Helmdesk
DocsBlogPricingFeaturesSupport
Sign inGet started

Privacy Policy

Effective date: May 17, 2026

Moloks Technologies (“we”, “us”, “our”) operates Helmdesk, a multi-tenant helpdesk, email gateway, and knowledge base platform for developers. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect your name and email address via Supabase Auth. If you sign in with Google OAuth, we receive your name, email, and profile photo URL from Google.

Support Tickets

Tickets submitted through Helmdesk contain customer names, email addresses, and message content. This data is stored on behalf of your account and your end customers.

Email Addresses

We collect and store email addresses for sending transactional emails on your behalf through your configured email providers.

Provider Credentials

Email service API keys you configure are encrypted with AES-256-GCM before storage. We never store provider credentials in plain text.

Knowledge Base Content

Articles you publish are publicly accessible content authored by you and stored within your project.

Usage Data

We collect basic usage data including page views, feature interactions, and API request metadata (timestamps, endpoints, response codes) to operate and improve the service.

2. How We Use Your Data

  • Providing, maintaining, and improving the Helmdesk service
  • Authenticating your identity and managing your account
  • Sending transactional emails on your behalf through your configured providers
  • Powering AI features (suggested replies, auto-classification, article drafting, smart suggestions) using ticket and article content
  • Generating aggregate, anonymized analytics to improve service performance
  • Communicating with you about service updates, security notices, and support

3. AI Features

Helmdesk uses Google Gemini to power AI features such as suggested replies, ticket classification, and article drafting. When you use AI features, relevant ticket content and knowledge base articles may be sent to Google Gemini for processing. We do not use your data to train AI models. AI processing is performed on-demand and results are not retained by the AI provider beyond the scope of the request.

4. Data Storage and Security

Your data is stored in PostgreSQL databases managed by Supabase with row-level security (RLS) policies enforced on every table. This means your data is cryptographically isolated from other tenants at the database level.

Provider credentials (email API keys) are encrypted using AES-256-GCM before being stored. Encryption keys are managed separately from the database.

We use HTTPS/TLS for all data in transit. Our infrastructure is hosted on cloud providers with SOC 2 compliance.

5. Third-Party Services

We use the following third-party services to operate Helmdesk:

  • Supabase — authentication, database hosting, and real-time subscriptions
  • Email providers (Brevo, Resend, or your configured provider) — sending transactional emails on your behalf
  • Google Gemini — AI features including suggested replies, classification, and article drafting

Each third-party service processes only the minimum data necessary for its function. We do not sell your data to any third party.

6. Cookies

Helmdesk uses only essential session cookies required for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. These session cookies are strictly necessary for the service to function and cannot be disabled while using Helmdesk.

7. Data Retention

We retain your account data for as long as your account is active. Support ticket data is retained for the lifetime of the project it belongs to.

When you delete a project, all associated tickets, articles, templates, and email logs are permanently deleted within 30 days. When you delete your account, all data associated with your account is permanently deleted within 30 days.

8. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate personal data
  • Deletion — request deletion of your personal data and account
  • Export — request a machine-readable export of your data

To exercise any of these rights, contact us at support@helmdesk.dev. We will respond within 30 days.

9. Children's Privacy

Helmdesk is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the service. Your continued use of Helmdesk after changes take effect constitutes acceptance of the updated policy.

11. Contact

If you have questions about this Privacy Policy or our data practices, contact us at:

Moloks Technologies

Ottawa, Ontario, Canada

Email: support@helmdesk.dev