Hiyas by IGO

Legal

Privacy Policy

Last updated: June 2026

1. Who we are

Hiyas by IGO is a product of IGO Group of Companies, a Philippine-registered business. We operate hiyas.app and related services. For privacy inquiries, contact us at privacy@hiyas.app.

2. Data we collect

We collect information you provide directly: name, email address, phone number, and jewelry item details. We collect information automatically when you use the service: device type, browser, IP address, and usage patterns. We do not collect payment card data — payments are processed by PayMongo, a PCI-compliant payment processor.

3. How we use your data

We use your data to operate and improve the Hiyas platform; to send you notifications about your vault, reservations, and tier status; to process Hiyas Title transfers and generate certificates; to verify pieces through Hiyas Verify; and to send you newsletter updates if you have subscribed. We do not sell your personal data to third parties.

4. Data sharing

We share data with: Supabase (database and authentication infrastructure, hosted in Tokyo); PayMongo (payment processing); and Resend (transactional email). All sub-processors operate under data processing agreements consistent with Philippine data protection standards.

5. Philippine Data Privacy Act (Republic Act 10173)

Hiyas by IGO complies with the Philippine Data Privacy Act of 2012 (RA 10173) and its implementing rules. You have the right to access, correct, and delete your personal data. You have the right to data portability. You may withdraw consent at any time. To exercise these rights, contact us at privacy@hiyas.app or use the data export feature in your account settings.

6. Data retention

We retain your personal data for as long as your account is active. Vault items and transfer records are retained indefinitely as they form part of the provenance chain. You may request deletion of your account and personal data, subject to retention obligations under Philippine law.

7. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. See our Cookie Policy for details.

8. Security

We implement industry-standard security measures including encrypted data transmission (HTTPS), row-level security on our database, and regular security reviews. No system is completely secure — if you believe your account has been compromised, contact us immediately.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of Hiyas after changes constitutes acceptance of the updated policy.

10. Contact

For privacy inquiries, data subject requests, or concerns: privacy@hiyas.app. IGO Group of Companies, Philippines.