LegalsPrivacy Statement in Connection with the use of Hypori Products

Privacy Statement in Connection with the use of Hypori Products

Effective date: May 01, 2026

Download PDF
Website Privacy Policy
Acceptable Use Policy for SaaS Services
Cookie Policy
End-User License Agreement
Corporate Privacy Statement
Data Processing Addendum (DPA)
Data Processing Addendum (DPA) - Partner/Reseller
Maser Subscription Agreement
Terms of Service
Partner Code of Business Conduct
Accessibility Statement
E-Verify

Effective Date: January 12, 2026

Hypori, Inc. and its subsidiaries (“Hypori”, “we”, “us”, and “our”) place importance on privacy and data protection.

This full Privacy Statement describes how we collect and process your personal information only in connection with the use of Hypori products, including but not limited to: Hypori Mobile, Hypori Lyte for Secure Messaging, Hypori Lyte for Enterprise Browser, Hypori Lyte for Applications, and Hypori Secure Messaging (together, “Hypori Products”).

This Privacy Statement describes our personal information processing practices, including the types of personal information we obtain, how we may use that personal information, with whom we may share it, and how individual data subjects (“you” and “your”) may exercise your rights regarding our processing of your personal information. This Privacy Statement also describes the measures we take to safeguard the personal information we obtain and how you can contact us about our privacy practices.

PLEASE NOTE: Certain Hypori Products, including Hypori Government Cloud, do not collect, send, transmit, or store personal information. Any personal data that users work with through these products originates from external systems already used by the customer (such as email, file-sharing tools, or websites). That data is logically isolated for each user and protected using strong encryption. Hypori provides secure access technology only, and any personal information remains subject to the privacy and security practices of the originating system.

Quick Summary: How We Handle Your Data

This summary explains the key points of our privacy practices when you use Hypori Products (like Hypori Mobile or Hypori Secure Messaging). For full details, please read the complete Privacy Statement below.

Who We Are

Hypori, Inc. (and Hypori Ltd in the UK) provides secure enterprise products that give users access to remote systems without storing personal data on the local device.

What Data We Collect

We may collect:

  • Basic identifiers (e.g. username, device ID, IP address)
  • Account and support information
  • Usage logs (e.g. login times, features accessed)

We do not access or monitor customer content unless explicitly requested for support.

How We Use Your Data

We use your information to:

  • Provide and support the product
  • Authenticate users and protect against fraud
  • Monitor performance and resolve technical issues
  • Comply with legal requirements

What We Don’t Do

  • We don’t use your data for advertising or marketing.
  • We don’t sell your data.
  • We don’t access customer content unless explicitly authorized.

Who’s Responsible

  • If you access Hypori through your employer or another organization, they are typically the data controller.
  • Hypori acts as a data processor, handling your data on their instructions.
  • In limited cases, Hypori may act as a controller, such as for system logs and security events.

International Transfers

We may transfer data outside your country, but only with legal safeguards like Standard Contractual Clauses or the UK IDTA.

Your Rights

Depending on your location, you may have rights to:

  • Access or correct your data
  • Request deletion
  • Object to processing or request restriction
  • File a complaint with a regulator

If you’re using Hypori via an organization, please contact them first to exercise your rights.

Scope of This Privacy Statement

This Privacy Statement applies solely to personal information processed by Hypori in connection with the use of Hypori Products, including:

  • product registration, licensing, authentication, and account administration;
  • product security, monitoring, logging, and support operations;
  • customer and end-user communications related to product use;
  • product analytics and performance monitoring; and
  • customer support, training, and consulting services directly related to the Hypori Products.

Except where expressly stated otherwise, when Hypori processes personal information in connection with Hypori Products on behalf of enterprise customers, Hypori acts as a data processor, and such processing is governed by applicable customer agreements, including data processing addenda and related documentation. In those circumstances, the customer is the data controller.

This Privacy Statement does not apply to:

  • Personal information collected through Hypori corporate websites, marketing activities, or events;
  • Personal information collected through recruitment or employment activities;
  • Personal information processed entirely within customer-controlled systems accessed via Hypori Products;
  • Personal information collected by third-party platforms (such as app stores) that is governed by their own privacy notices.

Personal information collected through Hypori corporate websites, marketing activities, and events is described in Hypori’s Corporate Privacy Statement, available at www.hypori.com/legal.

Unless otherwise disclosed in this Privacy Statement or other supplementary privacy notice provided to you, Hypori does not automatically share your personal information with third-party websites and is not responsible for their privacy practices. These websites are subject to their respective privacy notices and policies. Hypori may engage vendors and service providers in connection with the Hypori Products, subject to appropriate confidentiality and data protection obligations.

Personal Information We Collect

The data we obtain varies based on the Hypori Products you use. We obtain personal information through your interaction with the Hypori Products.

The types of personal information we obtain include the following categories and examples. The categories of personal information described below may apply depending on the context of an individual’s interaction with Hypori and the specific Hypori Product involved. Not all categories apply to every individual or processing activity.

Please note that providing personal information to us is voluntary on your part. If you choose not to provide us with certain information, we may not be able to offer you certain products and services.

Hypori does not monitor, access, or control the content of customer data accessed through Hypori Products, except as necessary to provide technical support at the customer’s request.

Providing personal information is generally required only to the extent necessary to enable product access, authentication, security, and support.

Hypori Secure Messaging and Hypori Lyte for Secure Messaging. If your organization has enabled Hypori Secure Messaging or Hypori Lyte for Secure Messaging, Hypori processes the following additional data on behalf of your organization: message content and metadata (including sender identifier, recipient identifier, timestamp, and message length); file attachments shared within the secure messaging environment; and user identifiers and authentication tokens associated with your messaging account. This data is stored within your organization’s designated security boundary in Hypori’s FedRAMP High authorized AWS infrastructure. Hypori does not access, use, or disclose message content except as directed by your organization or as required by applicable law. Retention of messages and attachments is controlled by your organization’s administrator in accordance with your organization’s compliance and governance requirements. Data associated with Hypori Secure Messaging is not used by Hypori for advertising, profiling, or any purpose other than delivering the messaging service to your organization.

How We Use Personal Information

We use the above listed categories of personal information for the following purposes:

  • to provide, operate, and maintain the Hypori Products;
  • to authenticate users and manage accounts;
  • to provide customer support, troubleshooting, and technical assistance;
  • to ensure product security, integrity, availability, and performance;
  • to detect, prevent, and respond to security incidents, fraud, or misuse;
  • to comply with legal and regulatory obligations;
  • to perform limited analytics and reporting related to product performance and reliability; and
  • to communicate with customers and authorized users regarding product updates, security notices, and operational information.

Hypori does not use personal information processed through Hypori Products for advertising, marketing, or cross-context behavioral profiling.

Legal Bases for Processing

Depending on the applicable law and processing context, Hypori relies on one or more of the following legal bases:

  • performance of a contract with the customer;
  • compliance with legal obligations;
  • legitimate interests in operating, securing, and supporting enterprise technology services; and
  • your consent, where required by law, which you can revoke at any time.

Artificial Intelligence (AI) Technologies

Hypori does not use automated decision-making or AI technologies within Hypori Products that produce legal or similarly significant effects for individuals.

Cookies and Other Similar Technologies

Hypori Products do not use cookies or similar technologies for advertising, behavioral profiling, or analytics.

We may use a limited set of strictly necessary technical mechanisms such as cookies, tokens, or secure identifiers — solely for the following purposes:

  • Authentication: To verify user identity and maintain secure access during a session.
  • Session Management: To manage login states and ensure continuity of service.
  • Security: To detect and prevent unauthorized access, fraud, or misuse.

These mechanisms are essential to the operation of Hypori Products and are not used for tracking users across services or for marketing purposes. As such, they do not require user consent under applicable data protection laws, including the UK Privacy and Electronic Communications Regulations (PECR) and the EU ePrivacy Directive.

Hypori does not set or permit third-party cookies within Hypori Products, and no cookies are used for purposes unrelated to the secure delivery of the service.

Why and With Whom We Disclose or Share Personal Information

Hypori shares personal information processed in connection with Hypori Products only as necessary and as permitted by applicable agreements and law, including:

  • with the relevant customer (as data controller);
  • with authorized Hypori affiliates;
  • with service providers acting on Hypori’s behalf under contractual confidentiality and data protection obligations; and
  • where required by law, regulation, or valid legal process.

Hypori does not sell personal information.

International Data Transfers

Hypori is a global organization and may transfer personal information to, or store and process personal information in, countries other than the country in which the information was originally collected. This includes transfers to countries where Hypori or its service providers operate, including the United States.

Where personal information is transferred internationally, Hypori ensures that such transfers are made in accordance with applicable data protection laws and that appropriate safeguards are in place to protect personal information. These safeguards may include, where required:

  • entering into data transfer agreements incorporating the European Commission’s Standard Contractual Clauses;
  • applying the UK International Data Transfer Addendum or International Data Transfer Agreement (IDTA), as applicable;
  • relying on Swiss-recognised transfer mechanisms for transfers subject to the Swiss Federal Act on Data Protection; and
  • implementing supplementary technical and organizational measures where appropriate.

Hypori transfers personal information internationally only for the purposes described in this Privacy Statement.

Where Hypori processes personal information on behalf of its customers in connection with the provision of its products or services, international transfers of such data are governed by the applicable contractual arrangements between Hypori and the relevant customer, including any data processing addendum or data transfer agreements in place. In those circumstances, the relevant customer remains responsible for determining the lawful basis for the transfer.

Individuals may request additional information about the safeguards applied to international transfers by contacting Hypori using the details provided in the How to Contact Us section of this Privacy Statement.

Your Privacy Rights and Choices

To the extent provided by the law of your jurisdiction, you may have privacy rights to access, correct, update, amend, delete, restrict the processing of your personal information, or object to automated decision-making based on your personal information.

When Hypori is acting as a “data controller” under applicable law, you may exercise such rights by contacting us via [email protected]. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response.

If you use Hypori Products through your employer, healthcare provider, or another organization, they are the data controller. Please contact them directly to exercise your rights.

European Economic Area (“EEA”) and United Kingdom (“UK”) Privacy Disclosures

If you are located in the EEA or the UK, the following additional information applies to you.

Data Controller and Processing Roles

For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”) and the UK GDPR:

  • Hypori Inc acts as a data controller in respect of personal information it processes directly in connection with the provision, security, support, and administration of Hypori Products, where it determines the purposes and means of such processing.
  • Where Hypori Inc processes personal information on behalf of enterprise customers in connection with the provision of its products or services, Hypori acts as a data processor, and such processing is governed by the applicable customer agreements, data processing addenda, and related documentation. In those circumstances, the relevant customer acts as the data controller and determines the purposes and means of processing.

If you are an end user accessing Hypori services through an organization, you should direct privacy-related requests primarily to that organization.

Legal Bases for Processing

We process personal information only where we have a lawful basis under applicable data protection laws. Depending on the context and nature of the processing, these legal bases may include:

  • Legitimate interests (Article 6(1)(f) GDPR), such as:
    • providing, operating, securing, and improving our enterprise products and services;
    • ensuring network and information security;
    • preventing fraud, misuse, and unauthorized access;
    • managing customer relationships and business operations;
    provided that such interests are not overridden by your rights and freedoms.
  • Compliance with Legal Obligations (Article 6(1)(c) GDPR), including regulatory, tax, and security requirements.
  • Consent (Article 6(1)(a) GDPR), where required by law, such as for certain cookies, analytics, or marketing communications. You may withdraw your consent at any time.
  • In business-to-business (B2B) contexts, including where personal information relates to customer employees or authorized users, processing is primarily based on Hypori’s legitimate interests in operating, securing, and supporting its enterprise services, except where another lawful basis is required by applicable law.

Your Rights

Subject to applicable law, you may have the right to:

  • request access to your personal information;
  • request correction of inaccurate or incomplete personal information;
  • request deletion or restriction of processing in certain circumstances;
  • object to processing based on legitimate interests;
  • request data portability where applicable; and
  • in the UK, this is the Information Commissioner’s Office (ICO). In the EU, you may contact the supervisory authority of the EU member state where you reside, work, or where the alleged infringement occurred.

If Hypori processes your personal information as a processor on behalf of a customer, requests should be directed to the relevant customer, as they are responsible for responding under applicable data protection laws.

Switzerland Privacy Disclosures

If you are located in Switzerland, the following information applies to you in accordance with the Swiss Federal Act on Data Protection (“FADP”) and its implementing ordinances.

Controller

Hypori, Inc. is responsible for the processing of personal data described in this Privacy Statement where it determines the purposes and means of processing. Where Hypori processes personal data on behalf of its customers, Hypori acts as a processor, and the relevant customer is responsible as the controller.

Purposes and Legal Bases

Hypori processes personal data for the purposes described in this Privacy Statement. Under Swiss data protection law, processing is lawful where it is justified by the consent of the data subject, required for the performance of a contract, mandated by law, or necessary to protect overriding private or public interests, including the operation, security, and improvement of our services.

Your Rights under Swiss Law

Subject to applicable law and certain limitations, individuals in Switzerland have the right to:

  • request information about whether personal data relating to them is being processed;
  • request access to their personal data;
  • request correction of inaccurate personal data;
  • request deletion of personal data where retention is no longer justified;
  • object to the processing of personal data in certain circumstances;
  • request data portability where applicable.

You may exercise these rights by contacting us using the details provided in the How to Contact Us section of this Privacy Statement. We may take reasonable steps to verify your identity before responding to your request.

International Transfers

Personal data may be transferred to countries outside Switzerland, including the United States. Where such countries do not provide an adequate level of data protection under Swiss law, Hypori implements appropriate safeguards, such as contractual data protection clauses or other legally recognized transfer mechanisms, to protect personal data.

Complaints

If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC).

Singapore Privacy Disclosures

If you are located in Singapore, the following information applies to you in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”).

Organization Responsible for Processing

Hypori, Inc. is responsible for the processing of personal data described in this Privacy Statement where it determines the purposes and means of processing. Where Hypori processes personal data on behalf of its customers, Hypori acts as a data intermediary and processes such personal data in accordance with the instructions of the relevant customer.

Purposes for Collection, Use, and Disclosure

Hypori collects, uses, and discloses personal data for the purposes described in this Privacy Statement, including to provide, operate, secure, and improve its products and services; manage accounts; provide customer support; ensure information security; and comply with legal and regulatory obligations.

Consent and Notification

Hypori collects, uses, and discloses personal data with your consent or where otherwise permitted or required under the PDPA. Where consent is required, you may withdraw your consent at any time by contacting us using the details in the How to Contact Us section of this Privacy Statement. Withdrawal of consent may affect our ability to provide certain products or services.

Your Rights under Singapore Law

Subject to applicable law and certain exceptions, individuals in Singapore have the right to:

  • request access to personal data held by Hypori;
  • request correction of personal data that is inaccurate or incomplete.
  • Requests may be submitted using the contact details provided in the How to Contact Us section of this Privacy Statement. Hypori may require reasonable information to verify your identity before responding.

Retention and Protection

Hypori retains personal information only for as long as necessary for the purposes described or as required by applicable laws). More specific retention schedules may be agreed by contract or stated in supplementary notices.

Transfers Outside Singapore

Personal data may be transferred outside Singapore. Where this occurs, Hypori takes steps to ensure that transferred personal data is protected to a standard comparable to that under the PDPA, including through contractual or other legally recognized safeguards.

Complaints and Contact

If you have concerns about Hypori’s handling of your personal data, you may contact us using the details in the How to Contact Us section. You also have the right to lodge a complaint with the Personal Data Protection Commission of Singapore.

Supplemental U.S. State Privacy Disclosures

This section applies to residents of U.S. states with comprehensive privacy laws, including but not limited to California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Tennessee, Indiana, Iowa, Delaware, and New Jersey (“State Privacy Laws”). This section supplements the Privacy Statement above.

Categories of Personal Information We Collect

  • Depending on your interaction with Hypori and as described in this Privacy Statement, we may collect the following categories of personal information: identifiers such as name, email address, IP address, and account identifiers; professional or employment-related information; internet or other electronic network activity information; device and technical information; commercial information such as subscription and transaction metadata; approximate geolocation data derived from IP address; and inferences drawn from other personal information for service improvement and security purposes.
  • We do not knowingly collect sensitive personal information except where strictly necessary to provide and secure our services, such as account credentials.

Purposes for Processing

We collect and process personal information for the purposes described in this Privacy Statement, including to provide, operate, maintain, and secure our products and services; support account access and administration; protect against, detect, and respond to security incidents and other unlawful or harmful activity; respond to customer inquiries and provide service-related communications; perform limited internal analytics and research to maintain and improve service functionality and reliability (not for cross-context behavioral advertising); and comply with applicable legal and regulatory obligations.

Sale and Sharing of Personal Information

Hypori does not sell personal information as that term is defined under applicable U.S. State Privacy Laws. We also do not share personal information for purposes of cross-context behavioral advertising, except where limited online advertising or analytics technologies may be considered “sharing” under certain state laws. Where required, Hypori provides opt-out mechanisms through cookie controls and recognizes legally required preference signals.

Your Privacy Rights (U.S. States)

  • Subject to applicable law and certain exceptions, residents of U.S. states may have the right to confirm whether we process your personal information; access and obtain a copy of your personal information; correct inaccuracies in your personal information; delete personal information; obtain personal information in a portable format; opt out of the sale of personal information, sharing of personal information for targeted advertising, or certain profiling activities; and not be discriminated against for exercising privacy rights.
  • Some rights may vary by state and may be subject to limitations, including where Hypori acts as a service provider or processor on behalf of a business customer.

Exercising Your Rights

  • To submit a privacy rights request, please see the How to Contact Us section of this Privacy Statement. We will verify your request in accordance with applicable law and respond within the timeframes required by law. Where permitted, we may request additional information to verify your identity.
  • If Hypori processes your personal information on behalf of a customer, for example where you access Hypori services through your employer or organization, we may direct you to that customer to exercise your rights.

Appeals

If we decline to take action on your request, you may have the right to appeal our decision, depending on your state of residence. Instructions for submitting an appeal will be provided in our response where applicable.

Authorized Agents

Where permitted by law, you may designate an authorized agent to submit a request on your behalf. We may require proof of authorization and verification of your identity before processing the request.

California Residents (Additional Notice)

For California residents, this section is intended to satisfy the notice requirements of the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA). Hypori does not sell personal information and does not use or disclose sensitive personal information for purposes other than those permitted by law. California residents may exercise the rights described above by contacting [email protected].

How We Protect Personal Information

Hypori maintains administrative, technical, and physical safeguards designed to protect personal information processed in connection with Hypori Products, including encryption, access controls, monitoring, and secure development practices.

How Long We Retain Personal Information

To the extent permitted by applicable law, we typically retain personal information we obtain about you for as long as it is needed (1) for the purposes for which we obtained it, in accordance with the terms of this Privacy Statement, which generally means that we will retain your personal information for the duration of the applicable Agreement or Subscription Term, and for a reasonable period thereafter as required by applicable law or as necessary to establish, exercise, or defend legal claims; (2) only for as long as we have a legitimate business need; and/or (3) for complying with legal requirements, taking into account applicable statute of limitation periods and complying with applicable laws, resolve disputes, and enforce our agreements. As described in the Your Privacy Rights and Choices section above, to the extent provided by the law of your jurisdiction, you may request that we delete your information or restrict the processing of such information by contacting us as indicated below.

Individuals may request deletion or restriction of processing of their personal information in accordance with applicable data protection laws, subject to legal and contractual limitations.

Children’s Personal Information

Hypori Products are intended for enterprise and government use and are not directed to children under the age of 13. We do not knowingly collect personal information from children under the age of 13. Users between the ages of 13 and 18 may only use the Products with the involvement and consent of a parent, legal guardian, or authorized organizational administrator. If we become aware that we have collected personal information from a child under the age of 18, we will promptly delete the information from our records. If you believe that a child under the age of 18 may have provided us with personal information, please contact us as specified in the How to Contact Us section of this Privacy Statement.

Changes to Our Privacy Statement

Hypori may update this Privacy Statement from time to time to reflect changes in its corporate practices, legal requirements, or regulatory obligations.

The “Effective Date” date at the top of this Privacy Statement indicates when it was most recently updated. Where changes are material, Hypori will provide appropriate notice, such as by posting an updated version of this Privacy Statement on its website or by other reasonable means, prior to the changes taking effect.

By continuing to use the Hypori Products after such revisions are in effect, you accept and agree to our revised Privacy Statement. We encourage you to periodically review this Privacy Statement for the latest information on our privacy practices.

The current version of this Privacy Statement is available at hypori.com/privacy. Prior versions are available upon written request to [email protected].

How to Contact Us

For questions regarding this Privacy Statement or personal information processed in connection with Hypori Products, please contact:

Attn: Data Privacy Officer (DPO)
1801 Robert Fulton Drive, Ste 340
Reston, VA 20191
United States
[email protected]

Attn: Hypori UK DPO and UK Article 27 GDPR Representative
Prior Analytics Ltd (d/b/a PrivacyAid)
590 Green Lanes
London, N13 5RY
UNITED KINGDOM
[email protected]

Attn: Hypori EU Article 27 GDPR Representative
EU Business Partners
10 Ashe Street
Clonakilty
Co. Cork P85 E403
IRELAND
Email: [email protected]