Hintyr
Sign InGet Started

Terms of Service

Please review the following terms and conditions governing your use of Hintyr.

Hintyr Terms of Service

Effective Date: August 25, 2025
Contact: contact@hintyr.com

Important: These Terms form a binding agreement between Hintyr, Inc. ("Hintyr," "we," "us," or "our") and the entity you represent ("Customer"). If you are accepting on behalf of a company, you represent that you have authority to bind that company. If you do not agree, do not access or use the Services.

1. Definitions

"Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party. "Authorized User" means an employee, contractor, or agent whom Customer authorizes to access the Services under Customer's account. "Customer Content" (or "Customer Data") means data, files, documents, audio, video, images, metadata, annotations, and other content that Customer or its Authorized Users submit to or process through the Services. "Documentation" means user guides, standards, and policies provided by Hintyr describing the Services. "Google OAuth" means Google's OAuth 2.0 authentication service used to connect Customer's Google Account to the Services. "Google OAuth Scopes" means the specific permissions requested from Customer's Google Account, including: openid (identity verification), email (email address access), profile (profile information access), and drive.file (access to specific files Customer selects from Google Drive). "LLM Services" means machine-learning and large language model features and third-party model provider (Google Cloud Platform) used by or integrated with the Services. "Output" means any result produced by the Services or LLM Services from processing Customer Content. "Personal Data" means information relating to an identified or identifiable individual. "PHI" means protected health information as defined by HIPAA. "Services" means Hintyr's hosted eDiscovery and AI platform, websites, and related software, including connectors, APIs, and integrations. "Subprocessor" means a third party engaged by Hintyr to process Customer Content on Hintyr's behalf. "Order" means an order form, online checkout, or SOW identifying the subscribed Services, plan tier, fees, and term.

2. Scope; Access and Use

2.1 Provision. Subject to these Terms and the applicable Order, Hintyr grants Customer a non-exclusive, non-transferable, worldwide right to access and use the Services for Customer’s internal business purposes during the Term.
2.2 Accounts & Authentication. Customer accounts are provisioned via Clerk. Customer is responsible for: (a) configuring its identity and access management; (b) maintaining the confidentiality of credentials; and (c) all activities under its accounts.
2.3 Authorized Users. Customer shall ensure its Authorized Users comply with these Terms and is responsible for their acts and omissions.
2.4 Third-Party Services. Certain functionality requires third-party services (e.g., identity by Clerk; payments by Stripe; Google OAuth for Drive integration; LLM Services by Google Cloud Platform). Use of such services is subject to their terms. Hintyr is not responsible for third-party services that are not under Hintyr's control. See Section 2.5 for Google OAuth-specific terms.

2.5 Google OAuth Authentication

Google Account Integration

Our Service uses OAuth 2.0 to connect with your Google Account. By connecting your Google Account, you authorize us to access specific information as described in our Privacy Policy and this Section.

Requested Permissions

When you connect your Google Account, we request the following permissions:

  1. OpenID Connect (openid): To verify your identity with Google and securely authenticate you.

  2. Email Address (email): To access your primary Google Account email address for account creation, management, and communication.

  3. Profile Information (profile): To access your name, profile picture, and public profile information for personalization and identity display.

  4. Google Drive File Access (drive.file): To access only the specific files you explicitly select using Google's file picker when you choose to import evidence or documents from your Google Drive into your eDiscovery workspace. We can only access files you select; we cannot access other files in your Drive, and we cannot modify, delete, or create files in your Google Drive.

Limited Use of Google Data

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This means:

  • We use your Google data only to provide features that are prominent and visible in our application interface
  • We do not use your Google data for advertising, marketing, retargeting, or personalized advertising
  • We do not sell, rent, or transfer your Google data to third parties except as explicitly disclosed in our Privacy Policy (security purposes, legal compliance, or with your explicit consent)
  • We do not use your Google data for credit decisions, lending purposes, or determining eligibility for financial products
  • We do not use your Google data for any purpose not disclosed in this Agreement and our Privacy Policy

User Responsibilities

When using Google Account integration, you agree to:

  • Maintain the security of your Google Account credentials
  • Not share your account access with unauthorized individuals
  • Immediately notify us at contact@hintyr.com if you suspect unauthorized access to your Hintyr account via Google OAuth
  • Comply with Google's Terms of Service and Acceptable Use Policies
  • Only import files from Google Drive that you are legally authorized to access and process
  • Revoke access immediately if you no longer wish to use Google Drive integration

Revoking Access

You may revoke Hintyr's access to your Google Account at any time by:

  1. Visiting https://myaccount.google.com/permissions
  2. Finding "Hintyr" in the list of connected apps
  3. Clicking "Remove Access"

Alternatively, you can disconnect your Google Account from your Hintyr Account Settings.

Effect of Revoking Access:

  • We can no longer access your Google account data
  • Google Drive import functionality will be unavailable
  • Your Hintyr account will remain active with limited functionality (no Google Drive import)
  • Previously imported Drive files will remain in your workspace as Customer Content (you can delete them separately if desired)
  • We will delete your Google email and profile data within 30 days of revocation

Google's Terms Apply

Your use of Google services through our application is also governed by Google's Terms of Service (https://policies.google.com/terms) and Privacy Policy (https://policies.google.com/privacy). We are not responsible for Google's data practices, service availability, or changes to Google's APIs or policies.

Data Security

We implement industry-standard security measures to protect your Google Account data, including:

  • Encryption in transit using TLS 1.2 or higher
  • Encryption at rest using AES-256 encryption
  • Secure OAuth token storage with restricted access
  • Regular security audits and vulnerability assessments
  • Role-based access controls limiting employee access to user data
  • Comprehensive audit logging of all access to Google user data
  • Incident response procedures for security events

No Warranty for Google Services

We provide the Google Account integration "as is" without warranties regarding Google's services. We are not responsible for:

  • Google service outages, downtime, or reduced availability
  • Changes to Google's APIs, policies, or service features
  • Data loss due to Google service issues or changes
  • Google's data handling practices or security measures
  • Interruptions to Google Drive import functionality due to Google API limitations

If Google discontinues or materially changes the APIs we rely on, we will make commercially reasonable efforts to provide alternative functionality or notice, but we are not liable for any resulting loss of functionality.

3. Acceptable Use; Restrictions

3.1 Acceptable Use. Customer must not: (a) violate law (including export, sanctions, anti-corruption, privacy); (b) reverse engineer, decompile, or create derivative works of the Services; (c) circumvent security or rate limits; (d) use the Services to transmit malware, spam, or infringing, obscene, or illegal content; (e) use Output without human review in contexts where accuracy is mission-critical or legally determinative; or (f) use the Services to provide competing offerings or for benchmarking without our prior written consent.
3.2 Prohibited Data. Unless the Order expressly permits and the required agreements are in place, Customer must not submit: (a) PHI (absent a separate BAA with Hintyr); (b) payment card primary account numbers (other than via Stripe); (c) government-issued identifiers where prohibited; or (d) data subject to special handling that Customer is not authorized to process.
3.3 Legal Use in eDiscovery. Customer is solely responsible for compliance with legal hold obligations, court orders, protective orders, and discovery rules. The Services assist but do not replace counsel’s professional judgment.

4. Customer Content; Ownership; License

4.1 Ownership. As between the parties, Customer retains all right, title, and interest in and to Customer Content. Hintyr acquires no rights except as expressly granted.
4.2 License to Provide Services. Customer grants Hintyr and its Subprocessors a non-exclusive, worldwide, royalty-free license to host, copy, process, transmit, index, analyze, and display Customer Content solely to provide, secure, support, and improve the Services for Customer (e.g., quality assurance, troubleshooting, usage analytics).
4.3 No Sale; No Third-Party Access for Marketing. Hintyr will never sell Customer Content and does not grant third parties access to Customer Content for their advertising or independent purposes. Access by Subprocessors is limited to providing the Services and subject to contractual confidentiality and data protection obligations.
4.4 Training and Model Improvement. By default, Hintyr does not use Customer Content to train generalized models available to other customers. We may use de-identified, aggregated metrics about use of the Services ("Usage Data") to improve features. Customer may opt in to content-based improvement programs in writing.

5. AI & LLM Services; Output

5.1 Third-Party LLMs and Google Services.

(a) Google Cloud Platform (AI Processing). The Services may route prompts and Customer Content to a third-party LLM provider (Google Cloud Platform, including Vertex AI and Gemini models) as a Subprocessor to generate Output (e.g., classifications, summaries, entity extraction, and AI-assisted review features). Hintyr maintains a BAA with Google Cloud for AI processing; for HIPAA use cases, a separate BAA between Hintyr and Customer is also required.

(b) Google OAuth (File Access). Separately, the Services use Google OAuth to enable Customer to connect their Google Account and import selected files from Google Drive, as described in Section 2.5. Google OAuth file access is governed by the Google API Services User Data Policy and is subject to different terms and requirements than Google Cloud Platform AI processing.

(c) Distinction. Google OAuth (for Drive file access) and Google Cloud Platform (for AI inference) are separate services with distinct purposes, data flows, and compliance frameworks. Files imported via Google OAuth become Customer Content and may subsequently be processed by Google Cloud Platform AI services if Customer uses AI features.

5.2 Human Oversight. Output may be incomplete, incorrect, or reflect model limitations. Customer remains responsible for reviewing and validating Output and for all decisions based on it. 5.3 No Legal Advice. The Services and Output are tools that assist legal work; they are not legal advice and do not create an attorney–client relationship. 5.4 Customer Rights to Output. As between the parties and subject to third-party rights and applicable law, Hintyr assigns to Customer its interest, if any, in Output generated from Customer Content, excluding underlying models, software, and pre-existing materials.

6. Security; Privacy; Data Protection

6.1 Security Program. Hintyr maintains administrative, physical, and technical safeguards appropriate to the nature of the data and the Services.
6.2 Privacy Policy; DPA. The collection and use of Personal Data is described in Hintyr’s Privacy Policy. Upon request for applicable plans, Hintyr will enter into a Data Processing Addendum (DPA) incorporating standard contractual clauses as needed.
6.3 Subprocessors. Hintyr uses Subprocessors to deliver the Services. A current list is available upon request. Hintyr remains responsible for Subprocessors’ performance.
6.4 BAA for PHI. For Customers subject to HIPAA, Hintyr will enter into a Business Associate Agreement. Absent an executed BAA between Hintyr and Customer, PHI must not be submitted to the Services.
6.5 Breach Notification. Hintyr will notify Customer without undue delay of a confirmed Security Incident affecting Customer Content and provide information and cooperation reasonably required for Customer’s compliance efforts.
6.6 Cookies. Hintyr uses only strictly necessary cookies for authentication via Clerk. We do not use tracking or advertising cookies in the Services.

7. Implementation; Support; Service Levels

7.1 Implementation. Hintyr may provide onboarding, configuration, or migration services as described in an Order or SOW.
7.2 Support. Support hours, response targets, and contact channels are described in the applicable plan documentation.
7.3 Service Levels. Enterprise plans may include service-level commitments and credits in a separate SLA. Absent an SLA, the Services are provided on a commercially reasonable efforts basis.

8. Fees; Payment; Taxes

8.1 Fees. Customer will pay the fees set forth in the Order. Unless otherwise stated, fees are based on subscriptions, usage/consumption (e.g., storage GB, compute), or both.
8.2 Billing & Processor. Payments are processed by Stripe. Customer authorizes Stripe to charge the payment method on file per the Order’s billing cycle.
8.3 Late Payments. Overdue amounts may accrue a finance charge at the lesser of 1.5% per month or the maximum allowed by law, and we may suspend the Services for material nonpayment after notice.
8.4 Taxes. Fees are exclusive of taxes. Customer is responsible for all taxes, levies, and duties (excluding Hintyr’s income taxes).
8.5 No Refunds. Except as expressly provided, payments are non-refundable and commitments are non-cancelable during a Term.

9. Beta, Trial, and Free Features

Certain features may be identified as alpha, beta, preview, or evaluation ("Beta Features"). Beta Features are provided "AS IS," may be suspended at any time, and are excluded from SLAs and support commitments.

10. Confidentiality

10.1 Confidential Information. Each party may disclose non-public information to the other that is designated confidential or would reasonably be understood as confidential (including Customer Content, security practices, product roadmaps, and terms of Orders).
10.2 Protection. The receiving party will use the same degree of care it uses to protect its own confidential information (but no less than reasonable care) and will use Confidential Information only to perform its obligations under these Terms.
10.3 Compelled Disclosure. The receiving party may disclose Confidential Information when required by law, subpoena, or court order, provided it (if legally permitted) gives prompt notice and cooperates to seek protective treatment.
10.4 Exclusions. Confidential Information does not include information that is or becomes public through no fault of the receiving party, was rightfully known without restriction, or was independently developed without use of the disclosing party’s Confidential Information.

11. Intellectual Property; Feedback

11.1 Reservation of Rights. Except for the rights expressly granted, Hintyr and its licensors retain all rights in the Services, software, models, Documentation, and trademarks.
11.2 Feedback. Customer may provide feedback or suggestions. Hintyr may use feedback without restriction or obligation.

12. Term; Termination; Suspension

12.1 Term. The initial subscription term is specified in the Order and renews per the Order unless a party gives notice of non-renewal at least 30 days prior to the end of the then-current term.
12.2 Termination for Cause. Either party may terminate an Order for material breach if the breach remains uncured 30 days after written notice.
12.3 Suspension. Hintyr may suspend access immediately if: (a) Customer fails to pay fees; (b) Customer’s use presents a security risk; (c) Customer violates Section 3 (Acceptable Use); or (d) required third-party services become unavailable through no fault of Hintyr.
12.4 Effect of Termination. Upon termination or expiration: (a) Customer’s access to the Services ends; (b) fees due remain payable; and (c) upon request made within 30 days, Hintyr will make Customer Content available for export in a reasonable format. After 30 days, Hintyr may delete Customer Content from active systems, subject to legal holds and backups retained per standard schedules.

13. Warranties; Disclaimers

13.1 Mutual. Each party represents it has authority to enter into these Terms.
13.2 Hintyr. Hintyr warrants that it will provide the Services substantially in accordance with the Documentation and in a professional manner. For any breach of this warranty, Customer’s exclusive remedy is re-performance or, if re-performance is not commercially reasonable, termination with a pro-rata refund of pre-paid, unused fees.
13.3 Disclaimers. EXCEPT AS EXPRESSLY PROVIDED, THE SERVICES, OUTPUT, AND BETA FEATURES ARE PROVIDED “AS IS” WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. HINTYR DOES NOT WARRANT THAT THE SERVICES OR OUTPUT WILL BE ERROR-FREE OR MEET CUSTOMER’S REQUIREMENTS. THE SERVICES AND OUTPUT DO NOT CONSTITUTE LEGAL ADVICE.

14. Indemnification

14.1 By Hintyr. Hintyr will defend Customer against third-party claims alleging that the Services (as provided by Hintyr and used in accordance with the Documentation) infringe a U.S. patent, copyright, or trademark, and will pay damages and costs finally awarded by a court or agreed in settlement. If a claim arises, Hintyr may, at its option: (a) modify the Services; (b) replace the Services with substantially equivalent functionality; or (c) terminate the affected Order and refund pre-paid, unused fees. Hintyr has no obligation for claims arising from Customer Content, combinations not provided by Hintyr, or use in violation of these Terms.
14.2 By Customer. Customer will defend Hintyr against claims arising from Customer Content or Customer’s use of the Services in violation of law or these Terms, and will pay damages and costs finally awarded by a court or agreed in settlement.
14.3 Procedure. The indemnified party must provide prompt notice, reasonable cooperation, and sole control of the defense to the indemnifying party.

15. Limitation of Liability

15.1 Cap. EXCEPT FOR EXCLUDED CLAIMS, IN NO EVENT WILL EITHER PARTY’S TOTAL LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS EXCEED THE AMOUNTS PAID OR PAYABLE BY CUSTOMER FOR THE SERVICES GIVING RISE TO THE CLAIM IN THE TWELVE (12) MONTHS BEFORE THE FIRST EVENT GIVING RISE TO LIABILITY.
15.2 Excluded Damages. EXCEPT FOR EXCLUDED CLAIMS, NEITHER PARTY WILL BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, COVER, OR PUNITIVE DAMAGES, OR LOSS OF PROFITS, REVENUE, GOODWILL, OR DATA, EVEN IF ADVISED OF THE POSSIBILITY.
15.3 Excluded Claims. The limitations in 15.1 and 15.2 do not apply to: (a) a party’s indemnification obligations; (b) breach of confidentiality; (c) Customer’s payment obligations; or (d) a party’s willful misconduct or fraud.
15.4 Risk Allocation. The fees reflect the allocation of risk and limitations of liability herein.

16. Compliance; Export; Anti-Corruption; Sanctions

Customer agrees to comply with all applicable laws including anti-corruption (e.g., FCPA, UK Bribery Act), sanctions and export controls (e.g., EAR, OFAC), and data protection laws. Customer represents it is not a sanctioned person or located in a sanctioned jurisdiction.

17. Government Use

If Customer is a U.S. government entity, the Services are "Commercial Computer Software" and "Commercial Computer Software Documentation" provided with only those rights as set forth in these Terms per FAR 12.212 and DFARS 227.7202.

18. Publicity

Hintyr may identify Customer by name and logo as a customer on websites and marketing materials, subject to Customer’s reasonable trademark usage guidelines. Customer may opt out of publicity by written notice.

19. Modifications to the Services or Terms

We may modify the Services and these Terms to reflect improvements, security updates, changes in law, or changes to third-party services. For material adverse changes, we will provide notice. Continued use after the effective date constitutes acceptance. If Customer objects to a material adverse change, Customer may terminate the affected Order within 30 days of notice and receive a pro-rata refund of pre-paid, unused fees.

20. Assignment

Neither party may assign these Terms without the other party’s consent, except either party may assign to an Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of substantially all assets, provided the assignee is not a direct competitor and assumes all obligations.

21. Notices

Notices must be in writing and will be deemed given when sent to the contacts specified in the Order or to contact@hintyr.com (for notices to Hintyr) by email with confirmation, courier, or certified mail.

22. Force Majeure

Neither party will be liable for delays or failure to perform due to events beyond its reasonable control (e.g., natural disasters, acts of government, labor disputes, internet or hosting failures, third-party outages), provided it uses reasonable efforts to mitigate.

23. Governing Law; Dispute Resolution

23.1 Law & Venue. These Terms are governed by the laws of the State of Delaware, excluding its conflicts rules. The parties consent to exclusive jurisdiction and venue in the state and federal courts located in Delaware, except as provided in Section 23.2.
23.2 Arbitration. Any dispute arising out of or relating to these Terms that the parties cannot resolve within 30 days shall be finally settled by binding arbitration under the AAA Commercial Arbitration Rules by one arbitrator. The seat of arbitration is Wilmington, Delaware. Judgment on the award may be entered in any court of competent jurisdiction. Either party may seek injunctive or equitable relief in court for actual or threatened misuse of Confidential Information or intellectual property.
23.3 Class Waiver. Disputes must be brought in each party’s individual capacity and not as a class, collective, or representative action.

24. Entire Agreement; Order of Precedence; Severability; Waiver; Survival

These Terms, the Order(s), DPA/BAA (if applicable), SLA (if any), and Documentation constitute the entire agreement and supersede all prior or contemporaneous agreements on the subject. In case of conflict, the following order controls: (1) BAA/DPA; (2) Order; (3) SLA; (4) these Terms; (5) Documentation. If any provision is unenforceable, it will be modified to the minimum extent necessary and the remainder will remain in effect. A failure to enforce is not a waiver. Sections that by their nature should survive (including 3–6, 10–16, 21–24) survive termination.

25. Service-Specific eDiscovery Disclosures

25.1 Chain of Custody & Audit. The Services may provide evidentiary chain-of-custody logs for ingested items. Customer is responsible for verifying logs meet applicable rules of evidence for its matters.
25.2 Collection & Processing. Customer is responsible for lawful collection and processing of ESI (electronically stored information), including obtaining necessary consents and authorizations.
25.3 Search, Review, and Production. Search results and analytics depend on data quality and configuration. Customer is solely responsible for review decisions, privilege determinations, and productions.
25.4 Retention & Legal Holds. Customer controls retention settings. Hintyr will not delete Customer Content subject to a legal hold properly placed and maintained by Customer within the Services.
25.5 Third-Party Integrations. Connectors to third-party sources (e.g., cloud storage, messaging) are provided on an as-available basis. Availability may change due to third-party APIs and terms.

26. Plan-Specific Terms (Illustrative)

  • Growth / Business / Enterprise. Plan features, usage limits (e.g., storage, compute), and SLAs are described in the Order or Documentation.
  • HIPAA-Eligible (Enterprise only). Requires an executed BAA with Hintyr and appropriate configuration.
  • Data Residency. If data residency is offered for a plan, Hintyr will store Customer Content in the designated region subject to standard backups and service operations.

27. Contact; Reporting

Questions about the Services or these Terms may be sent to contact@hintyr.com. Security reports and urgent issues should include "Security" in the subject line.

By using the Services, Customer agrees to these Terms.