HeyLync — Privacy Policy

Last Updated: November 2025
Effective Date: November 2025

HeyLync (“Service”) is provided by MarsCraft SA, a Swiss company (“we,” “us,” or “our”).
This Privacy Policy explains how we collect, use, share, and protect your information when you use HeyLync, whether via our app, website, or related services.

By creating an account or using HeyLync, you agree to this Privacy Policy and our Terms of Service.

1. Information We Collect

We collect the following categories of information:

1.1. Information You Provide

• Account Information: name, email address, password (encrypted), and profile details.
  
  

• Profile Content: photos, company, job title, phone number, social links, and notes you add.
  
  

• Contacts & CRM Entries: information you manually enter or import into HeyLync.
  
  

• Uploaded Files: images of business cards, voice recordings, or documents you upload.
  
  

• Communication Data: messages or feedback you send us.
  
  

1.2. Information Collected Automatically

• Device and App Data: IP address, device type, OS version, app usage statistics, crash logs.
  
  

• Cookies and Analytics: we use analytics tools (e.g., Firebase, Google Analytics) to measure performance and usage trends.
  
  

• Location (optional): if you choose to share it for networking or event features.
  
  

1.3. Information from Third Parties

If you connect HeyLync to third-party platforms (e.g., Google, Apple, LinkedIn), we may receive limited profile data (e.g., name, email) based on your authorization.

2. How We Use Your Information

We use your data to:

• Provide and maintain the HeyLync service;
  
  

• Enable sharing and connection between users;
  
  

• Perform OCR and AI-based text extraction or summarization (if you choose to use these features);
  
  

• Improve product quality and user experience;
  
  

• Send notifications or account-related messages;
  
  

• Comply with legal obligations and prevent fraud or abuse.
  
  

3. AI and OCR Data Usage

HeyLync offers optional AI-powered features, including OCR (Optical Character Recognition) and image-based contact extraction. When you use these features:

• Purpose of Processing:
  Images are analyzed by secure AI models to detect and extract business card details (such as name, company, email, and phone number) and automatically populate your contact list.
  
  

• Data Handling:
  Uploaded images are transmitted via encrypted channels and processed either locally or in secure cloud environments.
  The original image is automatically deleted after successful extraction, unless you explicitly choose to save it in your notes or gallery.
  
  

• Third-Party Data Responsibility:
  If you scan or upload business cards belonging to other individuals, you are responsible for ensuring that you have a lawful basis to collect and store such personal information (e.g., legitimate business interest or consent).
  MarsCraft SA acts only as a data processor and will not use the data for any other purpose.
  
  

• AI Processing Transparency:
  AI outputs are probabilistic and may contain inaccuracies. You are responsible for reviewing and verifying the recognized information before use.
  We may use aggregated and anonymized metrics to improve OCR accuracy, but we never use identifiable data to train public models or for unrelated machine learning tasks.

• Legal Basis for Processing OCR Data:

The processing of business card images and extracted information is carried out based on your consent (Art. 6(1)(a) GDPR) or our legitimate interest (Art. 6(1)(f) GDPR) in helping you manage professional contacts efficiently.

4. How We Share Information

We may share data only in these cases:

• Service Providers: hosting, analytics, email, or payment processors under confidentiality agreements;
  
  

• Legal Requirements: if required by law or to protect our legal rights;
  
  

• Business Transfers: in case of merger, acquisition, or asset sale, users will be notified in advance.
  
  

We never sell your personal data.

5. Data Retention

We keep your information as long as necessary to provide the Service and comply with legal requirements.
If you delete your account, we delete or anonymize your personal data within 30 days, unless legal retention is required.

6. Data Storage and International Transfers

Your data is stored securely on servers in the European Union or Switzerland.
If transferred outside these regions (e.g., to a subprocessor in the U.S.), we ensure compliance through Standard Contractual Clauses (SCCs) or equivalent safeguards.

7. Your Rights

Depending on your location, you may have the right to:

• Access, correct, or delete your personal data;
  
  

• Restrict or object to certain processing activities;
  
  

• Export your data (data portability);
  
  

• Withdraw consent at any time.
  
  

To exercise these rights, contact us at mail@heylync.com.

8. Data Security

We implement encryption (TLS/SSL), access controls, and periodic security audits.
However, no system is 100% secure. You are responsible for safeguarding your login credentials.

9. Children’s Privacy

HeyLync is not intended for individuals under 18 years old.
We do not knowingly collect personal data from minors. If you believe a child has provided data, contact us for immediate removal.

10. Changes to This Policy

We may update this Privacy Policy periodically.
When significant changes occur, we will notify users via email or in-app notice.
Your continued use of HeyLync indicates acceptance of the updated Policy.

11. Contact

MarsCraft SA
mail@heylync.com
https://heylync.com