Privacy policy.

Hilio Connect ("Hilio", "we", "our") is the data controller of the personal information you provide when using our DJ booking platform. We are committed to handling your data with care and transparency.

We collect the following categories of personal information:

• Account data — name, email, role (DJ or promoter), hashed password.
• Profile data — bio, genres, regions, fee range, press kit, social links, EPK files.
• Booking and message data — gig listings, applications, booking requests, in-app messages.
• Payment data — handled by Stripe; we store only subscription status and metadata.
• Usage data — log files, device, browser, and pages visited.

We use your data to:

• Run the marketplace (matching DJs and promoters, processing applications).
• Personalize gig recommendations using behavioral and content signals.
• Send transactional emails (booking confirmations, alerts) and optional marketing emails.
• Detect fraud, enforce our Terms, and improve the Service.
• Comply with legal obligations.

For users in the European Economic Area or United Kingdom, we process your personal data on the following bases: performance of a contract (account, bookings), legitimate interest (service improvement, fraud prevention), consent (marketing emails), and legal obligation (tax, regulatory requests).

We do not sell your personal data. We share information with:

• Other users — promoters see DJ profiles you publish; DJs see promoter gigs you post.
• Service providers — Stripe (payments), Resend (email), OpenAI (AI assistance, with redaction where possible), Google (optional Calendar sync), and cloud hosting providers.
• Legal authorities — when required by law or to protect rights.

Your data may be processed outside your country of residence. Where required, we use Standard Contractual Clauses or other safeguards to protect cross-border transfers.

We retain account and booking data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations. You can request deletion at any time.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your data (subject to legal limits).
• Object to or restrict processing.
• Receive your data in a portable format.
• Withdraw consent at any time for marketing emails.

To exercise these rights, contact privacy@hilio.io.

We use industry-standard safeguards including encryption in transit (TLS), hashed passwords (bcrypt), httpOnly cookies for authentication tokens, and access controls. No system is perfectly secure, and we encourage you to use a strong, unique password.

We use essential cookies (for authentication and session management) and limited analytics to improve the Service. You can disable non-essential cookies in your browser settings.

Hilio is not directed to children under 18. We do not knowingly collect personal information from anyone under 18.

We may update this Privacy policy. We will notify you of material changes by email or in-app notice. Continued use after changes are posted constitutes acceptance.

For privacy questions or to exercise your rights, contact us at privacy@hilio.io.