‍Privacy Policy

Insightly Analytics, Inc. (accessible via the website www.hivel.ai), referred to as Hivel, is committed to protecting and respecting your privacy. This Privacy Policy (this “Policy”) sets out how we collect and process personal information about you when you visit our website Hivel, when you use our products and services (our “Services”), or when you otherwise do business or make contact with us.

Please read this policy carefully to understand how we handle and treat your personal information.

What information do we collect?

Hivel collects data to enable us to operate the Services effectively, and to provide you with the best experiences on our website and our Services. You provide some of this data to us directly, such as when you register to use our Services, subscribe to a newsletter, respond to a survey, make an inquiry through our website, contact us for support, or contact us as a prospective customer, vendor, supplier, or consultant. We get some of your data by recording how you interact with our website and our Services by, for example, using technologies like cookies. We also obtain and process data in the context of providing the Services.

The data we collect depends on the context of your interactions with Hivel, he choices you make (including your privacy settings), and the Services you use. The data we collect can include the following:

• Name and contact information. We may collect your first and last name, email address, password, social logins, phone number, company information, and other similar contact data.
• Payment information. When you make purchases on our website, a secure window will be opened directly to our payment provider (currently, Stripe), and any payment information that you provide is sent directly to the payment provider. We have no access to that information.
• Customer information. When you subscribe to our service, we collect metadata about your team’s activity from version control systems (ex: GitHub, BitBucket, Gitlab etc.) you integrate. Our systems may access the code to generate data from the ephemeral instance and then discard all the code. We store the metadata that’s available from Bitbucket to allow us to create the dashboards and generate insights. As part of the metadata, we have access to the users and repositories in the workspaces that are accessible through your primary account. All information such as names, email addresses, are encrypted using AES-256 bit encryption.
• Device and Usage information. We may collect data about your device and how you and your device interact with Hivel and our Services. We use Google Analytics to track your usage and provide better experience.
• When you visit or log in to our website, cookies  and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address.  We (or service providers on our behalf) may then send communications and marketing to these email or home addresses.  You may opt out of receiving this advertising by visiting https://app.retention.com/optout
• Hivel app respects your privacy and complies with the Google API Services User Data Policy. We limit the use of data from Google APIs to enhancing user-facing features, as outlined in the policy. We don’t transfer or sell your data. For details, see Google API Services User Data Policy.

AI Model Engagement and User Data Autonomy

In our commitment to privacy and ethical data use, we clarify that our application may employ large language models provided by trusted third-party vendors (such as OpenAI and Anthropic) to enhance user experience. We design these integrations to minimize the data shared with such AI providers and to protect your intellectual property and personal information.

Specific Information about AI Models:

• AI Model Utilized: Our application uses industry-standard large language models made available via commercial and API offerings from trusted providers (for example, models in the OpenAI GPT family or the Anthropic Claude family). We may, from time to time, use similar models from other vetted service providers.
• Categories of Data Processed: To provide AI-powered functionality, we may process limited, derived metadata and technical or operational content that you submit through the Services (for example, text you enter into the product, or technical details related to your use of the Services). We implement controls to avoid including personally identifiable information (PII) wherever possible and instruct users not to include PII in free-text prompts.
• Technical Content and Code: Where strictly necessary to provide certain AI-powered functionality, we may include limited portions of technical content (for example, small code snippets, configuration fragments, file paths, commit messages, or similar context) in requests sent to AI models. Such use is limited to providing the requested functionality and is subject to our security, access control, and data minimization practices.
• No Training on Customer Data by Default: We configure our use of AI providers so that inputs and outputs from our commercial/API integrations are not used by those providers to train or improve their generalized or "foundation" models by default. Where an AI provider offers an explicit opt-in for using data to improve models, we do not enable that option for customer data.
• Purpose: The data processed by AI models is used solely to provide or improve functionality within our application (for example, generating explanations, categorizations, summaries, or insights), and not for independent profiling, advertising, or resale.
• User Impact and Control: Users' data is used in a way that respects their privacy and rights. AI-powered processing is optional and can be controlled via in-product settings where available, or by contacting our support team. Where AI features are disabled, core Services remain available.
• Ethical Use of Data: We are committed to responsible and ethical data use and to complying with applicable privacy and data protection laws. We may use aggregated, de-identified analytics derived from your use of the Services to improve our own algorithms and features, but such analytics do not expose your personal information or proprietary content.

In addition to this Policy, the handling of data by our AI providers is also governed by their own API and enterprise privacy documentation, which we review as part of our vendor due diligence. These providers typically state in their commercial/API terms that customer inputs and outputs are not used to train their models by default and that such data is retained only for limited periods for service delivery and abuse prevention.

Explicit User Consent:

• Informed Consent: We inform users about our use of AI models and the categories of data involved in such processing through this Privacy Policy and, where appropriate, through in-app notices.
• Consent Process: When an organization chooses to enable AI-powered features in the Services, it provides consent for the processing of data with third-party AI providers to the extent necessary to deliver those features. This consent applies to both currently available AI-powered functionality and substantially similar AI capabilities that may be introduced in the future, subject to any additional notices we may provide.
• Privacy Policy Acceptance: Before logging in or using the Services, users are required to accept this Privacy Policy, which describes our use of AI models and related data processing practices.

Users who wish to opt out of AI-powered features can do so at any time via in-product settings where available or by contacting our support team. This ensures that users maintain control over their interaction with AI functionalities and how their data is processed for such purposes.

Our Privacy Policy and user agreements are structured to ensure transparency, user control, and ethical handling of data in line with industry best practices and regulatory requirements.

What do we use your information for?

We use the data we collect to operate our business, and to provide the Services to you. This includes using the data to improve our Services, and to personalize your experiences. We may also use the data to communicate with you to, among other things, inform you about your account, provide security updates, and give you information about the Services. We may also use the data to manage your email subscriptions, improve the relevance and security of our website, respond to user enquiries, send you periodic marketing communications about our Services, and improve the relevance of our advertising.

Providing and improving our Services. We use data to provide and improve the Services we offer, and to perform essential business operations. This includes operating the Services, maintaining and improving the performance of the Services, developing new features, conducting research, and providing customer support. Examples of such uses include the following:

• Providing the Services. We use data to carry out your transactions with us and to provide the Services to you. In certain cases, the Services include personalized features and recommendations that enhance your productivity and insights, and automatically tailor your experience based on the data we have about you.
• Technical support. We use data to diagnose product problems, and to provide other customer care and support services.
• Improving the Services. We use data to continually improve our website and our Services, including system administration, system security, and adding new features or capabilities.
• Business Operations. We use data to develop aggregate analyses and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.
• Recruitment. If you apply for a job with us, we use your data for recruitment purposes.
• Promotions. We may use your data to administer contests, promotions, surveys, or other site features.
• Improving Advertising Campaigns. We may use your data to improve our advertising campaigns, primarily in an effort to prevent targeting of impressions via third-party channels when they are not relevant to you.
• Sending Periodic Emails. We may use your data to send you periodic emails. Depending on the marketing preferences you select on our website, we may send you occasional marketing emails about our products and services, which you can unsubscribe from at any time using the link provided in the message.
• Generally. We use data to respond to your enquiries and requests relating to our Services, to create and administer your accounts, and to provide us with information and access to resources that you have requested from us. We also use data for general business purposes, including, among other things, to improve customer service, to help us improve the content and functionality of our Services, to better understand our users, to protect against wrongdoing, to enforce our Terms of Service, and to generally manage our business.

Communications

We use data we collect to communicate with you, and to personalize our communications with you. For example, we may contact you to inform you when your subscription is ending, to discuss your account, to let you know when updates are available, to remind you about features of the Services that are available for your use, to update you about a support request, or to invite you to participate in a survey. Additionally, you can sign up for email subscriptions, and choose whether you want to receive marketing communications from us.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. We offer the use of a secure server. We use Stripe for accepting payments and managing subscriptions.

Your data is secure, and available

We implement a variety of measures to ensure that our processing systems remain confidential, resilient, and available. Specifically, we have implemented processes to help ensure high availability, business continuity, and prompt disaster recovery. We commit to maintaining strong physical and logical access controls, and conduct regular penetration testing to identify and address potential vulnerabilities.

Business Continuity. We keep encrypted backups of data every hour in multiple regions on Amazon Web Services. While never expected, in the case of production data loss (i.e., primary data stores loss), we will restore organizational data from these backups.

Penetration Testing. We engage an independent, third-party agency to perform black box penetration testing on a regular basis. Information about security vulnerabilities that are successfully exploited through penetration testing is then used to set mitigation and remediation priorities. All medium and high vulnerability issues are identified and resolved as early as possible.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. You can choose to disable cookies, but if you do, your ability to use or access certain parts of our website may be affected.

We use cookies and other similar identifiers to understand and save your preferences for future visits, to advertise to you on other sites, and to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

You may refuse to accept cookies by activating the setting on your browser that allows you to refuse the setting of cookies.

However, if you choose to disable cookies, you may be unable to access certain parts of our site. A banner asking you to accept our cookies policy will be displayed upon the first visit to our website (or the first visit after you delete your cookies). Unless you have adjusted your browser setting so that it will refuse cookies and/or you have not accepted our cookies policy, our system will issue cookies when you log on to our site.

Do we disclose any information to outside parties?

We share your personal data with your consent, or as necessary to provide the Services to you when required by law or to respond to legal processes; to protect our customers; to protect lives; to maintain the security of our Services; and to protect our rights or our property.  We do not share your data with any third party vendors.

How to Access and Control Your Personal Data

You can view, access, edit, delete, or request a copy of your personal data for many aspects of the Services. You can also make choices about Hivel’s collection and use of your data. How you can access and control your personal data will depend on which Services you use.

You can always choose whether you want to receive marketing communications from us. You can also opt out from receiving marketing communications from us by using the opt-out link on the communication.

Where we Store and Process Personal Data; International Transfers

In order to provide our Services, personal data collected by Hivel may be stored and processed in the United States and other countries where Hivel or its affiliates, future subsidiaries or service providers maintain facilities. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. Wherever data is processed, we take steps to ensure that the data we collect is processed according to the provisions of this Policy and the requirements of applicable law.

Data Retention

We may retain your personal information as long as you continue to use the Services, have an account with us, or for as long as is necessary to fulfill the purposes outlined in the policy. You can ask to close your account by contacting us at the details above, and we will delete your personal information on request.

We may, however, retain personal information for an additional period as is permitted or required under applicable laws, for legal, tax, or regulatory reasons, or for legitimate and lawful business purposes.

California Online Privacy Protection Act Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act.

As part of the California Online Privacy Protection Act, all users of our site may make any changes to their information at any time by sending an email to support@hivel.ai.

Changes to our Privacy Policy

We will update this privacy statement when necessary to reflect customer feedback and changes in our Services. When we post changes to this statement, we will revise the “last updated” date at the top of the statement. If there are material changes to the statement or in how Hivel will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Hivel is protecting your information.

How to Contact Us

If you have a privacy concern, complaint, or a question for the Data Protection Officer of Hivel, please contact us by sending us an email at support@hivel.ai. We will respond to questions or concerns within 30 days.

Unless otherwise stated, Insightly Analytics, Inc. is a data controller for personal data we collect through the Services subject to this statement.

Contact Us

If you have any questions or concerns about our Privacy Policy, please contact us at:

Email address

support@hivel.ai

Mailing address

7545 Perennial Street, Frisco, TX 75035, USA