Privacy Policy

Your privacy matters. This Privacy Policy explains how HazardHawk collects, uses, and protects your personal information.

Summary

We are committed to transparency and compliance with all applicable data protection laws, including GDPR and CCPA.

  • We collect only the information necessary to provide our safety management services.
  • We do not sell your data.
  • You retain ownership of all photos, documents, and reports.
  • You can export or delete your data at any time.

Effective Date: January 1, 2025

1. Information We Collect

HazardHawk collects the following types of information to provide and improve our safety management services:

  • Account Information: Name, email address, company name, job title, and phone number when you create an account.
  • Project Data: Project names, locations, safety documentation, hazard reports, and compliance records you input into the platform.
  • Photos and Documents: Images, PDFs, and other files you upload for AI analysis or documentation purposes.
  • Usage Data: Information about how you interact with our platform, including IP address, browser type, device information, and access times.
  • Location Data: GPS coordinates when you capture photos or create reports (with your permission).

2. How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain the HazardHawk platform and services
  • Process AI analysis of photos and generate safety reports
  • Communicate with you about your account, updates, and support requests
  • Improve our services, develop new features, and enhance user experience
  • Ensure platform security, prevent fraud, and enforce our Terms of Service
  • Comply with legal obligations and regulatory requirements
  • Generate anonymized analytics to improve industry safety standards

3. Data Ownership and Control

You Own Your Data. All photos, documents, reports, and safety records you create are your property. HazardHawk is the data processor, not the data owner.

  • Data Portability: Export all your data at any time in standard formats (CSV, PDF, JSON). No lock-in.
  • Data Retention: Configurable retention policies. You can delete projects and associated data on your schedule.
  • Account Deletion: Request full account deletion at any time. We will permanently remove your data within 30 days.

4. Data Security

We implement enterprise-grade security measures to protect your data:

  • Encryption: All data encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Access Controls: Role-based permissions ensure users only see data relevant to their role
  • Infrastructure Security: AWS-hosted with multi-region redundancy, DDoS protection, and web application firewall
  • Compliance: SOC 2 Type II certified with annual third-party penetration testing
  • Incident Response: 24-hour notification SLA for security events

5. Data Sharing and Third Parties

We do not sell, rent, or share your data with third parties. We only share data in the following limited circumstances:

  • Service Providers: Cloud hosting (AWS), AI processing (Google Cloud AI), and analytics tools that help us operate the platform. All providers are bound by strict data processing agreements.
  • Legal Requirements: When required by law, court order, or regulatory investigation.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.
  • With Your Consent: When you explicitly authorize us to share data (e.g., with insurance carriers or project owners).

6. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Opt-out of certain data processing activities

To exercise these rights, contact us at privacy@hazardhawk.co.

7. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how it is used
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve platform functionality and user experience:

  • Essential Cookies: Required for platform operation (login sessions, security)
  • Analytics Cookies: Help us understand how users interact with the platform
  • Preference Cookies: Remember your settings and preferences

You can manage cookie preferences through your browser settings.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting a notice on our platform at least 30 days before the changes take effect.

10. Contact Us

For privacy inquiries, data requests, or questions about this Privacy Policy, contact us at:

HazardHawk Privacy Team

Email: privacy@hazardhawk.co

For general inquiries: Visit our Contact Page

Questions About Our Privacy Practices?

Our team is here to help you understand how we protect your data.

Contact Us