1. Who this policy covers

This policy applies to:

• Organizations that deploy Forager under a service agreement ("Customers").
• Users — field technicians, administrators, and other personnel who access Forager on behalf of a Customer.
• Visitors to hiveriselabs.com.

If you are a User acting on behalf of a Customer, that Customer's data processing agreement with Hive Rise Labs governs how your organization's data is handled. This policy supplements, and does not replace, that agreement.

2. Information we collect

Account and organization data. When a Customer enrolls, we collect the organization name, administrator email address, billing contact, and subscription information.

Asset records. Customers define the asset types and fields they track (serial numbers, equipment descriptions, locations, and similar operational data). Hive Rise Labs stores this data on behalf of the Customer; we do not define or own it.

RF signal data. Forager Mobile captures Wi-Fi and Bluetooth Low Energy (BLE) signal observations to locate assets. MAC addresses observed by the app are hashed using a one-way function before transmission and storage. Raw MAC addresses are never retained on our servers.

Usage and diagnostic data. We collect application logs, crash reports, and feature usage telemetry to operate and improve the service. This data is aggregated or pseudonymized and is not linked to individual users beyond what is necessary to diagnose specific incidents.

Website data. When you visit hiveriselabs.com, standard web server logs record your IP address, browser type, referring page, and pages visited. We do not use third-party advertising trackers.

Contact inquiries. If you submit a contact form or email us, we retain your name, email address, and message to respond and follow up.

3. Information we do not collect

• Raw MAC addresses (hashed before leaving the device).
• Cellular identifiers (IMEI, IMSI, phone numbers).
• Personal health information (PHI) about patients or individuals.
• Financial account information.
• Precise real-time location of individual people.

Forager is designed to track assets — equipment and devices — not individuals. The system is not intended for employee monitoring and should not be used for that purpose.

4. How we use information

• Service delivery. To operate Forager Cloud, process asset location updates, and provide the features your organization subscribed to.
• Security and integrity. To detect and prevent unauthorized access, abuse, or fraud.
• Support and troubleshooting. To diagnose issues and respond to support requests.
• Service improvement. To understand how Forager is used and prioritize product development. We use aggregated, non-identifiable data for this purpose.
• Legal compliance. To meet applicable legal obligations, including audit requests and regulatory requirements.

We do not sell, rent, or share your data with third parties for advertising or marketing purposes.

5. Data isolation and access controls

Forager Cloud enforces Row-Level Security (RLS) at the database layer. This means each Customer's data is completely isolated — no query, user, or administrator can access records belonging to a different organization, even within a shared infrastructure. Access is governed by role and organization at the database level, not only the application layer.

Hive Rise Labs employees access Customer data only when necessary to provide support or investigate a security incident, and only after authorization.

6. HIPAA and regulated environments

Forager was designed from the ground up for regulated industries. We are prepared to execute a Business Associate Agreement (BAA) with covered entities and business associates subject to HIPAA. Contact us at info@hiveriselabs.com to request a BAA or discuss compliance requirements specific to your organization.

Nothing in this policy constitutes legal advice. Organizations with HIPAA, GLBA, or other regulatory obligations should review Forager's data handling in consultation with their compliance and legal teams.

7. Data retention

We retain Customer data for the duration of the service agreement and for up to 90 days after termination to allow for data export, unless a shorter period is required by law or requested by the Customer. Anonymized usage telemetry may be retained longer.

Contact form submissions and email inquiries are retained for up to 2 years or until you request deletion.

8. Third-party services

Forager Cloud is hosted on infrastructure provided by Supabase, Inc. (database, authentication, and file storage) and cloud infrastructure providers. These vendors process data on our behalf under data processing agreements consistent with this policy.

We do not embed third-party advertising scripts, social tracking pixels, or analytics platforms that share data with advertisers.

9. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export personal data we hold about you. To make a request, contact us at info@hiveriselabs.com. We will respond within 30 days.

If you are a User acting on behalf of a Customer, requests related to asset records or organizational data should be directed to your organization's Forager administrator, who controls that data.

10. Cookies

hiveriselabs.com uses only essential session cookies required for navigation. We do not use advertising cookies or cross-site tracking cookies.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated to Customers by email or in-app notice at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact

Questions about this policy or data handling practices:

Hive Rise Labs, Inc.
info@hiveriselabs.com