1. Some Definitions
2. Categories of Information We Collect
- Other Information We Receive and Store: When you register to use Hello Bar, we store “cookies,” which are strings of code, on your computer or other device, either locally or through your browser. We also use electronic images known as Web beacons. With those cookies, we are aware of and collect information concerning when you visit our Website, when you use Hello Bar, your browser type and version, your operating system and platform and other similar information. With Web beacons, we can determine when you view a Hello Bar or click on a link in a Hello Bar, and collect other data. You may turn off all cookies that have been placed on your computer by following the instructions on your browser on how to block cookies that have been placed on your computer. However, if you block our cookies it will be more difficult, and maybe impossible, to use the Services.
- Tracking Our Emails to Our Customers: When we send emails to our own registered Hello Bar customers, we’ll sometimes track who opened the emails and who went so far as to click on any of the hyperlinks. We do this to measure the performance of our Email Campaigns, and to improve our offerings to specific customer segments.
- Information From Other Sources: We may obtain additional information about you by using your email address, or other information, to directly, or through one or more services, search over the internet, or elsewhere. We thereby obtain information that appears to be related to such email address or other information, such as a name, age and participation in social media websites, (such information being referred to herein as “Supplemental Member Information”).
3. Use and Disclosure of Your Personal Information
We will use and disclose your Personal Information only as follows:
- To promote use, including continued use, of our Services. For example, if you leave your personal information when you visit our Website and do not sign up for any of the Services, we may send you one or more emails asking whether you wish to sign up. If you use any of our Services, and may benefit from using one or more other Services we offer, we may send you an email telling you about the other Service or Services.
- To bill and collect sums owed to us. Uses for this purpose include sending you emails, invoices, receipts and notices of delinquency, to alert you if we need a different credit card number, and to otherwise try to collect money owed. We use third parties to handle secure credit card transaction processing and send billing information to such third parties, who maintain all information in confidence, to process your orders and credit card payments. To learn more about what steps we take to safeguard such data, see below. These credit card transaction processors are third parties for purposes of the data protection laws of the European Union and the United Kingdom.
- To provide customer support and obtain feedback.
- To protect the rights and safety of us and our employees, Members, owners, officers and others
- To meet legal requirements such as complying with court orders and valid subpoenas.
- For internal use, whether in the form actually received or pseudonymously or anonymously, by way of example and not limitation circulating email addresses internally for identifying the most common web hosts used by our customers, or reviewing IP addresses for information about the general geographic areas of origin of our users.
- To provide information received hereunder to representatives and advisors such as attorneys and accountants to help us comply with legal and other requirements.
- To prosecute and defend a court, arbitration or similar proceeding.
- To support and improve the Services we offer including adding features and providing benchmarking and other comparison information regarding, for example, the relative success of a Members’ Hello Bars compared to other Hello Bars by companies in the same or different industries. Benchmarking and similar information is derived from aggregating and analyzing data.
- To disclose the information that we have to you in response to any valid request from you to know what of your information we possess, and in response to a valid request to exercise your “right to be forgotten” as detailed further below.
- To communicate with you concerning your account for an informational, as opposed to promotional, purpose.
- To send you informational and promotional materials that you elect (“opt-in”) to receive.
4. Third-Party Use and Disclosure of your Personal Information
- Any information that you provide to the Company, whether by direct communication to us or by entry into a text field anywhere on the Website, will be collected and used by the Company. Some of that information will be anonymized or pseudonymized.
- The Company will use your email address to send you certain regular emails pursuant to your opt-in subscriptions to our newsletter and other regular contacts. The Company keeps your email address regardless of your subscriptions for internal use. The Company does not share your email address with third-party providers regardless except where specifically disclosed in your subscriptions to any of our services, or as noted in the terms and service of any products or services that we provide apart from access to and use of the Website.
- The Company also collects certain data based on your access of the Website. This includes session data, meaning information such as when and for how long you access the Website. The Website will collect information about your location based on your IP address. An IP address is a non-static identifier that allows the Company to know, in general terms, where its users are located. An IP address is not the same as a physical address, and is not the same as either your shipping address or your billing address.
The Company uses your IP address for internal purposes such as knowing which countries provide certain percentages of its users. The Company does not verify your IP address or connect it to your shipping or billing address for purposes of checkout. Your IP is not and cannot be used by the Company to identify you personally. The Company will also know your IP address for purposes of logging visits to the Website from your IP address and for preventing distributed denial-of-service attacks, which are disruptive attacks on websites caused by very large numbers (hundreds of thousands or more) of near-simultaneous visits to the Website.
- The Company collects information such as the number of users visiting the website at any given time, the times during which visitors visit the Website, the length of time that users use the website, which pages they visit, which products they order, and what other actions they take while on the website. This information is collected by the Website and is provided in an anonymized form to the Company’s data analytics provider, which is Google Analytics (the “Data Analytics Provider”). This information is used by the Company to track the engagement, general geographic origin, and headcount of its users. This information is combined together to provide general demographic information on the Website’s users. This information is not and cannot be used to identify you specifically. The Data Analytics Provider is segregated from internal tools that identify specific customers, for example our internal system for storing subscribers’ email addresses.
- The Company may from time to time engage certain independent contractors to engage with your personal information; by way of example and not limitation, a third-party marketing services to send emails or an independent data analytics analyst who may have access to anonymous or pseudonymous information that we collect from you. All such persons are bound by express duties of confidentiality to the Company. Such persons are third parties within the meaning of the applicable privacy laws of the European Union and the United Kingdom.
5. Right to be Forgotten
- Users subject to the data privacy laws of the European Union and/or the United Kingdom may at any time issue a request to us that we remove, cease using, and/or permanently delete any information that you have submitted to us. Such valid requests will be honored promptly according to the applicable rules and regulations of the European Union and the United Kingdom. Any request to destroy some or all of the information you submit to us must be made in writing, to the designated contact information provided elsewhere on the Webpage. Information so destroyed or removed cannot be recovered; once destroyed, such information must be resubmitted by the user before we are able to verify, confirm, or disclose any such information in the future.
6. Safeguarding Your Information
To protect your information, our credit card processing vendor uses the latest 128-bit Secure Socket Layer (SSL) technology for secure transactions. In addition, our vendor is certified as compliant with card association security initiatives, such as the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).Hello Bar accounts require a username and password to log in. When you’re finished using Hello Bar, please click the “log out” link in the top right corner of your screen, to prevent someone from using your computer to access your account. You must keep your username and password secure and not disclose it to a third party.Due to the sensitive nature of your account information, we do not re-send forgotten passwords. Users must follow online instructions to reset their passwords if they forget them.Account passwords are encrypted. We cannot see your passwords. We can only reset them.
The Company does not collect payment information from you except to the extent that the Company forwards your payment request directly to our merchant services provider, which is Cybersource (www.cybersource.com) (the “Merchant Services Provider”), with neither the ability nor the intent to intercept or collect any such payment data. The Merchant Services Provider only receives information necessary to verify that any payments between yourself and the Company are authorized. The Merchant Services Provider will use encrypted tools to communicate with your designated payee institution, or whatever other account you use to pay for orders to the Company. Your credit card information or other payment information is not retained by the Company except as provided below. The Company does not maintain records of your credit card number or other payment information
The Merchant Services Provider is the merchant of record within the meaning of the data privacy laws of the European Union and the United Kingdom.
This information is “pseudonymous” within the meaning of the data privacy laws of the European Union and the United Kingdom.
7. Notice of Breach of Security
Nobody is safe from hackers these days. Hello Bar will notify you, within forty-eight hours of such a breach occurring, if a breach in security results in an unauthorized intrusion into our system which materially affects you and will subsequently report the corrective action taken in response to the intrusion.
8. Notification of Changes
9. Accuracy of Data and Rights
We do our best to keep your data accurate and up-to-date to the extent that you provide us with the information we require to do that. If your data changes (including, but not limited to, a change in your email address) then you are responsible for notifying us of those changes so that we can keep your records up-to-date.We retain the data about you only so long as reasonably required to meet the purposes for which we have the right to use the information. In this regard, we keep some data, relating to when and where Hello Bars were deployed, how many times a Hello Bar was viewed and clicked.We will give you access to any of your Personal Information that we hold about you within 30 days of any request you make for such information. We may charge for providing this information to you, as permitted by applicable law.
10. Effective Date
11. No Children Under Age 13
This document was last updated October 23, 2018.