How we handle
your data.

Hypelay Inc. ("Hypelay," "we," "our," or "us") operates the Hypelay platform, an AI-native digital event agency accessible at app.hypelay.com and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard information about you when you use our Service.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.

Information you provide directly. Account registration data (name, work email address, company name); event data (event details, descriptions, attendee lists, supplier information, and related content you submit); communications (messages, support requests, and feedback); payment information (billing details processed through Stripe — we do not store full card numbers).

Information collected automatically. Log data (IP address, browser type, OS, referring URLs, pages visited, timestamps); device information (device type, unique identifiers, browser settings); usage data (features accessed, actions taken, event flows initiated); cookies and similar tracking technologies (see Section 7).

Information from third parties.Authentication providers if you use SSO or OAuth; integration partners (e.g., HubSpot, Salesforce) you authorize; Google Places API for location and venue data.

We use the information we collect to: provide and operate the Service, including AI-driven event planning, supplier sourcing, and attendee management; process transactions and manage subscriptions and credit-based billing; personalize the Service based on your preferences and event history; improve and train our AI systems and Knowledge Graph using aggregated, de-identified data; communicate with you about your account, updates, security alerts, and support matters; send transactional and marketing communications subject to your preferences and applicable law; detect, prevent, and address fraud, security incidents, and technical issues; comply with legal obligations and enforce our Terms of Service; and conduct analytics and research to improve our offerings.

We do not sell your personal information. We may disclose your information in the following circumstances.

Service providers. We share information with third-party vendors that perform services on our behalf, including cloud hosting (Supabase, Railway, Vercel), email delivery (Resend), payment processing (Stripe), AI/LLM services (Anthropic), and analytics providers. These parties are contractually obligated to use your information only as directed by us and in accordance with this Privacy Policy.

Event suppliers. When you select a catering provider, venue, or other supplier through the Service, we share relevant event information with that supplier to facilitate the transaction. You will be informed before any such disclosure occurs.

Business transfers. If Hypelay is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before the transfer.

Legal requirements. We may disclose your information if required by law or in response to valid legal process, or to protect the rights, property, or safety of Hypelay, our users, or others.

Consent. We may share your information for any other purpose with your prior written consent.

We retain your personal information for as long as your account is active or as needed to provide the Service. If you request deletion of your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention, dispute resolution, or compliance with legal obligations.

Aggregated, de-identified data derived from your activity (e.g., anonymized supplier ratings and event patterns) may be retained indefinitely as part of our Knowledge Graph infrastructure; this data cannot be used to identify you.

The Service is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete such information promptly. If you believe we may have inadvertently collected information from a child, please contact us at the address below.

This policy is consistent with the requirements of the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.

We use cookies and similar tracking technologies to operate and improve the Service: strictly necessary cookies (session authentication), preference cookies (settings and choices), and analytics cookies (usage patterns).

You may disable cookies through your browser settings; however, doing so may affect the functionality of the Service. We do not respond to browser-level "Do Not Track" signals at this time, as no uniform standard has been adopted.

We implement commercially reasonable technical, administrative, and physical safeguards to protect your information from unauthorized access, use, alteration, or destruction. These measures include encryption of data in transit (TLS) and at rest, access controls, and regular security assessments.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If we become aware of a security breach that affects your personal information, we will notify you as required by applicable law.

Hypelay is based in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to the transfer of your information to the United States, where data protection laws may differ from those in your jurisdiction.

We may send you email communications in connection with your use of the Service. Transactional emails (e.g., account confirmations, invoices, security alerts) are sent as part of the Service and are not subject to opt-out. Marketing emails are sent only with your consent and include an unsubscribe mechanism in each message.

Our email practices comply with the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM Act), 15 U.S.C. § 7701 et seq. To opt out of marketing emails, click the "unsubscribe" link in any marketing message or contact us at the address below.

Depending on your jurisdiction, you may have certain rights regarding your personal information. In all cases, you may: access and update your account information through the Service settings; request deletion of your account and associated personal information; opt out of marketing communications at any time; request a copy of the personal information we hold about you.

To exercise these rights, please contact us at the address provided in Section 14. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may need to verify your identity before processing certain requests.

The Service may contain links to third-party websites, integrations, or services that are not operated by us. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by a prominent notice within the Service at least 14 days before the changes take effect. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Hypelay Inc.
Attn: Privacy
2 Embarcadero Center, San Francisco, CA 94111
Email: privacy@hypelay.com

© 2026 Hypelay Inc. All rights reserved.