HIVIUM SOLUTIONS - FZCO — Privacy Policy

HIVIUM SOLUTIONS - FZCO is a company established in the United Arab Emirates, with its registered address at DSO-IFZA, IFZA Properties, Dubai Silicon Oasis, Dubai, UAE. Our services are operated from this jurisdiction and delivered exclusively to business customers.

Our offering is a managed technology service with a human-supported component: we set up and run CRM systems, marketing and workflow automation, software implementations, and the ongoing operation, maintenance, and support of these platforms for our customers, with our team providing human support rather than a pure self-service product. Hivium is not a marketplace, payment processor, payment facilitator, money services business, electronic money or wallet provider, fintech, financial services provider, telecommunications provider or social network, does not engage in crypto-asset activity, and does not resell those services. Hivium does not hold, transmit or process third-party funds.

For any matter relating to this Privacy Policy or to the handling of personal data, you can contact us at legal@hivium.tech.

This policy covers personal data we handle in two distinct roles, and it is important to understand the difference because it determines who is responsible for the data and how requests are handled.

As a controller: when we collect business contact details, account information, billing data, support communications, and website usage data for our own purposes — such as managing our customer relationships, operating our website, and running our business — Hivium determines the purposes and means of processing.

As a processor: when our customers use the platform to manage information about their own clients, leads, and contacts, that data is uploaded, controlled, and owned by the customer. Hivium processes it strictly on the customer's documented instructions and solely to provide and operate the service. The customer is the controller of that data and is responsible for having a lawful basis to collect and process it. In these cases, the customer's own privacy notice and our service agreement with the customer govern how that data is handled.

Business and account data: names, business email addresses, phone numbers, company name, role, and similar contact details of the people who represent our customers, together with account credentials and configuration settings.

Billing data: information needed to invoice and collect payment for the service, such as billing contact details, billing address, tax or registration identifiers provided by the customer, plan and subscription details, and records of charges. Where card or bank payments are involved, payment is handled by third-party payment providers and we do not store full payment card numbers.

Platform usage data: technical and operational data generated when customers use the platform, such as log records, feature usage, timestamps, device and browser information, IP address, and diagnostic or performance data used to operate, secure, and improve the service.

Customer-uploaded data (end-customer / lead data): content that a customer chooses to load into the CRM or automation tools about their own clients, leads, and contacts — for example names, contact details, messages, notes, and activity history. Hivium processes this data as a processor on behalf of the customer, as described in Section 2.

Website and support data: messages, requests, and information you send when you contact us, request a demo, or open a support ticket, plus basic analytics data from our website (see Section 9).

To provide and operate the service: setting up, configuring, running, and maintaining the CRM, automation, and workflows that the customer has contracted, and keeping the underlying platform available and functioning.

To provide support: responding to questions, troubleshooting, performing maintenance, and assisting customers with their use of the platform.

For billing and administration: issuing invoices, processing subscription charges, managing accounts, and keeping the records required to run the relationship.

To secure and improve the service: monitoring for errors, abuse, and security events, and improving reliability, performance, and features. Improvement work uses operational and usage data; we do not use customer end-customer/lead data for purposes other than delivering the service, except on the customer's instructions.

To communicate with customers: sending service, security, and administrative notices relating to the accounts and services in use.

We only process personal data where there is a clear purpose and an appropriate basis for doing so. For controller data, our processing typically rests on the performance of our contract with the customer (providing and operating the service), our legitimate interest in running, securing, and improving our business, and compliance with applicable legal and accounting obligations. Where required, we rely on consent — for example, for certain non-essential website analytics.

For customer-uploaded data about end customers and leads, Hivium does not determine the purpose of processing. The customer, as controller, is responsible for establishing the appropriate basis and purpose for collecting and using that data, and Hivium processes it only to deliver the service on the customer's instructions.

We do not sell personal data, and we do not process personal data for advertising or for purposes unrelated to providing the service.

To deliver the service we rely on a limited set of trusted third parties, including cloud infrastructure and hosting providers, database and storage services, and third-party tools that the service connects to (for example, communication providers used to send email, SMS, or WhatsApp messages, and other software platforms that form part of the configured workflows).

These providers act as our sub-processors or service providers and may process personal data only to the extent necessary to perform their function for us, under contractual confidentiality and data-protection commitments. They are not permitted to use the data for their own purposes. A customer may request an up-to-date list of the sub-processors used to deliver its service by writing to legal@hivium.tech.

We share data only as needed to operate the service, to comply with a valid legal obligation, or to protect the rights, safety, and security of our customers, our users, or Hivium. We do not sell or rent personal data to anyone, and we do not share it with third parties for their own marketing or advertising.

Hivium operates from the United Arab Emirates and uses infrastructure and service providers that may store and process data in different countries. As a result, personal data may be transferred to, stored in, or accessed from jurisdictions other than the one where it was originally collected.

When data is transferred across borders, we take steps designed to ensure it remains protected, including selecting reputable providers and putting appropriate contractual safeguards in place with them. Where a customer has specific requirements regarding the location of data storage, those can be discussed as part of the service agreement.

If you have questions about where your data is stored or how transfers are handled, contact us at legal@hivium.tech.

We retain controller data for as long as it is needed for the purposes described in this policy — for example, while an account is active and afterward as required to meet legal, accounting, tax, and dispute-resolution obligations.

For customer-uploaded data processed on the customer's behalf, retention is governed by the service agreement and the customer's instructions. On termination of the service, or on the customer's request, we will delete or return such data within a reasonable period, subject to any retention required by law and to standard backup cycles.

When data is no longer required, we take reasonable steps to delete it securely or to anonymize it.

Our website uses a limited set of cookies and similar technologies. Some are strictly necessary for the site to function and to keep it secure. We may also use basic analytics to understand how the site is used and to improve it.

Where required, non-essential analytics are used on the basis of consent, and you can adjust your choices through your browser settings or any consent controls provided on the site. Disabling certain cookies may affect how parts of the website work.

We do not use website cookies to build advertising profiles or to sell information about visitors.

We design our service with information security in mind. This includes encryption of data in transit and at rest, access controls so that data is reachable only by authorized personnel and systems on a need-to-know basis, and logging and traceability of significant actions to support auditability and human oversight.

Where automated processing or AI-assisted features are used as part of a workflow, the service is designed with human oversight in mind, so that responsible people remain able to review and control how those features operate.

In the event of a security incident affecting personal data, Hivium will notify the affected customer without undue delay and will cooperate in good faith in assessing the incident and in taking reasonable steps toward its remediation, in accordance with the service agreement and applicable law.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. We work to maintain appropriate safeguards and to keep them under review. This section describes the practices we have designed into the service and does not assert any specific certification or formal compliance status.

Subject to applicable law and to the role each party plays, individuals may have rights over their personal data, including the right to access it, to correct inaccurate data, to request its deletion, and to obtain a copy in a portable format.

For controller data that Hivium holds about its business contacts and account users, requests can be sent directly to us at legal@hivium.tech, and we will respond within a reasonable timeframe after verifying the request.

For data uploaded by a customer about its own clients and leads, Hivium acts as a processor. If you are an individual whose data was provided by one of our customers, please contact that customer (the controller) directly to exercise your rights. Where a data subject contacts Hivium about such data, we will refer the request to the relevant customer and assist the customer in responding, as provided in our service agreement.

Where applicable law provides for it, individuals also have the right to lodge a complaint with the competent data protection authority. Hivium does not take decisions based solely on automated processing that produce legal effects or similarly significant effects on individuals without human oversight.

Customers can also access, correct, export, and delete data within the platform using the tools we provide, and can request our assistance where needed.

Our services are intended for businesses and their authorized representatives, and are not directed to children. We do not knowingly collect personal data from children. If a customer chooses to process such data through the platform, the customer is responsible, as controller, for ensuring it has the appropriate basis to do so.

We may update this Privacy Policy from time to time to reflect changes in our services, our practices, or applicable requirements. When we make material changes, we will update the date below and, where appropriate, notify customers through the service or by other reasonable means.

We encourage you to review this page periodically to stay informed about how we handle personal data.

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at legal@hivium.tech. For service support, you can reach support@hivium.tech, and for billing matters, billing@hivium.tech.

HIVIUM SOLUTIONS - FZCO, DSO-IFZA, IFZA Properties, Dubai Silicon Oasis, Dubai, United Arab Emirates. Trade License No. 75569. Registration No. 73822. Website: https://hivium.tech.