How we collect, use, and protect your personal data
Last updated: 05.01.2026
This Privacy Policy is intended to help you understand how we collect, use, and protect your personal data when you use the Holly website and related services. By accessing or using our website and services, you agree to the terms outlined in this Privacy Policy and our Terms of Service, which are an integral part of this Privacy Policy.
We offer two versions of this Privacy Policy: a comprehensive legal version with all the detailed terms and a summarized version to help make the legal language more accessible. Before using our website or services, we strongly recommend that you read both the Privacy Policy and our Terms of Service.
If you have any questions or concerns regarding this Privacy Policy, please reach out to us at support@holly-co.app.
This Privacy Policy explains what data we collect from you while you use our website and services. It details how we use that data, where we store it, and the measures we take to protect it.
In short: to provide our services, we need to process some of your personal data. We will always ask for your consent first if we need to use your data for purposes other than providing the service. We will not share your data with third-party advertisers.
| Quick Summary | Full Text |
|---|---|
| 1. Who are we? We are Holly, operated by Gray Peach Media Inc, Hawaii, USA. Contact: support@holly-co.app | We are Holly, a brand operated by Gray Peach Media Inc, located in Hawaii, USA. Legal Address: Gray Peach Media Inc, Reg number: P24000052874, 2222 Aloha Dr Unit 101, Honolulu, HI 96815 USA. |
| 2. What is covered? This policy applies to all users globally who interact with our website and services. | This Privacy Policy explains the data we collect from you when using our website or service and applies to all users globally. It covers personal data collected while interacting with Holly's website and services. |
| 3. Minors Our services are not for users under 18. We will remove any such data immediately. | Our website and services are not intended for individuals under the age of 18. If we discover that we have collected personal data from a minor without parental consent, we will take immediate action to remove such data and terminate the account. |
| 4. What we collect Personal info you provide (email, payment details) and automatic data (location, usage, device info). | We collect: email address, payment details, parts of your credit card number, name on card, expiration date. We may also collect location data (via GPS, IP address, or Wi-Fi) and usage metrics such as pages visited and time spent on the website. |
| 5. How we use it To create accounts, deliver services, verify identity, provide support, and improve our platform. | We process your data to create and manage your account, provide and improve our services, verify your identity, ensure safety and security, troubleshoot issues, communicate with you, meet legal obligations, and support ongoing research and development. |
| 6. Why we collect it Contractual obligation, legal compliance, legitimate interests, and your consent. | We collect data based on: (1) performance of a contract — to fulfill the services you request; (2) legal compliance — to meet regulatory requirements; (3) legitimate interests — fraud prevention, service improvement; (4) your consent — which you can withdraw at any time. |
| 7. Who we share it with We never sell your data. We may share with service providers, in business transfers, or for legal reasons. | We collaborate with third-party service providers (cloud storage, marketing partners, legal advisors) under data protection agreements. We may disclose data when required by law. We will never sell your personal data to any third party. |
| 8. Cookies We use session cookies for analytics. You can manage them via browser settings. | We primarily use session cookies to store your preferences, which expire once you close your browser. These cookies are generally employed for analytical purposes. You can manage or disable cookies through your browser settings. |
| 9. Data security Your data is stored in the USA, encrypted with RSA (4096-bit) and AES (256-bit). | Your data is securely stored on servers within the USA. We use RSA (4096-bit) and AES (256-bit) encryption, firewalls, and HTTPS transmission. Passwords are hashed using MD5. Data is encrypted during transmission and processed immediately without being stored on disks. |
| 10. International transfers Your data may be transferred outside the USA with appropriate safeguards. | As part of our global operations, your data may need to be transferred outside the USA. When this occurs, we ensure that all necessary measures are in place, including the use of standard contractual clauses approved by applicable law. |
| 11. Your rights Access, rectification, portability, erasure, restrict processing, object, and lodge complaints. | You have the right to: access your data, correct inaccuracies, obtain a portable copy, request deletion, restrict or object to processing, and file a complaint with the relevant supervisory authority. You also have the right not to be subject to solely automated decision-making. Contact us at support@holly-co.app to exercise any of these rights. |
| 12. Policy updates We may update this policy. We'll notify you by email for significant changes. | We may update this Privacy Policy occasionally for legal compliance or to reflect changes in our service. The updated version will be made available on our website with a revised "Last Updated" date. If significant changes are made, we will notify you via email. |