Introduction
Welcome to Hyonix. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://hyonix.com) and use our services. This policy is designed to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you agree to the collection and use of information in accordance with this policy.
This document should be read in conjunction with our:
If you have any questions about our privacy practices, please contact us at [email protected].
1. Data Controller Information
- Trade Name: Hyonix
- Legal Entity: Krixe Pte. Ltd.
- Registration Number: UEN: 202345555E
- Registered Address: 18 Sin Ming Lane #07-13, Midview City 573960 Singapore
- Email: [email protected]
- Data Protection Officer: [email protected]
2. Information We Collect
2.1 Information Collected Automatically
When you visit our website or use our services, we automatically collect certain information through our servers and analytics tools:
- Technical Information:
- IP address and domain name/hostname
- Browser type and version (e.g., Chrome, Firefox, Safari)
- Operating system and platform
- Device information (type, model, screen resolution)
- Time zone settings
- Language preferences
- Usage Information:
- Date and time of your visit (timestamp)
- Pages visited and features used
- Referring website addresses
- Click-through data and navigation patterns
- Search queries within our website
- Duration of visit and page views
- Location Data:
- Approximate geographic location based on IP address
- Country, region, and city (where available)
2.2 Information You Provide Voluntarily
We collect information that you provide directly to us when you:
- Create an Account:
- Full name
- Email address
- Physical address
- Country and postal code
- Telephone number
- Company name (where applicable)
- Username and password
- Make a Purchase:
- Billing information
- Payment method details (processed securely through third-party providers)
- Transaction history
- Communicate with Us:
- Support ticket contents
- Email correspondence
- Chat transcripts
- Phone call records (if applicable)
- Feedback and survey responses
- Use Our Services:
- Server configurations
- Service preferences
- Technical support requests
2.3 Information from Third-Party Sources
To ensure security and prevent fraud, we may collect additional information from:
- Fraud Prevention Services: MaxMind, FraudRecord, and similar services
- Payment Processors: Transaction verification data
- Public Sources: Business registries for company verification
- Security Services: Threat intelligence data
2.4 Sensitive Personal Data
We do not intentionally collect sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, health data, or sexual orientation) unless specifically required by law or with your explicit consent.
3. Legal Basis for Processing
We process your personal data based on the following legal grounds:
3.1 Contract Performance
To provide services you've subscribed to and fulfill our contractual obligations, including:
- Service provisioning and management
- Processing payments
- Providing customer support
3.2 Legitimate Interests
For our legitimate business interests, which include:
- Improving our services and user experience
- Preventing fraud and ensuring security
- Conducting business analytics
- Direct marketing (with opt-out options)
3.3 Legal Obligations
To comply with applicable laws and regulations, such as:
- Tax and accounting requirements
- Legal process and law enforcement requests
- Regulatory compliance
3.4 Consent
For specific processing activities where required, including:
- Marketing communications (where consent is required)
- Optional services and features
- Cookies and similar technologies
3.5 Vital Interests
In rare circumstances, to protect someone's life or physical safety.
4. How We Use Your Information
We use the collected information for the following purposes:
4.1 Service Delivery
- Providing and maintaining our hosting services
- Processing transactions and sending confirmations
- Managing your account and subscriptions
- Responding to service requests and support inquiries
- Sending service-related announcements and updates
4.2 Communication
- Responding to your inquiries and requests
- Sending technical notices and security alerts
- Providing customer support
- Sending billing and account information
4.3 Marketing and Promotion
- Sending newsletters and promotional materials (with your consent)
- Informing you about new services and features
- Conducting customer satisfaction surveys
- Personalizing marketing based on your preferences
4.4 Business Operations
- Analyzing usage patterns and trends
- Improving our website and services
- Developing new products and features
- Conducting research and analytics
- Managing our business relationships
4.5 Security and Compliance
- Detecting and preventing fraud
- Monitoring for security threats
- Enforcing our terms of service and policies
- Complying with legal obligations
- Protecting our rights and property
4.6 Legal Purposes
- Responding to legal requests and court orders
- Establishing, exercising, or defending legal claims
- Complying with audit requirements
5. Cookies and Tracking Technologies
5.1 Types of Cookies We Use
- Essential Cookies
- Required for website functionality
- Enable core features like secure login and account access
- Cannot be disabled without losing functionality
- Analytics and Performance Cookies
- Google Analytics for understanding usage patterns
- Performance monitoring tools
- Help us improve website speed and functionality
- Functional Cookies
- Remember your preferences and settings
- Enable personalized features
- Improve your user experience
- Marketing Cookies (with consent)
- Used for remarketing campaigns
- Track advertising effectiveness
- Deliver relevant advertisements
5.2 Third-Party Cookies
Some of our partners may set cookies on our website:
- Google Analytics
- Payment processors
- Security services
- Customer support tools
5.3 Managing Cookies
You can control cookies through:
- Browser settings (see your browser's help section)
- Our cookie consent banner
- Third-party opt-out tools
Note: Disabling certain cookies may impact website functionality and your ability to use some features of our services.
5.4 Do Not Track
We currently do not respond to Do Not Track (DNT) browser signals, as there is no industry standard for DNT compliance. However, you can use our cookie preferences to control tracking.
6. Data Sharing and Disclosure
We may share your personal data with the following categories of recipients:
6.1 Subsidiary and Affiliated Companies
We may share your information with our subsidiary companies and affiliates for:
- Providing integrated services
- Business operations support
- Compliance with group policies
- Consolidated reporting and management
6.2 Service Providers
We share data with external third parties who help deliver our services:
- Payment Service Providers: Stripe, PayPal, Cryptomus
- Infrastructure Providers: Data center operators
- Communication Tools: Email and support ticket systems
- Analytics Services: Google Analytics
- Security Services: MaxMind, FraudRecord
6.3 Business Operations Support
We share data with external third parties who help us run our business:
- Professional Services: Accountants, lawyers, and business consultants
- External Auditors: For audit of our accounts and compliance verification
- Banking Partners: For financial operations and transactions
- Insurance Providers: For business insurance and risk management
6.4 Legal and Regulatory Obligations
We may disclose your information to:
- Law Enforcement Agencies: When required by law or to assist in investigations
- Taxation Authorities: To comply with tax reporting obligations
- Regulatory Bodies: To comply with regulatory requirements and audits
- Courts and Legal Authorities: In response to valid legal process (subpoenas, court orders)
6.5 Business Transfers
We may share data with external third parties in connection with:
- Potential buyers if we choose to sell or transfer parts of our business
- Acquiring entities in case of merger or acquisition
- Professional advisors conducting due diligence
- Asset transfers or corporate restructuring
In such cases:
- Your information may be transferred to the acquiring entity
- We will notify you before your information becomes subject to a different privacy policy
- You will have the option to close your account if you disagree with the transfer
6.6 Protection of Rights
We may share information to:
- Protect the safety of our users and the public
- Prevent illegal activities or violations of our terms
- Protect our property and legal rights
- Investigate suspected fraud or security threats
6.7 With Your Consent
We may share your information for other purposes with your explicit consent.
6.8 Safeguards
For all data sharing:
- Recipients are bound by confidentiality obligations
- Data processing agreements are in place where required
- We ensure appropriate security measures are implemented
- We limit sharing to what's necessary for the specified purpose
6.9 We Do NOT
- Sell your personal data to third parties
- Share your data for third-party marketing without consent
- Transfer data without appropriate safeguards
7. International Data Transfers
7.1 Transfer Mechanisms
As we operate globally, your data may be transferred to countries outside your jurisdiction. We ensure appropriate safeguards through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Your explicit consent for specific transfers
7.2 Data Locations
Your data may be processed in:
- Singapore (primary location)
- Data center locations where services are provisioned
- Countries where our service providers operate
7.3 Safeguards
For all international transfers, we ensure:
- Appropriate legal mechanisms are in place
- Receiving parties provide adequate data protection
- Your rights are protected regardless of location
8. Data Security
8.1 Technical Measures
We implement industry-standard security measures:
- Encryption of data in transit (TLS/SSL)
- Encryption of sensitive data at rest
- Firewalls and intrusion detection systems
- Access controls and authentication systems
8.2 Organizational Measures
- Staff training on data protection
- Confidentiality agreements with employees
- Limited access on a need-to-know basis
- Regular review of security policies
- Incident response procedures
8.3 Your Responsibilities
To help protect your data:
- Use strong, unique passwords
- Enable two-factor authentication where available
- Keep your contact information updated
- Report suspicious activities immediately
- Maintain security of your own systems
8.4 Data Breach Notification
In the event of a data breach that poses risk to your rights:
- We will notify you within 72 hours of discovery
- We will inform relevant supervisory authorities
- We will provide information about the breach and mitigation steps
9. Data Retention
9.1 Retention Periods
We retain personal data for as long as necessary:
- Active Accounts: For the duration of your account plus any applicable legal retention period
- Billing Records: 7 years for tax and accounting purposes
- Support Communications: 2 years after resolution
- Marketing Data: Until you opt-out or 18 months of inactivity
- Security Logs: 90 days for operational logs, longer for security incidents
- Legal Holds: As required by legal process
9.2 Deletion Process
When retention periods expire:
- Data is securely deleted or anonymized
- Backups are purged according to backup retention schedules
- Third parties are instructed to delete data they hold
9.3 Account Closure
Upon account closure:
- Services are terminated according to our Terms of Service
- Personal data is retained for 30 days for recovery purposes
- After 30 days, data is permanently deleted unless legal retention applies
10. Your Rights Under GDPR
As a data subject, you have the following rights:
10.1 Right to Access
You can request:
- Confirmation of whether we process your data
- A copy of your personal data
- Information about how we use your data
10.2 Right to Rectification
You can:
- Correct inaccurate personal data
- Complete incomplete personal data
- Update outdated information
10.3 Right to Erasure ("Right to be Forgotten")
You can request deletion of your data when:
- It's no longer necessary for original purposes
- You withdraw consent (where consent was the legal basis)
- You object to processing and there's no overriding legitimate interest
- Data was unlawfully processed
10.4 Right to Restrict Processing
You can limit how we use your data while we:
- Verify accuracy of contested data
- Determine legitimate grounds for processing
- Preserve data for legal claims
10.5 Right to Data Portability
You can:
- Receive your data in a structured, machine-readable format
- Transfer data to another service provider
- Request direct transfer where technically feasible
10.6 Right to Object
You can object to:
- Processing based on legitimate interests
- Direct marketing (including profiling)
- Processing for research or statistical purposes
10.7 Rights Related to Automated Decision-Making
You have the right:
- Not to be subject to purely automated decisions with legal effects
- To request human review of automated decisions
- To express your point of view and contest decisions
10.8 Right to Withdraw Consent
Where processing is based on consent:
- You can withdraw consent at any time
- Withdrawal doesn't affect prior lawful processing
- We'll make withdrawal as easy as giving consent
10.9 How to Exercise Your Rights
To exercise any of your privacy rights (including GDPR rights for all users and additional CCPA/CPRA rights for California residents):
- Contact Methods:
- Email: [email protected]
- Control Panel: Access and update information directly at https://my.hyonix.com
- Support Ticket: Submit through your account
- What to Include:
- Your full name and account information
- Specific right(s) you wish to exercise
- Any relevant details to help us process your request
- Our Response:
- We will respond within one month of receiving your request
- We will verify your identity for security purposes
- Information will be provided free of charge (except for manifestly unfounded or excessive requests)
- Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.
- In this case, we will notify you and keep you updated
- For California Residents: California residents exercising CCPA/CPRA rights can use the same contact methods above. We will not discriminate against you for exercising your privacy rights.
10.10 Right to Complain
If you're unsatisfied with our response, you can lodge a complaint with:
- Your local data protection authority
- Singapore Personal Data Protection Commission (PDPC)
- Any EU supervisory authority if you're an EU resident
11. Users in California, USA
11.1 CCPA/CPRA Compliance
Hyonix will at all times comply with all applicable data protection laws (including the CCPA and CPRA) and only process Personal Data on User's behalf.
11.2 Data Processing Commitments
Hyonix will:
- Not collect, retain, use, or disclose Personal Data for any purpose other than for the specific purposes set out in this Privacy Policy, our Terms of Service, and/or the Data Processing Agreement between Hyonix and User
- Not sell or share Personal Data (as defined under the CCPA) for the intentions and purposes of the CCPA or CPRA
- Put in place appropriate technical and organizational measures to protect Personal Data against unauthorized or unlawful processing or accidental destruction, loss or damage
11.3 California Privacy Rights
California residents have additional rights under CCPA/CPRA, including the right to:
- Know what personal information is collected
- Access and portability of personal information
- Deletion of personal information (subject to exceptions)
- Opt-out of sale/sharing of personal information
- Non-discrimination for exercising privacy rights
To exercise these rights, please see Section 10.9 above.
12. Children's Privacy
The Services are not intended for use by children under the age of 16 or anyone not of legal age to enter into binding Terms with us. Hyonix does not knowingly collect, store, share or use the personal data of children under 16 years. If you are under the age of 16, you may not use the Services or provide any personal data to us. If anyone reports to us that we received personal data concerning any children under the age of 16, we will endeavor to promptly delete all such personal data.
13. Payment Processing
13.1 Payment Security
- We use PCI-DSS compliant payment processors
- We do not store complete payment card numbers
- Payment data is tokenized for recurring billing
- All payment transmissions are encrypted
13.2 Payment Processors
We use the following payment processors:
- Stripe
- PayPal
- Cryptomus
Each processor has their own privacy policy governing payment data.
13.3 Payment Information Access
For fraud protection purposes, we may access and collect payment-related information from our payment processors, including:
- Transaction risk assessments and fraud scores
- Detection of duplicated payment methods across accounts
- Transaction history and patterns
- Billing address verification results
- Payment method verification status
- Other transaction metadata necessary for fraud prevention
This information is used solely for security purposes, fraud prevention, and to protect both Hyonix and our customers from unauthorized transactions.
14. Third-Party Links and Services
14.1 External Links
Our website may contain links to third-party sites:
- We're not responsible for their privacy practices
- We encourage you to read their privacy policies
- Our policy only applies to data we collect
14.2 Third-Party Integrations
If you connect third-party services to your account:
- Review the permissions requested
- Understand what data will be shared
- You can revoke access through your account settings
15. Policy Updates
We reserve the right to update this Privacy Policy at any time. Changes will be effective immediately upon posting to our website. It is your responsibility to review this Privacy Policy periodically for updates. The "Last Updated" date at the top indicates the latest revision.