When we refer to Heepsy we mean the Heepsy entity that acts as the controller or processor of your information, as explained in more detail in the respective User policies for each products.
Please read this statement carefully to understand our policies and practices regarding your information and how we will treat it.
What Information Do We Collect and Receive?The information we gather enables us to personalize, improve and continue to operate the Site. In connection with certain aspects of the Site, we may request, collect and/or displaysome of your Personal Data. We collect the following types of information from our users:
- IP Address Information and Other Information Collected Automatically
We automatically receive and record information from your web browser when you interact with the Site, including your IP address and Cookie information. Generally, the Site automatically collects usage information, such as the number and frequency of visitors to the Site. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify you personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Site so that we can analyze and improve them.
- Device Identifiers.
When you access the Site by or through a mobile device (including but not limited to smart-phones or tablets), we may access, collect, monitor and/or remotely store one or more “device identifiers,” such as a universally unique identifier. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by us. A device identifier may convey information to us about how you browse and use the Site. A device identifier may remain persistently on your device, to help you log in faster and enhance your navigation through the Site. Some features of the Site and Site may not function properly if use or availability of device identifiers is impaired or disabled.
- Location Data.
When you access the Site by or through a mobile device, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device. Location data may convey to us information about how you browse and use the Site and Site. Some features of the Site, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled.
- Aggregate Information.
We collect statistical information about how, collectively, users use the Site (“Aggregate Information”). Some of this information is derived from Personal Data. This statistical information cannot be tied back to you or your web browser.
If you sign up to the Site, we may collect Personal Data such as your email address and telephone number. If you DO NOT wish to receive marketing communication from us, please send us an email: firstname.lastname@example.org or directly unsubscribe from marketing communication by clicking on the unsubscribe link.
How Do We Use the Data Collected?Your Personal Data will be used by Heepsy in accordance with your instructions, including any applicable terms in agreements and use of Services functionality, and as required by Applicable Laws. Your Personal Data include the data communicated by you when using the forms on the site.
Heepsy provides the Services in different parts of the world. Data protection laws in certain jurisdictions differentiate between the “controller” and “processor” of information.
Heepsy is the data controller of the data processing involving your Personal Data collected through our Site. The purpose of this data processing is to provide you with our Services and to facilitate your navigation on our website as explained below.
We use the Personal Data you provide to us to:
- Enable us to provide you with the Services and information offered through the Site and which you request;
- Analyse use of the Site and the people visiting in order to improve our content and services including research into our users’ demographics;
- Facilitate your navigation of our Site;
- Send you information we think you may find useful or which you have requested from us, including receipt of marketing communications, provided you have indicated that you want to be contacted for this purpose.
Please also remember that if you choose to provide Personal Data using certain network features of the Site, then that information is governed by the privacy settings of those particular features and may be available to others. Individuals reading such information may use or disclose it to other individuals or entities without our control and without your knowledge. We therefore urge you to think carefully about including any specific information you may deem private in content that you create or information that you submit through the Site.
IP Address Information:
Information Shared with Analytical Services:
We use certain analytics providers (including but not limited to Google Analytics, Google Optimize, Full Story, Hotjar) in order to better understand how the Site is used and how it can be improved. Your IP address information may be accessed by one or more of such analytics providers. In addition, information regarding the usage activity of a certain portion of users of the Site may be shared. These providers do not collect any personal information or store IP address locally on their websites.
We share Aggregate Information with our partners, service providers and other persons with whom we conduct business. We share this type of statistical data so that our partners can understand how and how often people use the Site and their services or websites, which facilitates improving both their services and how the Site interface with them. In addition, these third parties may share with us non-private, aggregated or otherwise non Personal Information about you that they have independently developed or acquired.
Information Shared with Our Agents:
We employ and contract with people and other entities that perform certain tasks on our behalf and who are under our control (our “Agents”). We may need to share Personal Data with our Agents in order to provide products or services to you. Unless we tell you differently, our Agents do not have any right to use Personal Data or other information we share with them beyond what is necessary to assist us. You hereby consent to our sharing of Personal Data with our Agents.
Information Disclosed Pursuant to Business Transfers:
In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy.
Information Disclosed for Our Protection and the Protection of Others:
We also reserve the right to access, read, preserve, and disclose any information as it reasonably believes is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce these Terms of Service, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.Information We Share With Your Consent:
Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and you will be able to prevent the sharing of this information.
Is Information About Me Secured?We work hard to secure your Personal Data from unauthorized access to or unauthorized processing, alteration, disclosure or destruction of Personal Data we hold by taking appropriate Technical and Organisational Security Measures, having regard to the state of the technological development and the cost of implementing any measures where appropriate, for example, pseudonymisation and encryption of Personal Data.
Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
We otherwise store all of our information, including your IP address information, using industry-standard techniques. We do not guarantee or warrant that such techniques will prevent unauthorized access to information about you that we store, Personal Information or otherwise.
Where it is likely that a breach results in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority within 72 hours of the becoming aware of it. This information can be provided in phases to facilitate a fast and efficient reporting.
Where a breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify those concerned directly with the following information:
- The nature of the Personal Data breach including, where possible:
- The categories and approximate number of individuals concerned; and
- The categories and approximate number of Personal Data records concerned.
- The name and contact details of the Data Protection Officer or other contact point where more information can be obtained.
- A description of the likely consequences of the Personal Data breach.
- A description of the measures taken, or proposed to be taken, to deal with the Personal Data breach and, where appropriate, of the measures taken to mitigate any possible adverse effects.
- The servers that store your Personal Data have appropriate administrative, technical, and physical controls that are designed to safeguard your Personal Data, including industry-standard encryption technology.
If you have any questions or concerns regarding security using the Site, please send us a detailed message to email@example.com. We will make every effort to answer your concerns. Any security inquiries will be handled using our Heepsy Security Incident Practices documentation.
California Privacy Rights (for California residents)Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Data that we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to firstname.lastname@example.org.
Your rights under GDPR (for EEA residents)“Personal Data” means personal data as defined in the GDPR.
“Process” or “Processing” means any operation or set of operations performed upon Personal Data, whether or not by automatic means, such as creation, collection, procuration, obtaining, accession, recording, organisation, storage, adaption or alteration, retrieval, consultation, dissemination or otherwise making available, use, disclosure by transmission, restriction, erasure or destruction.
Under the General Data Protection Regulation (GDPR), you have the right to ensure that:
- we process your Data fairly and lawfully within the consent you have provided us.
- your Data is accurate.
- your Data is secure.
- ask confirmation of whether, and where, a Controller is processing Personal Data;
- ask us to provide details of the Personal Data we hold on you (information about the purposes of the processing, the categories of Data being processed, the categories of recipients with whom the Data may be shared,and obtain a copy of the Personal Data being processed (see the contact information below);
- know how long we keep your Personal Data;
- use your rights to erasure, to rectification, to restriction of processing and to object to processing, or to complaint to relevant authorities;
- obtain information regarding the source of the Data if the Data were not collected directly from you ; and
- obtain information about the existence of, and an explanation of the logic involved in, any automated processing that has a significant effect on you or other data subjects.
To exercise any of these rights, please contact us at email@example.com. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
How Long Do We Conserve Your Data?Heepsy will retain your Personal Data in accordance with your instructions, including any applicable terms in agreements and use of Services functionality, and as required by Applicable Laws and only for the period of time necessary to fulfill the specific purposes for which the Data were collected or further processed, if for compatible purposes.
In some cases, we use suppliers located in various countries to collect, use, analyse, and otherwise process information on its behalf. It is our practice to require such suppliers to handle information in a manner consistent with our policies and Applicable Laws.
For transfers of Personal Data outside of the EEA, we are making sure that any of these transfers are supported by the strict legal compliance of our suppliers to the GDPR. When necessary, compliance can be achieved by the use of an approved certification mechanism such as the EU-US Privacy Shield. This framework was developed to establish a way for companies to comply with data protection requirements when transferring Personal Data from the European Union to the United States.
We also offer EU Standard Contractual Clauses (also called Model Clauses), to meet the GDPR requirements for our customers who operate in the E.U.
How Do I Review or Change my Personal Data?If you would like to review or change your Personal Data, we will deal promptly and appropriately with any inquiries unless we have to keep that information for legitimate business or legal purposes. However, if your requests are deemed to be excessive or complex a small fee may be charged and a time-period extension may apply.
You can contact us at: firstname.lastname@example.org.