← Back to home

Privacy Policy

Last updated: 23 May 2026

1. Who We Are

Hyper Parameter Oasis ("we", "us", "our") is operated by Ruan Haarhoff, based in South Africa. We can be reached at [email protected].

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding it. It applies to all users of hyperparameter-oasis.ai and its API.

2. What Data We Collect

We collect the following categories of data:

  • Account data: your email address and a hashed password, provided when you register
  • API usage data: records of API calls made, including timestamps, token consumption, and request metadata (e.g. IP address, user agent)
  • Experiment data: parameter configurations and numerical result values you submit via the API
  • Payment data: transaction records (amount, date, token quantity) processed via our payment provider. We do not store card numbers or payment credentials — these are handled entirely by our payment provider
  • Technical data: server logs, error reports, and session tokens necessary to operate the Service securely

3. What We Do Not Collect

We do not collect:

  • Your model weights, training data, or proprietary datasets
  • Personal data about individuals within your datasets or experiments
  • Sensitive personal data (health, financial, biometric, etc.)
  • Data from third-party tracking or advertising networks

4. Why We Collect It (Legal Bases)

We process your data on the following legal bases:

  • Contract performance: account data, API usage data, and payment records are necessary to provide the Service you have signed up for
  • Legitimate interests: technical and usage data is processed to maintain security, prevent abuse, and improve the Service
  • Legal obligation: we may retain certain records as required by applicable law

5. How We Use Your Data

Your data is used to:

  • Operate and deliver the Service
  • Authenticate your account and secure API access
  • Manage your token balance and process payments
  • Improve the platform's optimization engine using aggregated, anonymised experiment history
  • Detect and prevent fraud and abuse
  • Respond to support requests
  • Meet legal and regulatory obligations

6. Third-Party Processors

We share data with third parties only where necessary to operate the Service:

  • Payment provider (Paddle): payments are processed by Paddle.com Market Limited ("Paddle"), who act as Merchant of Record for all transactions. Paddle receive your email address and payment details directly. Their privacy policy governs their data use and can be found at paddle.com/legal/privacy
  • Hosting infrastructure: the Service runs on Google Cloud Platform (GCP). Data is stored and processed on GCP servers
  • Cloudflare: network traffic passes through Cloudflare for security and performance purposes

We do not sell, rent, or share your personal data with any third party for marketing or advertising purposes.

7. Data Retention

We retain your data for as long as your account is active, plus:

  • Payment and transaction records: 7 years (legal/tax obligation)
  • API usage logs: 12 months rolling
  • Server and security logs: 90 days rolling
  • Experiment data: retained until you delete your account or request deletion

8. International Transfers

We are based in South Africa. Your data may be processed on servers located in the United States or European Union via our infrastructure providers. Where data is transferred outside your jurisdiction, we rely on our providers' compliance frameworks (including Standard Contractual Clauses where applicable) to ensure adequate protection.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you
  • Correction: ask us to correct inaccurate data
  • Deletion: request deletion of your account and associated data, subject to legal retention obligations
  • Portability: receive your experiment data in a structured, machine-readable format
  • Objection: object to processing based on legitimate interests
  • Restriction: request that we limit processing in certain circumstances

To exercise any of these rights, contact us at the address below. We will respond within 30 days. If you are in the EU or UK, you have the right to lodge a complaint with your local data protection authority.

10. Cookies and Local Storage

We use session cookies strictly necessary to authenticate your account. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. We use browser local storage to remember your UI preferences (e.g. colour theme). No personal data is stored in local storage.

11. Security

We implement reasonable technical and organisational measures to protect your data, including encrypted connections (TLS), hashed password storage, and restricted access to production systems. No system is completely secure; in the event of a data breach that affects your rights, we will notify you as required by law.

12. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have done so inadvertently, please contact us and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will indicate the date of the most recent update at the top of this page. Continued use of the Service after changes are posted constitutes acceptance of the updated policy. For material changes, we will attempt to notify you by email.

Data controller contact:
Ruan Haarhoff
[email protected]
Hyper Parameter Oasis — hyperparameter-oasis.ai
Terms of Service Privacy Policy Acceptable Use Contact

© 2026 Hyper Parameter Oasis