Privacy Policy

We believe in minimal data collection. No tracking, no analytics, just what's necessary.

Last updated: October 26, 2025

Our Privacy Philosophy

HiveTechs Collective LLC respects your privacy. We built our tools to enhance your development workflow, not to harvest your data. We don't use analytics trackers, we don't profile users, and we never sell data. Your code and queries remain private and are never stored permanently.

What We Actually Collect

When You Visit Our Website

  • Nothing - No Google Analytics, no tracking pixels, no behavioral tracking
  • Cookie consent choice - Stored locally in your browser using localStorage

When You Make a Purchase

  • Email address - To send your license key and important updates
  • Payment information - Handled entirely by Paddle (we never see your card details)
  • License key - Used to activate your Hive IDE

When You Use the Hive IDE

  • License validation - Periodic checks to verify active subscription
  • Your code stays private - All AI processing happens through your API keys, not ours
  • No usage tracking - We don't monitor what you build or how you use the tools

When You Participate in Our GitHub Community

When you file bug reports, submit feature requests, or participate in discussions on our GitHub support repository, both GitHub and HiveTechs collect certain data:

  • GitHub collects: Your GitHub username, email (associated with account), IP address, issue/comment content, timestamps
  • HiveTechs has access to: Your GitHub username, public content you post (issues, comments), timestamps
  • Purpose: Community support, bug tracking, feature requests, product improvement

GDPR Notice: See our Support Repository Privacy Notice for complete details about GitHub data collection and your privacy rights.

Cookie Usage

We use minimal cookies and only with your consent.Manage your preferences

Essential Cookies

We do NOT use essential cookies. Instead, we use browser localStorage for consent preferences (not a cookie, not transmitted to servers).

Storage ItemPurposeDuration
cookie-consentYour cookie choice (accepted/rejected)Until you clear browser data
cookie-consent-dateWhen you made your choiceUntil you clear browser data

Note: localStorage is NOT a cookie and is NOT sent to our servers. It stays in your browser only.

Third-Party Cookies (Paddle - Checkout Only)

Only loaded if you explicitly consent. These cookies are set by Paddle when you use checkout functionality.

Cookie NameProviderPurposeDuration
paddle_*Paddle.comPayment processing, fraud detectionSession + up to 13 months
__pdstPaddle.comSubscription tracking13 months
checkout_*Paddle.comCheckout session managementSession (deleted on browser close)

GDPR/ePrivacy Compliance: Paddle cookies are only set AFTER you click "Accept Cookies" or initiate checkout. If you reject cookies, checkout functionality will be limited. Read Paddle's Cookie Policy

What We Do NOT Use:

  • ❌ No Google Analytics or tracking cookies
  • ❌ No advertising or marketing cookies
  • ❌ No social media tracking pixels
  • ❌ No cross-site tracking
  • ❌ No behavioral profiling

Data Sharing & Third Parties

We never sell your data. We share information only with:

  • Paddle - Our payment processor(Privacy Policy)
  • Your chosen AI providers - When you use the Hive Consensus IDE, it connects from your device to your AI providers using your API keys
  • Legal authorities - Only when required by law

Your Rights & Control

You have complete control over your data:

  • Access - Request what information we have about you
  • Correction - Update any inaccurate information
  • Deletion - Request deletion of your account and data
  • Portability - Request your account data (email, license key, and subscription details)
  • Cookie Control - Manage preferences anytime via ourCookie Preferences page

Data Controller

For GDPR purposes, the data controller responsible for your personal information is:

HiveTechs Collective LLC

7901 4TH St N Ste 300

Saint Petersburg, FL 33702-4399

United States

Privacy Contact:privacy@hivetechs.io

Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to provide the Hive Consensus IDE subscription service, including license validation, billing, and customer support.

Consent

For optional features like marketing communications and third-party cookies, we obtain your explicit consent which can be withdrawn at any time.

Legitimate Interests

For security monitoring, fraud prevention, and service improvements that benefit both you and HiveTechs, balanced against your privacy rights.

Legal Obligations

To comply with tax laws, accounting requirements, and legal requests from authorities.

Complete Data Inventory & Retention

Subscription Data

  • Data: Email address, license key, subscription status, payment history
  • Purpose: Subscription management, billing, license validation, customer support
  • Legal Basis: Contract performance
  • Retention: Duration of subscription + 7 years (tax/legal compliance)

License Validation Data

  • Data: License key, activation timestamp, subscription expiry date
  • Purpose: Prevent unauthorized access, verify active subscriptions
  • Legal Basis: Contract performance
  • Retention: Duration of subscription + 7 years

Security & Fraud Prevention

  • Data: IP address during authentication, failed login attempts
  • Purpose: Prevent unauthorized access, detect abuse patterns
  • Legal Basis: Legitimate interests
  • Retention: 24 hours (IP addresses), 90 days (security logs)

Your Code & AI Interactions

  • Data: None - Your code and AI queries use YOUR API keys
  • Purpose: Not applicable - we never see your code or queries
  • Storage: Zero - all processing happens through your AI provider accounts

GitHub Community Data (Bug Reports, Discussions)

  • Data: GitHub username, issue/comment content, timestamps (public data you post)
  • Purpose: Community support, bug tracking, feature requests, product improvement
  • Legal Basis: Legitimate interest (product quality, transparent development) balanced against minimal privacy impact from processing public data
  • Retention: Public issues/comments retained for product history (legitimate interest in maintaining public support record). Deleted issues: Removed within 30 days of deletion request, unless legal obligation requires retention (e.g., ongoing fraud investigation or legal dispute)
  • Your Control: You can close issues, delete comments, or request deletion via privacy@hivetechs.io. Note: GitHub is separate controller - see our Support Repository Privacy Notice

Third-Party Data Processors

We use the following GDPR-compliant processors with Data Processing Agreements (DPAs):

Paddle

Payment processing, subscription management, and VAT/tax compliance

GDPR Status: Compliant, DPA in place | View DPA | Privacy Policy

Sub-processors: View Paddle sub-processor list

Cloudflare

Website hosting, D1 database, CDN, and DDoS protection

GDPR Status: Compliant, DPA in place | View DPA | Privacy Policy

Sub-processors: View sub-processor list & SCCs

SMTP2GO (Our Email Delivery Service)

What it does: HiveTechs uses SMTP2GO to send transactional emails (license keys, password resets, subscription notifications) TO your email address (Gmail, Outlook, etc.). You receive emails at your own email provider - you do NOT need an SMTP2GO account.

Data Shared: Your email address, email content (license key, etc.), sending metadata (timestamp, delivery status)

GDPR Status: Compliant, DPA between HiveTechs and SMTP2GO | SMTP2GO Privacy Policy

Email Delivery Logs: SMTP2GO retains email delivery logs (sender records) for 30 days for delivery verification and troubleshooting. This does NOT include your email content (license keys, etc.) which is deleted after successful delivery.

Your Email Provider: Emails are delivered to YOUR email provider (Gmail, Outlook, Yahoo, etc.). Your email provider's privacy policy governs how they handle emails in your inbox.

OpenRouter (User-Provided API Keys)

AI model access via YOUR API keys - YOU are the data controller

Important: When you use YOUR OpenRouter API keys, YOU (not HiveTechs) are the data controller for code/queries sent to OpenRouter. HiveTechs does not process or access this data.

Your Responsibility: Review OpenRouter's privacy practices | OpenRouter Privacy Policy

GitHub (Community Support)

When you file issues, participate in discussions, or submit bug reports on our GitHub repositories

GDPR Status: Compliant, Standard Contractual Clauses (SCCs) |GitHub Privacy Policy

Important: GitHub is the primary data controller for data on GitHub.com. When you interact with our support repository, both GitHub's privacy policy and our Support Repository Privacy Notice apply.

Data collected: GitHub username, issue/comment content, timestamps. For privacy requests related to GitHub data, contact privacy@hivetechs.io or use GitHub's privacy tools.

International Data Transfers

HiveTechs Collective LLC is based in the United States. When you use our services from the EU, UK, or other regions, your data may be transferred to and processed in the US.

EU-US Data Privacy Framework

We rely on the EU-US Data Privacy Framework for lawful data transfers. Our processors (Paddle, Cloudflare) are also certified under this framework.

Appropriate Safeguards (GDPR Chapter V)

  • EU-US Data Privacy Framework: Primary mechanism for EU-US transfers (certified processors)
  • Standard Contractual Clauses (SCCs): European Commission-approved clauses with GitHub, Cloudflare, and other processors where DPF not applicable
  • Encryption: AES-256 for data at rest, TLS 1.3 for data in transit
  • Access Controls: Role-based access, multi-factor authentication, principle of least privilege
  • Data Processing Agreements: Contractual protections with all processors (view DPAs in Third-Party Processors section above)
  • Security Audits: Regular security assessments and vulnerability testing

Your Consent

By using Hive Consensus IDE, you consent to the transfer of your data to the United States and other countries where our service providers operate. You can withdraw this consent by deleting your account.

Your Data Subject Rights (GDPR Articles 15-22)

Under GDPR, you have comprehensive rights over your personal data:

Right of Access (Article 15)

Request a copy of all personal data we hold about you, including subscription details, license key, and processing activities.

Right to Rectification (Article 16)

Correct any inaccurate or incomplete personal information (email address, subscription details).

Right to Erasure - "Right to be Forgotten" (Article 17)

Request deletion of your account and personal data. We will delete within 30 days, except where retention is legally required (e.g., tax records).

Right to Restriction of Processing (Article 18)

Request we limit processing of your data while disputes are resolved or accuracy is verified.

Right to Data Portability (Article 20)

Receive your data in a structured, machine-readable format (JSON export of email, license key, subscription history).

Right to Object (Article 21)

Object to processing based on legitimate interests (e.g., marketing, profiling). We will cease unless we have compelling legal grounds.

Right to Withdraw Consent (Article 7)

Withdraw consent for optional processing (marketing emails, third-party cookies) at any time without affecting existing services.

Rights Related to Automated Decision-Making (Article 22)

Not applicable - we do not use automated decision-making or profiling that produces legal or significant effects.

How to Exercise Your Rights

Contact us at privacy@hivetechs.io with your request. We will respond within 30 days as required by GDPR.

Include your license key or email address for verification. We may request additional identification to prevent unauthorized access.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information:

  • We will notify the relevant supervisory authority within 72 hours (GDPR Article 33)
  • If the breach poses high risk to your rights, we will notify you directly (GDPR Article 34)
  • Notification will include the nature of the breach, likely consequences, and mitigation measures
  • If you suspect a security incident, contact privacy@hivetechs.io immediately

California Privacy Rights (CCPA/CPRA)

California residents have specific privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

🔒 We Do NOT Sell Your Personal Information

HiveTechs Collective LLC does not sell or share your personal information for cross-context behavioral advertising or other purposes. We have not sold personal information in the past 12 months and do not have plans to do so.

Your CCPA Rights:

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of sale or sharing (not applicable - we don't sell)
  • Right to Limit: Limit use of sensitive personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

How to Exercise Your CCPA Rights:

Email: privacy@hivetechs.io

We will verify your identity and respond within 45 days (CCPA requirement).

Categories of Personal Information Collected:

  • • Identifiers (email address, license key)
  • • Commercial information (subscription details, payment history via Paddle)
  • • Internet activity (license validation requests, timestamps)

Business Purposes for Collection:

  • • Providing subscription services
  • • License validation and fraud prevention
  • • Customer support
  • • Legal compliance (tax, accounting)

For complete CCPA disclosures and to exercise your rights, contact privacy@hivetechs.io

Supervisory Authority & Complaints

You have the right to lodge a complaint with a data protection supervisory authority:

EU Residents

Contact your local data protection authority (DPA) in your EU member state.

Find your EU Data Protection Authority →

UK Residents

Information Commissioner's Office (ICO)

Lodge a complaint with ICO →

We encourage you to contact us first at privacy@hivetechs.io so we can address your concerns directly.

Children's Privacy

Hive Consensus IDE is a professional development tool not directed at children:

  • Not directed at children under 13 (US COPPA compliance)
  • Not directed at children under 16 (EU GDPR Article 8)
  • We do not knowingly collect personal information from children
  • If we discover we have collected data from a child, we will delete it immediately
  • Parents/guardians can contact privacy@hivetechs.io to request deletion

Policy Changes & Updates

We may update this Privacy Policy to reflect changes in our practices or legal requirements:

  • Material Changes: We will notify you via email at least 30 days before changes take effect
  • Minor Updates: Will be posted on this page with updated "Last updated" date
  • Continued Use: Using the service after changes constitutes acceptance
  • Disagreement: You may delete your account if you do not agree with changes

Questions or Concerns?

We're committed to transparency and protecting your privacy rights. Contact us anytime about your personal data or this privacy policy.

Privacy Contact:privacy@hivetechs.io
General Support:support@hivetechs.io
Address:HiveTechs Collective LLC, 7901 4TH St N Ste 300, Saint Petersburg, FL 33702-4399
Contact SupportTerms of ServiceSoftware License

This policy may be updated occasionally. We'll notify you of any significant changes via email.