Logo

Privacy For Humans

Updated Feb 10, 2025

mood-smileFor humansbriefcaseFor laywers

Hi there!

At Hapstack, your privacy is at the core of our decision making. Sensitive information may pass through our systems, and we don’t take that lightly.

This page explains how our systems process your data. For more details on personal data usage, refer to our Privacy Policy (for laywers).

Where does my data go within Hapstack?

Your data is comprised of things like your name, email, apps, app sessions, notifications, linked accounts like Google, and so on. The majority of this data is stored in an encrypted database with our database provider, Neon. Only two individuals at Hapstack have access to this data, and strict role-based permissions and audit logs are in place.

How do you handle activity tracking?

All activity tracking is handled by our extremely lightweight browser extension.

The tracking technology is simple. Whenever a user with our extension visits a web page, we check (locally) to see if that url is present in our database of verified SaaS app urls. If there is, we record a session, If not, we don't do anything. No url or browsing activity is ever sent to our servers unless our extension has already determined that a match has been found in our database of apps.

Our app database consists only of business-related software tools. It doesn't include personal, B2C apps or apps that are not typically used for business purposes.

Where does my personal data go outside of Hapstack?

We only send personal data to trusted third-party systems that are subject to strict privacy and security controls. We think it’s important you understand not only what these systems are but also why we send your data to these systems. If you don’t agree with or understand our reasoning, please email us at [email protected]. If you do not agree with your data going to a specific system, deleting your Hapstack account will permanently delete all of your data from all our systems.

For folks coming to figure out GDPR compliance, the following third-party services act as data processors for us. When we work with these service providers in our capacity as a data processor for our customers' personal data, the General Data Protection Regulation (GDPR) calls these third-party service providers a sub-processor. A subprocessor is a third party data processor engaged by Hapstack who may have access to or process personal data: (i) on behalf of Hapstack customers; (ii) in accordance with customer instructions as communicated by Hapstack; and (iii) in accordance with the terms of a written contract between Hapstack and the subprocessor.

Neon

Location: US
Purpose: Database hosting services and storage
What: Neon is the provider we use to host our database systems. Neon stores your account data and other app data.
Why: Neon provides us a reliable, secure, and fast database. Neon databases have rigorous security, physical, and environmental controls. Learn more about Neon's security measures.

Google Cloud

Location: US
Purpose: Application hosting and infrastructure
What: GCP is the cloud provider we use to run our service. Google Cloud processes and hosts all components of our applications (except our database, as described above).
Why: Google Cloud provides Hapstack with a reliable, scalable, and secure global computing infrastructure. In addition, Google Cloud data centers have rigorous security, physical, and environmental controls to ensure inherent risks are mitigated. Learn more about Google Cloud's security measures.

PostHog

Location: US
Purpose: App analytics
What: We use PostHog to track the behavior signed-in users in our applications - things like button clicks, pageviews, feature usage, etc.
Why: PostHog allows us to continuously improve our applications by understanding user behavior and patterns. It also allows us to safely and reliably test new features and get real-time user feedback. Learn more about PostHog's security measures.

Zapier

Location: US
Purpose: Automation workflows
What: We use Zapier to automate repetitive tasks without coding or relying on developers to build integrations.
Why: Zapier allows us to remain a lean team and focus our energy on building a great product as opposed to every administrative tasks. Learn more about Zapier's enterprise-grade security measures.