← Back to Home

Privacy Policy

Last updated: 21 March 2026

1. Who We Are

HS Enterprise is a product of Seehusen Group. This policy explains how we collect, use, and protect your personal information when you use our services at seehusen.group and related domains.

2. Data We Collect

  • Email Address — collected during account creation for identification purposes.
  • Password — hashed with SHA-256 using a unique per-user salt before storage. We never store plaintext passwords.
  • Biometric Face Data — a numerical hash derived from your face scan. This is NOT a photograph — it is a mathematical representation that cannot be reversed into an image.
  • Skill & XP Data — your progress through educational modules and usage statistics.
  • Usage Data — pages visited, features used, and interaction patterns (anonymised).

3. Biometric Data (Face Scan)

Important: Your biometric data is stored ONLY on your device.

  • Face data is stored in your browser's localStorage — it never leaves your device
  • We do not transmit face data to any server
  • The face hash cannot be used to reconstruct your face
  • You can delete your biometric data at any time by clearing your browser data or clicking "Delete My Data" in settings

We collect biometric data only with your explicit, informed consent. You must check the consent box during signup before face scanning begins. You may revoke consent at any time.

4. How We Use Your Data

  • To authenticate you and provide access to your account
  • To track your educational progress and skill development
  • To prevent duplicate account creation
  • To improve our services

We do NOT sell, share, or transfer your personal data to third parties.

5. Data Storage & Security

  • All data is stored locally in your browser's localStorage
  • Passwords are hashed using SHA-256 with a unique per-user cryptographic salt
  • No data is transmitted to external servers (all processing happens client-side)
  • We use HTTPS for all web traffic

6. Your Rights

Under GDPR, CCPA, and applicable UK data protection law, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — receive your data in a portable format
  • Object — object to processing of your data
  • Withdraw consent — revoke biometric data consent at any time

To exercise any of these rights, contact us at privacy@seehusen.group.

7. Data Retention

Your data is retained for as long as you maintain an account. Upon account deletion or data erasure request, all personal data is permanently removed within 30 days.

8. Children's Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal data, please contact us immediately.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page.

10. Contact

For privacy inquiries: privacy@seehusen.group

Data Controller: Seehusen Group