Privacy Policy for HAM Analytics

Effective Date: June 4, 2026

HAM Partners Inc DBA HAM ("HAM Analytics," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, platform, and related services (collectively, the "Services"). If you do not agree with the terms, do not use our Services.

1. Information We Collect

1.1 Information You Provide

We collect information you submit directly to us, including name, email address, phone number, company details, payment information, support communications, and details related to registrations, orders, subscriptions, and form submissions.

1.2 Information Automatically Collected

We automatically collect usage and device information, including pages viewed, clicks, time spent, referring URLs, device type, operating system, browser type, IP address, and screen resolution. We use cookies, pixels, and web beacons to analyze usage, remember preferences, and personalize content.

1.3 Information from Third Parties

We may receive data from integrated platforms such as Shopify, Skio, or other tools, including customer behavior and subscription activity. We may also use third-party analytics tools to understand usage patterns.

1.4 California / CPRA Disclosure – Categories of Data

For California residents, we collect identifiers (such as name, email, IP address), commercial information (such as subscription activity), internet activity (such as usage logs), and analytics inferences. These categories are collected for the business purposes described in Section 2. We do not "sell" personal information as defined under applicable privacy laws.

2. How We Use Your Information

We use personal information to provide, maintain, and improve our Services; process transactions and billing; analyze platform performance; send service updates and consent-based marketing communications; respond to requests; comply with legal obligations; enforce our terms; and generate aggregated insights not linked to identifiable users.

2.1 Legal Bases for Processing (GDPR / UK GDPR)

Where required by law, we process personal data based on performance of a contract (delivery of the Services), legitimate interests (improving the Services, securing accounts), compliance with legal obligations, or consent where required (such as marketing). You may withdraw consent at any time by emailing hello@goham.io.

3. Artificial Intelligence and Automated Processing

We use artificial intelligence within the Services to provide insights, forecasts, anomaly detection, recommendations, and analytics. AI outputs are informational only and should not be treated as a substitute for professional judgment.

We do not use Customer Content or personal data to train public or external AI models. Aggregated and anonymized usage data may be used to improve internal algorithms.

We do not rely solely on automated decision-making that produces legal, financial, employment, or similarly significant effects on individuals. If you have questions about automated processing, contact hello@goham.io.

4. Sharing Your Information

4.1 Service Providers

We share personal information with service providers supporting hosting, infrastructure, payments, analytics, and integrations, subject to confidentiality and security obligations.

4.2 Business Partners

We may share limited information with integration partners offering joint services.

4.3 Legal Requirements

We may disclose data to comply with laws, regulatory obligations, or to protect our rights.

4.4 Business Transfers

In the event of a merger, acquisition, or asset sale, personal information may be transferred.

We do not sell personal data.

Meta (Facebook) Platform Data

When a business customer connects their Meta (Facebook) ad account to HAM Analytics, we access and store data via Meta's Marketing API using the permissions the authorising Facebook user grants us. This section explains what we receive, what we do with it, how long we keep it, and how it can be removed.

Data we receive from Meta

With the ads_read and business_management permissions a customer grants, we receive: the Facebook user's app-scoped identifier and name (the person who clicked "Connect Facebook"), a long-lived access token issued for that user, a list of ad accounts under their Business Portfolio with each account's identifier, name, currency, timezone, and status, and aggregated ad-performance data per campaign and ad-set (spend, impressions, clicks, reach, and other metrics returned by Meta's Marketing Insights API). We do not request and do not collect data about end-consumers of the ads (the people who saw or clicked them), audience definitions, or content of customer messages.

How we use Meta data

We use the data exclusively to power the connected customer's own analytics inside HAM Analytics — joining ad-account-level spend and performance against their subscription orders to compute payback period, retention by acquisition campaign, lifetime value by channel, and similar attribution views. We do not share Meta-derived data with other customers, do not use it to train AI models, and do not use it for advertising or marketing of our own products.

Retention

Access tokens are stored only while the customer's Meta connection is active and are revoked on disconnect or on receipt of a data deletion request (see below). Aggregated ad-performance data we have fetched is retained alongside the customer's other analytics data for as long as their HAM Analytics account remains active, and is removed when the account is closed or upon written request.

Deleting Meta data

You can remove HAM Analytics from your Facebook account at any time via Facebook Settings → Business Integrations. When you do, Meta sends a deletion notification to our endpoint at https://www.goham.io/api/meta/data-deletion, and we automatically revoke the stored access token, remove the connection metadata (business identifier, ad account list), and disable further sync for the affected account. To additionally request removal of historical ad-performance data, contact hello@goham.io.

5. Data Retention

We retain data as long as needed for operational, business, or legal purposes. Upon request and where appropriate, we will delete or anonymize personal data.

6. Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data; restrict or object to processing; withdraw consent; and opt out of marketing communications. California residents may have additional rights under CPRA where applicable. To exercise these rights, contact hello@goham.io.

7. Security

We apply safeguards such as HTTPS encryption, access controls, and regular reviews. No system is entirely secure and absolute protection cannot be guaranteed.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to personalize experiences and analyze activity. You can modify cookie settings through your browser.

9. Third-Party Links

Our Services may link to third-party websites. We are not responsible for their privacy practices.

10. International Data Transfers

If you are outside the United States, your information may be transferred to jurisdictions with different data protection laws.

11. Children's Privacy

The Services are not intended for children under 13. If such data is collected, we will delete it promptly.

12. Updates to This Policy

We may revise this Privacy Policy periodically. The Effective Date reflects the latest version. Continued use of the Services indicates acceptance.

13. Data Processing Agreement (DPA)

Where we process personal data on behalf of a business customer, that processing is governed by our separate Data Processing Agreement, which prevails over this Privacy Policy in the event of conflict. To request a copy, email hello@goham.io.

14. Service Providers and Subprocessors

For business customers, we may engage subprocessors supporting hosting, analytics, billing, infrastructure, and integrations. These parties are bound by contractual confidentiality and security commitments under our Data Processing Agreement. Customers may request additional information about subprocessors through hello@goham.io.

15. Contact Us

HAM Partners Inc

8 The Green A, Dover, DE 19901

hello@goham.io

By using our Services, you acknowledge and agree to this Privacy Policy.