Privacy Policy

HeyLiva is a service provided and operated by Hauf Sensors Ltd, a company registered in London, UK. Whenever we refer to “HeyLiva”, “we”, “us” or “our”, we mean Hauf Sensors Ltd and its affiliates. We are committed to processing your personal data in compliance with the UK GDPR (United Kingdom General Data Protection Regulation), EU GDPR (General Data Protection Regulation), the California Consumer Privacy Act (CCPA), Brazilian LGPD (Lei Geral de Proteção de Dados) and any other applicable data protection laws. This Policy explains how we collect, use, store, share, and protect your data, and details your rights.
We are committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. This Privacy Policy applies to all users of our services (“Services”), including our website, chatbots, and any other platforms we may use to provide our services.

1. What Data We Collect

We may collect the following types of personal data:

  • Personal identifiers (e.g., name, email address, phone number)
  • Device and usage information (e.g., browser type, IP address, location, timezone, usage logs)
  • Any information you voluntarily provide (e.g., support communications, documents, or images uploaded)
  • Content of chats, conversations, and event registrations
  • Profile information, credentials and data synchronized with third-party integrations (e.g., Google Calendar, WhatsApp, Telegram)

2. How We Use Your Data
Compliance with Google API Services User Data Policy

HeyLiva’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We only access Google Calendar data to fulfil explicit user requests (create, read, update or delete calendar events) and never use it to develop, improve or train our own or third-party AI/ML models.

We use your data to:

  • Provide, operate, and improve our services: create, manage, and display your events and reminders
  • Assistant training for better user experience: analyse usage for feature enhancements and recommendations. Only data added directly to HeyLiva.
  • Synchronization with enabled integrations
  • Respond to your inquiries and provide customer support
  • Send important notices and updates
  • Analyze service performance and ensure security
  • Logging for security and system enhancement
  • Comply with legal obligations (including GDPR, LGPD, CCPA, or other applicable laws)

  • Use of Google Calendar Data: When you connect your Google Calendar account to HeyLiva, we access and process only the minimum data required to create, read, and manage your calendar events, as authorized by you. This access is strictly limited to the features necessary for the operation of HeyLiva’s services and is never used for advertising, analytics, or sold to third parties.
    • No Sharing or Selling: Data obtained via Google APIs—such as calendar events—will not be shared with, sold to, or used by third parties except as needed to provide HeyLiva’s core services as described in this policy. Your information is never used for purposes unrelated to event management or the functioning of HeyLiva.
    • Access Revocation: You can revoke HeyLiva’s access to your Google Calendar data at any time by texting to Liva "revoke google calendar access" or by visiting your Google Account Permissions dashboard. If you wish to have all data obtained via Google APIs deleted from our systems, please contact us at DPO@heyliva.com.
    • Regulatory Compliance: We comply with the Google API Services User Data Policy (Limited Use), GDPR, and LGPD.

3. Legal Bases for Processing

We process your personal data based on one or more of the following legal grounds:

  • Your consent
  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interest, provided such interests are not overridden by your rights

You have rights to access, correct, delete, and port your data, and to withdraw consent. See next section.

4. Your Rights

You have the right to:

  • Access, correction, and updating of data
  • Object to or restrict processing
  • Withdraw consent (where applicable)
  • Portability (when available in the web system)
  • Account deletion request (via DPO@heyliva.com)
These rights can be exercised at any time, free of charge, by contacting us as indicated below. We respond within one month or per statutory timelines.
These rights may vary depending on your jurisdiction and the applicable law.

5. Data Sharing and International Transfers

Your data may be transferred to, stored, and processed in other countries. We ensure that appropriate safeguards are in place as required by law, such as Standard Contract Clauses (SCCs) or equivalent mechanisms under GDPR, LGPD, or other applicable regulations. We may share your data with:

  • With OpenAI, for natural language processing and chat functionalities
  • With providers and integrations authorized by the user (e.g., Google Calendar)
  • Data stored in the United States (We use Amazon Web Services)
  • No sale of information to third parties.

6. Data Retention

We retain your personal data only for as long as necessary for the purposes outlined in this policy, or as required by law.

7. Cookies and Tracking Technologies

We use cookies to operate and administer our Services and improve your user experience. A “cookie” is a small piece of information sent to your browser by a website you visit. You may set your browser to accept all cookies, to reject all cookies, or to notify you each time a cookie is offered, so you can decide whether to accept it or not. Please note that refusing cookies may affect the functionality of certain areas or features of our website.

For more information about cookies, please visit All About Cookies.

8. Children and minors

Our services are designed to be accessible to users of any age. Children are welcome to use HeyLiva, provided that their parents or legal guardians have given the necessary consent as required by applicable data protection laws.

However, HeyLiva does not knowingly collect or store personal data from children under the minimum age defined by the legislation of each jurisdiction (such as 13 in the United States, 12 in Brazil, 16 in the European Union, or as otherwise stipulated by law) without appropriate parental authorization. If we become aware that we have inadvertently collected personal information from a child without the required consent, we will take prompt steps to delete such information in accordance with legal requirements.

If you are a parent or legal guardian and believe that your child has provided personal data to us without your consent, please contact us at DPO@heyliva.com so we can address and resolve the situation appropriately.

9. Security

We use industry-standard measures to store and protect your data, including encryption and access control. In case of incidents, we will notify as required by applicable law.

10. Misuse and abuse

SPAM, flooding, abusive resource use, scraping, unlawful or unauthorized commercial use of the platform are prohibited. Violation may result in account restrictions and reporting to authorities.

11. Changes to this Policy

We may update this Privacy Policy periodically. Material changes will be communicated through clear notice prior to the update taking effect.

12. Questions and contact

If you have any questions, contact us at DPO@heyliva.com or contact@heyliva.com.