Privacy Policy

How we collect, use, and protect your personal information when you use Hypein.

Effective: 1 January 2026Last updated: 1 January 2026Version: v1.0

This Privacy Policy explains how Hypebox Media SARL (“Hypebox,” “we,” “us,” “our”) collects, uses, shares, and protects information when you use our mobile application, web application, websites, and related services (collectively, the “Service”). We are committed to privacy-by-design. Please read this Privacy Policy carefully.

01Who We Are (Controller)

Company: Hypebox Media SARL
Registered Address: Beirut, Badaro — Lebanon
Email: business@hypebox.agency
Support: business@hypebox.agency

For data protection laws that distinguish between a “controller” and “processor,” Hypebox Media SARL is the controller of personal data processed under this Privacy Policy, unless stated otherwise.

02What This Policy Covers

This Policy covers:

Information we collect from users of the app (brands, agencies, creators, team members).
Information collected automatically (device data, usage data).
Information you provide manually (profile details, campaign inputs, payments, support tickets).
Information we may process about public social profiles/content when you use the Service to analyze or track public performance data (where applicable and permitted).

This Policy does not cover third-party websites, platforms, or services you may access through the Service (for example, Instagram, TikTok, YouTube, X). Their privacy practices are governed by their own policies.

03Information We Collect

A) Information You Provide

We may collect:

Account information: name, email, password, company/brand name, role, country.
Profile details: photo, job title, business details, preferences.
Team and workspace data: member invites, role permissions, internal notes.
Campaign and planning inputs: campaign names, briefs, links, budgets, goals, creator lists, internal performance notes.
Communications: messages to support, feedback, survey responses.
Billing information: billing contact details and payment status.
Note: Payment card data is typically processed by our payment providers (we do not store full card numbers).

B) Information Collected Automatically

When you use the Service, we may collect:

Device and technical data: IP address, device identifiers, browser type, OS, app version, language, time zone.
Usage data: pages/screens viewed, features used, clicks, session duration, error logs, referral URLs.
Approximate location: derived from IP address (city/country level), where permitted by your device settings and law.

C) Information From Integrations (If You Connect Them)

If you connect third-party services (e.g., social platforms, analytics, ad accounts), we may receive data according to what you authorize, such as:

Connected account identifiers, basic profile metadata, and permitted performance insights.

D) Publicly Available Information

Depending on your use of the Service, we may process information that is publicly available online (for example, public creator profiles, public posts, public engagement metrics). We process such data to provide analytics, discovery, and monitoring features.

We do not claim ownership of public content and we aim to minimize collection to what is necessary to deliver the Service.

04How We Use Information

We use information to:

Provide and operate the Service (accounts, authentication, dashboards, features).
Analyze performance and generate insights (reports, tracking, benchmarking).
Improve the Service (debugging, product improvements, feature testing).
Provide support (responding to tickets, troubleshooting).
Security and fraud prevention (detect abuse, protect accounts).
Billing and subscriptions (invoices, renewals, plan enforcement).
Communications (service notices, updates, policy changes).
Marketing (where permitted): newsletters, product announcements, promotions (you can opt out).
Legal compliance (tax, accounting, law enforcement requests where valid).

05Legal Bases for Processing (GDPR / EEA / UK)

If you are located in the EEA/UK (or where similar laws apply), we rely on these legal bases:

Contract: to provide the Service you requested.
Legitimate interests: to secure, improve, and market the Service responsibly (balanced with your rights).
Consent: for optional marketing, certain cookies/SDKs, or where required by law.
Legal obligation: for compliance (tax, accounting, lawful requests).

07International Data Transfers

We may process and store information in countries different from where you live. Where required, we use appropriate safeguards for cross-border transfers (such as contractual protections).

08Data Retention

We keep personal data only as long as necessary for the purposes described in this Policy, including:

For the duration of your account,
As needed for legal, tax, accounting, dispute resolution, and enforcement.

When data is no longer required, we delete or anonymize it, subject to technical and legal constraints.

09Security

We use administrative, technical, and physical safeguards designed to protect information, such as access controls, encryption in transit, and monitoring. However, no system is 100% secure. You are responsible for keeping your login credentials confidential.

10Your Privacy Rights

Depending on your location, you may have rights including:

Access: request a copy of your data.
Correction: fix inaccurate or incomplete data.
Deletion: request deletion of your data (subject to legal exceptions).
Objection: object to certain processing.
Restriction: limit how we process your data.
Portability: receive data in a structured, machine-readable format.
Withdraw consent: where we rely on consent.

To exercise rights, contact: business@hypebox.agency. We may need to verify your identity before fulfilling your request.

Marketing Opt-Out

You can opt out of marketing emails at any time by using the unsubscribe link or contacting us. You may still receive essential service emails (e.g., security, billing, policy updates).

11Cookies, SDKs & Tracking Technologies

We may use cookies and similar technologies (including SDKs in mobile apps) to:

Keep you logged in,
Remember preferences,
Understand usage and improve performance,
Measure marketing effectiveness.

You can control cookies through your browser settings and, on mobile, through your device permissions/settings. If you block certain cookies/SDKs, parts of the Service may not work properly.

12Third-Party Links & Platforms

The Service may include links to third-party sites or allow you to connect with third-party platforms. We are not responsible for third-party privacy practices. Please review their policies.

13Children's Privacy

The Service is not intended for children under 13 (or the age required by local law). We do not knowingly collect personal data from children. If you believe a child provided data, contact us to request deletion.

14Public Profile / Creator Requests

If the Service processes publicly available creator/profile data:

We process it to deliver analytics, discovery, and campaign features.
If you believe we are displaying inaccurate information about a public profile, you can contact us at business@hypebox.agency and we will review correction or removal requests where appropriate and required.

15Data for Business Customers

If you use the Service on behalf of a company, your company may have its own policies regarding access to workspace data and team member activity. Workspace admins may be able to access and manage certain information within the workspace (for example, campaign settings, invited members, and usage logs).

16Changes to This Privacy Policy

We may update this Policy from time to time. If changes are material, we will provide notice (for example, in-app or via email). The “Last Updated” date indicates when this Policy was last revised.

17Contact Us

If you have questions or requests about privacy, contact:

Hypebox Media SARL
Email: business@hypebox.agency
Address: Beirut, Badaro — Lebanon

Questions?

Contact business@hypebox.agency

Document

v1.0 · 1 January 2026