or adequacy decisions).

6. Retention

We retain personal data for as long as needed to provide the service and meet legal obligations, then delete or anonymise it.

7. Your rights

Subject to applicable law, you may request access, correction, deletion, restriction, portability, or object to processing, and withdraw consent at any time. UK/EEA users may complain to their supervisory authority. We aim to respond within one month.

8. Security

We use appropriate technical and organisational measures, including encryption in transit, access controls, and audit logging.

9. Cookies

We use essential cookies needed for authentication and the service to function. We may use limited analytics cookies to understand usage. You can manage cookie preferences through your browser settings.

10. Contact

For privacy questions or to exercise your rights, contact us through the support channel in the app.