Our policies

  • Effective Date: 28.6.2025

    1. Introduction

    Welcome to Exhive Oy ("we", "our", or "us"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our SaaS, the Exhive Platform ("Service").

    This policy complies with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applies to all users located in the European Union.

    2. Data Controller

    Exhive Oy
    Takaniityntie 5 G 9, 00780 Helsinki Finland
    Email: info@exhive.ai

    3. Data We Collect

    We may collect and process the following data:

    • Limited Personal Data: such as name, email address, login credentials.

    • Client Data: information you or your organization upload or process through our Service. This may include personal data, depending on your use.

    • Technical Data: IP address, browser type, device information, and usage logs.

    • Cookies and Tracking Technologies: for analytics and service functionality.

    4. Legal Basis for Processing

    We process your data under the following legal bases:

    • Performance of a Contract (Art. 6(1)(b) GDPR)

    • Legitimate Interests (Art. 6(1)(f) GDPR)

    • Consent, where applicable (Art. 6(1)(a) GDPR)

    • Legal Obligations (Art. 6(1)(c) GDPR)

    5. How We Use Your Data

    • To provide and maintain the Service

    • To manage your account and support requests

    • To improve the functionality and security of our Service

    • To communicate important updates and service notices

    • To comply with legal obligations

    6. Data Storage and Location

    All data is stored securely within the European Union. We use reputable EU-based cloud service providers in compliance with GDPR.

    7. Data Sharing and Transfers

    We do not sell personal data. We may share data with:

    • Authorized service providers under data processing agreements

    • Public authorities when legally required

    • Affiliates and subsidiaries (if applicable)

    All third-party processors are GDPR-compliant and located in the EU or in jurisdictions with adequate protection.

    8. Data Retention

    We retain data only as long as necessary:

    • Account data: for the duration of the customer relationship and up to 12 months after termination

    • Log data: typically retained for 90 days

    • Client data: as per contractual agreement

    9. Your Rights Under GDPR

    You have the right to:

    • Access your data

    • Rectify inaccurate data

    • Erase your data ("right to be forgotten")

    • Restrict or object to processing

    • Data portability

    • Withdraw consent at any time

    To exercise your rights, contact: info@exhive.ai

    10. Security

    We implement technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular audits.

    11. Updates to This Policy

    We may update this policy occasionally. You will be notified of significant changes via email or platform notice.

    12. Contact Us

    If you have any questions or concerns about this Privacy Policy, please contact us at:

    Exhive Oy
    info@exhive.ai