Haive (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights under the General Data Protection Regulation (“GDPR”).
1. Data Controller
The data controller responsible for the processing of personal data is:
- Legal entity: TimelessHaven Unip. Lda.
- Country: Portugal
- Contact email: [email protected]
2. Personal Data We Collect
2.1. When you visit our website
We may collect:
- Technical and usage data: IP address, device type, browser, operating system, pages visited, timestamps, referrer URLs, and interaction events.
- Cookies and similar technologies: as described in Section 10.
2.2. When you contact us or request access to the Alpha
We may collect:
- Contact details: name, email address, company name, role (if provided).
- Message content: any information you choose to share when contacting us or applying for Alpha access.
2.3. When you use the product (including Alpha)
Depending on the features you enable, we may process:
- Account and authentication data: name, email address, identifiers provided via Google OAuth or other authentication methods.
- Operational data: agent configurations, instructions/prompts, execution logs, actions taken, and system events.
- Integrated service data: data from third-party services you choose to connect (such as email, calendars, spreadsheets, or task systems), limited strictly to what is necessary to provide the enabled functionality and according to the permissions you grant.
Important: Haive only accesses third-party data to the extent required to operate the features you explicitly activate and within the scope of permissions you authorise.
3. Purposes of Processing
We process personal data to:
- Provide, operate, and maintain our website and services.
- Create and manage user accounts and authentication.
- Review and manage Alpha access requests.
- Communicate with you, including support and product-related updates.
- Improve the product, reliability, and security of our systems.
- Monitor usage, detect issues, and prevent abuse or misuse.
- Comply with legal obligations and protect our legal rights.
4. Legal Bases for Processing (GDPR)
We process personal data based on:
- Performance of a contract or pre-contractual steps (Article 6(1)(b) GDPR).
- Consent, where required (Article 6(1)(a) GDPR), such as for certain cookies or integrations.
- Legitimate interests (Article 6(1)(f) GDPR), including service improvement, security, fraud prevention, and operational communications.
- Legal obligations (Article 6(1)(c) GDPR).
5. Sharing of Personal Data
We may share personal data with:
- Service providers and processors who support our operations (e.g. hosting, analytics, authentication, email services), acting under data processing agreements and confidentiality obligations.
- Public authorities where required by law.
- Third parties in corporate transactions (e.g. merger, acquisition, restructuring), subject to appropriate safeguards.
We do not sell personal data.
6. International Data Transfers
Some service providers may process data outside the European Economic Area (EEA). When this occurs, we rely on appropriate safeguards, such as Standard Contractual Clauses and additional technical or organisational measures where necessary.
7. Data Retention
We retain personal data only for as long as necessary:
- Contact and Alpha requests: typically up to [X months] after the last interaction.
- Account and service data: for the duration of the account and a reasonable period thereafter for legal, audit, and dispute resolution purposes.
- Operational and security logs: for limited periods, typically [X days/months], unless legally required otherwise.
8. Your Rights
Under the GDPR, you have the right to:
- Access your personal data.
- Request rectification or erasure.
- Request restriction of processing.
- Object to processing based on legitimate interests.
- Request data portability.
- Withdraw consent at any time (where processing is based on consent).
You may also lodge a complaint with the Portuguese Data Protection Authority (CNPD) or your local supervisory authority.
To exercise your rights, contact us at: [email protected]
9. Security
We implement appropriate technical and organisational security measures to protect personal data, including access controls, encryption where applicable, and monitoring practices. However, no system can be guaranteed to be 100% secure.
10. Cookies and Analytics
We use cookies and similar technologies for:
- Essential website functionality.
- Analytics and usage measurement.
We use Google Analytics to understand how users interact with our website. Google may process data such as IP addresses and usage data in accordance with its own privacy policies.
Where required, we request consent before placing non-essential cookies. You can manage cookies through your browser settings and, where applicable, our cookie consent banner.
11. Hosting and Infrastructure
Our services are hosted on infrastructure provided by DigitalOcean. Data is stored and processed in secure environments with appropriate safeguards in place.
12. Children’s Data
Our website and services are not intended for individuals under the age of 16. If you believe that a minor has provided us with personal data, please contact us so we can take appropriate action.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website, with the “Last updated” date revised accordingly. If changes are significant, we may notify you through appropriate channels.
14. Contact
If you have any questions or concerns about this Privacy Policy or our data practices, please contact:
[email protected]
TimelessHaven Unip. Lda
Portugal