to/human

Privacy Policy

Last updated: March 23, 2026

1. Overview

ToHuman ("we", "us", "our") respects your privacy. This policy explains what data we collect, why, and how we handle it. We keep things simple: we collect the minimum needed to run the service, and we never sell your data.

2. What We Collect

Account Information

When you sign up, we collect:

  • Email address
  • Name (optional)
  • Password (hashed, never stored in plain text)

Usage Data

When you use the Service, we collect:

  • API request metadata (timestamps, intensity settings, word counts, processing times)
  • IP addresses (for rate limiting and security)
  • Browser/device information (via standard HTTP headers)

Content You Submit

We temporarily process the text you submit for humanization. Input and output text is stored in your account as document history so you can access it later. You can delete your documents at any time.

3. What We Don't Collect

  • We do not use tracking pixels or third-party analytics
  • We do not sell or share your data with advertisers
  • We do not use your content to train our AI models
  • We do not share your content with third-party AI providers (we run our own model)

4. How We Use Your Data

  • To provide the Service — processing your text and returning humanized output
  • To maintain your account — authentication, document history, API token management
  • To enforce rate limits — fair usage across all users
  • To send transactional emails — account confirmation, password resets, important service updates
  • To improve the Service — aggregate, anonymized usage statistics (never individual content)

5. Data Storage & Security

Your data is stored on servers within the United States. We use industry-standard security measures including:

  • Encrypted connections (TLS/HTTPS) for all data in transit
  • Encrypted database storage
  • Hashed passwords (bcrypt)
  • Secure API token generation

6. Self-Hosted Model

Our humanization model runs on our own infrastructure. Your text is never sent to OpenAI, Google, or any other third-party AI provider. This means your content stays within our systems at all times.

7. Data Retention

  • Account data — retained while your account is active
  • Documents & humanizations — retained until you delete them or close your account
  • API logs — retained for 90 days for debugging and abuse prevention
  • Rate limit data — temporary, automatically expires within minutes

8. Your Rights

You can:

  • Access your data through your dashboard and API
  • Delete individual documents or your entire account
  • Export your data by contacting us
  • Revoke API tokens at any time from your dashboard

9. Cookies

We use essential cookies only — session cookies for authentication and CSRF protection. No tracking cookies, no analytics cookies, no third-party cookies.

10. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect data from children under 13.

11. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top reflects when the policy was last revised.

12. Contact

Questions about this Privacy Policy? Contact us at [email protected].