Hoply ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This policy explains what we collect, why we collect it, and how you can exercise your rights.
This is a placeholder document. Before launching commercially, please review and replace this with a policy reviewed by counsel for your jurisdiction.
1. Who we are
Hoply is operated by the entity behind hoply.chat. You can reach our data protection contact at privacy@hoply.chat.
2. Data we collect
We collect only what we need to operate the service:
- Account data — name, email, password hash, billing address.
- Workspace data — conversations you and your customers exchange through Hoply, attachments, help articles you create.
- Usage data — anonymous telemetry to debug and improve the product (page loads, error reports).
- Payment data — handled by Stripe; we never store your full card number.
3. How we use it
- To deliver the service and route messages between you and your customers.
- To bill you for the plan you chose.
- To detect fraud and abuse.
- To send service-critical emails (security, billing). Marketing emails are opt-in.
We do not sell your data. We do not train AI models on your customer conversations.
4. Where it lives
Production data is hosted in the European Union (Frankfurt, Germany) on encrypted disks. Backups are retained for 30 days. Customers on the Business plan can request EU- or US-only storage.
5. Your GDPR rights
If you are in the European Economic Area, the UK or California, you can:
- Request access to all data we hold about you.
- Request correction of inaccurate data.
- Request deletion ("right to be forgotten").
- Object to processing or withdraw consent.
- Request data portability (export).
Email privacy@hoply.chat and we will respond within 30 days. We are also happy to sign a Data Processing Agreement (DPA).
6. Sub-processors
- Stripe — payments.
- OpenAI / Google AI — language models that power the chatbot (optional; you can plug your own keys).
- Pusher — real-time messaging delivery.
- SendGrid / Spacemail — transactional email.
- OneSignal — browser push notifications.
- OVH / hosting provider — server infrastructure.
7. Cookies
Hoply uses strictly necessary cookies to keep you signed in and protect against CSRF attacks. We do not use third-party tracking cookies on this site. The embeddable chat widget uses a first-party cookie scoped to your customer's domain to maintain session identity across pages.
8. Children
Hoply is not intended for children under 16. We do not knowingly collect data from children.
9. Changes
We will notify registered users by email at least 30 days before any material change. Continuing to use Hoply after that date constitutes acceptance of the updated terms.
10. Contact
Questions? Email privacy@hoply.chat.