One of our core value is integrity. We believe that the new European legislation (GDPR) giving you additional rights is a good thing and therefore, we decided to apply it to everyone, not just EU resident. So if you live in the US, you will benefit from the same level of privacy as if you were EU resident with us.
HCG Partners GmbH acts as both a data processor and a data controller under the GDPR:
If you expressed consent to be contacted by us, we will store the information you provided to Drip (https://www.drip.com/), an email marketing platform. That way, we can send you emails for announcements, survey, articles, and any other marketing information. You can unsubscribe at any time (instructions are provided with each email sent to you).
When you interact with us through the Services, we may collect Personal Data and other information from you, as further described below:
Data from Google is not aggregated.
Google API users: Data obtained from Google APIs will only be used in accordance to the “Limited Use[s]” as referenced in the Google API Policy (https://developers.google.com/terms/api-services-user-data-policy).
All requests concerning access and modification of your data should be sent to firstname.lastname@example.org
The Company is based in Switzerland. Our servers are located in the U.S. to server better the majority of our users. Our email support uses Helpscout (https://www.helpscout.net/), Zopim (https://www.zopim.com/) and email services (G Suite), all located in the US. To use our services or contact us, you have to consent to the processing and transferring of your information in and to the U.S. and other countries.
For our infrastructure, we rely primarily on Amazon AWS (https://aws.amazon.com/compliance/gdpr-center/ https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/) and Heroku (https://www.heroku.com/) with Salesforce as parent company (https://www.salesforce.com/assets/pdf/misc/data-processing-addendum.pdf)
This allows us to transfer personal data from the EU to the US in a compliant way.
The email data (from Gmail, Outlook or other email provider used in the application) are never shared with third-parties and stays private to the user and his or her team if applicable.
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds are as follows:
We are not in the business of selling your information. These are the circumstances in which we may share some information with certain third parties as set forth below:
You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
Our Services are targeted at users who are at least 16 year old and owning a credit card. We do not knowingly collect personal information from children under the age of 13. If we learn that we are engaged in data processing with children under the age of 13, we will halt such processing, close the account and take reasonable measures to promptly remove applicable information from our records.
We will retain your information for as long as your account is active or as needed to provide you services. When an account is closed, we will retain and use your information up to 26 months.
Data may persist in encrypted copies made for backup and business continuity purposes for an additional time.
We post customer testimonials on our web site which may contain Personal Data. We do obtain the customer’s consent via email prior to posting the testimonial to post their name along with their testimonial. To request removal of your Personal Data from Testimonials please contact us by submitting a request at email@example.com.
We take reasonable steps to protect the information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error-free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information via the Internet.
We believe that users should be treated equally no matter where they are in the world, and so we are making the following options to control your data available to all users, regardless of their location. You can update certain information by accessing your profile via “Settings.” You can also unsubscribe from certain emails by clicking the “unsubscribe” link they contain. You may change your browser settings to opt out from certain cookie-related processing. Further information about the procedure to follow in order to disable cookies can be found on your Internet browser provider’s website via your help screen.
You can correct, update, amendment or delete your data.
If you would like to submit a data access request, send firstname.lastname@example.org a request. We will then start the process and provide you a link to access the personal data that we have on you within 30 days. For your protection, we will take steps to verify identity before responding to your request.
In addition to the functionality available through the “Settings” of the Services, in which you can correct, update, amend, or delete certain personal data, you can also request other modifications from us directly. Please write to us at email@example.com with the words “Personal Data Request” in the subject or body of your message, along with an explanation of what data subject right you are seeking to exercise. For your protection, we will take steps to verify identity before responding to your request.
To report any vulnerability issue, please use firstname.lastname@example.org
You can find our Data Processing Amendment (DPA) here