Privacy Policy
Last updated: March 2026
This Privacy Policy ("Policy") describes how Haymakers Inc. d/b/a Yavoy, a Delaware corporation ("Haymakers," "Company," "we," "our," or "us"), collects, uses, discloses, and protects your personal information when you access or use the Yavoy platform, including our website, mobile application, and all related services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with this Policy, you must not access or use the Services.
1. Information We Collect
We collect the following categories of information: (a) Account Information — When you register for an account, we collect your name, email address, phone number, business name, business address, and other information you voluntarily provide. (b) Service Data — When you use the Services, we collect data you input, including customer records, job schedules, appointment details, route information, invoices, payment records, photographs, and communications you send through the platform. (c) Payment Information — We collect billing information, subscription details, and payment method data. Payment card information is processed directly by our payment processor, Stripe, Inc., and is not stored on our servers. (d) Device and Usage Information — We automatically collect information about your device, including IP address, browser type, operating system, device identifiers, and usage patterns such as pages visited, features used, and session duration. (e) Location Data — With your consent, we collect precise geolocation data (foreground and background) to provide route optimization, navigation to job sites, GPS route tracking during active work shifts, mileage logging, and real-time ETA sharing with customers. Background location tracking activates only when you explicitly start a shift and stops when you end it. We also collect approximate location data for displaying nearby jobs on the map. (f) Cookies and Similar Technologies — We use cookies, web beacons, pixels, and similar technologies to collect information about your interactions with the Services, as further described in our Cookie Policy. (g) Communications Data — We collect information from communications you send to us, including support requests, feedback, and survey responses. (h) Push Notification Data — We collect device push tokens (via Expo Push Notifications) to deliver job reminders, appointment updates, and other service-related notifications. (i) Voice Input — When you use the voice dictation feature, audio is processed on your device using the operating system's speech recognition engine. No audio data is transmitted to our servers. (j) Crash and Diagnostic Data — We use Sentry to collect crash reports, performance data, device model, operating system version, and anonymized usage breadcrumbs to identify and fix technical issues. This data is not linked to your identity.
2. Legal Bases for Processing
We process your personal information on the following legal bases: (a) Performance of Contract — Processing necessary to provide the Services pursuant to our Terms of Service. (b) Legitimate Interests — Processing necessary for our legitimate business interests, including improving the Services, preventing fraud, and ensuring security, provided such interests are not overridden by your rights. (c) Consent — Processing based on your specific, informed, and freely given consent, which you may withdraw at any time. (d) Legal Obligation — Processing necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
3. How We Use Your Information
We use your information for the following purposes: (a) to provide, operate, maintain, and improve the Services; (b) to process transactions and send related information, including invoices, receipts, and payment confirmations; (c) to process payments through our payment partner Stripe, Inc.; (d) to send transactional notifications and reminders via SMS (through Twilio Inc.) and email (through Twilio SendGrid); (e) to send push notifications related to your account, jobs, and appointments; (f) to provide route optimization, mapping, and geolocation features (through Google Maps Platform); (g) to synchronize calendar data (through Google Calendar API); (h) to respond to your comments, questions, and support requests; (i) to monitor and analyze usage trends and preferences to improve the Services; (j) to detect, prevent, and address fraud, security issues, and technical problems; (k) to comply with legal obligations and enforce our Terms of Service; (l) to send you marketing communications about products, services, and promotions, subject to your opt-out preferences; (m) for analytics purposes, including measuring the effectiveness of our website, advertisements, and marketing campaigns using tracking technologies such as Google Analytics, Meta (Facebook) Pixel, LinkedIn Insight Tag, and similar tools; (n) to create aggregated, anonymized, or de-identified data sets derived from your information for analytics, benchmarking, research, advertising, and marketing purposes; and (o) to deliver targeted advertising and retargeting campaigns through third-party advertising platforms, including Google Ads, Meta (Facebook/Instagram) Ads, and LinkedIn Ads, using tracking pixels and conversion measurement tools.
4. How We Share Your Information
We do not sell your personal information to third parties for monetary consideration. We may share your information in the following circumstances: (a) Service Providers — We share data with third-party service providers who perform services on our behalf, including Stripe, Inc. (payment processing), Twilio Inc. (SMS communications), Twilio SendGrid (email communications), Google LLC (maps, calendar synchronization, Google Analytics, Google Ads), Meta Platforms, Inc. (Meta/Facebook Pixel, advertising), LinkedIn Corporation (LinkedIn Insight Tag, advertising), Vercel Inc. (web hosting), Expo (push notifications), and Sentry (error monitoring). These providers are contractually obligated to use your data only to provide services to us and in accordance with this Policy. (b) Advertising and Analytics Partners — We use tracking pixels, cookies, and similar technologies provided by Google, Meta, and LinkedIn to measure the performance of our advertising campaigns and to serve you relevant advertisements on third-party platforms. These partners may collect or receive information from our website and mobile application (such as device identifiers, IP addresses, cookie data, and conversion events) and use that information to provide measurement services and targeted advertising. You may opt out of personalized advertising by adjusting your settings on these platforms or by using industry opt-out tools such as the Digital Advertising Alliance (DAA) opt-out page at optout.aboutads.info. (b) Business Transfers — In connection with any merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control. (c) Legal Requirements — We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to comply with legal obligations, protect and defend the rights or property of Haymakers Inc. d/b/a Yavoy, prevent fraud, or protect the personal safety of users or the public. (d) With Your Consent — We may share your information with third parties when you have given us explicit consent to do so. (e) Aggregated or De-Identified Data — We may share aggregated or de-identified information that cannot reasonably be used to identify you.
5. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Services. After account termination, we retain your data for thirty (30) days to allow you to export it. Thereafter, we will delete or anonymize your personal information, except where we are required to retain it to comply with legal obligations, resolve disputes, or enforce our agreements. Backup copies may persist for up to ninety (90) days after deletion. Payment transaction records may be retained for up to seven (7) years as required by applicable tax and financial regulations.
6. Data Security
We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include: encryption of data in transit (TLS 1.2+) and at rest (AES-256), row-level security policies on our database ensuring multi-tenant data isolation, regular security assessments and penetration testing, access controls and authentication requirements for personnel, and monitoring and logging of access to systems containing personal data. Payment card information is processed exclusively by Stripe, Inc. in compliance with PCI DSS Level 1 standards and is never stored on our servers. Notwithstanding the foregoing, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.
7. Your Rights and Choices
Subject to applicable law, you have the following rights regarding your personal information: (a) Access — You may request a copy of the personal information we hold about you. (b) Correction — You may request that we correct inaccurate or incomplete personal information. (c) Deletion — You may request that we delete your personal information, subject to certain legal exceptions. (d) Data Portability — You may request a copy of your data in a structured, commonly used, machine-readable format. (e) Opt-Out of Marketing — You may opt out of marketing communications at any time by following the unsubscribe instructions in any marketing email or by contacting us. (f) Withdraw Consent — Where we process data based on your consent, you may withdraw that consent at any time. (g) Restrict Processing — You may request that we restrict the processing of your personal information under certain circumstances. To exercise any of these rights, contact us at privacy@getyavoy.com. We will respond to your request within thirty (30) days.
8. California Privacy Rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information. You have the right to know what personal information we collect, use, disclose, and sell; the right to request deletion of your personal information; the right to opt out of the sale or sharing of your personal information (we do not sell or share your personal information as defined under the CCPA/CPRA); the right to correct inaccurate personal information; the right to limit the use and disclosure of sensitive personal information; and the right to non-discrimination for exercising your rights. To submit a request, contact us at privacy@getyavoy.com or call us at the number provided on our website. We will verify your identity before fulfilling any request.
9. Children's Privacy
The Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe that a child under 18 has provided us with personal information, please contact us at privacy@getyavoy.com.
10. International Data Transfers
Your personal information may be transferred to and processed in countries other than the country in which you reside, including the United States. These countries may have data protection laws that differ from those of your country. By using the Services, you consent to the transfer of your information to the United States and other countries where our service providers operate. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Policy.
11. Third-Party Links and Services
The Services may contain links to third-party websites, applications, or services that are not owned or controlled by Haymakers Inc. d/b/a Yavoy This Policy does not apply to such third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access.
12. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices, technology, or legal requirements. If we make material changes, we will notify you by email to the address associated with your account or through a prominent notice within the Services at least thirty (30) days before the changes take effect. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Policy. If you do not agree with the changes, you must stop using the Services and contact us to delete your account.
13. Contact Us
If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at: Haymakers Inc. d/b/a Yavoy, a Delaware corporation. Email: privacy@getyavoy.com. For legal inquiries: legal@getyavoy.com. We will endeavor to respond to all inquiries within thirty (30) days.