Privacy Policy

Privacy Policy

Last updated: 2026-03-24

1. Introduction

Hacktionbase (“we”, “our”, “us”) provides a customer engagement platform combining messaging, analytics, session replay, and automation tools.

We are committed to protecting your personal data and respecting your privacy in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

2. Data We Collect

We may collect and process the following types of data:

a. Account Data

  • Name
  • Email address
  • Company information
  • Billing details

b. Usage Data

  • Log data (IP address, browser, device)
  • Feature usage
  • API requests

c. Customer Data (Processed on behalf of our clients)

Our customers may use Hacktionbase to collect and process data from their own end-users, including:

  • User identifiers (anonymous or identified)
  • Events (pageviews, clicks, custom events)
  • Session replay data
  • Behavioral data

⚠️ In this case, Hacktionbase acts as a data processor, and our customers are the data controllers.

3. Session Replay & Tracking

Hacktionbase provides session replay and behavioral tracking features.

These may include:

  • Recording of user interactions (clicks, navigation, UI events)
  • Reconstruction of sessions for debugging and analytics

Safeguards:

  • Sensitive inputs (password fields, payment fields) are masked by default
  • Customers are responsible for configuring additional masking rules
  • We strongly recommend not collecting sensitive personal data

4. How We Use Data

We use data to:

  • Provide and operate the platform
  • Improve performance and reliability
  • Enable customer features (messaging, segmentation, automation)
  • Ensure security and prevent abuse
  • Comply with legal obligations

5. Legal Basis (GDPR)

We process personal data based on:

  • Contractual necessity (to provide our services)
  • Legitimate interest (product improvement, security)
  • Legal obligations

6. Data Sharing

We do not sell personal data.

We may share data with:

  • Infrastructure providers (e.g., AWS)
  • Subprocessors required to operate the service
  • Authorities when legally required

7. Data Retention

We retain data only as long as necessary to:

  • Provide the service
  • Comply with legal obligations

Retention periods may vary depending on customer configuration.

8. Data Security

We implement appropriate technical and organizational measures:

  • Encryption in transit (HTTPS)
  • Access control
  • Isolated multi-tenant architecture
  • Monitoring and logging

9. International Transfers

Data may be processed outside the UK/EU (e.g., AWS infrastructure).

We ensure appropriate safeguards such as Standard Contractual Clauses (SCCs).

10. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase your data
  • Restrict processing
  • Data portability
  • Object to processing

Requests can be sent to: privacy@hacktionbase.com

11. Cookies

We may use cookies and similar technologies for:

  • Authentication
  • Analytics
  • Performance

Users can manage cookies via browser settings.

12. Changes

We may update this Privacy Policy at any time. Changes will be posted on this page.

13. Contact

For any privacy-related questions:

Email: privacy@hacktionbase.com