Control • Clarity • Proof Single source of truth
HyperUp Trust Center Hub

Privacy Notice (Cookies & Telemetry)

A concrete, no-fluff privacy notice: what we collect, why, how long we keep it, how cookies/telemetry work, and the fastest path to the right support channel.

Effective: December 31, 2025 · Last updated: December 31, 2025 · Version 1.0 · Built to reduce confusion, prevent misroutes, and keep support fast.

Open the data map Support Hub Email privacy

At a glance

Operational rationale: plain language summary to route requests correctly and reduce support load.

  • Primary uses: operate the Services, process purchases, deliver products, provide customer support, and maintain security.
  • Speed and safety: we use limited diagnostics and may generate aggregated/de-identified “Derivative Intelligence” to improve reliability and prevent abuse.
  • Cookies and telemetry: used for functionality, security, and aggregated analytics with clear category-based controls (and recognized opt-out signals where required).
  • Fast routing: privacy requests go to privacy@hyperupsuite.com. Product help goes to the Support Hub.

Fast routing (avoid misroutes)

Privacy requests: email privacy@hyperupsuite.com.
Billing & receipts: use your purchase email or contact billing@hyperupsuite.com.
Product help: use the Support Hub.

Hyper-Protective notice

Operational rationale: clear role boundaries and “truth-first” disclosures prevent misinterpretation and reduce risk.

Not legal advice. HyperUp Suite is a technology provider, not a law firm, and does not provide legal advice. This Privacy Policy is for transparency regarding our data practices. You are responsible for obtaining independent legal counsel for your specific compliance obligations.
  • Truth-first disclosures: your experience can vary based on the Services you use and which third-party tools you enable (payments, analytics, pixels, email/SMS providers, fraud tools). Third parties control their own practices.
  • Business operator responsibility: if you use the Services to run your own business processes, you remain responsible for configuring your own disclosures, consent tools, and integration settings for your jurisdiction and use case.
  • Automated processing: some processing occurs automatically to operate, secure, and optimize the Services (for example: abuse detection, diagnostics, and performance optimization).
  • Ecosystem consistency: this Policy governs privacy topics for the Services. If another HyperUp document conflicts on a privacy topic, we apply the interpretation that provides greater privacy protection to individuals, to the extent permitted by law. For non-privacy topics, the applicable service terms control.
Privacy Choices Cookie Notice Terms of Service Trust Center Support Hub privacy@hyperupsuite.com

Scope

Operational rationale: a clear scope statement reduces accidental collection and sets expectations.

This Policy applies to information collected through HyperUp Suite websites, pages, checkout flows, customer portals, digital products, and services that link to this Policy (collectively, the “Services”). This Policy does not apply to third-party websites or services we do not control.

Key terms

Operational rationale: consistent definitions help prevent ambiguity in support, audits, and consumer requests.

  • Personal Information / Personal Data means information that identifies, relates to, describes, or could reasonably be linked to you, your household, your device, or your account.
  • Sensitive Data means categories treated as sensitive under certain laws, which may include (depending on jurisdiction and context) precise geolocation, certain health-related data, government identifiers, biometric identifiers, and account credentials.
  • Targeted Advertising means showing ads selected based on activity over time and across non-affiliated websites or applications.
  • Derivative Intelligence means aggregated, de-identified, or synthetic outputs generated by HyperUp’s proprietary processes to improve system performance, security, and functionality (for example: anomaly patterns, latency benchmarks, abuse signatures, product optimization insights). Derivative Intelligence is designed not to identify individuals, is not used to re-identify you, and is owned exclusively by HyperUp. If it is ever linked to Personal Information, we treat it as Personal Information under this Policy.

Information we collect

Operational rationale: data-minimization clarity helps customers understand what is collected and why.

We follow a data-minimization approach: we collect what we need to provide, secure, and improve the Services.
  • Information you provide directly: contact details (name, email, phone if provided); account information (such as login and authentication signals you choose); transaction information (products purchased, timestamps, billing/receipt metadata, refunds, chargebacks); support communications (messages, attachments, troubleshooting details you submit); preferences and feedback (forms, surveys, feature requests).
  • Information collected automatically: device and network data (IP address, browser type, device type, OS, language, approximate location derived from IP); usage data (pages viewed, clicks, referrers, navigation patterns, time on page, feature interaction events); security signals (log-in events, suspected bots, abuse signals, integrity checks); diagnostics and performance telemetry (error logs, crash reports, latency measurements).
  • Information from third parties (as applicable): payment processors (transaction confirmation/status, tokenized references, limited billing metadata); email/SMS providers (delivery status, bounce/engagement metadata, opt-out status); analytics and advertising partners (campaign attribution, conversion events, device/browser identifiers); fraud prevention vendors (risk signals).

Payment data (reduced footprint)

Payments are processed by third-party payment processors. HyperUp does not intentionally store full payment card numbers. We may store tokenized confirmations and limited billing/receipt information needed for accounting, fraud prevention, dispute handling, and support.

At-a-glance data map

Operational rationale: a concrete “what / why / how long” map removes ambiguity and speeds compliant responses.

The tables below summarize typical collection and use. Actual collection depends on the Services you use and your configuration.
Category Examples Primary purpose Typical retention
Account and identity Email address, account identifiers Authentication, access control, support routing While active, plus a reasonable period for security and audit
Commerce and billing records Order history, receipts, transaction references Fulfillment, billing support, accounting As required for financial records and dispute handling
Support communications Messages you send, attachments you provide Issue resolution, documentation improvements As needed to complete support and maintain service history
Device and usage signals IP-derived region, browser type, performance events Security, fraud prevention, reliability Short-lived where feasible; aggregated where appropriate
Cookies and telemetry Session cookies, preference cookies, analytics tags Core functionality and measurement Varies by category; see the matrix below
Local attribution (non-PII) UTM parameters, referrer hostname, lead token Support context and aggregated analytics Seven days (local storage)
Category Common examples Why we use it Typical retention approach Disclosed to
Identifiers & contact name, email, phone, account ID provide Services, support, security communications for the life of the account and as needed for service delivery hosting/support vendors
Account & authentication login events, device/session signals account access, fraud prevention, security limited window unless needed for investigations security providers
Transaction & billing metadata purchase history, receipts, refunds, chargebacks, token refs fulfillment, accounting, fraud/chargebacks, support typically up to 7 years where required for accounting/tax/disputes payment processors, accounting tools
Device & network IP, browser, OS, device type security, abuse prevention, diagnostics short window unless security review requires longer hosting/security vendors
Usage & telemetry page views, clicks, events, performance metrics reliability, speed optimization, analytics short window; then aggregated/de-identified where feasible analytics providers
Support content emails, tickets, attachments you submit customer support, troubleshooting, quality control as needed to resolve and document support support/CRM vendors
Marketing signals (if enabled) subscription status, campaign attribution promotions, measurement, suppression lists until you opt out or data becomes stale email/SMS and ad partners (if enabled)
Derivative Intelligence aggregated/synthetic performance and integrity insights protect speed/security and improve products retained while it remains non-identifying and useful may be shared only in non-identifying form
Cookie and tracking details live in the Cookies and telemetry section, and request intake is documented in Your choices and requests.

How we use information

Operational rationale: explicit purpose-limiting helps prevent over-collection and keeps processing legible.

  • Provide and operate the Services (accounts, access, downloads, customer portals).
  • Process transactions (payments, receipts, refunds, disputes/chargebacks).
  • Provide support and respond to requests.
  • Secure the Services (fraud prevention, abuse detection, account protection, incident investigation).
  • Improve reliability and speed (performance optimization, error reduction, infrastructure tuning).
  • Measure and improve products (analytics, QA, troubleshooting, development).
  • Send service and administrative communications (receipts, security notices, policy updates).
  • Send marketing communications where permitted and subject to your choices.
  • Comply with law and enforce agreements.

Automated ecosystem defense

We use real-time automated integrity and abuse-detection controls. These controls may automatically restrict, throttle, or block access when patterns suggest abuse, scraping, unauthorized data harvesting, credential stuffing, fraud, or interference. This processing helps maintain service security and performance.

Cookies and telemetry

Operational rationale: clear categories and controls keep measurement minimal, honest, and non-invasive.

Cookies are small browser files. Telemetry refers to limited technical signals that help keep the site secure and stable. We avoid placing personal information into URLs or telemetry fields. We may use cookies and similar technologies (pixels, tags, SDKs, local storage) for essential operations, diagnostics, measurement and attribution, and (if enabled) advertising/retargeting subject to your choices.
Opt-out preference signals: where required by applicable law, we process recognized opt-out preference signals (such as Global Privacy Control or other browser/device signals) as a request to opt out of certain processing that may be considered “sale,” “sharing,” or targeted advertising. Where required, we also provide a method to confirm your choice has been applied.
Type What it does Examples Your control
Strictly necessary Enables core site and session reliability Session and security cookies May be required for the site to function
Preferences Remembers choices that improve usability Language or UI preferences Clear via browser controls
Security Detects abuse, fraud, and suspicious activity Rate limiting signals Clearing cookies may log you out
Analytics Aggregated measurement of usage and performance Page views, performance timings Adjust browser settings; use privacy controls where available
Local attribution (non-PII) Stores non-PII campaign/referrer context locally UTM tags, referrer hostname, lead token Use the “Clear local data” control below
Lead token: loading Copy token Clear local data

How we disclose information

Operational rationale: explicit sharing pathways prevent surprises and keep privacy risk legible.

We disclose Personal Information only as described here.
  • Service providers: vendors who help operate the Services (hosting, payments, email/SMS, analytics, support, security) may process information for contracted purposes consistent with this Policy.
  • Advertising and measurement partners (if enabled): if ad/measurement tools are enabled, certain identifiers and event data may be disclosed to measure performance, attribute conversions, and (where enabled) support retargeting. You can opt out where required.
  • Legal, safety, and enforcement: we may disclose information to comply with law or lawful requests; protect rights, safety, and security; investigate fraud or abuse; and enforce agreements.
  • Business transfers: information may be disclosed in connection with a merger, acquisition, financing, reorganization, or sale, subject to appropriate safeguards.
  • Aggregated / de-identified data: we may create and use aggregated, de-identified, or synthetic data that cannot reasonably identify you.

“Sale,” “sharing,” and targeted advertising

Operational rationale: plain-language opt-out framing helps consumers and keeps legal interpretations consistent.

HyperUp does not sell Personal Information for money. However, certain disclosures to advertising/measurement partners may be considered a “sale” or “sharing” under some laws, or may qualify as targeted advertising.
To adjust your choices, review browser controls and any in-product privacy settings available to you. If you prefer a direct route, email privacy@hyperupsuite.com.

Sensitive data, consumer health data, and geofencing

Operational rationale: scoped commitments reduce accidental collection and set expectations for special-handling jurisdictions.

We do not intentionally collect Sensitive Data unless needed for security, transactions, account integrity, legal compliance, or you choose to provide it. Where certain jurisdictions require special handling (including opt-in consent or a right to limit processing), we provide required notices and choices for that context.
Consumer health data and geofencing: HyperUp does not intentionally use geofencing to identify or target individuals based on visits to healthcare facilities or to infer health status for advertising. If we introduce features that process “consumer health data” as defined by certain state laws, we will provide any required notices and obtain required authorizations/consents before processing or selling such data.

Data retention

Operational rationale: retention rules reduce over-collection while preserving the minimum needed for disputes and audits.

We retain Personal Information only as long as reasonably necessary for providing and securing the Services, maintaining required business records, preventing fraud and abuse, resolving disputes, and meeting legal obligations. When retention is no longer necessary, we delete, de-identify, or aggregate data where feasible.

Security and incident response

Operational rationale: practical safeguards communicate how we protect information without making unrealistic promises.

We use safeguards designed to protect information (access controls, encryption in transit, monitoring/abuse detection, backup/resilience practices). No system is perfectly secure. If a security incident triggers legal notice obligations, we will provide notices as required by applicable law.
If you believe you found a security issue, use the Security page for the correct intake route.

Your privacy rights and requests

Operational rationale: clear request intake prevents delays and keeps responses consistent across channels.

Depending on your state of residence and applicable thresholds/exemptions, you may have rights such as access, deletion, correction, portability, and opt-outs for targeted advertising or certain disclosures that may be defined as “sale” or “sharing.” Some states provide the right to appeal denials.
  • Submit requests: email privacy@hyperupsuite.com.
  • Verification: to protect you, we verify requests using reasonable methods. We will not ask for your password by email. If we cannot verify your identity, we may deny the request or request additional information limited to verification.
  • Authorized agents: where permitted by law, you may use an authorized agent. We may require proof of authorization and may still require identity verification.
  • Request integrity and abuse prevention: where permitted by law, we may decline manifestly unfounded, repetitive, or abusive requests, require additional verification, or charge a reasonable administrative fee for excessive or technically complex requests.
  • Non-discrimination: we do not discriminate against you for exercising applicable privacy rights.
For product help, use the Support Hub instead of privacy email.

Email and SMS

Operational rationale: simple opt-out language helps customers and keeps delivery systems compliant.

Marketing emails include an unsubscribe link. We may still send non-marketing emails such as receipts, service notices, and account/security communications.
If SMS is enabled and you opt in, you can opt out by replying STOP. Message and data rates may apply.
For full details, see our Messaging Policy.

Children and teens

Operational rationale: scope statements reduce accidental collection and clarify intended audience.

The Services are not directed to children under 13, and we do not knowingly collect Personal Information from children under 13 without verifiable parental consent. If you believe a child has provided Personal Information, contact privacy@hyperupsuite.com and we will take appropriate action.

Policy governance and updates

Operational rationale: governance controls keep disclosures current without promising legal outcomes.

  • We monitor privacy developments and enforcement trends.
  • Changes are reviewed and approved by an authorized HyperUp administrator before publication.
  • We maintain version control and a change log.
  • We deploy updates consistently across relevant HyperUp web properties.
  • We run “truth checks” so our live tech stack matches our disclosures and remediate mismatches.
To reduce drift across pages and modules, we may use technical mechanisms such as version hashes, cache-busting, and integrity checks to propagate the currently approved Policy across the Services. For material changes, we may require users to re-acknowledge updated terms or privacy disclosures at next login or checkout where appropriate.

Company contact

Operational rationale: a single contact block keeps routing consistent across audits and customer support.

Contact Details
Company HyperUp Suite
Mailing address P.O. Box TBD, Natchitoches, LA 71457
Phone (318) 471-0880
Website www.hyperupsuite.com
Privacy privacy@hyperupsuite.com
Support support@hyperupsuite.com
Billing billing@hyperupsuite.com
Admin admin@hypersuite.com

Internal implementation note

Operational rationale: documenting governance logging improves internal auditability. This note is not part of the public policy commitments above.

If you want an internal governance audit trail, keep it internal (not published) and log events in your system record:
HB_UTIL_AppendLog(ss, "GOVERNANCE", "LEGAL_MODULE", "PRIVACY", "CRITICAL", "Manual verification complete; deploying approved privacy policy update", {"version":"1.0","policyHash":"<hash>","trigger":"<reason>"})

Trust Center routing

If you landed here from checkout or a support flow: privacy requests go to privacy@hyperupsuite.com. Product help goes to the Support Hub. Security issues should route through the Security page.

Trust Center Privacy Notice Security Support Hub About
HyperUp Suite · P.O. Box TBD, Natchitoches, LA 71457 · (318) 471-0880 · privacy@hyperupsuite.com