Security

HomeAideas uses reasonable administrative, technical, and organizational safeguards designed to protect customer content, account data, and service operations.

This page is intended as a public summary of our security approach. It does not create a service-level agreement, warranty, certification claim, or additional contractual commitment unless expressly stated in an order form, data processing agreement, or other written agreement signed by HomeAideas.

Additional security information may be made available to customers during enterprise review, security review, procurement review, or similar diligence processes.

HomeAideas manages security as part of product development, service operation, customer support, and vendor management.

Our approach includes:

• Reviewing security risks that may affect customer content, account data, service availability, and business operations.
• Limiting internal access to systems and customer information based on role, need, and operational purpose.
• Considering security, privacy, and reliability when selecting material service providers.
• Maintaining internal practices for issue escalation, security review, and incident handling.

HomeAideas workspaces are intended for named business users. Customers are responsible for inviting authorized users, assigning appropriate roles, removing users who no longer need access, and protecting credentials.

We use account and workspace controls designed to help separate customer workspaces and limit access to authorized users. Customers should promptly contact support@homeaideas.com if they suspect unauthorized access, credential compromise, or improper workspace activity.

HomeAideas uses safeguards designed to protect customer content and account information against unauthorized access, loss, misuse, alteration, and disclosure.

Data protection measures may include technical, operational, and organizational controls appropriate to the nature of the service, the information processed, and the customer relationship.

Personal data handling, retention, deletion, data residency, and international transfer practices are described in our Privacy Policy and any applicable data processing agreement or order form.

Customer content may include images, CAD files, sketches, floor plans, project files, materials, workflow selections, instructions, brand references, and generated outputs.

HomeAideas processes customer content to provide, secure, support, troubleshoot, maintain, and improve the service, and to comply with applicable legal obligations. Customer content is not used to train AI models by default unless separately agreed in writing with the customer.

Customers are responsible for ensuring that they have the rights, permissions, consents, and lawful basis needed to upload and process customer content through HomeAideas.

HomeAideas may use third-party hosting, storage, infrastructure, AI processing, email, analytics, billing, support, security, and operational providers to deliver and support the service.

We disclose service-provider categories publicly, but we do not publicly list exact infrastructure providers, AI providers, analytics tools, support vendors, payment processors, security vendors, subprocessors, architecture details, or internal workflow stack.

Exact vendors, subprocessors, security questionnaires, architecture details, and supporting review materials may be provided under NDA, data processing agreement, order form, enterprise review, or security review.

HomeAideas uses operational practices designed to monitor service health, investigate errors, protect accounts, and maintain service continuity.

Backup, recovery, logging, monitoring, and continuity practices may vary based on the service environment, customer plan, data residency arrangement, and written enterprise commitments.

No uptime, support response time, recovery time, recovery point, or service-level commitment applies unless expressly stated in an order form or separate enterprise agreement.

If you believe you have found a security vulnerability affecting HomeAideas, please report it to support@homeaideas.com.

Good-faith reports should include enough detail for us to understand and reproduce the issue, such as affected URLs, account context, steps to reproduce, screenshots, logs, and potential impact where available.

Please do not access, modify, delete, download, or disclose data that does not belong to you. Please do not perform testing that could disrupt HomeAideas, degrade service availability, or affect other customers.

HomeAideas does not currently operate a public bug bounty program and does not promise a reward, bounty, safe-harbor status, or guaranteed response timeline for vulnerability reports.

HomeAideas maintains an incident response posture designed to identify, investigate, contain, and address suspected security incidents affecting the service.

If we determine that a security incident requires customer notification, we will take reasonable steps to notify affected customers according to applicable law, contractual obligations, and available contact information.

Incident notification obligations, if any, may be further described in an applicable order form, data processing agreement, or enterprise agreement.

Customers play an important role in protecting their HomeAideas workspaces and project materials.

Customers are responsible for:

• Inviting only authorized users.
• Assigning appropriate roles and permissions.
• Removing users who no longer require access.
• Protecting passwords, devices, email accounts, and authentication methods.
• Reviewing outputs and customer content before client, public, or commercial use.
• Avoiding unnecessary uploads of sensitive personal data or confidential third-party information.
• Promptly reporting suspected unauthorized access or security issues.

Business customers may request additional security review materials by contacting support@homeaideas.com.

Depending on the customer relationship and review process, HomeAideas may provide security questionnaires, vendor review responses, data processing terms, residency information, subprocessor details, or other supporting materials under NDA, data processing agreement, order form, enterprise review, or security review.

HomeAideas does not publicly claim formal security certifications, compliance attestations, third-party testing, or similar assessment results unless they are expressly published by HomeAideas or provided in writing during an enterprise review.

We may update this Security page from time to time as our service, safeguards, providers, or review processes evolve.

If changes are material, we may take reasonable steps to notify customers, such as by email, account notice, website notice, or updating the "Last updated" date.

For security questions, vulnerability reports, enterprise security reviews, or related requests, contact:

WhatanAidea Solutions FZ LLC VUET2932 Compass building, Al Hulaila Industrial Zone-FZ, Al Hulaila, Ras Al Khaimah, UAE Email: support@homeaideas.com