1. Introduction

This Privacy Policy describes how Hub Data, Inc., a Delaware corporation with its registered office at 251 Little Falls Drive, Wilmington, New Castle County, Delaware 19808, United States ("Hub," "we," "our," or "us"), collects, uses, discloses, and safeguards personal information in connection with our websites, products, and services (collectively, the "Services").

Hub is committed to protecting privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA). This Policy sets out our practices as both a data controller (for data we collect directly) and a data processor/service provider (for data processed on behalf of our customers).

All questions regarding this Policy or our privacy practices can be directed to: privacy@hub.xyz.

2. Scope

This Privacy Policy applies to:

• Visitors to our websites
• Business contacts and sales prospects
• Customers and their authorized users
• Individuals whose information we process in connection with the Services

It does not apply to third-party websites, services, or platforms not controlled by Hub.

3. Information We Collect

a. Information You Provide

• Business contact information (name, work email, phone, company, title)
• Account details and credentials
• Billing and payment data
• Communications (support tickets, forms, inquiries)

b. Information Collected Automatically

• Device, browser, operating system
• IP address, geolocation (approximate)
• Log data, session information
• Cookies and tracking technologies (see Section 9)

c. Customer Data

When customers use our Services, Hub processes structured datasets that may include publicly available web data or data provided directly by the customer. For such processing, Hub acts as a data processor (or "service provider"), and the customer remains the data controller.

4. Purposes of Processing

We use personal information to:

• Provide, secure, and operate the Services
• Manage accounts, billing, and support
• Respond to inquiries and requests
• Improve functionality and performance
• Prevent fraud, abuse, and misuse
• Comply with laws and enforce agreements
• Communicate product updates and marketing, where permitted by law

5. Legal Bases (GDPR/UK GDPR)

We process personal data under the following legal bases:

• Contract performance: providing the Services
• Legitimate interests: securing, improving, and operating the Services
• Consent: for cookies/marketing where required
• Legal obligations: compliance with applicable laws and regulations

6. Disclosures of Information

We disclose personal information only as necessary to:

• Service providers/contractors (hosting, analytics, billing, compliance)
• Business partners engaged to deliver Services
• Authorities where legally required
• Corporate transactions (mergers, acquisitions, financing, or sale of assets)

We do not sell personal data.

7. International Transfers

Personal information may be transferred to and processed in jurisdictions outside your country, including the United States. Where required, Hub uses safeguards such as the EU Standard Contractual Clauses (SCCs), the UK Addendum, and supplementary measures to ensure adequate protection.

8. Retention

We retain personal information only as long as necessary for the purposes outlined in this Policy, to comply with legal obligations, to resolve disputes, and to enforce agreements. Customer-provided data is retained according to the terms of the relevant customer contract.

9. Cookies and Tracking

We use cookies and similar technologies to:

• Enable core site functionality and security
• Measure usage and performance
• Improve features and user experience

You can manage cookies via browser settings or our Cookie Preferences tool. Where required, we obtain consent for non-essential cookies. Hub also honors Global Privacy Control (GPC) signals for opt-outs under applicable law.

10. Security

We implement appropriate technical and organizational safeguards, including encryption, access controls, monitoring, and vendor due diligence, to protect data from unauthorized access, disclosure, or misuse. No system is completely secure; we continuously review and update our measures.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold
• Correct inaccurate or incomplete data
• Request deletion of personal data
• Restrict or object to processing
• Receive a copy in portable format
• Opt out of certain processing, including "sale" or "sharing" under CPRA
• Lodge a complaint with a supervisory authority

Requests can be submitted to privacy@hub.xyz. Identity verification may be required.

12. California Privacy Rights

For California residents, the CCPA/CPRA grants the rights to:

• Know the categories and specific pieces of personal information collected
• Request deletion of personal information
• Correct inaccurate personal information
• Opt out of "sale" or "sharing" of personal information (Hub does not sell or share data for advertising)
• Non-discrimination for exercising privacy rights

We honor opt-out signals, including GPC, for applicable online activity.

13. Children's Privacy

The Services are intended for business use and are not directed to children under 18. We do not knowingly collect data from minors.

14. Changes

We may update this Privacy Policy periodically. Updates will be posted on this page with a new "Last Updated" date. Material changes may also be communicated by direct notice where required.

15. Contact

For questions or to exercise your rights, please contact us at: