Privacy Policy

1. Who We Are

Hivemind ("we," "us," or "our") is a marketing technology company based in Beirut, Lebanon. We operate as a Meta Tech Provider, delivering AI-powered social media and advertising management services to businesses ("Clients") using the Meta Graph API, Instagram Graph API, and Marketing API.

This Privacy Policy explains how we collect, use, store, and protect information when you visit our website (https://hivemind-marketing.online) or when your business uses our services. By using our website or services, you agree to the practices described in this policy.

2. Information We Collect

2.1 Information from Website Visitors

When you visit our website, we may collect:

• Basic analytics data (page views, referral source, general geographic region)
• Contact information you voluntarily provide (name, email, business name) when reaching out to us
• Technical information such as browser type and device type for website optimization

We do not use cookies for tracking or advertising purposes. Any analytics we collect is aggregated and does not personally identify you.

2.2 Information from Client Businesses (via Meta APIs)

When a business becomes a Hivemind client and authorizes us through Facebook Login for Business, we access the following data from Meta platforms on behalf of that client:

• Access tokens: Secure tokens that allow us to manage client assets via Meta APIs
• Page IDs and Instagram Account IDs: Identifiers for the specific Facebook Pages and Instagram accounts the client authorizes us to manage
• Ad Account IDs: Identifiers for advertising accounts the client authorizes us to manage
• Engagement metrics: Likes, comments, shares, reach, impressions, and other performance data for content we manage
• Audience insights: Aggregated demographic and interest data about the client's audience
• Ad performance data: Spend, conversions, click-through rates, and other advertising metrics

We only access data that clients explicitly authorize through Meta's OAuth consent flow. We never access personal data of the client's followers or customers beyond what is provided in aggregate form by Meta's APIs.

3. How We Use Information

3.1 Website Visitor Data

• To respond to inquiries and provide information about our services
• To improve our website and user experience
• To understand general traffic patterns and website performance

3.2 Client Business Data (Meta API Data)

• To publish content on behalf of clients to their Facebook Pages and Instagram accounts
• To manage and respond to comments and direct messages as directed by clients
• To create, manage, and optimize advertising campaigns on behalf of clients
• To generate performance reports and analytics for clients
• To provide strategic recommendations based on data insights

We use client data solely for delivering the services agreed upon with each client. We do not use client data for any purpose other than fulfilling our service obligations to that specific client.

4. Data Sharing

We do not sell, rent, or trade any data to third parties.

We may share data only in the following limited circumstances:

• Service providers: We use trusted third-party services for hosting (Vercel), email communications, and cloud infrastructure. These providers process data only on our behalf and are bound by confidentiality obligations.
• Legal requirements: We may disclose information if required by law, court order, or government regulation.
• Business transfers: In the event of a merger, acquisition, or sale of assets, client data may be transferred as part of that transaction, with notice provided to affected clients.

5. Data Storage and Security

We take data security seriously and implement appropriate technical and organizational measures to protect information:

• Encryption at rest: All stored data, including access tokens and client information, is encrypted using industry-standard encryption protocols
• Encryption in transit: All data transmitted between systems uses TLS/SSL encryption
• Access controls: Access to client data is restricted to authorized personnel only
• Secure infrastructure: We use reputable cloud providers with SOC 2 compliance

While we implement strong security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting data to the best of our ability.

6. Data Retention

We retain data for the following periods:

• Access tokens: Retained only while the client relationship is active; deleted within 30 days of service termination or access revocation
• Performance data and reports: Retained for up to 24 months to provide historical analytics to clients
• Contact information: Retained while you remain a client or prospect; deleted upon request
• Website analytics: Retained in aggregated form for up to 12 months

Upon client request or termination of services, we will delete all client-specific data within 30 days, unless retention is required for legal or regulatory purposes.

7. International Data Transfers

Hivemind is based in Lebanon. If you are located outside Lebanon, please be aware that your information may be transferred to, stored, and processed in Lebanon or other countries where our service providers operate. By using our services, you consent to the transfer of information to countries that may have different data protection rules than your country of residence. We ensure that any international transfers are conducted with appropriate safeguards in place.

8. Your Rights

Depending on your location, you may have the following rights regarding your data:

• Access: Request a copy of the data we hold about you or your business
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Request your data in a portable format
• Objection: Object to certain types of processing
• Revocation: Revoke your authorization for us to access your Meta assets at any time

To exercise any of these rights, please contact us at moe.mneimne@gmail.com. We will respond to your request within 30 days.

9. Data Deletion Requests

If you wish to have your data deleted from our systems, you may:

• Email us at moe.mneimne@gmail.com with the subject line "Data Deletion Request"
• Visit our Data Deletion page for detailed instructions
• Revoke Hivemind's access through your Meta Business Settings (this stops future data access; contact us to delete existing data)

We will process deletion requests within 30 days and confirm completion via email.

10. Meta Platform Data

As a Meta Tech Provider, we are bound by Meta's Platform Terms and Developer Policies. This means:

• We only access data that users explicitly authorize through Meta's OAuth consent flow
• We do not sell Meta Platform data to anyone
• We use Meta Platform data only for providing services to the authorizing client
• Our data protection practices are at least as protective as Meta's own policies
• We comply with all applicable Meta Platform Terms and policies

For more information about how Meta handles data, please refer to Meta's Privacy Policy.

11. Children's Privacy

Hivemind's services are designed for businesses and are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: