Legal // PRIVACY.POLICY

Privacy Policy.

Last updated: June 1, 2026 · Effective: July 7, 2026

Contents

Information We Collect How We Use Your Information Data Storage & Security Cookies & Analytics Email Communications Feedback Submissions Your Rights Third-Party Services Changes to This Policy Contact

1. Information We Collect

Hazelink collects only the information necessary to provide and improve our service. We do not sell data, ever.

Waitlist & Account Information: When you join our waitlist, we collect your email address. When you create an account, we collect your email, chosen display name, and your selected language preference.

Device Information: When you connect devices to Hazelink, we store device identifiers (names and IDs you assign), connection state, and relay routing data. This is necessary for the service to function. This data lives on your devices and our relay infrastructure — it is not analyzed or used for advertising.

Usage Data: We collect minimal usage telemetry — session durations, feature usage frequencies, and error reports — to understand how to improve the product. This data is anonymous and aggregated. No personally identifiable information is included.

Payment Information: Hazelink does not store payment card data. All payments are processed by a PCI-DSS compliant third-party provider. We receive a transaction confirmation and your subscription tier — nothing more.

2. How We Use Your Information

To operate and deliver the Hazelink relay and synchronization service
To send transactional emails (signup confirmation, launch notification, billing receipts)
To respond to support requests sent to support@hazelink.app
To improve and debug the product using anonymous usage data
To communicate roadmap updates and product news (you can unsubscribe at any time)
To protect against abuse, fraud, and unauthorized access

We do not use your data for advertising. We do not build behavioral profiles. We do not share your information with data brokers.

3. Data Storage & Security

Your account data is stored in Supabase, a SOC 2 Type II certified infrastructure provider. Data is encrypted at rest and in transit using AES-256 and TLS 1.3.

Files and content transferred through the Hazelink relay are end-to-end encrypted. We do not store transferred content on our servers beyond the time required for relay delivery (typically milliseconds). We cannot read the content of your transfers.

Device session keys are generated on-device and are never transmitted to Hazelink servers in unencrypted form. Access tokens expire automatically and can be revoked at any time from your account dashboard.

We retain your account data for as long as your account is active. If you delete your account, we delete your data within 30 days, except where retention is required by law.

4. Cookies & Analytics

The Hazelink website uses minimal cookies necessary for functionality: session authentication cookies and language preference storage. We do not use third-party advertising cookies.

We use privacy-respecting analytics (no cross-site tracking, no fingerprinting) to understand aggregate traffic patterns — page views, referral sources, and device types. No personal data is collected at the analytics layer.

You can disable cookies in your browser settings. Core functionality may be affected if session cookies are disabled.

5. Email Communications

By joining the Hazelink waitlist, you consent to receiving a launch notification email when Hazelink opens for early access.

We send the following categories of email: transactional (receipts, account alerts), product updates (major announcements, new features), and support responses. Every non-transactional email includes a one-click unsubscribe link.

We use Resend for email delivery. Your email address is shared with Resend only to the extent necessary to deliver messages. Resend does not use your email for its own marketing purposes.

6. Feedback Submissions

When you submit feedback through the Hazelink feedback form, we collect the content of your submission (title, description, and type). Feedback submissions are not linked to your email address or account by default — they are anonymous unless you include identifying information in the submission text.

We store feedback in our Supabase database and use it to inform product development decisions. We may publicly acknowledge feedback themes without attributing them to individuals.

7. Your Rights

You have the right to:

Access — Request a copy of the personal data we hold about you
Correction — Request correction of inaccurate personal data
Deletion — Request deletion of your account and associated data
Portability — Request your data in a machine-readable format
Objection — Object to processing based on legitimate interests
Unsubscribe — Opt out of marketing emails at any time

To exercise any of these rights, email support@hazelink.app. We will respond within 14 business days.

8. Third-Party Services

Hazelink uses the following third-party services, each governed by their own privacy policies:

Supabase — Database and authentication infrastructure
Resend — Transactional email delivery
Fontshare — Web font delivery (no personal data collected)

We do not use Google Analytics, Meta Pixel, or any advertising network SDKs.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify waitlist and account holders by email at least 14 days before the changes take effect. The date at the top of this page reflects the most recent update.

Continued use of Hazelink after changes take effect constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions, data requests, or concerns, contact us at:

support@hazelink.app

We aim to respond to all privacy inquiries within 5 business days.