Privacy at h1
Protecting you and your data is our priority.
PLEASE BE AWARE THAT h1 AND ALL ASSOCIATED SERVICES AND SYSTEMS ARE HOUSED ON SERVERS IN THE UNITED STATES. IF YOU ARE LOCATED OUTSIDE OF THE UNITED STATES, INFORMATION WE COLLECT (INCLUDING COOKIES) ARE PROCESSED AND STORED IN THE UNITED STATES, WHICH MAY NOT OFFER THE SAME LEVEL OF PRIVACY PROTECTION AS THE COUNTRY WHERE YOU RESIDE OR ARE A CITIZEN. BY USING THE SERVICES AND PROVIDING INFORMATION TO US, YOU CONSENT TO THE TRANSFER TO AND PROCESSING OF THE INFORMATION IN THE UNITED STATES.
In addition, h1 may also process Personal Data that has been uploaded to h1’s cloud solutions Services by Users (as defined in h1’s Terms of Service) forming part of the Customer Data (as defined in h1’s Terms of Service). In such capacity, h1 is a “processor” of the Personal Data as it does not control such data. With respect to such data, the subscribing User is responsible for individual notification of purpose and for obtaining appropriate consent when they collect such Personal Data. Personal Data that is transferred to h1 by Users to be processed shall be deemed to have been collected with appropriate notification. h1 assumes no responsibility for obtaining or validating that appropriate consent has been obtained with respect to such data provided by Users.
Any questions or concerns regarding h1’s privacy and data protection practices can be directed to our Data Protection Lead at email@example.com.
2. Information We Collect
“Personal Data” is information that directly or indirectly identifies you. Below are some examples of the Personal Data we may collect through the Services:
Identifiers Such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
Personal information categories such as name, address, telephone number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information. Some personal information included in this category may overlap with other categories.
Commercial information Information about your transactions with us and information required for payment processing, such as credit or payment card number, expiration date, cvv number, billing address, company name, and other data required for payment processing.
Internet or other similar network activity such as browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
Geolocation data such as physical location or movements.
3. How We Collect Information
We collect information as follows.
When you register for the Services: When you register for the Services, we collect your name, email address, phone number, and password.
When you use the Services: We may ask for contact information such as your name, address, telephone number, email address, contact preferences, employer/company, and information related to our products and Services. We collect this information so that we may: keep you informed about h1, respond to your inquiries, and provide you with information about our products and Services.
When you make a payment to h1: If you make a payment to h1, we will ask for payment information and other information requested for processing your payment.
Through Server Logs: A server log is a list of the activities that a server performs. h1’s servers automatically collect and store in server logs your search queries, Internet Protocol (IP) address, browser type, browser language, the date and time of your request and referral URL and certain cookies that identify your browser or h1 account.
From Your Computer, Tablet or Mobile Telephone: We collect information about your computer, tablet or mobile telephone (“Device”), such as model, operating system version, mobile network information, telephone number, internet service provider and similar identifiers. h1 may associate your Device information with your h1 account. We may collect and store information (including Personal Data) on your Device through browser web and web application data caches. We may collect information from sensors that provide h1 with information on nearby devices, Bluetooth address, Wi-Fi access points and information made available by you or others that indicates the current or prior location of the user. We also may collect IP address and MAC address. How we collect this data depends on how you access the Services. Certain Services may collect this data even when you are not actively using the Services.
4. Cookies & Similar Technologies
While this information on its own may not constitute your “personal data”, we may combine the information we collect via Cookies with personal data that we have collected from you to learn more about how you use the Services to improve them.
Types of Cookies
We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device until you delete them). To make it easier for you to understand why we need them, the Cookies we use on the Services can be grouped into the following categories:
Necessary Cookies These cookies are necessary for the website/application to function and cannot be switched off in our systems. They are usually set in response to actions made by a user in a request for services, such as logging in or filling in a form.
Recommended Cookies These cookies allow us to provide you with certain customer support functions (including our live chat customer support feature), count visits and traffic sources so we can measure and improve performance of our site and applications. They help us to know which pages are the most and least popular and see how visitors move around the site(s). All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will be less able to optimize our Websites’ performance.
Marketing Cookies These cookies may be set through our site by advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. These cookies do not directly store personal information, but can uniquely identify information such as your browser and device.
Cookies We Use
|Ga, Gat, Gid
|These are set by Google to provide data for related reporting capabilities.
|Corporate Website; h1 Service
|This cookie is set by Onehub by default to uniquely identify your session on the site and relates your unique session to server-side data
|Corporate Website; h1 Service
|This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information.
|These are set by OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. It contains no information that can identify the site visitor.
|These are set by h1, this session cookie only contains a reference to a session (a visit to our site) stored on the web server. No information is stored in the user’s browser and this cookie can only be used by the web site in the current session
|Ga, Gat, Gid
|These are set by Google to provide data for related reporting capabilities.
|Corporate Website; h1 Service
|These are set by Google. It is a conversion tracking cookie, which helps to improve performance.
|Corporate Website; h1 Service
|These are set by Google. Profiles the interest of web users to sell advertising space to organizations based on profiles.
|Corporate Website; h1 Service
|These are set by Microsoft MSN which we use to measure the use of the website for internal analytics.
|These are set by Microsoft MSN to ensure the proper functioning of this website.
|These are set by Microsoft storing the session ID for a user. This cookie ensures that clicks from advertisement on the Bing search engine are verified and it is used for reporting purposes and for personalization.
|These are set by Microsoft. Persists the Clarity User ID and preferences, unique to that site, on the browser. This ensures that behavior in subsequent visits to the same site will attribute to the same user ID. Connects multiple page views by a user into a single Clarity session recording.
|These are set by Facebook to deliver a series of advertisement products such as real time bidding from third party.
|These are set by Microsoft, used as a unique identifier. It can be set by embedded Microsoft scripts. May sync across many different Microsoft domains, allowing user tracking.
|These are set by Microsoft Bing to determine what ads should be shown that may be relevant to the end user perusing the site.
|These are set by Microsoft Bing ads and allows us to engage with a user that has previously visited our website.
Cookies Set by Third Party Sites
To enhance our content and to deliver a better online experience for our users, we sometimes embed images and videos from other websites on the Services. We currently use, and may in future use content from websites such as Facebook, LinkedIn and Twitter. You may be presented with Cookies from these third-party websites. Please note that we do not control these Cookies. The privacy practices of these third parties will be governed by the third parties’ own privacy statements or policies. We are not responsible for the security or privacy of any information collected by these third parties, using cookies or other means. You should consult and review the relevant third-party privacy statement or policy for information on how these cookies are used and how you can control them.
Other Similar Technologies
h1 web pages may use other technologies such as web beacons to help deliver cookies on the Services and count users who have visited those websites. We also may include web beacons in our promotional email messages or newsletters to determine whether you open and act on them as well as for statistical purposes.
In addition to standard cookies and web beacons, the Services can also use other similar technologies to store and read data files on your computer. This is typically done to maintain your preferences or to improve speed and performance by storing certain files locally.
How to Control and Delete Cookies
Cookies can be controlled, blocked or restricted through your web browser settings. Information on how to do this can be found within the Help section of your browser. All Cookies are browser specific. Therefore, if you use multiple browsers or devices to access websites, you will need to manage your cookie preferences across these environments.
If you are using a mobile device to access the Services, you will need to refer to your instruction manual or other help/settings resource to find out how you can control cookies on your device.
Please note: If you restrict, disable or block any or all Cookies from your web browser or mobile or other device, the Services may not operate properly, and you may not have access to the Services available through the Services. h1 shall not be liable for any impossibility to use the Services or degraded functioning thereof, where such are caused by your settings and choices regarding cookies.
To learn more about cookies and web beacons, visit http://www.allaboutcookies.org/.
Do Not Track
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including h1, do not respond to DNT signals.
5. How We Process Personal Data
We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
h1 uses information collected for the following purposes based on our legitimate interests:
- To process your payments;
- To communicate with you;
- To administer and protect our business and the Services including troubleshooting, data analysis, security, testing, system maintenance, support, reporting, technical functionality, hosting of data, and in the context of a business reorganization or group restructuring exercise;
- To prevent and investigate fraud and other misuses of the Services;
- To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you;
- To use data analytics to improve our website, products/Services, marketing, client relationships and experiences; or
- To make suggestions and recommendations to you about products or Services that may be of interest to you.
We may use your Personal Data when necessary for the performance of a contract or to comply with legal obligations in the following contexts:
- To process your payments, orders, and transactions including:
- Manage payments, fees and charges
- Collect and recover money owed to us;
- To set up and maintain your account with us;
- To manage our relationship with you which will include:
- Asking you to leave a review or take a survey
- Responding to your questions and inquiries
From time to time, we may ask for your consent to use your information. Subject to applicable law, you may withdraw your consent at any time by contacting us at firstname.lastname@example.org. With respect to the placement of cookies for which your consent is the legal basis for processing, you may withdraw your consent by modifying your Cookie preferences.
6. How We Share Information
h1 may aggregate information collected though the Services and remove identifiers so that the information no longer identifies or can be used to identify an individual (“Anonymized Information”). h1 shares Anonymized Information with third parties and does not limit third parties’ use of the Anonymized Information because it is no longer Personal Data.
Applicable law may require h1 to disclose your Personal Data if: (i) reasonably necessary to comply with legal process (such as a court order, subpoena or search warrant) or other legal requirements; (ii) disclosure would mitigate h1’s liability in an actual or threatened lawsuit; (iii) necessary to protect legal rights of h1, users, customers, business partners or other interested parties; or (iv) necessary for the prevention or detection of crime (subject in each case to applicable law). For residents of the European Economic Area (“EEA”), h1 will disclose Personal Data only when permitted to do so under applicable European and EU Member States’ national data protection laws and regulations.
California Shine the Light Law: California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to email@example.com or call us at: 1-800-331-5841.
7. Minor’s Privacy
The Services are not directed to or intended for use by minors. Consistent with the requirements of applicable law, if we learn that we have received any information directly from a minor without his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the minor that he or she cannot use the Services and subsequently will delete that information.
California Minors: While the Service is not intended for anyone under the age of 18, if you are a California resident who is under the age of 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: firstname.lastname@example.org. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your content or information from the Service does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.
8. Security of Personal Data
h1 takes precautions intended to help protect information that we process but no system or electronic data transmission is completely secure. Any transmission of your Personal Data is at your own risk and we expect that you will use appropriate security measures to protect your Personal Data.
You are responsible for maintaining the security of your account credentials for the Services. h1 will treat access to the Services through your account credentials as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.
If we become aware of a breach that affects the security of your Personal Data, we will provide you with notice as required by applicable law. To the extent permitted by applicable law, h1 will provide any such notice that h1 must provide to you under applicable law at your account’s email address. By using the Services, you agree to accept notice electronically.
All payments received via credit card are processed securely by Braintree, using measures that comply with the Payment Card Industry Data Security Standard (“PCI DSS”).
9. Data Retention
We retain Personal Data in identifiable form only for as long as necessary to fulfill the purposes for which the Personal Data was provided to h1 or, if longer, to comply with legal obligations, to resolve disputes, to enforce agreements and similar essential purposes. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
10. Accessing and Updating Your Personal Information
You may request access to your personal information or correct an error or omission in your personal information by contacting us at email@example.com or call us at: 1-800-331-5841. We will make good faith efforts to resolve requests to correct inaccurate information except where the request is unreasonable, requires disproportionate technical effort or expense, jeopardizes the privacy of others, or would be impractical. Residents of the EEA and California may have additional rights concerning the access and updating of their Personal Data (see Sections 12 and 13 below).
11. Privacy Shield
h1 complies with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks. To learn more about the Privacy Shield program generally, and to view h1’s certification, please visit https://www.privacyshield.gov/. In the event Privacy Shield is no longer deemed adequate by the European Commission, h1 shall continue to comply with its requirements under the Privacy Shield framework, and otherwise take steps to comply with the General Data Protection Regulation.
12. The General Data Protection Regulation (“GDPR”)
Residents of the EEA may be entitled to other rights under the GDPR. These rights are summarized below. We may require you to verify your identity before we respond to your requests to exercise your rights. If you are entitled to these rights, you may exercise these rights with respect to your Personal Data that we collect and store:
- the right to withdraw your consent to data processing at any time (please note that this might prevent you from using certain aspects of the Services);
- the right of access your Personal Data;
- the right to request a copy of your Personal Data;
- the right to correct any inaccuracies in your Personal Data;
- the right to erase your Personal Data;
- the right to data portability, meaning to request a transfer of your Personal Data from us to any other person or entity as chosen by you;
- the right to request restriction of the processing of your Personal Data; and
- the right to object to processing of your Personal Data.
You may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above listed rights may be made to: firstname.lastname@example.org. If you are an EEA resident, you have the right to lodge a complaint with a Data Protection Authority about how we process your Personal Data at the following website: https://edpb.europa.eu/about-edpb/board/members_en.
International Transfers of Personal Data
Whenever we transfer your Personal Data out of the EEA, we ensure a similar degree of protection is afforded to it by using a solution that enables lawful transfer of personal data to a third country in accordance with Article 45 or 46 of the GDPR (including the European Commission Standard Contractual Clauses).
For additional information on the mechanisms used to protect your Personal Data, please contact us at email@example.com.