1 Who We Are
Hive UK is operated by Hale Technology , a company registered in England and Wales. We are the data controller for all personal data processed through the Hive UK mobile application and the website hive-uk.co.uk.
Hale Technology
Cheshire, England, United Kingdom
Privacy: privacy@hive-uk.co.uk
Data protection officer: dpo@hive-uk.co.uk
2 Data We Collect
2.1 Account & Profile Data
When you register we collect: name, email address and encrypted password, job title, company name, business category and professional bio, profile photo (optional), and your chosen UK city from our list of 32 supported cities.
2.2 Activity Data
Posts, comments and reactions you create; connections you request or accept; groups you join or create; events you create or attend; direct messages you send (encrypted in transit).
2.3 Technical Data
Device type and OS version, IP address (security and fraud prevention only), JWT session tokens stored in encrypted secure storage on your device, and anonymised crash reports.
2.4 Location Data
We use your chosen city to power the nearby-professionals map. We do not collect or store precise GPS coordinates persistently.
2.5 What We Do Not Collect
Payment data (the app is free), government-issued ID, health or biometric data, and advertising identifiers (IDFA/GAID).
3 How We Use Your Data
| Purpose | Data Used |
|---|---|
| Create and manage your account | Name, email, password hash |
| Display your public business profile | Profile data you choose to share |
| Power the nearby-professionals map | Selected city, category |
| Deliver push notifications | FCM device token |
| Prevent fraud and abuse | IP address, session data |
| Improve the app (analytics) | Anonymised usage logs |
| Respond to support requests | Email, message content |
We do not use your data for advertising, commercial profiling, or fully automated decision-making that produces legal or similarly significant effects.
4 Legal Bases for Processing
- Contract (Art. 6(1)(b)): Processing necessary to provide the Hive UK service you have signed up for.
- Legitimate Interests (Art. 6(1)(f)): Security monitoring, fraud prevention, and anonymised analytics to improve the app.
- Consent (Art. 6(1)(a)): Push notifications — you may withdraw consent at any time in your device settings.
- Legal Obligation (Art. 6(1)(c)): Where we are required to retain or disclose data by applicable law.
5 Sharing Your Data
We never sell or rent your personal data. We share data only in the following circumstances:
- Other Hive UK users: Your public profile is visible to other registered members as part of the core networking functionality.
- Firebase (Google): Used for push notification delivery (FCM) under a Data Processing Agreement. Firebase does not use your data for its own purposes.
- Hosting infrastructure: Our backend is hosted on servers within the United Kingdom using HTTPS for all data in transit.
- Law enforcement: We may disclose data if required by a valid UK court order or statutory obligation.
6 International Data Transfers
Hive UK is a UK-focused service and our primary data storage is within the United Kingdom. Where any third-party processor operates outside the UK or EEA (for example, Firebase/Google infrastructure), we ensure appropriate safeguards are in place — either an adequacy decision, Standard Contractual Clauses, or an equivalent UK mechanism — as required by UK GDPR Chapter V.
7 Data Retention
- Active accounts: Data is retained for as long as your account remains active.
- Account deletion: Your profile, posts, connections and messages are permanently deleted within 30 days of account deletion. Anonymised aggregate statistics may be retained.
- Security logs: IP address logs are retained for up to 12 months for fraud prevention, then permanently deleted.
- Legal holds: Where required by law, certain data may be retained for longer periods.
8 Your Rights
Under UK GDPR you have the following rights. To exercise any of them contact privacy@hive-uk.co.uk — we will respond within 30 days:
- Access (Art. 15): Request a copy of the personal data we hold about you.
- Rectification (Art. 16): Correct inaccurate or incomplete data (most profile data can be edited directly in-app).
- Erasure (Art. 17): Request deletion of your personal data.
- Restriction (Art. 18): Ask us to restrict processing in certain circumstances.
- Portability (Art. 20): Receive your data in a structured, machine-readable format.
- Object (Art. 21): Object to processing based on legitimate interests.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk · 0303 123 1113.
9 Security
- Passwords are hashed using industry-standard algorithms — we never store plaintext passwords.
- All API communications use HTTPS/TLS encryption.
- Authentication uses signed JWT tokens with short expiry windows.
- Session tokens on device are stored in encrypted secure storage.
- Production database access is restricted to authorised personnel only.
To responsibly disclose a security vulnerability contact security@hive-uk.co.uk.
10 Children
Hive UK is intended for users aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a minor has registered, contact privacy@hive-uk.co.uk and we will immediately delete the account.
11 Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notification and/or email at least 14 days before they take effect. The current version is always available at hive-uk.co.uk/privacy-policy.
12 Contact
Data Controller: Hale Technology
Privacy enquiries: privacy@hive-uk.co.uk
Data protection: dpo@hive-uk.co.uk
Supervisory authority: ICO — ico.org.uk · 0303 123 1113