Last updated: Jan 6, 2026

This Privacy Policy explains how Workhive (“we,” “our,” or “us”) collects, uses, discloses, and protects information when you use our software-as-a-service platform (the “Service”), including our website and CRM application.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account or use the Service, we may collect:

• Name

• Email address

• Company name

• Billing information (processed via third-party payment providers)

• Account credentials

• Customer, lead, and contact data you upload or enter into the CRM

• Communications you send to us (support requests, feedback, etc.)

1.2 Information Collected Automatically

We may automatically collect certain information when you use the Service, including:

• IP address

• Device type and browser information

• Usage data (pages viewed, actions taken, timestamps)

• Log files and diagnostic data

This data is used to operate, secure, and improve the Service.

1.3 Customer Data

Our Service allows you to store and manage data about your own customers, leads, or contacts (“Customer Data”). You remain the data controller for Customer Data, and we act as a data processor on your behalf.

1.4 Messaging & Communication Data

When Users utilize messaging features within the Service, including SMS or MMS communications, we may process messaging-related data such as phone numbers, message content, message metadata (including timestamps and delivery status), and associated contact information (“Messaging Data”).

Messaging Data is processed solely to provide and operate the Service and is transmitted through third-party communication providers, including Twilio.

Users remain responsible for the lawful collection and use of Messaging Data, including obtaining all required consents from message recipients. Messaging Data is not sold or shared for advertising or marketing purposes by Workhive.

2. How We Use Information

We use the information we collect to:

• Provide, operate, and maintain the Service

• Authenticate users and manage accounts

• Process payments and subscriptions

• Improve product functionality and user experience

• Communicate with you about updates, security issues, or support requests

• Monitor usage for security, compliance, and performance

• Comply with legal obligations

• Operate and deliver messaging and communication features requested by Users

We do not sell your personal data.

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process personal data under the following legal bases:

• Performance of a contract

• Legitimate business interests

• Compliance with legal obligations

• Your consent, where applicable

4. Data Sharing and Disclosure

We may share information only in the following circumstances:

4.1 Service Providers

We use trusted third-party providers to help operate the Service (e.g., hosting, authentication, payments, analytics). These providers are contractually obligated to protect your data and use it only as instructed.

This includes communication and messaging providers used to transmit SMS or other communications on behalf of Users.

4.2 Legal Requirements

We may disclose information if required to do so by law or in response to valid legal requests.

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction.

5. Data Retention

We retain personal data only for as long as necessary to:

• Provide the Service

• Meet legal, accounting, or regulatory requirements

Customer Data is retained according to your account settings and deleted upon account termination, subject to applicable laws.

Messaging Data is retained in accordance with User account settings and applicable legal requirements.

6. Data Security

We implement industry-standard technical and organizational measures to protect data, including:

• Encrypted data storage and transmission

• Access controls and authentication

• Regular security monitoring

No system is 100% secure, but we take reasonable steps to protect your information.

7. Your Rights

Depending on your location, you may have the right to:

• Access your personal data

• Correct inaccurate data

• Request deletion of data

• Object to or restrict processing

• Request data portability

You can exercise these rights by contacting us at pf@dufety.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain sessions

• Improve performance and usability

• Analyze usage trends

You can manage cookie preferences through your browser settings.

9. International Data Transfers

Your information may be processed and stored in countries outside your jurisdiction. Where required, we use appropriate safeguards to protect international data transfers.

10. Children’s Privacy

The Service is not intended for individuals under the age of 13. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page, and the “Last updated” date will be revised.