Embedded Files
Last Updated: 09/09/2025
Haven Safety Corporation (“Haven,” “we,” “our,” or “us”) is committed to protecting your privacy and providing transparency about how we process personal information. This Privacy Policy explains how we collect, use, store, disclose, and otherwise process information in connection with our safety AI copilot services (the “Services”).
By accessing or using the Services, you agree to the practices described in this Privacy Policy. If you are an employee or contractor of a Haven customer, your employer is typically the data controller of your information. Haven acts as a data processor/service provider under the applicable customer agreement and data processing addendum (“DPA”).
1. Scope
1. Scope
This Privacy Policy applies to:
The Haven Services provided to our employer customers;
Our websites, documentation portals, and support tools; and
Communications between Haven and customers or their authorized users.
This Policy does not apply to:
Processing performed by third-party systems not controlled by Haven; or
The employer’s own internal use of employee data beyond Haven’s Services.
2. Roles & Definitions
2. Roles & Definitions
Customer Data: Personal data submitted or authorized by a customer (employer) into Haven’s platform, including incident reports, observations, attachments, witness statements, job/location data, and related metadata.
Haven Data: Information processed by Haven for its own operations, such as account administration, billing, diagnostics, logs, support tickets, and website analytics.
Controller / Processor: The employer customer acts as data controller for Customer Data; Haven acts as processor/service provider. For Haven Data, Haven acts as controller.
3. Information We Collect
3. Information We Collect
Customer Data (processor role)
Customer Data (processor role)
User identifiers (e.g. name, email, job role)
Safety incident reports, investigation notes, corrective actions, and root cause analyses
Files and attachments (e.g. photos, audio, video, documents)
Metadata such as timestamps, job site, location, equipment, and workflow context
Data from integrated systems (e.g. HRIS, EHS platforms, SSO providers)
Haven Data (controller role)
Haven Data (controller role)
Contact and billing information for customer accounts
Usage, diagnostic, and telemetry logs
Website analytics (e.g. via cookies)
Server logs (IP address, browser type, operating system, timestamps)
Support communications (emails, chat transcripts, help desk tickets)
We do not sell personal information.
4. How We Use Information
4. How We Use Information
We process information for the following purposes:
Providing the Services: Operating, maintaining, and supporting the Haven platform, including incident management, analysis, and reporting.
Security & Monitoring: Detecting, preventing, and investigating security incidents or misuse.
Customer Support: Responding to inquiries and technical requests.
Improvement: Measuring and enhancing the performance and usability of our Services (including anonymized or aggregated analytics).
Legal & Compliance: Meeting applicable laws, regulations, and enforcement requests.
Administration: Account setup, billing, and customer communications.
Our legal bases include contractual necessity, legitimate interests (e.g. for security), consent (where obtained), and compliance with law.
5. Cookies & Tracking Technologies
5. Cookies & Tracking Technologies
We use cookies and similar technologies to:
Authenticate user sessions;
Remember preferences;
Monitor site traffic and performance;
Diagnose technical issues.
You may disable cookies via your browser, but this may limit certain features.
6. Data Sharing & Disclosures
6. Data Sharing & Disclosures
We may share information as follows:
Service Providers/Subprocessors: Cloud hosting, storage, monitoring, analytics, and support vendors, each under binding confidentiality and data protection terms.
Customer Access: Employer administrators and other authorized users may access Customer Data within their account.
Legal Requirements: If compelled by law, subpoena, or valid process (with notice to the customer where permitted).
Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to continuity of protection.
Aggregated/De-identified Data: For internal analysis and product improvement, not identifying individuals.
7. International Data Transfers
7. International Data Transfers
We may transfer information to the United States or other jurisdictions where we or our providers operate. We use appropriate safeguards (such as Standard Contractual Clauses) where required by law.
8. Data Retention
8. Data Retention
Customer Data: Retained per the customer agreement and DPA. Deleted or returned upon termination or customer request, subject to legal and backup obligations.
Haven Data: Retained as long as necessary for operations and compliance, then securely deleted or anonymized.
9. Security
9. Security
We implement technical, organizational, and administrative safeguards, including encryption in transit and at rest, access controls, monitoring, and incident response procedures. No system is perfectly secure, and residual risks remain.
10. Your Rights
10. Your Rights
Depending on your jurisdiction, you may have rights such as access, correction, deletion, restriction, portability, or objection.
For Customer Data, please direct requests to your employer. Haven assists customers in fulfilling such requests under the DPA.
For Haven Data (e.g. account contact details), contact us directly at privacy@havensafety.com.
11. Children’s Data
11. Children’s Data
Our Services are intended for enterprise use by employers and their adult workforce. We do not knowingly collect or process personal information from children under 16.
If we become aware of such data, we will delete it promptly. Parents or guardians may contact privacy@havensafety.com if they believe a child’s data has been inadvertently collected.
12. Updates to This Policy
12. Updates to This Policy
We may revise this Privacy Policy from time to time. When changes are material, we will update the “Last Updated” date and, where appropriate, notify customer administrators or users via the Services or email.
13. Contact Us
13. Contact Us
If you have questions or requests regarding this Privacy Policy, please contact:
Haven Safety Corporation
195 Page Mill Road, Suite 115
Palo Alto, CA 94306
Email: privacy@havensafety.com
Report abuse