Privacy Policy

This Privacy Policy describes the policies and procedures of Heepsy on the collection, use and disclosure of your information, and what choices you have with respect to the information.
When we refer to Heepsy we mean the Heepsy entity that acts as the controller or processor of your information, as explained in more detail in the respective User policies for each products.
We receive information about you from various sources, including: (i) certain contact information and other information about yourself when you make an inquiry on the website, and (ii) your use of the website generally. When you make an inquiry or otherwise use the website, you are consenting to the collection, transfer, manipulation, storage, disclosure and other uses of your information as described in this Privacy Policy.
Our Privacy Policy applies to all visitors, users, and others who access our websites.
Updates in this version of the Privacy Policy reflect changes in data protection laws. In addition, we have worked to make the Privacy Policy clearer and more understandable.
Please read this statement carefully to understand our policies and practices regarding your information and how we will treat it.

What Does This Privacy Policy Cover?

This Privacy Policy covers the treatment of personal data (“Personal Data”) gathered when you are using or accessing Heepsy.com (the “Site”) and other interactions (e.g., customer services inquiries, newsletter, etc.).
This Privacy Policy also covers our treatment of any Personal Data that our business partners share with us or that we share with our business partners.
This Privacy Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third party websites, services and applications (“Third Party Services”) that you elect to access through the Service or to individuals that we do not manage or employ. While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third Party Services. We encourage you to carefully review the privacy policies of any Third Party Services you access.
Our Privacy Policy applies to all of the services offered by Heepsy and its affiliates, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.
Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

What Information Do We Collect and Receive?

The information we gather enables us to personalize, improve and continue to operate the Site. In connection with certain aspects of the Site, we may request, collect and/or displaysome of your Personal Data. We collect the following types of information from our users:
Usage Information:
  • IP Address Information and Other Information Collected Automatically
    We automatically receive and record information from your web browser when you interact with the Site, including your IP address and Cookie information. Generally, the Site automatically collects usage information, such as the number and frequency of visitors to the Site. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify you personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Site so that we can analyze and improve them.
  • Device Identifiers.
    When you access the Site by or through a mobile device (including but not limited to smart-phones or tablets), we may access, collect, monitor and/or remotely store one or more “device identifiers,” such as a universally unique identifier. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by us. A device identifier may convey information to us about how you browse and use the Site. A device identifier may remain persistently on your device, to help you log in faster and enhance your navigation through the Site. Some features of the Site and Site may not function properly if use or availability of device identifiers is impaired or disabled.
  • Location Data.
    When you access the Site by or through a mobile device, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device. Location data may convey to us information about how you browse and use the Site and Site. Some features of the Site, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled.
  • Aggregate Information.
    We collect statistical information about how, collectively, users use the Site (“Aggregate Information”). Some of this information is derived from Personal Data. This statistical information cannot be tied back to you or your web browser.

Cookies Information:

We use Cookies and similar technologies in our Sites and Services that help us collect other information. The Sites and Services may also include Cookies and similar tracking technologies of third parties, which may collect information about you via the Sites and Services and across other websites and online services. For more details about how we use these technologies, please see our Cookies Policy.
Contact Information:
If you sign up to the Site, we may collect Personal Data such as your email address and telephone number. If you DO NOT wish to receive marketing communication from us, please send us an email: privacy@heepsy.com or directly unsubscribe from marketing communication by clicking on the unsubscribe link.

How Do We Use the Data Collected?

Your Personal Data will be used by Heepsy in accordance with your instructions, including any applicable terms in agreements and use of Services functionality, and as required by Applicable Laws. Your Personal Data include the data communicated by you when using the forms on the site.
Heepsy provides the Services in different parts of the world. Data protection laws in certain jurisdictions differentiate between the “controller” and “processor” of information.
Heepsy is the data controller of the data processing involving your Personal Data collected through our Site. The purpose of this data processing is to provide you with our Services and to facilitate your navigation on our website as explained below.
We use the Personal Data you provide to us to:
  • Enable us to provide you with the Services and information offered through the Site and which you request;
  • Analyse use of the Site and the people visiting in order to improve our content and services including research into our users’ demographics;
  • Facilitate your navigation of our Site;
  • Send you information we think you may find useful or which you have requested from us, including receipt of marketing communications, provided you have indicated that you want to be contacted for this purpose.
Public Information about Your Activity on the Site:
Information concerning your use of the Site (such as what pages they have visited) may be tracked anonymously through the use of Cookies and stored by us.
Please also remember that if you choose to provide Personal Data using certain network features of the Site, then that information is governed by the privacy settings of those particular features and may be available to others. Individuals reading such information may use or disclose it to other individuals or entities without our control and without your knowledge. We therefore urge you to think carefully about including any specific information you may deem private in content that you create or information that you submit through the Site.
IP Address Information:
While we collect and store IP address information, that information is not made public. We do at times, however, share this information with our partners, service providers and other persons with whom we conduct business, and as otherwise specified in this Privacy Policy.
Information Shared with Analytical Services:
We use certain analytics providers (including but not limited to Google Analytics, Google Optimize, Full Story, Hotjar) in order to better understand how the Site is used and how it can be improved. Your IP address information may be accessed by one or more of such analytics providers. In addition, information regarding the usage activity of a certain portion of users of the Site may be shared. These providers do not collect any personal information or store IP address locally on their websites.
Aggregate Information:
We share Aggregate Information with our partners, service providers and other persons with whom we conduct business. We share this type of statistical data so that our partners can understand how and how often people use the Site and their services or websites, which facilitates improving both their services and how the Site interface with them. In addition, these third parties may share with us non-private, aggregated or otherwise non Personal Information about you that they have independently developed or acquired.
Information Shared with Our Agents:
We employ and contract with people and other entities that perform certain tasks on our behalf and who are under our control (our “Agents”). We may need to share Personal Data with our Agents in order to provide products or services to you. Unless we tell you differently, our Agents do not have any right to use Personal Data or other information we share with them beyond what is necessary to assist us. You hereby consent to our sharing of Personal Data with our Agents.
Information Disclosed Pursuant to Business Transfers:
In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy.
Information Disclosed for Our Protection and the Protection of Others:
We also reserve the right to access, read, preserve, and disclose any information as it reasonably believes is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce these Terms of Service, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.

Information We Share With Your Consent:
Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and you will be able to prevent the sharing of this information.

Is Information About Me Secured?

We work hard to secure your Personal Data from unauthorized access to or unauthorized processing, alteration, disclosure or destruction of Personal Data we hold by taking appropriate Technical and Organisational Security Measures, having regard to the state of the technological development and the cost of implementing any measures where appropriate, for example, pseudonymisation and encryption of Personal Data.
Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
We otherwise store all of our information, including your IP address information, using industry-standard techniques. We do not guarantee or warrant that such techniques will prevent unauthorized access to information about you that we store, Personal Information or otherwise.
Where it is likely that a breach results in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority within 72 hours of the becoming aware of it. This information can be provided in phases to facilitate a fast and efficient reporting.
Where a breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify those concerned directly with the following information:
  • The nature of the Personal Data breach including, where possible:
  • The categories and approximate number of individuals concerned; and
  • The categories and approximate number of Personal Data records concerned.
  • The name and contact details of the Data Protection Officer or other contact point where more information can be obtained.
  • A description of the likely consequences of the Personal Data breach.
  • A description of the measures taken, or proposed to be taken, to deal with the Personal Data breach and, where appropriate, of the measures taken to mitigate any possible adverse effects.
  • The servers that store your Personal Data have appropriate administrative, technical, and physical controls that are designed to safeguard your Personal Data, including industry-standard encryption technology.

If you have any questions or concerns regarding security using the Site, please send us a detailed message to privacy@heepsy.com. We will make every effort to answer your concerns. Any security inquiries will be handled using our Heepsy Security Incident Practices documentation.

California Privacy Rights (for California residents)

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Data that we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to privacy@heepsy.com.

Your rights under GDPR (for EEA residents)

“Personal Data” means personal data as defined in the GDPR.
“Process” or “Processing” means any operation or set of operations performed upon Personal Data, whether or not by automatic means, such as creation, collection, procuration, obtaining, accession, recording, organisation, storage, adaption or alteration, retrieval, consultation, dissemination or otherwise making available, use, disclosure by transmission, restriction, erasure or destruction.
Under the General Data Protection Regulation (GDPR), you have the right to ensure that:
  • we process your Data fairly and lawfully within the consent you have provided us.
  • your Data is accurate.
  • your Data is secure.
You can:
  • ask confirmation of whether, and where, a Controller is processing Personal Data;
  • ask us to provide details of the Personal Data we hold on you (information about the purposes of the processing, the categories of Data being processed, the categories of recipients with whom the Data may be shared,and obtain a copy of the Personal Data being processed (see the contact information below);
  • know how long we keep your Personal Data;
  • use your rights to erasure, to rectification, to restriction of processing and to object to processing, or to complaint to relevant authorities;
  • obtain information regarding the source of the Data if the Data were not collected directly from you ; and
  • obtain information about the existence of, and an explanation of the logic involved in, any automated processing that has a significant effect on you or other data subjects.
We will maintain complete and accurate records and information to demonstrate our compliance with our obligations under this Privacy Policy and also for audits conducted by you or on your behalf.
To exercise any of these rights, please contact us at privacy@heepsy.com. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.

How Long Do We Conserve Your Data?

Heepsy will retain your Personal Data in accordance with your instructions, including any applicable terms in agreements and use of Services functionality, and as required by Applicable Laws and only for the period of time necessary to fulfill the specific purposes for which the Data were collected or further processed, if for compatible purposes.

What Happens When There are International Data Transfers?

We are a global organisation, as such, we may share information about you within Heepsy offices and with affiliates and transfer it to countries in the world where we do business in connection with the uses identified above and in accordance with this Privacy Policy.
In some cases, we use suppliers located in various countries to collect, use, analyse, and otherwise process information on its behalf. It is our practice to require such suppliers to handle information in a manner consistent with our policies and Applicable Laws.
For transfers of Personal Data outside of the EEA, we are making sure that any of these transfers are supported by the strict legal compliance of our suppliers to the GDPR. When necessary, compliance can be achieved by the use of an approved certification mechanism such as the EU-US Privacy Shield. This framework was developed to establish a way for companies to comply with data protection requirements when transferring Personal Data from the European Union to the United States.
We also offer EU Standard Contractual Clauses (also called Model Clauses), to meet the GDPR requirements for our customers who operate in the E.U.

How Do I Review or Change my Personal Data?

If you would like to review or change your Personal Data, we will deal promptly and appropriately with any inquiries unless we have to keep that information for legitimate business or legal purposes. However, if your requests are deemed to be excessive or complex a small fee may be charged and a time-period extension may apply.
You can contact us at: privacy@heepsy.com.

How Do I Opt-Out & Unsubscribe?

We respect your privacy and give you an opportunity to opt-out of receiving announcements of certain information or delete, transfer, access, update any Personal Data that you have provided to us and used by the Site or our Services.You can contact us at: privacy@heepsy.com.

How do you Protect Children’s Privacy?

Heepsy does not knowingly collect Personal Data from children under the age of thirteen (13). If you believe we might have any information from or about a child under thirteen (13), please contact us at privacy@heepsy.com.

What Happens When There are International Data transfers?

Although most changes are likely to be minor, Heepsy will occasionally update this Privacy Policy to reflect company and customer feedbacks about the Site. Changes and clarifications will take effect immediately upon their posting on this Site. Heepsy encourages you to periodically review this Privacy Policy to be informed of how we are protecting your information and check for any changes. We have the sole discretion to modify this Privacy Policy. If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through the Services.

How to contact us?

If you have any questions or concerns regarding privacy using the Site, please send us a detailed message to privacy@heepsy.com. We will make every effort to resolve your concerns.We have made revisions to this Privacy Policy, effective May 25th, 2018. By continuing to use our services after May 25th, you agree to the new Privacy Policy.