Privacy Policy
Last Updated: January 30, 2026
This Privacy Policy explains how HiveMQ, Inc. and HiveMQ GmbH (collectively, “HiveMQ,” “we,” “us,” or “our”) collect, use, share, and protect personal data when you interact with us, including when you visit our websites, use our products and services (including self-service offerings), use AI Agents, interact with our branded social media pages, attend events, or otherwise communicate with us (collectively, the “Services”).
This Privacy Policy is intended to meet the requirements of applicable data protection laws worldwide, including the EU General Data Protection Regulation (GDPR), UK GDPR, the German Federal Data Protection Act (BDSG), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), Australia’s Privacy Act 1988, and similar laws in force as of 2026.
This Privacy Policy supplements, and does not replace, the contractual terms governing your use of HiveMQ products and services (such as the Terms of Service, Individual Use Terms, Enterprise Subscription Agreements, and any applicable Data Processing Addendum (“DPA”)). In the event of a conflict, the applicable agreement controls. These agreements can be found on the HiveMQ Website Legal Page.
1. Who Is Responsible for Processing Your Data
1.1 Data Controllers
Depending on the Service, your location, and the nature of your interaction with HiveMQ, the following entities may act as data controllers:
HiveMQ GmbH
HiveMQ GmbH is primarily responsible for processing personal data in connection with:
users and customers located in the European Union and the United Kingdom;
HiveMQ’s European operations; and
enterprise customer relationships governed by EU-based agreements.
HiveMQ, Inc.
HiveMQ, Inc. is primarily responsible for processing personal data in connection with:
users and customers located in the United States and other non-EU regions;
self-service purchases and billing via credit card; and
marketing, sales, and customer relationships governed by U.S.-based agreements.
Where HiveMQ entities jointly determine the purposes and means of processing, they may act as joint controllers under applicable data protection laws.
2. How and When This Privacy Policy Applies
This Privacy Policy applies to personal data processed by HiveMQ when you interact with us in the contexts described below.
2.1 When This Privacy Policy Applies
This Privacy Policy applies when HiveMQ processes personal data as a data controller, including when you:
visit or interact with HiveMQ websites, marketing pages, documentation sites, or other online properties that link to this Privacy Policy;
create or use an account on HiveMQ’s Sites;
purchase or use HiveMQ products or services through online self-service checkout in an individual or personal capacity;
interact with HiveMQ AI Agents, tools, or features made available through our Sites;
communicate with HiveMQ (for example, by email, forms, support requests, or events);
interact with HiveMQ’s branded social media pages; or
participate in HiveMQ marketing, sales, or recruiting activities.
In these contexts, HiveMQ determines the purposes and means of processing personal data, and this Privacy Policy explains how such data is collected, used, disclosed, and protected.
HiveMQ processes personal data in different roles depending on how you interact with us:
2.2 This Privacy Policy Does Not Replace Customer Agreements
Where HiveMQ processes personal data on behalf of enterprise customers as part of providing contracted services:
HiveMQ acts as a data processor (or service provider), not as a controller; and
the processing of such personal data is governed by the applicable agreement, such as the Enterprise Subscription Agreement, End User License Agreement, and DPA.
In those cases, this Privacy Policy is provided for transparency only and does not modify or expand HiveMQ’s obligations under the applicable agreement.
Self-Managed Software and Customer-Controlled Environments
When customers deploy HiveMQ self-managed software in environments they control, HiveMQ generally does not access or process personal data contained in customer systems, except as necessary for limited purposes such as licensing, support, security, telemetry, and compliance. Any such processing is governed by the applicable agreement.
Third-Party Services and Platforms
This Privacy Policy does not apply to third-party websites, platforms, or services that you may access through links, integrations, or embedded content on HiveMQ’s Sites. Those third parties process personal data in accordance with their own privacy policies.
3. Categories of Personal Data We Collect
3.1 Categories
The table below describes the categories of personal data HiveMQ may collect, along with examples and the contexts in which the data is collected.
Category of Personal Data | Examples | How / When Collected |
|---|---|---|
Identifiers and Contact Information | Name, email address, phone number, username, account ID | When you create an account, complete forms, register for events, subscribe to communications, contact us, or interact with HiveMQ AI Agents |
Professional or Employment Information | Company name, job title, role, industry, business contact details | When you interact with HiveMQ in a business or professional capacity, including sales, marketing, support, or partner interactions |
Account and Authentication Data | Login credentials (hashed), authentication events, login timestamps, access logs, account status | When you create or use a HiveMQ account, log in to the Sites, or access account-based features |
Commercial and Transaction Data | Billing address, payment method details, transaction records, invoices, subscription information | When you purchase HiveMQ products or services through self-service checkout or otherwise transact with HiveMQ |
Communications and Support Data | Emails, chat messages, support tickets, inquiries, feedback, recordings or transcripts (where applicable) | When you communicate with HiveMQ, request support, provide feedback, or participate in calls or events |
Usage and System Data | System logs, telemetry, performance metrics, configuration metadata, entitlement and license information | Automatically collected when you access or use HiveMQ Sites, Services, AI Agents, or related features |
Device and Network Information | IP address, approximate location, device type, browser, operating system | Automatically collected through cookies, logs, and similar technologies when you access the Sites or Services |
Marketing and Engagement Data | Newsletter sign-ups, webinar registrations, event attendance, email open/click data | When you engage with HiveMQ marketing communications, campaigns, or events |
Social Media Interaction Data | Public profile information, comments, likes, messages, reactions | When you interact with HiveMQ’s branded social media pages on third-party platforms |
AI Agent Inputs | Prompts, questions, or other content submitted to AI Agents | When you interact with HiveMQ AI-powered tools or features |
AI Agent Outputs | Responses generated by AI Agents | Generated in response to AI Agent inputs |
Recruitment Data | Résumes, CVs, application materials, interview notes | When you apply for a job or engage in recruiting activities with HiveMQ |
If you provide us, our service providers or our affiliates with any Personal Data relating to other individuals, you:
represent that you have the authority to do so,
where required, have obtained their necessary consent(s) to share their Personal Data with us for processing, and
acknowledge and accept that it may be used in accordance with this Privacy Policy.
If you believe that your Personal Data has been provided to us improperly, or want to exercise your rights relating to your Personal Data, please contact us by using the information in Section 19 below.
Sensitive Personal Information (CCPA/CPRA Notice)
HiveMQ does not intentionally collect or use Sensitive Personal Information (such as precise geolocation, government identifiers, biometric data, or health data), except where required for security, legal compliance, or expressly disclosed.
3.2 Personal Data We Collect From Other Sources
Partners, Resellers, and Commercial Data Providers
We may obtain professional or business contact information about you from third-party sources, including commercial data providers (such as providers of business contact databases), partners, resellers, event sponsors, and publicly available sources.
This information may include your name, job title, role, company name, industry, business email address, business phone number, mailing address, and publicly available professional profile information.
We use this information for business-to-business sales, marketing, and relationship management purposes, including identifying organizations that may benefit from HiveMQ products or services, communicating with professionals about relevant products, services, or events, maintaining accurate business contact records, and measuring and improving the effectiveness of our marketing campaigns.
We process this information based on our legitimate interests in promoting and growing our business, except where consent is required by applicable law. You may opt out of marketing communications at any time using the unsubscribe mechanisms provided in our communications or by contacting us directly.
HiveMQ does not sell personal information and does not share personal information for cross-context behavioral advertising within the meaning of the CCPA/CPRA.
Other sources may include information provided by another individual at your organization (such as an administrator or purchaser), developer or community platforms (such as GitHub) in connection with open-source or community participation, and limited publicly available information collected where necessary for security or safety purposes.
4. Purposes and Legal Bases of Processing
HiveMQ processes personal data for purposes including website operation, security, fraud prevention, account management, service delivery, billing, customer support, enforcement of contractual terms and acceptable use policies, marketing, recruitment, analytics, and operation and improvement of AI Agents.
Processing is based on contractual necessity, legitimate interests, legal obligations, or consent, depending on the context and jurisdiction.
We process personal data for the following purposes and legal bases (GDPR):
Purpose | Legal Basis |
|---|---|
Website operation, security, fraud prevention | Art. 6(1)(f) |
Account creation and service delivery | Art. 6(1)(b) |
Billing and payments | Art. 6(1)(b), (c) |
Customer support and communications | Art. 6(1)(b), (f) |
Enforcement of contractual terms and Acceptable Use Policy | (Art. 6(1)(f)) |
Marketing and brand awareness (including via social media) | Art. 6(1)(f) or consent |
Recruitment and hiring | §26 BDSG / Art. 6(1)(b), (f) |
Analytics and service improvement | Art. 6(1)(f) or consent |
AI Agents operation and improvement | Art. 6(1)(b), (f) and/or consent |
Where required by law, we obtain consent and allow withdrawal at any time.
5. AI Agents and Automated Processing
5.1 AI Agents
HiveMQ may offer AI-powered features (“AI Agents”) designed to help users understand HiveMQ products and services. AI Agents responses are informational only and do not constitute professional advice.
5.2 Automated Decision-Making
HiveMQ does not engage in automated decision-making that produces legal or similarly significant effects under Article 22 GDPR or analogous laws.
5.3 AI Model Training and Improvement
HiveMQ may use AI Agents interaction data, including inputs, outputs, and related usage metadata, to improve and train AI models owned and operated by HiveMQ, solely for purposes such as enhancing functionality, accuracy, safety, reliability, and user experience of HiveMQ products and services.
Any such training is performed using aggregated, anonymized, or de-identified data, and is designed to prevent the identification of any individual or customer, except where otherwise expressly agreed in writing.
HiveMQ does not permit third parties to train their AI models (including general-purpose or foundation models) using customer data, confidential information, or AI Agents interactions processed through HiveMQ services.
HiveMQ does not sell, license, or otherwise make AI Agents data available for external AI training purposes.
Where HiveMQ processes data as a processor under an enterprise agreement or DPA, AI model training does not occur unless expressly permitted under that agreement.
6. Marketing Communications
We may send newsletters, product updates, and event invitations. You may opt out at any time via unsubscribe links or by contacting us. We may track engagement to improve relevance.
7. Cookies and Similar Technologies
We use cookies and similar technologies for:
essential website functionality;
analytics and performance;
marketing and advertising (where permitted).
You can manage cookie preferences via our cookie banner or browser settings.
See our Cookie Policy for details.
8. Third-Party Services
We use third-party providers for hosting, analytics, marketing, embedded content, and payment processing (e.g., Stripe) and social media platforms on which HiveMQ maintains branded pages.
These providers process data under contractual safeguards and their own privacy policies. HiveMQ is not responsible for third-party practices.
9. Branded Social Media Pages
HiveMQ maintains branded social media pages on third-party platforms such as Instagram and YouTube (the “Social Media Platforms”).
When you visit or interact with our branded social media pages (for example, by viewing content, liking posts, commenting, sharing, or sending messages), the relevant Social Media Platform may collect personal data about you independently and in accordance with its own privacy policies and terms.
HiveMQ may receive aggregated insights and may process personal data that you choose to share with us through these platforms (such as your public profile information, comments, messages, or reactions) for purposes including:
operating and managing our social media presence;
communicating with users and responding to inquiries;
analyzing engagement and improving our content; and
marketing and brand awareness.
The legal basis for this processing is our legitimate interest in maintaining a public presence and engaging with users, or your consent where required by applicable law.
Depending on the platform and applicable law, HiveMQ and the relevant Social Media Platform may each be responsible for separate aspects of data processing in connection with our branded pages. For information about how Social Media Platforms process your personal data, please review their respective privacy policies.
10. Who We Share Personal Data With
We may share personal data in the following circumstances, and only to the extent necessary for the purposes described in this Privacy Policy and as permitted by applicable law.
Service Providers
We share personal data with third-party service providers that perform services on our behalf, including IT and system administration, hosting, payment processing, analytics, marketing operations, event management, customer support, security monitoring, and data enrichment.
Certain service providers may support artificial intelligence or generative AI capabilities used by HiveMQ to analyze data, identify trends, improve services, and generate AI-powered responses or content. These providers process personal data only in accordance with our instructions and contractual safeguards.
HiveMQ Affiliates
We may share personal data with other entities within the HiveMQ corporate group where necessary for internal business purposes, including customer support, marketing, sales operations, technical operations, account management, and compliance.
Partners and Resellers
We may share personal data with authorized partners or resellers that support the provision, resale, or implementation of HiveMQ products and services, or that participate in joint marketing or customer engagement activities, where permitted by law and consistent with applicable agreements.
Event and Webinar Sponsors
If you register for or attend a HiveMQ-hosted or HiveMQ-sponsored event or webinar, we may share your registration information with event sponsors or co-hosts, where disclosed at the time of registration and where required by law, subject to your consent. In such cases, the sponsor’s privacy policy will apply to their use of your data.
Customers and Account Administrators
If you use HiveMQ services as an authorized user of a customer account, we may share personal data with the relevant customer or account administrator to support account management, access control, security investigations, compliance with contractual obligations, and enforcement of our terms and policies.
Professional Advisors
We may share personal data with professional advisors acting as service providers or independent controllers, such as legal counsel, auditors, accountants, insurers, and financial advisors, where necessary for legal, financial, or compliance purposes.
Corporate Transactions
Personal data may be disclosed or transferred as part of a merger, acquisition, reorganization, financing, dissolution, or sale of all or a portion of our business or assets. Where required by law, we will provide notice of such transfer.
Public Authorities and Legal Obligations
We may disclose personal data to courts, law enforcement, regulatory authorities, or other public bodies where required to comply with applicable law, legal process, or enforceable governmental requests.
Public Forums and Community Features
If you choose to post or share personal data through HiveMQ-hosted forums, communities, blogs, or public collaboration spaces, such information may be visible to others. Please consider carefully what information you choose to share in these contexts.
HiveMQ does not sell personal information and does not share personal information for cross-context behavioral advertising within the meaning of the CCPA/CPRA.
11. International Data Transfers
Where personal data is transferred outside the EU/EEA or UK, we rely on:
EU Standard Contractual Clauses (SCCs);
UK International Data Transfer Addendum;
adequacy decisions; or
other lawful transfer mechanisms.
Australia – Overseas Disclosure of Personal Information
For the purposes of Australian privacy law, “personal information” includes information or opinions about an identified individual, or an individual who is reasonably identifiable, whether true or not.
If you are located in Australia, please note that HiveMQ may disclose personal information to recipients located outside Australia, including in the European Union, the United States, and other countries where HiveMQ or its service providers operate.
Where we disclose personal information overseas, we take reasonable steps to ensure that the overseas recipient handles the information in a manner consistent with the Australian Privacy Principles, including through contractual safeguards and other appropriate measures.
12. Data Retention
We retain personal data only as long as necessary for the purposes described or as required by law.
Customer Data retention and deletion following termination are governed by the applicable contract. Usage and system data may be retained longer for security, compliance, billing, and operational purposes
13. Your Privacy Rights
Depending on your location, you may have rights to:
access your personal data;
correct inaccurate data;
request deletion or restriction;
object to processing;
withdraw consent;
receive data portability;
opt out of certain uses, such as marketing.
Requests may be submitted using the contact details below.
14. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following rights under the CCPA/CPRA:
the right to know what categories of personal information we collect, use, disclose, and share;
the right to access and receive a copy of your personal information;
the right to correct inaccurate personal information;
the right to request deletion of personal information, subject to legal exceptions;
the right to opt out of the sale or sharing of personal information (if applicable);
the right to limit the use of Sensitive Personal Information (if applicable); and
the right not to receive discriminatory treatment for exercising your rights.
HiveMQ does not sell personal information and does not share personal information for cross-context behavioral advertising.
California requests may be submitted by emailing:
📧 contact@hivemq.com (subject line: “California Privacy Request”)
15. Australia – Privacy Complaints
If you are located in Australia and have a complaint about how HiveMQ handles your personal information, you may contact us using the details below. We will investigate your complaint and respond within a reasonable period.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
16. Children
HiveMQ’s websites, products, and services are not intended for children under the age of 18, and HiveMQ does not knowingly collect personal data from children under 18.
If you believe that a child under the age of 18 has provided personal data to HiveMQ, please contact us at contact@hivemq.com, and we will take reasonable steps to delete such information as required by applicable law.
17. Security Measures
We implement appropriate technical and organizational measures, including encryption (TLS), access controls, and monitoring, to protect personal data. You can visit our Security & Trust page or our Trust Center for more information on our certification and security practices.
No system is completely secure, but we continuously improve our safeguards.
18. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The “Last Updated” date reflects the current version. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a notice on our Sites or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.
19. Contact
General Questions
For general questions or concern about the this Privacy Policy, please contact: contact@hivemq.com
For Privacy or legal related questions, please contact: legal@hivemq.com
HiveMQ may update its contact information from time to time by posting updated details on its Sites or Legal Page.
