Privacy Policy

1. Introduction

Welcome to HyperHU.site ("HyperHU," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://hyperhu.site/ and use our free online unit converter tool (the "Service"). We are committed to protecting your privacy and ensuring transparency in our data practices. By using the Service, you consent to the practices described in this policy.

This policy complies with applicable laws, including the General Data Protection Regulation (GDPR) for EU residents and the California Consumer Privacy Act (CCPA) for California residents. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

We collect minimal data to provide and improve the Service. All unit conversions (e.g., kg to lbs, Celsius to Fahrenheit) are performed client-side using JavaScript, meaning your input values, units, and categories never leave your browser or are stored on our servers.

• Personal Information: If you use the contact form on our Contact Us page, we collect your name, email address, subject, and message content. This data is used solely to respond to your inquiry and is not shared with third parties without your explicit consent.
• Usage Data: We collect anonymized information such as IP address, browser type, device information, pages visited, time spent on the site, and interaction with the converter (e.g., categories selected). This is aggregated for analytics purposes only and does not identify individuals.
• Conversion Inputs: Values entered for conversions (e.g., "5 kg to lbs") are processed locally in your browser. No input data is transmitted to or stored on our servers.
• Cookies and Similar Technologies: We use essential cookies for functionality (e.g., dark mode preference, session management) and optional analytics cookies (via Google Analytics) to understand usage patterns. You can manage or disable cookies through your browser settings.
• Third-Party API Data: For currency conversions, we fetch live rates from ExchangeRate-API. This request is anonymous and does not include personal data; rates are cached temporarily in your browser for the session.
• Server Log Data: Automatically collected logs include access dates/times, requested URLs, and error messages for security and maintenance. These are anonymized and retained for no more than 30 days.

We do not collect sensitive personal data, such as financial information, health records, or biometric data, through the Service.

3. How We Use Your Information

Your data is used only to deliver, maintain, and enhance the Service:

• Service Functionality: To enable client-side conversions and fetch anonymous API data for currency rates.
• Service Improvement: Anonymized usage data helps us identify popular categories (e.g., mass conversions) and refine features, such as adding more units or improving error handling.
• Communication: To respond to inquiries via the contact form. With your consent, we may send occasional newsletters about tool updates or new features (you can unsubscribe at any time).
• Analytics and Research: Aggregated insights to monitor site performance and user trends, ensuring the tool remains fast and reliable.
• Security and Compliance: To detect and prevent abuse (e.g., invalid inputs or excessive API calls) and fulfill legal obligations, such as responding to subpoenas.

We do not use your data for marketing to third parties, automated decision-making, or profiling.

4. How We Share Your Information

We do not sell, rent, or trade personal data. Any sharing is limited and purposeful:

• Service Providers: We engage trusted third parties, such as Google Analytics for anonymized usage data and ExchangeRate-API for currency rates. These providers are contractually obligated to use data only for specified purposes and maintain confidentiality. No personal identifiers are shared.
• Legal Requirements: We may disclose data if required by law, regulation, or government request (e.g., court order). We will notify you unless prohibited, and disclose only the minimum necessary.
• Business Transfers: In the event of a merger, acquisition, or sale of all or substantial assets, your data may be transferred to the successor entity. We will notify users of such changes and ensure continued protection.
• With Consent: Any other sharing requires your explicit opt-in.

For international transfers (e.g., to US-based providers), we use safeguards like Standard Contractual Clauses (SCCs) to ensure GDPR-level protection.

5. Data Security

We prioritize security to protect your data:

• Encryption: All site traffic uses HTTPS/TLS to encrypt data in transit. Client-side processing means conversion inputs never reach our servers.
• Access Controls: Strict role-based access for our team; data is minimized and anonymized. Regular security audits and vulnerability scans are conducted.
• Retention Periods: Contact form data retained for 1 year after last interaction; usage logs for 30 days; anonymized analytics indefinitely (no personal ties). Data is deleted upon request or when no longer needed.
• Breach Notification: If a security incident affects your data, we will notify you within 72 hours (per GDPR) and cooperate with authorities.
• Your Role: Use strong passwords, keep software updated, and avoid sharing sensitive details unnecessarily.

While we employ industry-standard measures, no online service is 100% secure. We cannot guarantee absolute protection against breaches.

6. Your Privacy Rights and Choices

You have control over your data. Rights vary by location but include:

• Access: Request a copy of your personal data we hold.
• Correction: Update inaccurate or incomplete information.
• Deletion ("Right to be Forgotten"): Request erasure, subject to legal retention requirements.
• Objection and Restriction: Object to processing (e.g., for marketing) or restrict use during disputes.
• Portability: Receive data in a structured, machine-readable format.
• Withdraw Consent: For consent-based processing (e.g., newsletters).
• CCPA-Specific: For California residents, request disclosures of data sales (none occur), opt-out of sales, or delete data twice yearly.

To exercise rights, email privacy@hyperhu.site with identity verification. We respond within 30 days (extendable to 45 for complex requests). No fees unless excessive/repetitive.

7. Children's Privacy

The Service is not intended for children under 13 (or 16 in the EU/UK). We do not knowingly collect data from minors. If we learn of such data, we will delete it immediately. Parents/guardians can contact us for assistance.

8. Third-Party Links and Services

Our site may link to external sites (e.g., ExchangeRate-API, social media). We are not responsible for their privacy practices—review their policies independently.

9. Changes to This Privacy Policy

We may update this policy to reflect changes in practices, technology, or law. Minor updates are posted here; significant ones notified via email (if provided) or site banner. Continued use after changes implies acceptance. Review periodically.

10. Contact Information

For privacy questions, rights requests, or concerns:

• Email: privacy@hyperhu.site
• Postal Address: HyperHU, [Demo Address], Virtual, CA 90210, USA
• Online Form: Contact Us

For EU/UK GDPR matters, our Data Protection Officer is reachable at the above email.