Last updated 30 June 2026

Privacy Policy

Halia is built so that we never hold your customers. This policy explains what we process, the little we store, the lawful bases we rely on, and the rights you have. It applies to our website, our application, and the scoring service we provide to retailers.

The short version. When a merchant connects their store, Halia reads their customers, scores them in memory, and discards them within minutes. We do not copy a merchant's customer database onto our servers. The only things we store are a merchant's own account details and an encrypted, read-only key. We never sell personal data, never share it with other brands, and never use a merchant's customer data to train models or for advertising.

1. Who we are and how to contact us

Halia ("Halia", "we", "us", "our") provides hidden-VIC scoring software for retailers. Halia is a product of Midnight Lantern Technologies Ltd, a company registered in England and Wales (company number [company number]) with its registered office at [registered office address]. For any privacy question, request, or complaint, contact us at hello@haliascore.com. If you represent a merchant, your fastest route for any request relating to your own customers is usually through your own systems, since we do not hold a copy of them; see section 17.

2. Scope of this policy

This policy covers: (a) personal data of a merchant's customers that we process on the merchant's behalf to provide the service; (b) personal data of the merchants, their staff and account holders who use Halia; and (c) personal data of visitors to our website who request a demo, subscribe to updates, or contact us. It does not cover third-party sites or services that you connect to Halia or link out to, which have their own policies.

3. Our two roles: processor and controller

We act in two distinct capacities, and which one applies changes who is responsible:

4. Customer data we process for merchants (and do not store)

To score a merchant's customers we read, in memory only, fields that may include name, email address, telephone number, billing and shipping address (including postcode and country), order totals, order counts and dates, currency, and payment method. We may also read or derive non-sensitive signals from this data, such as whether an email is a work or free address, or whether a postcode falls in a recognised high-value area.

This data is processed transiently to produce a score. It is held in volatile memory for the duration of a scoring run, typically a few minutes, and is then discarded. It is not written to any Halia database, data warehouse, log of personal data, or long-term store. We do not build a standing profile of any individual on our systems. For real-time order alerts, a single incoming order is scored in memory and the alert is sent, after which the order data is discarded in the same way.

5. Special category data

Halia does not seek to process special category data (such as data revealing health, racial or ethnic origin, religion, or sexual orientation) and is not designed to infer it. We process ordinary commercial and contact data. Merchants should not configure the service in a way that introduces special category data, and remain responsible as controller for the data they make available.

6. Account and business data we store

This is business and account data, not a merchant's customer database. Secrets are encrypted at rest.

7. Website visitors, demos and marketing

If you request a demo, subscribe to updates, or email us, we process the details you provide, such as your name, work email, company, and message. We use these to respond to you, to provide the demo or updates you asked for, and to keep records of our communications. Our public marketing site is designed to run without advertising or cross-site tracking cookies; see Appendix A: Cookie Policy.

8. How we collect personal data

9. Why we use data and our legal bases

Where the UK GDPR or EU GDPR applies and we are the controller, we rely on the following bases:

PurposeLegal basis
Providing, operating and securing the service for merchantsPerformance of a contract; legitimate interests in running a secure service
Authenticating access to a dashboardPerformance of a contract; legitimate interests in security
Responding to demo requests, enquiries and supportLegitimate interests; steps to enter into a contract
Sending product updates to subscribersConsent, or legitimate interests for existing business contacts
Billing, accounting and taxPerformance of a contract; legal obligation
Preventing fraud, abuse and protecting our rightsLegitimate interests; legal obligation

For customer data processed on a merchant's behalf, the merchant determines the legal basis as controller, and we act under a processor relationship and only on the merchant's instructions.

10. Scoring, automated processing and profiling

Halia scores customers using a heuristic engine. This is a form of profiling carried out on behalf of, and under the control of, the merchant. Scores are estimates and prompts for human attention; they are presented to a merchant's team to inform their own judgement and outreach. Halia does not use these scores to make decisions that produce legal or similarly significant effects on individuals on our own account. Merchants are responsible for how they act on scores and for meeting any transparency obligations to their customers.

The logic of the scoring. The score is built from wealth, work, and address facts: how much and how often a customer has bought, a recognised prime postcode or neighbourhood, and professional or company tells such as a work email domain. By default the engine does not use a customer's nationality, ethnicity, name, or the origin of their name as a scoring signal; those origin-proxy signals are switched off unless a merchant has documented its own lawful basis and asked us to enable them. The engine sorts by wealth facts, not by where someone is from.

A human always decides, and the effect only elevates. A score never makes an automatic decision about a customer, never sets a price, an offer, or eligibility, and never withholds a product or service. At most it leads a person at the merchant to offer more personal attention. Because a human is always in the loop and there is no legal or similarly significant effect, this profiling is intended to fall outside Article 22 of the UK GDPR. For merchants we provide a Data Processing Agreement, the profiling logic to include in their own privacy notice, and a DPIA and Legitimate Interests Assessment; see our Responsible profiling page.

11. Marketing and your choices

We only send marketing or product updates to people who have asked for them or who are existing business contacts, and every message includes a way to unsubscribe. You can opt out at any time by using that link or by emailing us. Opting out of marketing does not stop essential service messages, such as billing or security notices, to account holders.

12. Who we share data with

We do not sell personal data and we do not share a merchant's customer data with other brands or merchants. We disclose data only:

13. Subprocessors

We use a small number of providers to run Halia. Because we do not store customer data, our subprocessors do not receive a standing copy of it.

Why the list is short. Halia is zero-retention: a merchant's customers are read in memory, scored, and discarded within minutes. We do not copy a merchant's customer database onto our servers, so our sub-processors never receive a standing copy of it. The providers below support our own operation (hosting, billing, email), not a warehouse of your customers.
Sub-processorPurposeData processedRegion
Render
(Render Services, Inc.)
Cloud hosting and managed PostgreSQL: runs the Halia application and stores merchant account data and encrypted secrets. No merchant customer data is stored here. Account & operational data; encrypted read-only credentials UK/EU , region to be confirmed at launch
Stripe
(Stripe Payments Europe, Ltd.)
Subscription billing and payment processing for merchant accounts. Merchant billing details (name, email, card handled by Stripe). Not shopper data. EU / UK , entity & region to be confirmed
Brevo
(Sendinblue SAS)
Transactional and alert email: sign-in links, “your results are ready”, and order alerts. Recipient email address and message content (no shopper profiles). EU (France)
Platforms you connect
(e.g. Shopify, BigCommerce, WooCommerce, Klaviyo, Mailchimp, HubSpot, Slack)
Read your store at your instruction and, where you choose, receive the scores, segments, or alerts Halia sends. These operate under your account and their own terms. As determined by you and the provider Per the provider you choose

We require appropriate confidentiality and security commitments from our sub-processors, and limit what each one receives to what it needs. The platforms in the final row are tools you choose to connect and control; they are your sub-processors, listed here for transparency.

How we handle changes to sub-processors

Before we add a new sub-processor, or materially change the category of data shared with an existing one, we will post the change here at least 30 days in advance and note it in the change history below. Merchants with a data processing agreement in place may object to a new sub-processor on reasonable data-protection grounds by writing to privacy@haliascore.com; if we cannot resolve the objection, you may terminate the affected service as set out in your agreement. To be notified of changes, email privacy@haliascore.com and ask to be added to the sub-processor notification list.

Sub-processor change history

DateChange
3 July 2026Initial publication (Render, Stripe, Brevo, and connected platforms).

Specific corporate entities, regions and data-residency arrangements are being finalised with our providers and counsel ahead of launch; cells marked to be confirmed will be completed then.

14. International data transfers

Where personal data is processed outside the UK or EEA, we rely on appropriate safeguards, such as the UK International Data Transfer Agreement or Addendum, the EU Standard Contractual Clauses, or an adequacy decision. Because we do not store customer data, the practical transfer footprint is limited to account and operational data.

15. How we protect data

No method of transmission or storage is completely secure, but we work to protect personal data using measures appropriate to the risk.

16. How long we keep data

DataRetention
Merchant customer data used for scoringNot retained; held in memory only and discarded within minutes
Merchant account data and encrypted secretsKept while the account is active; deleted on disconnection or request, subject to legal duties
Billing and tax recordsKept for the period required by law
Marketing and enquiry recordsKept until you unsubscribe or ask us to delete them, plus a short record of the request
Technical and security logsKept for a limited period for operation and security

17. Your privacy rights

Subject to applicable law, individuals have rights to access their personal data, to correct inaccurate data, to erase data, to restrict or object to processing, to data portability, and to withdraw consent where we rely on it. Where we make automated decisions you may have rights in relation to those, as described in section 10.

For a merchant's customers: because Halia does not store your data, requests such as access or erasure should be directed to the merchant who controls it. As there is no customer data stored with Halia, erasure on our side is satisfied by design, and we will assist the merchant as their processor where needed. For merchants and account holders: contact us to exercise rights over your own account data.

18. Exercising your rights and complaints

To make a request, email hello@haliascore.com. We may need to verify your identity and will respond within the time required by law. You also have the right to complain to a data protection authority. In the UK this is the Information Commissioner's Office (ico.org.uk); in the EEA it is your local supervisory authority. We would welcome the chance to address your concern first.

19. US state privacy rights

If you are a resident of California or another US state with privacy laws, you may have rights to know, access, correct, and delete personal information, and to opt out of its sale or sharing. Halia does not sell personal information and does not share it for cross-context behavioural advertising. Where Halia processes a merchant's customer data, it does so as a service provider or processor on the merchant's behalf and uses it only to provide the service. To exercise rights over data we control, contact us; we will not discriminate against you for doing so.

20. Children's data

Halia is a business tool and is not directed to children. We do not knowingly collect personal data from children. Merchants are responsible for the data they make available through their store.

21. Data breaches

We maintain measures to detect and respond to security incidents. If a personal data breach occurs that is likely to result in a risk to individuals, we will notify the relevant authority and, where required, affected controllers or individuals, without undue delay and in line with our legal obligations. Where we act as processor, we will notify the affected merchant promptly so they can meet their own obligations.

22. Changes to this policy

We may update this policy from time to time. We will change the "last updated" date above and, for material changes, take reasonable steps to notify account holders. Your continued use after a change takes effect indicates acceptance of the updated policy.

23. Contact

Questions or requests: hello@haliascore.com.

Appendix A, Cookie Policy

Halia uses as few cookies as possible. We run no advertising or cross-site tracking cookies in the application, and none on our marketing site by default.

What cookies are

Cookies are small text files a site stores on your device. Some are strictly necessary to make a service work; others are optional and need your consent. This section explains the few we use.

Cookies we use

CookieTypePurposeDuration
halia_tStrictly necessaryHolds your private access token so you stay signed in to the dashboard as you move between pages. Not used for tracking.Session or short-lived

The essential cookie is required to provide the service and cannot be switched off without losing access. We do not set analytics or advertising cookies in the application.

This marketing site

Our public marketing pages load a web font from Google Fonts to render type. No analytics or advertising cookies are set on these pages by default. If we add optional analytics in future, we will ask for your consent first and update this policy.

Third-party services

When you connect a platform to Halia or follow a link to a third-party service, that service may set its own cookies under its own policy. We do not control those cookies.

Managing cookies

You can clear or block cookies in your browser settings, and most browsers let you manage them per site. Blocking the essential cookie will sign you out of the dashboard and stop it from working.