YOUR PRIVACY IS IMPORTANT TO US
Last modified: May 17, 2018 (Updated to reflect changes required by the European General Data Protection Regulation, or GDPR).
There are many different services we offer, website design, hosting, online digital marketing, graphic design, social marketing, printing and consulting. When you share information with us, for example by submitting a contact form or subscribe to our newsletter, we aim to align our services with you in hopes of forming a mutually rewarding business alliance. In respect to the GDPR, we want you to be clear how we’re using the information we collect and the ways in which you can protect your privacy.
- What information we collect and why we collect it.
- How we use that information.
- How you can access, update or remove information.
INFORMATION WE COLLECT
We collect information to provide better services to all of our users – from personal information you provide us so we can communicate with you, to figuring out basic analytical data like which services we offer are most viewed, or what our website traffic flow looks like and where it comes from.
We collect information in the following ways:
- Information you give us. For example, our contact form or newsletter subscription requires your name and email address. Additional information you may volunteer to give us in order to contact you might include your phone number, website address or physical address.
- Information we get from you using our services. For example, you purchase a website design package or search engine optimization package. Depending on how the website is managed, or where the website is hosted, we may collect user login data to a current website account to create new web pages or modify existing pages, or migrating a website form one hosting provider to another. Some clients request us to build/modify/manage team/employee/staff pages. In order to build/modify/manage those pages we may collect employee data such as names, job titles, pictures, contact information and even work history/resumes. Often times our clients ask us to set up their email accounts or add email forwarding. In those instances we collect the necessary information to fulfill those requests.
- Cookies for analytical data – Data relating to your online activity on our websites includes the following examples; browser type and version, geographic location, pages you view and how you got to our website including referrals from other websites you visited such as organic search engine, website links and social websites.
- Payment information – Besides traditional methods of payment like checks or money orders, Hein ByDesign takes payments through 3rd party secure payment gateways such as PayPal. Please refer to PayPal for how they secure your payment information. On request, we can process credit cards over the phone through our PayPal app. In those instances we manually collect CC information over the phone to process a payment for a service we provided.
- We do not record or store phone calls.
HOW WE USE THE INFORMATION WE COLLECT
We have a legitimate interest in running a successful and efficient business and in providing you with information about the services we offer and a means to contact us for more information about those services.
When you contact Hein ByDesign Inc., we keep a record of the information you provide us. The information is stored on one of our local storage devices, a backup drive or both. Hein ByDesign will never transfer the information you provide us to a storage device outside our company unless you request/authorize us to do so, or by a legal authority mandate.
We do not directly share any personal information unless pre-authorized to do so. Examples include using a 3rd party email service like Chimp Mail to send newsletters, which requires user to pre-authorize their subscription.
We also use 3rd party invoicing & payment gateway like PayPal. PayPal handles the transactions securely from the payer through PayPal to Hein ByDesign so we never have access to your credit card information. If a manual payment is requested, the payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services. We do not store credit card information unless you authorize us to do so to facilitate future payments.
Additionally, we use the information we collect for the following purposes:
- To provide you with requested information or technical support
- To provide service updates or reports
- To ensure the proper functioning of our services
- To offer and improve our services
- To analyze movement through our website
- To do a better job of advertising and marketing our services (our use of your information to do this is performed with your consent where required by applicable law)
- To diagnose problems with our servers or our services
- In connection with our security and compliance programs
- To administer your websites
- To communicate with you
- To assist us in offering you a personalized experience or otherwise tailor our services to you
SHARING OF INFORMATION
Hein ByDesign will never share information except in certain circumstances:
- Our third party service providers and vendors as described above.
- Your third party service providers at your request – for example, providing you with a website service that adds a needed functionality, data security protection or other service. If you purchase a product or service from a third party through one of our brands, we will pass your personal information to such third party in order for them to fulfill your order.
- Authorized users by you within your organization.
- Corporate reorganization. If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transaction, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
- Legal reasons if legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be: violating our terms and conditions of use, causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or, violating federal, state, local, or other applicable law. This disclosure can include transferring your information to the U.S. and other countries outside the European Economic Area. To the extent we are legally permitted to do so, it is our policy to notify you in the event that we are required to provide your personal information to third parties in connection with a subpoena.
The transmission of information via the internet, email or text message is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted through the services or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal information against loss, theft and unauthorized use, access or modification. Specifically, the information is transferred to an offline client information document like Word or Excel. After which the email is permanently deleted from our mail servers. When we manually process a payment, we collect financial account information, such as credit card numbers, by telephone to protect against any online interception.
WHAT ARE COOKIES?
Cookies are small data files placed on your computer or other internet-enabled device that enable our features and functionality. They allow us to record information, through third party analytic tools, when you visit or interact with our website.
We use Google Analytics which is a web analytics tool that helps us understand how users engage with our Websites. Like many services, Google Analytics uses first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our website. This information is used to compile reports and to help us improve our website. The reports disclose website trends without identifying individual visitors.
- Strictly Necessary: These cookies and tracking technologies let you navigate our website and use essential features, including secure areas and shopping baskets. Without these technologies, we are unable to deliver core functionality of our website, products and services to you.
- Performance: These cookies and tracking technologies help us understand how customers and visitors interact with our website. They provide us with information about areas of our website visited, time spent on our Websites and any error messages you receive, allowing us to improve the performance of our website. They do not collect any information that could identify you.
- Functional: These cookies and tracking technologies are used to provide certain services or to remember settings that will improve your visit, but are not essential to your use of our website. They may include personal information that you have disclosed to us.
- Targeting or Advertising: These cookies and tracking technologies may allow us to deliver content, including advertisements, relevant to your specific interests. This content may be delivered in our Websites or on third party websites or services. They allow us to understand and improve the relevancy of our advertisements. They may track personal information, including your IP address.
- Social Media Cookies: These cookies are set by third parties, including Facebook and Twitter, and allow you to share what you’ve been doing on our website on social media.
MARKETING COMMUNICATIONS FROM US
You always have the opportunity to opt out of our email and newsletter email marketing communications by following a link in the footer of all non-transactional email messages from us or by emailing us at firstname.lastname@example.org. Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for Hein ByDesign products and services are provided to you upon the condition that you receive these communications from us. You must cancel your account(s) for Hein ByDesign products and services, as applicable to the terms and conditions of any hosting or service agreement, if you do not wish to receive any transactional or service communications. To cancel your account(s), please contact us. You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
We do not currently use phone for marketing calls. If in the future we do, we will contact you to get your approval to receive automated marketing phone calls or texts from us to use the Services.
If you visit our Websites from Europe, only strictly necessary cookies and other tracking technologies will be used on our website by default. Other cookies and tracking technologies will only be used when you consent by visiting each Website’s Cookie Management Center at http://preferences-mgr.truste.com/, where available.
Where you visit our website from outside Europe, the cookies and similar tracking technologies mentioned above will be used by default. Internet browsers allow you to change your cookie settings via the “options’ or “preferences” menu in your browser. Please note that if you set your browser to refuse or block all cookies, certain features or functionalities of our website may be limited or unavailable to you.
Some internet browsers include the ability to transmit “do not track” signals. Because no industry standard has yet been developed with respect to “do not track,” our website does not currently process or respond to such “do not track” signals.
You can opt out of Google Analytics without affecting how you visit our site. For more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
RETENTION OF PERSONAL INFORMATION
We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than seven years following the later of (i) the date on which you terminate your use of any Hein ByDesign services or (ii) May 25, 2018, unless we are otherwise required by law or regulation to retain your personal information for longer.
Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to the personal information we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.
You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data.
You may request that we erase the personal information we hold about you in the following circumstances:
- Where you believe it is no longer necessary for us to hold the personal information.
- We are processing it on the basis of your consent and you wish to withdraw your consent.
- We are processing your data on the basis of our legitimate interest and you object to such processing.
- You no longer wish us to use your data to send you marketing, or you believe we are unlawfully processing your data.
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. Request should be sent to email@example.com.
RESTRICTION OF PROCESSING TO STORAGE ONLY
You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
- You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate.
- We wish to erase the personal information as the processing we are doing is unlawful but you want us to simply restrict the use of that data.
- We no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims.
- You have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
WITHDRAWAL OF CONSENT
Where you have provided your consent to us processing your personal data, you have the right to withdraw your consent at any time by emailing us at firstname.lastname@example.org.
Our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
In order for us to provide the services to you, your personal information will be transferred to, and stored and processed in any of Hein ByDesign’s United States offices. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.
For transfers of personal information within the Hein ByDesign corporate family, such transfer will be under the Data Protection Officers operating procedure. For transfers to third parties, will be processed only with your consent, by way of the third parties data transfer procedure set in place.
In the event that you wish to make a complaint about how we process your personal information, please contact our Data Protection Officer at email@example.com and we will try to deal with your request. This is without prejudice to your right to raise a complaint through appropriate channels.
NOTIFICATION OF CHANGES