Effective from

December 5, 2020

Privacy Policy

Print Page

Who are we?

Hyra is a Roblox orientated human resources manager. We're part of Campfire HQ ('we', 'our', 'us') and we operate this product under the name of Hyra. We're registered with the UK data protection authority, ICO (the Information Commissioner's Office) under number ZA642091.

This privacy policy explains how and why we use your personal information when you register and make use of our services, application centres and time tracking. We keep this data locked away and secure. In this notice, we'll explain how and why we keep your data, who we share it with, and what rights you have in respect of that information.

  • We mainly use your personal information to provide you with our amazing services, to meet our legal obligations and to help improve our services.
  • We want our personal information relationship to be reciprocal, where we both benefit. We do not exploit your data.
  • Where we share your data, we only do so with organisations who have a right to see it and will use it fairly and ethically.
  • We take security incredibly seriously, and monitor our platform for breaches.
  • All team members receive annual security & privacy training.
  • All team members are taught privacy and security fundamentals during induction.
  • You can contact us at any time about anything relating to our privacy policy or the information we may hold on you.

This privacy policy applies to you if:

  • you interact with any of our websites, including hyra.work, hyra.center, hyra.services, hyra.cloud and strivo.app or our social media pages (collectively, the "sites")("website users");
  • use any Hyra centres or services that Hyra offers, such as time tracking & application centres (collectively, the "services")("app users"); or
  • are a marketing prospect, who is anyone whose data Hyra processes for the purposes of accessing customer eligibility ("marketing prospect")

If you fall within the General Data Protection Regulation (or any successor or equivalent legislation in the UK), Sam Easton is the controller of your personal data. Sam can be contacted directly by emailing aotivatial@hyra.work

Personal data we collect

We collect data about you while using our services. Some of this information is provided voluntarily (with your knowledge) when you interact with Hyra services, we call this "direct data". Other types of information may be automatically collected from your service, such as your device and service data.

Information we may collect on website users and marketing prospects:

Registration, contact and group information:

  • first and last names;
  • email addresses;
  • phone numbers;
  • avatars (provided by Roblox, see third parties);
  • group information (i.e. name, size, your role);
  • any data you willingly provide
  • username;

Payment information

Your payment information is housed in Stripe, a payment gateway used by companies like Uber, Lyft, Discord and Slack.

  • billing and mailing addresses;
  • other payment-related information;
  • PayPal account details (i.e. email, address etc)

Device data

  • operating system type and version number;
  • browser type;
  • screen resolution;
  • internet protocol address;
  • unique device identifiers;

Service data

  • the website you visited before browsing to our services
  • how long you've been checking out a page or screen
  • how you interact with our emails
  • navigation paths between pages or screens;
  • date and time;
  • pages viewed;
  • links clicked
  • language preferences;
  • unique user identifier (if applicable);
  • session date and time; activity (registered, last seen);
Cookies and other tracking

Some device data and service data is collected use of either first party or third party cookies or a similar technology. We store these cookies to improve your user experience. These cookies permeate our entire domain, and allow us to provide you with a more personalised user experience.

Do Not Track. Some internet browsers may have been configured to send "Do Not Track" signals to services you visit online. We currently do not provide services to "Do Not Track" or similar signals. To find out more about "Do Not Track", please visit http://www.allaboutdnt.com/

Children's Privacy

Hyra does not knowingly collect the data of under 13s (or other age as required by local law) directly. Although, due to the nature of the service, we may process data from applicants applying via our application centres. We've split this up into two sections:

  • The site - This is direct use of our https://*.hyra.work properties. We do not knowingly collect data of under 13s on the site, and limit account registration to 13+ only (or other ages as required by local law). If you believe your child has accessed our services without your expressed consent, we will make every effort to ensure all of their data is deleted. To request this, please send an email to hello@hyra.work. Please be aware that in order to complete this process, we'll need you to verify ownership of the account. This is typically done through a profile or message verification code.
  • The platform - The platform allows for groups (aka the website users) to collect respondent applications and answers through the service. We've outlined what we do to protect the data of under 13s here.

How and why we use your personal data

We collect personal data of users to allow for operation of our services. By collecting this data, we have a responsibility to:

  • Keep your data secure
  • Responsibly use your data

By using our services, you put your trust into us. We therefore have a motive to keep your data protected, encrypted and secured.

Retention of your personal data

We store the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

Third parties

Use of Intercom Services: We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyzes your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). The Intercom Messenger Apps and Apps in Inbox products may also provide you with access to other third party applications such as Stripe. You should consult these third parties' privacy notices for further information on their use of your personal data. As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.

Use of Mailchimp: We use Mailchimp to provide customised marketing emails, to those who opt in. We'll store your email in Mailchimp, a trusted third party. On Mailchimp, we will provide them with your email address, account name and any other relevant marketing data for that specific campaign. If you're interested in the specific data we use in each marketing campaign, please email us at hello@hyra.work . For more information on the privacy practises of Mailchimp, please visit https://mailchimp.com/legal/privacy/

We use the following sub-processors:

How We Use Automatic Collection Technologies: Our uses of Technologies fall into the following general categories:

  • Operationally Necessary;
  • Performance Related;
  • Functionality Related; and
  • Advertising or Targeting Related.

Cross-Device Tracking: Your browsing activity may be tracked across different websites and different devices or apps. For example, we may attempt to match your browsing activity on your mobile device with your browsing activity on your laptop. To do this our technology partners may share data, such as your browsing patterns, geo-location and device identifiers, and will match the information of the browser and devices that appear to be used by the same person.


We may share your personal information with the following categories of third parties:

Service Providers: We may share any personal information we collect about you with our third party service providers. The categories of service providers to whom we entrust personal information include service providers for: the provision of services, the provision of information, products, and other services you have requested, marketing and advertising, payment and transaction processing, customer service activities, and the provision of IT and related services.

Business Partners: We may provide personal information to business partners to provide you with a product or service you have requested. We may also provide personal information to business partners with whom we jointly offer products or services.

Affiliates: We may share personal information with our affiliated entities.

Advertising Partners: We do not use or share your information, including your personal information, to advertise any third party's products or services via the Services. We may use and share your personal information with third-party advertising partners to market our own Services via third-party services. If you'd prefer not to have your personal information shared for marketing purposes, please contact hello@hyra.work

Workspace Management: We will disclose your timezone automatically with workspace managers, you can opt out of timezone sharing by chatting with our team in the messenger. Any information you willingly provide inside of a workspace will also be shared with workspace management and can be accessed by others.

Gold Tier Workspaces (Enterprise): Workspaces which are on our Gold Tier may receive your personal information in accordance with an enterprise's instructions, including any applicable terms within the Hyra Agreement and the use of an enterprise administrator's administrative utility and in compliance with applicable laws and legal processes. We may also allow Gold Tier to access the profile information of authorised users, including to allow such enterprise to validate that such authorised user is actually authorised by such enterprise to use their services.

Disclosures to Protect Us or Others: We may access, preserve, and disclose any information we store in association with you to external parties if we, in good faith, believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our, or others’ rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with an investigation and prosecution of suspected or actual illegal activity.

Disclosure in the Event of Merger, Sale, or Other Asset Transfer: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

International Data Transfers

All information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.

How we make sure your data is safe

Your privacy rights and choices

  • Your right to be informed if your personal data is being used - Hyra must inform you if it is using your personal data.
  • Your right to get copies of your data - You have the right to find out if Hyra is using or storing your personal data.
  • Your right to get your data corrected - You can challenge the accuracy of personal data held about you by Hyra.
  • Your right to get your personal data deleted - You can ask Hyra to delete personal data that it holds about you.
  • Your right to limit how organisations use your data - You can limit the way Hyra uses your personal data.
  • Your right to data portability - You have the right to get your personal data from Hyra in a way  that is accessible.
  • The right to object to the use of your data - You have the right to object to the processing or use of your personal data in some circumstances.
  • Your rights relating to decisions being made about you without human involvement - Decisions are made about you when your personal data is processed automatically.
  • Your right to raise a concern - Talk to us if you're concerned about how we are using your data.

Changes to this notice

We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.

Collection and use of personal data of California residents

This Privacy Notice applies to California consumers and supplements the Privacy Policy.

California Shine the Light Law: The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. To make such a request from us, if entitled, please use the contact information listed below.

California Consumer Privacy Act (CCPA): We do not sell your data.