HiveOps Logo
HiveOps
Get started
/Privacy Policy

Privacy Policy

How we handle your data

Privacy Policy

Effective Date: March 20, 2024
Last Updated: March 20, 2024

HiveOps, Inc. ("HiveOps," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect information when you use our AI inference platform ("Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address (required)
  • Password (hashed and encrypted)
  • Account creation date
  • OAuth data (if you sign up with Google or GitHub): name, email, profile picture URL

1.2 API Usage Data

When you use our API, we collect:

  • Timestamps of API requests
  • Model used (e.g., llama3:8b-instruct-q8_0)
  • Token counts (input and output tokens)
  • HTTP status codes (success/error)
  • Request metadata (endpoint, method, duration)

IMPORTANT: We do NOT log or store:

  • ❌ Your prompts (input)
  • ❌ Model completions (output)
  • ❌ Message content
  • ❌ Conversation history

Your prompts and responses are processed in real-time and immediately discarded after the API call completes.

1.3 Billing Information

When you add funds to your account:

  • Payment information is collected and processed by Stripe (our payment processor)
  • We do NOT store your credit card numbers or full payment details
  • We store: last 4 digits of card, card brand, billing email (via Stripe)

1.4 Automatically Collected Information

When you visit our website or use our API:

  • IP address
  • Browser type and version
  • Operating system
  • Device type
  • Referrer URL
  • Date and time of access

We use this for security monitoring, fraud prevention, and Service improvement.

2. How We Use Your Information

2.1 To Provide the Service

  • Authenticate your account
  • Process API requests
  • Generate AI completions
  • Calculate usage and billing
  • Enforce rate limits

2.2 Billing & Payments

  • Process transactions
  • Track account balance
  • Generate invoices and receipts
  • Prevent fraud

2.3 Communication

  • Send account-related emails (verification, password reset)
  • Notify you of billing issues or low balance
  • Send service updates and announcements (with opt-out option)
  • Respond to support requests

2.4 Service Improvement

  • Analyze usage patterns (aggregate, non-identifiable data)
  • Monitor system performance and reliability
  • Debug errors and improve API quality
  • Develop new features

2.5 Security & Compliance

  • Detect and prevent fraud, abuse, and security incidents
  • Enforce our Terms of Service and Acceptable Use Policy
  • Comply with legal obligations

3. Data Sharing & Disclosure

3.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

3.2 Third-Party Service Providers

We share information with trusted third-party providers who help us operate the Service:

ProviderPurposeData Shared
SupabaseAuthentication, databaseEmail, account info
StripePayment processingBilling email, transaction data
CloudflareCDN, DDoS protectionIP address, request metadata
Google Cloud (GCP)Cloud infrastructure, computeIP address, request metadata
OVH CloudCloud infrastructure, computeIP address, request metadata
Amazon Web Services (AWS)Cloud infrastructure, storageIP address, request metadata
DigitalOceanCloud infrastructure, computeIP address, request metadata

These providers are contractually obligated to protect your data and use it only for the specified purposes.

3.3 Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, including to:

  • Comply with subpoenas or court orders
  • Enforce our Terms of Service
  • Protect our rights, property, or safety
  • Investigate fraud or security incidents

3.4 Business Transfers

If HiveOps is acquired, merged, or sold, your information may be transferred to the new owner. You will be notified via email of any such change.

4. Data Retention

4.1 Account Data

  • Retained for the life of your account
  • Deleted within 90 days after account deletion (upon request)

4.2 API Logs

  • Request metadata: Retained for 7 days
  • Billing records: Retained for 7 years (legal requirement)

4.3 Prompts & Completions

  • NOT stored - processed in real-time and immediately discarded

4.4 Deleted Data

Once data is deleted, it cannot be recovered.

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

  • Encryption in transit: All API requests use TLS 1.2+
  • Encryption at rest: Databases are encrypted
  • Password hashing: Passwords are hashed using bcrypt
  • API key security: Keys are hashed and cannot be retrieved (only reset)

5.2 Organizational Safeguards

  • Access to personal data is restricted to authorized personnel only
  • Employees are trained on data privacy and security
  • Regular security audits and vulnerability assessments

5.3 Your Responsibility

  • Keep your API keys confidential
  • Use strong, unique passwords
  • Enable two-factor authentication (when available)
  • Report security incidents immediately

Despite our safeguards, no system is 100% secure. Use the Service at your own risk.

6. Your Privacy Rights

6.1 Access & Portability

You have the right to:

  • Access your personal information
  • Request a copy of your data in a machine-readable format (JSON)

Contact [email protected] to request your data.

6.2 Correction

If your information is inaccurate or incomplete, you can contact [email protected] to correct the information.

6.3 Deletion

You have the right to request deletion of your account and associated data. Email [email protected] with your request. Note:

  • Deletion is permanent and cannot be undone
  • Billing records may be retained for up to 7 years (legal requirement)
  • Remaining account balance is forfeited upon deletion

6.4 Opt-Out of Marketing

You can opt out of promotional emails by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your preferences in Account Settings

You cannot opt out of transactional emails (account verification, password reset, billing alerts).

7. Cookies & Tracking

7.1 Cookies We Use

Cookie TypePurposeDuration
EssentialAuthentication, session managementSession
FunctionalRemember your preferences1 year
AnalyticsUnderstand how you use the Service (anonymous)2 years

7.2 Your Cookie Choices

You can control cookies through your browser settings:

  • Block all cookies (may break functionality)
  • Delete cookies at any time
  • Set cookies to expire after each session

See your browser's help documentation for instructions.

7.3 Do Not Track

We do not currently respond to "Do Not Track" signals.

8. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect information from children. If you believe a child has provided us with personal information, contact us immediately at [email protected], and we will delete the information.

9. International Data Transfers

HiveOps operates in the United States. If you access the Service from outside the U.S., your information may be transferred to, stored, and processed in the U.S., where data protection laws may differ from those in your country.

By using the Service, you consent to the transfer of your information to the U.S. and other countries where we operate.

Note: We are not currently GDPR-compliant. If you are in the EU/EEA/UK and require GDPR compliance, please do not use the Service.

10. GDPR & CCPA Compliance

10.1 GDPR (EU/EEA/UK)

We are currently NOT GDPR-compliant. Features we plan to implement:

  • Data processing agreements (coming Q3 2026)
  • GDPR-compliant consent mechanisms
  • Enhanced data subject rights

If you are subject to GDPR and require compliance, please do not use the Service at this time.

10.2 CCPA (California)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request:

  • Categories of personal information collected
  • Sources of personal information
  • Business purpose for collecting information
  • Categories of third parties with whom we share information

Right to Delete: You can request deletion of your personal information (with exceptions for legal obligations).

Right to Opt-Out: You have the right to opt out of the "sale" of your personal information. We do not sell your information.

Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, email [email protected]. We will respond within 45 days.

11. Sensitive Data

DO NOT send the following types of information through our API:

  • Personally Identifiable Information (PII): Social Security Numbers, driver's license numbers, passport numbers
  • Protected Health Information (PHI): Medical records, health data (we are not HIPAA-compliant)
  • Financial Information: Credit card numbers, bank account details
  • Authentication Secrets: Passwords, API keys, access tokens
  • Children's Data: Information about individuals under 18

We are not responsible for any sensitive data you choose to send through the Service. You use the Service at your own risk.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

Material changes will be communicated via:

  • Email to your registered address
  • Notice on our website

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your information, contact us:

Email: [email protected]
Support: [email protected]
Legal: [email protected]
Website: https://hiveops.io/contact

Last Updated: March 20, 2024

By using HiveOps, you acknowledge that you have read and understood this Privacy Policy.