HandbookHub – Privacy Policy

Effective Date: 2025-10-22

Website: https://handbookhub.com

1. Introduction

HandbookHub (“we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our Service.

2. Data We Collect

  • Account Information: When you register, we collect basic details such as name, email address, and company information.
  • Usage Data: We collect analytics data to understand how the Service is used.
  • Communication Data: When you contact us through our chat or email, we collect the messages you send us.
  • Technical Data: Your IP address and technical logs may be stored for security and performance reasons.

3. How We Use Data

We use your data to:

  • Provide and improve the Service
  • Communicate with you about your account or support requests
  • Monitor performance and ensure security
  • Comply with legal obligations

4. Cookies and Similar Technologies

We use cookies and similar technologies to provide and improve our Service:

What Are Cookies?

Cookies are small text files stored on your device that help us provide a better user experience.

Types of Cookies We Use:

  • Essential Cookies: Required for the Service to function properly (login sessions, security)
  • Analytics Cookies: Help us understand how users interact with our Service (PostHog)
  • Functional Cookies: Remember your preferences and settings

Your Cookie Choices:

  • You can accept or decline non-essential cookies through our cookie banner
  • Essential cookies cannot be disabled as they are necessary for the Service to function
  • You can change your cookie preferences at any time by clearing your browser data
  • Logging into your account implies consent to our cookie usage

Cookie Retention:

  • Session cookies are deleted when you close your browser
  • Persistent cookies remain until they expire or you delete them
  • Analytics data is retained according to our data retention policy

5. Third-Party Services

We use trusted providers to operate the Service:

  • PostHog – for analytics (only with your consent)
  • Crisp – for customer chat and support
  • Hetzner – for secure hosting and data storage in the EU
  • Slack – optional integration that lets your workspace query your handbooks via the /handbook command

These providers may process limited personal data on our behalf in compliance with EU GDPR.

For our current list and guidelines, see our Sub‑processors page.

6. Legal Basis

We process personal data under the following legal bases:

  • Contract – to provide the Service you signed up for
  • Legitimate Interest – to improve our Service and support users
  • Legal Obligation – to comply with applicable laws in Hungary and the EU
  • Consent – for analytics cookies and non-essential tracking (you can withdraw consent at any time)

7. Data Retention

We keep personal data only as long as necessary to provide the Service or comply with legal obligations. For the Slack integration specifically:

  • OAuth tokens and workspace identifiers (e.g., team_id, optional enterprise_id) are retained until you uninstall or disconnect Slack; tokens are removed within 24 hours, and related installation metadata is purged within 30 days.
  • Slash command and mention payloads are processed to generate an answer; we do not persist message content beyond transient processing.
  • Minimal operational logs (timestamps, event type, status/error) used for reliability and abuse prevention are generally retained up to 30 days.
  • Your handbook content remains under your control in HandbookHub and follows your account’s retention settings; removal from backups occurs on their standard rotation.

8. Your Rights

Under GDPR, you have the right to:

  • Access, correct, or delete your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent for cookies and analytics
  • File a complaint with the Hungarian data protection authority (NAIH)

9. Data Security

We take appropriate measures to protect personal data against unauthorized access, loss, or misuse.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a new effective date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

HandbookHub Budapest, Hungary
Email: support@handbookhub.com

12. Slack Integration

If you connect Slack, we process the following limited Slack data to operate the integration:

  • Workspace identifiers (e.g., "team_id", optional "enterprise_id")
  • Bot information (bot user ID) and OAuth tokens (stored encrypted)
  • Slash command payloads and messages sent to the bot (the text of questions and metadata necessary to respond)
  • Optional user identifiers (e.g., email) only if you grant scopes that provide them

How we use Slack data:

  • Authenticate the app and map your Slack workspace to your HandbookHub organization (business)
  • Answer questions by searching your handbooks and posting responses back to Slack
  • Maintain minimal operational logs (request time, latency, errors) to ensure reliability and prevent abuse

Your choices:

  • You can disconnect Slack at any time by uninstalling the app from your Slack workspace or from HandbookHub settings; this revokes tokens and stops data flow.
  • We verify Slack signatures on incoming requests and store tokens encrypted.

13. Data Storage and Location

We store data in EU infrastructure (Hetzner) with encryption in transit (TLS) and at rest. Slack OAuth tokens are stored encrypted; access is limited to services that require them to respond to your requests. Primary application data (e.g., business mapping, handbook content) resides in our databases (MongoDB). We maintain access controls, monitoring, regular backups, and least-privilege permissions.