Privacy Policy

“Personal Information” means any information that identifies or relates to an identifiable individual.

“Processing” means any operation performed on Personal Information, including collection, storage, use, or disclosure.

“Customer Data” means information, files, or content uploaded, submitted, or stored by customers through the HangarOS platform.

“Service Provider / Processor” means a third party that processes information on behalf of HangarOS.

“Controller” means the entity that determines the purposes and means of processing Personal Information.

“User,” “you,” or “your” means visitors to our Site or users of the HangarOS Service.

HangarOS ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

• Visit our website at hangaros.com (the "Site")
• Use our HangarOS software-as-a-service platform (the "Service")
• Interact with us through email, social media, or other channels

Please read this Privacy Policy carefully. By accessing or using our Site or Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, do not use our Site or Service.

This Privacy Policy applies to information we collect:

• On this Site
• Through the Service
• In email, text, and other electronic messages between you and the Site or Service
• When you interact with our advertising and applications on third-party websites and services

It does not apply to information collected by third parties, including through any application or content that may link to or be accessible from the Site or Service.

We collect several types of information from and about users of our Site and Service, including:

2.1 Personal Information You Provide

When you register for, access, or use our Service, we may collect certain personal information necessary to create and manage your account, provide customer support, process payments, and operate the Service.

Account Information:

• Full name
• Email address
• Phone number
• Company information (company name, address, and related details)
• Billing address
• Payment information (processed securely by Stripe; we do not store full credit card numbers)

Profile Information:

• Username and password
• Profile photo (optional)
• Professional information
• Preferences and settings

Communications:

• Support requests and correspondence
• Survey responses
• Feedback and testimonials

2.2 Information Collected Automatically

We automatically collect:

Device and Usage Information:

• IP address
• Browser type and version
• Operating system
• Device identifiers
• Pages visited and features used
• Time and date of visits
• Referring/exit pages
• Clickstream data

Location Information:

We do not track or use your geolocation.

Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies. See Section 8.

2.3 Information from Third Parties

Service Providers:

• Stripe (Payment Processor)
• Google (Analytics Provider)
• Microsoft (Email Service Provider)

Social Media:

• Profile info (name, email, picture)
• Public profile data
• Connection lists (if permitted)

Business Partners:

• Lead information
• Referral information

We use the information we collect for the following purposes:

3.1 To Provide and Maintain the Service

• Create and manage your account
• Process transactions and send notifications
• Provide customer support
• Perform technical operations
• Troubleshoot issues

3.2 To Improve and Develop the Service

• Analyze usage patterns
• Test new features
• Conduct research and development
• Improve user experience

3.3 To Communicate With You

• Send service-related updates
• Respond to questions
• Send marketing communications
• Policy or terms notifications
• Collect feedback

3.4 For Security and Fraud Prevention

• Detect and prevent fraud
• Protect against security threats
• Monitor incidents
• Enforce Terms of Service

3.5 For Legal Compliance

• Comply with laws and regulations
• Respond to legal requests
• Protect rights and safety

3.6 With Your Consent

For any additional uses disclosed to you at the time of collection.

3.7 Legal Basis for Processing (GDPR)

If you are located in the EEA/UK/Switzerland, our legal bases include:

• Contractual Necessity
• Legitimate Interests
• Legal Obligation
• Consent (withdrawable anytime)

3.8 HangarOS as Controller and Processor

HangarOS acts as:

• a Data Controller for Personal Information we collect directly from you (such as account data, billing information, and communications), and
• a Data Processor for Customer Data that customers upload into the HangarOS platform. In such cases, we process Customer Data solely in accordance with the customer’s instructions and our Data Processing Agreement.

We share only the minimum amount of Personal Information required for each vendor to perform services on our behalf. We do not allow vendors to use Customer Data or Personal Information for their own purposes.

4.1 Service Providers

These providers are required to use your information only for their assigned purpose and to maintain security.

4.2 Business Transfers

In mergers, acquisitions, or bankruptcy, your data may be transferred.

4.3 Legal Requirements

We may disclose your information to comply with legal obligations or to protect rights, property, or safety.

4.4 With Your Consent

4.5 Aggregated Data

We do not sell personal information.

We retain your personal information as long as necessary to fulfill this policy's purposes unless law requires longer retention.

Deletion & anonymization occur when no longer needed.

Customer Data stored in the HangarOS platform is retained for the duration of your subscription. Upon account closure or company deletition, Customer/Company Data is deleted within 30 days, unless we are legally required to retain it for longer. Customers may request expedited deletion at any time.

6.1 GDPR Rights (EEA, UK, Switzerland)

• Right to Access
• Right to Rectification
• Right to Erasure
• Right to Restrict Processing
• Right to Data Portability
• Right to Object
• Right to Withdraw Consent

6.2 CCPA Rights (California)

• Right to Know
• Right to Delete
• Right to Opt-Out of Sales
• Right to Non-Discrimination

6.3 TDPSA Rights (Texas)

Includes Right to Know, Correct, Delete, Opt-Out, etc.

6.4 Residents of Other U.S. States

Virginia, Colorado, Connecticut, Utah: similar rights.

HangarOS is based in the United States. If you access from outside the United States, your information may be transferred internationally.

7.1 For EEA, UK, Swiss Residents

Adequacy decisions, SCCs, BCRs apply.

7.2 Privacy Shield

No longer used.

7.3 Data Processing Agreement

HangarOS provides a Data Processing Agreement (DPA), including the Standard Contractual Clauses (SCCs) for international transfers, available here.

8. Cookies

We use cookies and similar technologies to operate our website, analyze usage, and improve our services. Essential cookies are used based on our legitimate interest in providing the service, while non-essential cookies (such as analytics or functional cookies) are used only with your consent.

For details about the types of cookies we use, their purposes, and how you can manage your preferences, please see our Cookie Policy. We honor browser-based Global Privacy Control (GPC) signals where required.

9.1 Security Measures

Technical Safeguards:

• Encryption (TLS/SSL, AES-256)
• MFA
• Pen testing

Administrative Safeguards:

• Access controls
• Employee training
• Incident response plan

Physical Safeguards:

• Secure data centers

9.2 Limitations

No method is 100% secure.

9.3 Breach Notification

We will notify as required by law.

Not directed to children under 18. We do not knowingly collect data from children under 18.

Our Site and Service may link to third-party websites or apps. We are not responsible for their privacy practices.

We may update this Privacy Policy. Material changes will be updated here and take effect 30 days after posting.

HangarOS 4801 Glenwood Ave, Suite 200, Mailbox 31, Raleigh, NC 27612, United States

Email: legal@hangaros.com

We do not share personal information with third parties for direct marketing without consent.

Nevada residents may opt out of data sales. We do not sell personal information under Nevada law.