Privacy Policy

Last updated: 2026-04-13

1. Introduction

HAV-IQ™ ("we", "us", "our") is a brand of Winspire. This Privacy Policy describes how we collect, use, and protect information when you visit haviq.io, sign up for our waitlist, install the HAV-IQ managed package, or use any related services.

2. Information we collect

• Contact information — email address and company name when you join the waitlist
• Telemetry — anonymized product usage counts (deploys, merged MRs, AI feature calls) when you connect the HAV-IQ managed package to our portal
• Billing information — collected and processed solely by Stripe; we never see or store card details
• Analytics — page views and session counts via privacy-respecting analytics (no cross-site tracking)

3. What we do NOT collect

• Your Salesforce metadata or source code — it never leaves your org
• Your customer records or data — never
• AI conversation content — AI calls happen through your own AI provider; we only count occurrences
• PII from your Salesforce org beyond the admin email used for account creation

4. How we use the information

• Deliver the Service you requested (waitlist, deployments, billing)
• Send transactional emails (confirmations, invoices, service alerts)
• Improve the Service based on aggregated usage patterns
• Comply with legal obligations

5. Data storage and security

Data is stored encrypted at rest and in transit using industry-standard encryption. Telemetry data stays within US data centers unless you explicitly request EU residency. We follow Salesforce ISV security guidelines and are pursuing SOC 2 Type II certification.

6. Data retention

Waitlist contact data: retained until you request deletion or 24 months after last activity, whichever comes first. Billing telemetry: 24 months, then archived. You may request deletion at any time.

7. Your rights (GDPR & CCPA)

• Right to access — request a copy of your data
• Right to correction — fix inaccuracies
• Right to deletion — "right to be forgotten"
• Right to portability — receive an export of your data on request (e.g. CSV/JSON)
• Right to object — opt out of non-essential processing

Contact info@haviq.io to exercise any of these rights. We respond within 30 days.

8. Cookies

We use minimal cookies: session cookies for authentication (when the portal is live), and an optional analytics cookie (anonymous). We do not use advertising or cross-site tracking cookies.

9. Third-party services

• Netlify — hosts haviq.io and receives form submissions
• Stripe — payment processing (when the portal is live)
• Anthropic / OpenAI — AI model providers (when you use our built-in vault)
• Supabase — database hosting (when the portal is live)

Each has its own privacy policy. We execute Data Processing Agreements (DPAs) with subprocessors that handle EU personal data.

10. Children

The Service is not directed at children under 16. We do not knowingly collect information from minors.

11. Changes to this policy

Material changes will be announced via email to registered users at least 30 days before taking effect. Minor clarifications may be made without notice; the "Last updated" date above reflects any change.

12. Contact

Questions, requests, or complaints: info@haviq.io

© 2026 HAV-IQ™, a Winspire brand. All rights reserved. HAV-IQ™ is a trademark of Winspire LLC.