Daya

Privacy Policy

Privacy Policy

Effective Date: May 7, 2026

Last Updated: May 7, 2026

1. Introduction

Welcome to Daya ("we," "our," or "us"). Hive Labs operates the Daya mobile application (the "App") as an e-commerce platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App across all platforms including iOS, Android, and web-based interfaces.

We are committed to protecting your privacy and ensuring transparency in our data practices. This Privacy Policy applies to all users globally and describes our practices concerning personal information and data collection.

By accessing or using Daya, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

2. Information We Collect

We collect several types of information from and about users of our App, including information by which you may be personally identified.

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you register on the App, make a purchase, or otherwise contact us. This information includes:

  • Name: Your first and last name for account creation and order fulfillment
  • Email Address: Used for account verification, communication, order confirmations, and marketing communications
  • Phone Number: Collected for order delivery coordination, customer support, and account security
  • Purchase History: Records of products you have viewed, added to cart, purchased, or returned to provide personalized recommendations and improve our services
  • Photos and Media: Images you upload for profile pictures, product reviews, or when requesting customer support
  • Contact Information: Access to your device contacts if you choose to share our App or refer friends (with your explicit permission)

2.2 Information Collected Automatically

When you access and use the App, we automatically collect certain information about your device and usage patterns:

  • Usage Analytics: Information about how you interact with the App, including pages viewed, features accessed, time spent on pages, search queries, navigation paths, and button clicks
  • Device Information: Device type, operating system version, unique device identifiers, mobile network information, and device settings
  • Location Data: Approximate location based on IP address or more precise location if you grant permission (used for delivery services and localized content)
  • Crash Reports: Technical information about App crashes and errors, including device state, stack traces, and diagnostic data to help us identify and fix technical issues
  • Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities

2.3 Information from Third-Party Sources

We may receive information about you from third-party services when you choose to connect your account or use single sign-on features:

  • Google Sign In: Profile information including name, email address, and profile picture
  • Facebook SDK: Profile information including name, email address, profile picture, and friends list (with your permission)
  • Apple Sign In: Name, verified email address (or private relay email), and authentication token

3. How We Use Your Information

We use the information we collect about you for various purposes, including:

3.1 To Provide and Maintain Our Services

  • Creating and managing your account
  • Processing and fulfilling your orders and transactions
  • Delivering products to your specified address
  • Providing customer support and responding to your inquiries
  • Authenticating your identity and preventing fraud
  • Processing returns, exchanges, and refunds

3.2 To Improve and Personalize Your Experience

  • Customizing content and product recommendations based on your preferences and purchase history
  • Analyzing usage patterns to improve App functionality and user experience
  • Conducting research and analysis to develop new features and services
  • Testing new features and functionality
  • Understanding how users interact with our App to optimize navigation and design

3.3 For Communication Purposes

  • Sending order confirmations, shipping updates, and delivery notifications
  • Providing important updates about your account or changes to our terms and policies
  • Responding to your comments, questions, and customer service requests
  • Sending promotional communications, newsletters, and marketing materials (with your consent where required)
  • Soliciting feedback and product reviews

3.4 For Security and Legal Compliance

  • Detecting, preventing, and addressing technical issues, fraud, and security vulnerabilities
  • Monitoring and analyzing usage to detect unauthorized access or misuse
  • Enforcing our Terms of Service and other policies
  • Complying with legal obligations and responding to lawful requests from public authorities
  • Protecting the rights, property, and safety of Hive Labs, our users, and the public

3.5 For Analytics and Performance Monitoring

  • Tracking App performance metrics and user engagement
  • Identifying and diagnosing technical problems and crashes
  • Understanding demographic trends and user preferences
  • Measuring the effectiveness of our marketing campaigns
  • Generating aggregated statistical data for internal reporting

4. Third-Party Services and Data Sharing

We use third-party service providers to help us operate our App, conduct our business, and provide services to you. These third parties have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

4.1 Third-Party Service Providers

Google Analytics: We use Google Analytics to analyze how users interact with our App. Google Analytics collects information such as how often users visit the App, what pages they visit, and what other sites they used prior to coming to our App. We use the information from Google Analytics to improve our App and services. Google Analytics collects only the IP address assigned to you on the date you visit the App, rather than your name or other identifying information. Google's ability to use and share information collected by Google Analytics is restricted by the Google Analytics Terms of Service and the Google Privacy Policy.

Firebase: We use Firebase, a Google service, for analytics, crash reporting, cloud messaging, and authentication. Firebase collects device information, usage data, and crash reports to help us understand App performance and user behavior. Firebase may collect and process data according to Google's Privacy Policy.

Google Sign In: We offer the ability to sign in using your Google account. When you use this service, Google may share certain profile information with us according to your Google account settings. This typically includes your name, email address, and profile picture.

Facebook SDK: We integrate Facebook services to enable social login and sharing features. Facebook may collect information about your device, usage patterns, and interactions with our App. Facebook's use of your information is governed by Facebook's Data Policy.

Apple Sign In: We offer Apple Sign In as an authentication option. Apple may provide us with a unique identifier and verified email address (or private relay email). Apple's use of your information is governed by Apple's Privacy Policy.

Mailchimp: We use Mailchimp to manage our email marketing campaigns and newsletters. When you subscribe to our communications, your email address and related information are stored and processed by Mailchimp according to their Privacy Policy. You can unsubscribe from these communications at any time.

4.2 Other Data Sharing Scenarios

We may also disclose your information in the following circumstances:

  • Service Providers: Payment processors, shipping and delivery companies, customer support platforms, cloud storage providers, and other vendors who assist in operating our App
  • Business Transfers: In connection with or during negotiation of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company
  • Legal Requirements: When we believe disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request
  • Protection of Rights: To enforce our Terms of Service, protect our rights, privacy, safety, or property, and that of our users and the public
  • With Your Consent: We may share your information with third parties when you explicitly consent to such sharing
  • Aggregated Data: We may share aggregated or de-identified information that cannot reasonably be used to identify you

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

The criteria we use to determine retention periods include:

  • Account Information: Retained for the duration of your active account and for a reasonable period afterward to accommodate account reactivation requests and comply with legal obligations
  • Purchase History: Retained for as long as necessary to provide customer support, process returns, and comply with tax, accounting, and legal requirements (typically 7-10 years)
  • Usage Analytics: Typically retained for 12-26 months, after which data may be aggregated and anonymized
  • Crash Reports: Retained for as long as necessary to identify and fix technical issues, typically 90-180 days
  • Marketing Communications: Retained until you unsubscribe or request deletion, plus a suppression period to honor your opt-out preferences
  • Legal Compliance: Some information may be retained longer when required to comply with legal, regulatory, tax, audit, or accounting requirements

When we no longer need your personal information, we will securely delete or anonymize it in accordance with applicable data protection laws.

6. Your Privacy Rights and Choices

Depending on your location and applicable laws, you may have certain rights regarding your personal information. We respect these rights and provide mechanisms for you to exercise them.

6.1 Access and Portability

You have the right to request access to the personal information we hold about you. You can also request a copy of your data in a structured, commonly used, and machine-readable format. To request access or a copy of your data, contact us at hiivelabs.gh@gmail.com.

6.2 Correction and Update

You have the right to request that we correct inaccurate or incomplete personal information. You can update most of your account information directly through the App settings. For other corrections, contact us at hiivelabs.gh@gmail.com.

6.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions such as legal obligations or legitimate business interests. To request deletion, contact us at hiivelabs.gh@gmail.com. Please note that we may retain certain information as required by law or for legitimate business purposes.

6.4 Objection and Restriction

You have the right to object to or request restriction of certain processing of your personal information, including for direct marketing purposes. You can opt out of marketing communications by following the unsubscribe instructions in our emails or by contacting us at hiivelabs.gh@gmail.com.

6.5 Withdraw Consent

Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. This includes consent for marketing communications, location data access, and contacts access. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

6.6 Managing Permissions

You can manage certain permissions directly on your device:

  • Location Services: Disable location access in your device settings
  • Contacts: Revoke contacts permission in your device settings
  • Photos and Media: Manage photo access in your device settings
  • Notifications: Disable push notifications in your device settings or App settings

6.7 Do Not Sell My Personal Information

We do not sell your personal information to third parties for monetary consideration. If our practices change, we will update this Privacy Policy and provide you with the right to opt out of such sales.

7. International Data Transfers

Hive Labs operates globally, and your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer your personal information internationally, we take appropriate safeguards to ensure that your information remains protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include:

  • Implementing standard contractual clauses approved by relevant data protection authorities
  • Ensuring that recipients are certified under appropriate privacy frameworks
  • Obtaining your explicit consent for the transfer
  • Transferring data to countries with adequate data protection laws as determined by relevant authorities

By using our App and providing your information, you consent to the transfer of your information to countries outside of your country of residence, including countries that may not provide the same level of data protection as your home country.

8. Security of Your Information

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction.

8.1 Security Measures

Our security measures include:

  • Encryption of data in transit using industry-standard SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms to limit access to personal information
  • Employee training on data protection and security practices
  • Secure development practices and code reviews
  • Regular monitoring for suspicious activity and security incidents
  • Incident response procedures to address security breaches

8.2 Your Responsibility

While we strive to protect your personal information, you also play a role in keeping your information secure:

  • Choose a strong, unique password for your account
  • Do not share your password with others
  • Log out of your account when using shared devices
  • Keep your device and App updated with the latest security patches
  • Be cautious about phishing attempts and suspicious communications
  • Report any unauthorized access or security concerns to us immediately

8.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law. Notification will be provided without undue delay and will include information about the nature of the breach, the data affected, and steps you can take to protect yourself.

Please note that no method of transmission over the Internet or electronic storage is 100% secure. While we implement reasonable security measures, we cannot guarantee absolute security of your information.

9. Children's Privacy

Daya is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us at hiivelabs.gh@gmail.com. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information from our servers.

For users in the European Economic Area, we do not knowingly collect personal information from children under 16 without parental consent, or under the age specified by the laws of your country of residence.

If you are between the ages of 13 and 18 (or the age of majority in your jurisdiction), you may only use Daya with the permission and supervision of a parent or legal guardian who agrees to be bound by our Terms of Service.

10. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities and preferences.

10.1 Types of Cookies We Use

Essential Cookies: These cookies are necessary for the App to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt out of these cookies as they are essential for the App to work.

Analytics Cookies: These cookies help us understand how users interact with our App by collecting and reporting information anonymously. We use this information to improve the App and user experience. Examples include Google Analytics cookies.

Functionality Cookies: These cookies enable the App to provide enhanced functionality and personalization, such as remembering your preferences and settings.

Advertising and Marketing Cookies: These cookies are used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. They may be set by us or by third-party advertising partners.

10.2 Managing Cookies

You can control and manage cookies in various ways:

  • Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer
  • You can delete cookies that have already been set on your device
  • Many mobile devices allow you to opt out of targeted advertising through device settings
  • You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on

Please note that if you disable or refuse cookies, some features of the App may not function properly or become inaccessible.

10.3 Do Not Track Signals

Some web browsers have a "Do Not Track" feature that signals to websites that you do not want your online activities tracked. At this time, the App does not respond to Do Not Track signals or similar mechanisms.

11. Third-Party Links and Services

Our App may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to these third-party services.

When you click on third-party links or use third-party services integrated into our App, you will be directed away from our App. We are not responsible for the privacy practices or content of these third-party services.

We strongly advise you to review the privacy policy of every third-party service you visit or use. Third-party services have their own privacy policies and terms of service, and your use of these services is governed by their respective policies, not this Privacy Policy.

The third-party services we integrate with include, but are not limited to:

  • Social media platforms (Facebook, Google)
  • Payment processors
  • Analytics services (Google Analytics, Firebase)
  • Email service providers (Mailchimp)
  • Cloud service providers
  • Customer support platforms

12. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

12.1 Your California Privacy Rights

California residents have the right to:

  • Know: Request information about the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information is collected, the business purpose for collecting the information, and the categories of third parties with whom we share the information
  • Delete: Request deletion of your personal information, subject to certain exceptions
  • Correct: Request correction of inaccurate personal information we maintain about you
  • Opt-Out: Opt out of the sale or sharing of your personal information (we do not currently sell personal information)
  • Limit Use: Limit the use and disclosure of sensitive personal information
  • Non-Discrimination: Exercise your privacy rights without discriminatory treatment

12.2 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information from California residents:

  • Identifiers (name, email address, phone number)
  • Commercial information (purchase history, browsing history)
  • Internet or network activity (usage analytics, crash reports)
  • Geolocation data
  • Visual information (photos, profile pictures)
  • Inferences drawn from other personal information

12.3 Exercising Your California Privacy Rights

To exercise your California privacy rights, contact us at hiivelabs.gh@gmail.com with "California Privacy Rights" in the subject line. We will verify your identity before processing your request and respond within 45 days (or notify you if we need an extension).

You may designate an authorized agent to make a request on your behalf. We will require written authorization from you and verification of the agent's identity.

12.4 California Shine the Light Law

California Civil Code Section 1798.83 permits California residents to request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not currently share personal information with third parties for their direct marketing purposes.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation (GDPR) and related data protection laws.

13.1 Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contractual Necessity: Processing is necessary to perform our contract with you (account creation, order fulfillment, customer support)
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services, fraud prevention, and security (unless overridden by your data protection interests or rights)
  • Consent: You have given explicit consent for specific processing activities (marketing communications, optional data collection)
  • Legal Obligation: Processing is necessary to comply with legal obligations

13.2 Your GDPR Rights

Under GDPR, you have the following rights:

  • Right of Access: Obtain confirmation of whether we process your personal data and access to that data
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Data Portability: Receive your personal data in a structured, machine-readable format and transmit it to another controller
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: Lodge a complaint with your local supervisory authority

13.3 Data Protection Officer

For questions about our data processing practices or to exercise your GDPR rights, contact us at hiivelabs.gh@gmail.com with "GDPR Request" in the subject line.

13.4 International Transfers

When we transfer personal data from the EEA to countries outside the EEA, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions.

14. Additional Jurisdictional Rights

14.1 Brazil (LGPD)

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including the right to access, correct, delete, and port your personal data. You also have the right to object to processing and withdraw consent. Contact us at hiivelabs.gh@gmail.com to exercise these rights.

14.2 Canada (PIPEDA)

If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including the right to access your personal information, challenge its accuracy, and withdraw consent. Contact us at hiivelabs.gh@gmail.com for assistance.

14.3 Australia (Privacy Act)

If you are located in Australia, you have rights under the Privacy Act 1988, including the right to access and correct your personal information. If you are dissatisfied with our response to a privacy complaint, you may contact the Office of the Australian Information Commissioner.

14.4 Other Jurisdictions

Regardless of your location, we strive to provide transparency and control over your personal information. If you have questions about your privacy rights in your jurisdiction, contact us at hiivelabs.gh@gmail.com.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this Privacy Policy.

15.1 Notification of Changes

If we make material changes to this Privacy Policy, we will notify you by:

  • Posting a prominent notice in the App
  • Sending you an email notification to the email address associated with your account
  • Providing an in-app notification when you next access the App
  • Requesting your consent if required by applicable law

15.2 Your Continued Use

Your continued use of the App after we post or send a notice about changes to this Privacy Policy means that you consent to the updated Privacy Policy. If you do not agree to the changes, you should stop using the App and contact us to close your account.

15.3 Review This Policy

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. The "Last Updated" date indicates when the Privacy Policy was last revised.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Hive Labs
Email: hiivelabs.gh@gmail.com

16.1 Privacy Inquiries

For privacy-related questions or to exercise your privacy rights, email us at hiivelabs.gh@gmail.com with a clear description of your request. Please include "Privacy Inquiry" in the subject line.

16.2 Data Protection Requests

To submit a data access, correction, deletion, or portability request, contact us at hiivelabs.gh@gmail.com with "Data Request" in the subject line. We will verify your identity before processing your request.

16.3 Security Concerns

If you believe your account has been compromised or you have discovered a security vulnerability, immediately contact us at hiivelabs.gh@gmail.com with "Security Issue" in the subject line.

16.4 Response Time

We aim to respond to all inquiries within 30 days. For data subject requests, we will respond within the timeframes required by applicable law (typically 30-45 days). If we need additional time, we will notify you of the extension and the reason for the delay.

16.5 Supervisory Authorities

If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection supervisory authority if you believe our processing of your personal information violates applicable data protection law.

17. Your Consent

By using Daya, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, disclosure, and processing of your information as described herein. If you do not agree with this Privacy Policy, please do not use the App.

For certain processing activities that require explicit consent under applicable law, we will obtain your consent separately through clear affirmative action, such as checking a box or clicking a button.

You have the right to withdraw your consent at any time by contacting us at hiivelabs.gh@gmail.com or by adjusting your settings in the App. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

18. Automated Decision-Making

We may use automated decision-making technologies, including profiling, to provide personalized product recommendations, customize your user experience, and optimize our services. These automated processes analyze your usage patterns, purchase history, and preferences to predict what products or content might interest you.

Our automated decision-making does not produce legal effects or similarly significantly affect you. However, if you have concerns about automated decision-making or wish to request human intervention, you may contact us at hiivelabs.gh@gmail.com.

You have the right to object to automated decision-making in certain circumstances, particularly where it produces legal effects or significantly affects you. We will provide information about the logic involved and the significance and envisaged consequences of such processing upon request.

19. Data Accuracy and Updates

We take reasonable steps to ensure that the personal information we hold about you is accurate, complete, and up-to-date. However, we rely on you to inform us of any changes to your personal information.

You can update your account information at any time by:

  • Logging into your account and accessing your profile settings
  • Contacting our customer support at hiivelabs.gh@gmail.com
  • Using the account management features in the App

If you discover that information we hold about you is inaccurate, incomplete, or outdated, please contact us immediately so we can correct it. Maintaining accurate information helps us provide you with better service and ensures compliance with our legal obligations.

20. Business Transitions

In the event that Hive Labs is involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale, or other business transition, your personal information may be transferred or acquired by a third party as part of that transaction.

In such circumstances:

  • We will provide notice before your personal information is transferred and becomes subject to a different privacy policy
  • You will have the opportunity to delete your account before the transfer if you do not agree to the new privacy policy
  • The acquiring party will be required to use