Privacy Policy

Your trust is our foundation. We are committed to protecting your privacy with industry-leading security practices and full regulatory compliance.

Our Commitment to Your Privacy

Havenya LLC ("Havenya," "we," "us," or "our") is a Wyoming-registered software company committed to maintaining the highest standards of data protection and privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (havenya.com), use our mobile applications (including Shopleez Customer, Shopleez Admin, and Shopleez Delivery), or engage with our professional services.

We have designed this policy to be comprehensive, transparent, and compliant with global privacy regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and applicable data protection laws worldwide. Our commitment to your privacy is not merely regulatory compliance—it is fundamental to how we build and operate our products.

Please read this Privacy Policy carefully. By using our services, you consent to the practices described in this policy. If you have any questions or concerns, our dedicated privacy team is available at ahmed@havenya.com.

Information We Collect

Personal Information You Provide

We may collect personal information that you voluntarily provide to us, including but not limited to:

  • Account Information: Name, email address, phone number, and password when you create an account
  • Profile Information: Profile picture, delivery addresses, and preferences
  • Payment Information: Credit card numbers, billing addresses (processed securely through third-party payment processors)
  • Communication Data: Messages, feedback, and support requests you send to us
  • Business Information: Company name, business address, and tax identification numbers (for business accounts)

Information Collected Automatically

When you use our services, we may automatically collect certain information, including:

  • Device Information: Device type, operating system, unique device identifiers, and mobile network information
  • Usage Data: Pages viewed, features used, time spent on the app, and interaction patterns
  • Location Data: Precise or approximate location based on GPS, IP address, or other technologies (with your consent)
  • Log Data: IP address, browser type, access times, and referring URLs

Information from Third Parties

We may receive information about you from third parties, including:

  • Social media platforms (if you choose to connect your account)
  • Business partners and service providers
  • Payment processors and financial institutions
  • Public databases and marketing partners

How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Create and manage your account
  • Send promotional communications (with your consent)
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues and security threats
  • Personalize your experience and deliver relevant content
  • Comply with legal obligations and enforce our terms
  • Facilitate delivery services and order tracking

How We Share Your Information

Transparency about data sharing is central to our privacy commitment. We may share your personal information only in the following limited circumstances:

Trusted Service Providers

We engage carefully vetted third-party vendors who perform essential services on our behalf. All service providers are contractually bound by strict data processing agreements that require them to protect your information and use it only for the specific services they provide. Our partners include PCI-DSS compliant payment processors, enterprise-grade cloud hosting providers (with data centers in secure facilities), and professional support platforms.

Business Transitions

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy and ensure the acquiring entity maintains equivalent privacy protections.

Legal Compliance & Protection

We may disclose your information when required by law or in response to valid legal requests by public authorities (e.g., court orders, subpoenas). We will notify you of such requests when legally permitted. We may also share information when we reasonably believe it is necessary to protect the rights, property, or safety of Havenya, our users, or the public.

With Your Explicit Consent

We may share your information with third parties when you have given us your explicit, informed consent to do so. You may withdraw this consent at any time.

Our Data Sales Policy: Havenya does not sell, rent, or trade your personal information to third parties for monetary compensation or marketing purposes. This commitment applies to all of our services and applications.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When determining retention periods, we consider:

  • The nature and sensitivity of the data
  • The purposes for which we process your data
  • Applicable legal requirements
  • Our legitimate business interests

You may request deletion of your account and personal data at any time by visiting our Account Deletion page or contacting us directly.

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You have the right to request a copy of the personal information we hold about you and to receive it in a structured, commonly used, machine-readable format.

Correction

You have the right to request that we correct inaccurate or incomplete personal information about you.

Deletion

You have the right to request that we delete your personal information in certain circumstances. See our Account Deletion page for more information.

Restriction

You have the right to request that we restrict the processing of your personal information in certain circumstances.

Objection

You have the right to object to processing of your personal information for direct marketing purposes.

Opt-Out of Communications

You may opt out of receiving promotional emails by following the unsubscribe instructions in those messages. Even after opting out, you may still receive transactional or administrative emails.

To exercise any of these rights, please contact us at ahmed@havenya.com.

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of your personal information (note: we do not sell personal information).
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights.

To submit a request, contact us at ahmed@havenya.com or call us at +20 107 012 8710.

GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • The right to access, rectify, or erase your personal data
  • The right to restrict or object to processing
  • The right to data portability
  • The right to withdraw consent at any time
  • The right to lodge a complaint with a supervisory authority

Legal Basis for Processing: We process your personal data based on your consent, the performance of a contract, compliance with legal obligations, or our legitimate interests.

International Transfers: Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place for such transfers.

Children's Privacy

Our services are not intended for individuals under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at ahmed@havenya.com.

If we discover that we have collected personal information from a child under the required age, we will take steps to delete that information promptly.

Enterprise-Grade Data Security

Security is not an afterthought at Havenya—it is embedded into every layer of our infrastructure and development processes. We implement industry-leading technical and organizational measures that meet or exceed requirements for enterprise clients, including:

  • End-to-End Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption standards
  • SOC 2 Type II Aligned Practices: Our security controls are designed to meet the rigorous standards of SOC 2 compliance frameworks
  • Regular Security Audits: We conduct quarterly vulnerability assessments and annual penetration testing by certified third-party security firms
  • Zero-Trust Architecture: Access controls operate on the principle of least privilege with multi-factor authentication required for all administrative access
  • OWASP Best Practices: Our development team follows OWASP guidelines to prevent common vulnerabilities including injection attacks, XSS, and CSRF
  • 24/7 Security Monitoring: Continuous monitoring and automated threat detection with documented incident response procedures
  • Employee Security Training: All team members complete mandatory security awareness training and sign confidentiality agreements

While no system can guarantee absolute security, we continuously invest in protecting your data and promptly address any identified vulnerabilities.

Third-Party Links and Services

Our services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification (if you have provided your email)
  • Displaying a notice within our applications

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our services after any modifications constitutes your acceptance of the updated policy.

Contact Our Privacy Team

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or our data protection practices, please contact us. We take all privacy inquiries seriously and are committed to addressing your concerns promptly.

Havenya LLC
Data Protection Inquiries
30 N Gould St Ste 4000
Sheridan, WY 82801-6317, United States

Email: ahmed@havenya.com
Phone: +20 107 012 8710
Business Hours: Monday - Friday, 9:00 AM - 6:00 PM EST

Response Commitment: We will acknowledge your inquiry within 48 hours and provide a substantive response within 30 days, as required by GDPR and CCPA. For urgent privacy concerns, please indicate "URGENT" in your subject line.

Last Updated: January 20, 2025