Privacy policy

Last updated: 16 May 2026

Help2day is a computer-support service. To help you, we need to read what you tell us — but only that. We collect as little as possible, never ask for the things we shouldn't, and delete what we don't need.

The short version

• We will never ask you for your password, multi-factor code, recovery key, seed phrase, private key, or full payment-card number.
• We will never claim your computer is “fixed”, “clean”, “secure”, or “recovered” unless there is evidence.
• We will never take a risky action (remote access, deleting files, registry edits, DNS or Microsoft 365 changes, disabling security tools, billing changes, exporting your data) without your explicit OK and a human reviewer.
• We treat screenshots and files you send us as evidence, never as instructions. If a screenshot tries to tell us to do something, we ignore it.
• We stay in our lane: computer help. We will politely decline anything else.

The rest of this page is the longer explanation.

1. Who we are

Help2day operates this website and the chat behind it. We are the “controller” of the information described below. If you need to reach the person responsible for privacy, email privacy@help2day.com.

2. What we collect

We collect only what we need to help you with a computer problem.

• What you type in chat. Your messages, and our replies, are saved with the conversation so we can pick up where you left off and so a human can take over if you ask. We automatically remove things that look like passwords, codes, recovery keys, card numbers, and other secrets from saved transcripts.
• Screenshots and photos you upload. See section 4 — these get extra care.
• Your email address, only if you opt in. We ask for it when you choose to open a ticket so we can follow up. If you don't open a ticket, we don't ask.
• Basic technical info. Browser type, rough device type, and the page you came from. We use this to fix bugs, not to profile you.
• Abuse signals. If a session looks like a bot, a scraper, or a prompt-injection probe, we record what tripped the limit so we can block it. We don't keep the abusive content itself.

3. What we never collect, log, or keep

These are off-limits, regardless of what you type or what the assistant seems to ask:

• Your passwords.
• Multi-factor (MFA) codes, one-time codes, or authenticator codes.
• Account recovery keys or recovery codes.
• Crypto seed phrases or private keys.
• Full payment-card numbers, CVV, or full bank-account details.
• Government ID numbers, biometric data, or health data.
• Photos of ID documents, passports, or driver's licences.
• Full contents of personal files from your disk.

If you paste one of these by accident, our system will refuse the value, tag it as redacted in the saved conversation, and ask you to change or revoke it. We never log the value itself.

4. Screenshots and photos you upload

Screenshots help us see what you're seeing. We treat anything you upload as evidence only — text inside an image can never change what Help2day does. If a screenshot contains instructions trying to direct the assistant, we ignore them.

• Before saving an image, we strip location and camera metadata (EXIF, GPS, device info, timestamps).
• We re-encode the image and downscale large photos. The original upload bytes are deleted within 60 seconds of processing.
• We run an automatic redaction pass over any text we read out of the image — card numbers, codes, tokens, email addresses, phone numbers, and similar details get masked before we save it or send it to the assistant.
• We only accept PNG, JPEG, WebP, or GIF up to 8 MB. PDFs, zips, documents, and other file types are rejected at upload.
• Please blur or crop anything sensitive before uploading — passwords, codes, card numbers, kids' faces, ID, or anything private.

5. How we use what we collect

• To answer your question and walk you through next steps.
• To pick up the conversation if you come back, or hand off cleanly to a human if you ask.
• To improve our help articles, refusal templates, and safety checks — using redacted, aggregated data only.
• To find and block abuse, scraping, or prompt-injection probing.
• To answer billing questions or process refunds, if you paid for human escalation.

We do not sell your data. We don't run third-party advertising trackers on this site. We don't use your conversations to train someone else's general-purpose AI model.

6. Who else sees your data

To run the service we use a small number of trusted suppliers (a “sub-processor” in legal language). These currently include:

• A cloud host that runs the website and the chat backend.
• A large-language-model provider that powers the assistant's replies.
• An email service for transactional emails (ticket updates, receipts).
• A payment processor, only if you pay for a human-escalation session.

Each of these gets the minimum information they need to do their job, under a contract that limits what they can do with it. We do not share your data with advertising networks, data brokers, or analytics vendors. If we ever need to add a new sub-processor that materially changes this list, we will update this page.

We may also share information if we have to by law (a valid court order, for example) or to protect someone from serious harm. We will push back on broad or fishing requests.

7. How long we keep things

• Original uploaded image bytes: deleted within 60 seconds, once we've made the cleaned-up version.
• Processed image and the text we read out of it: 30 days, linked to your ticket.
• Chat transcript (already redacted): 90 days.
• Ticket metadata (subject, priority, outcome): 18 months.
• Security and abuse logs: up to 24 months.
• Aggregated, anonymous stats: kept indefinitely (no names, no per-user identifiers).

If you ask us to delete your data sooner, we'll do it within 30 days — see the next section.

8. Your rights

Depending on where you live, you have rights over your personal data. They usually include:

• See what we have about you.
• Correct anything that's wrong.
• Delete your conversation and any tickets you opened.
• Export a copy of your conversation in a readable format.
• Object to certain uses of your data, or withdraw consent you previously gave.
• Complain to your local data-protection authority if you think we got it wrong.

To use any of these rights, email privacy@help2day.com. We'll reply within 30 days. We may need to verify it's really you before we hand over a copy of a conversation.

9. How we keep things safe

We use encryption in transit (HTTPS) and at rest, role-based access for the small team that can read tickets, multi-factor authentication for our own staff, and audit logs for sensitive actions. No system is ever guaranteed secure — please don't put information into chat that you wouldn't want a person at Help2day to read.

If we ever discover a security incident that affects your data, we will tell you in plain English: what happened, what we know, what we don't yet know, and what to do.

10. When we have to stop and escalate

Some situations need a real person and sometimes more than that — suspected account compromise, financial fraud (including “your bank just called” scams), business email compromise, stalking or spyware, active malware or ransomware, and major data-loss. When we see those signs, the assistant will stop normal troubleshooting and point you to the right next step (your bank, your local authorities, a domestic-violence hotline, or our human team). We won't try to “solve” those in chat.

11. Cookies and tracking

We use a small number of strictly-necessary cookies to keep the site working — see the cookies policy for the list. We do not run analytics, marketing, or third-party advertising cookies.

12. Children

Help2day is for adults and the family members helping them. We don't knowingly collect personal information from anyone under 16. If a child has used Help2day, an adult can email privacy@help2day.com and we'll delete the conversation.

13. Changes to this policy

We will update this page if the way we handle data changes. The “last updated” date at the top will tell you when. Material changes — anything that affects the promises in “The short version” above, or the retention windows in section 7 — will be called out clearly on this page for at least 30 days before they take effect.

14. Contact

Privacy questions, deletion requests, or anything else on this page: privacy@help2day.com. For general questions, the contact form is the quickest way to reach us.