Versión 1.0 [Fecha de actualización 03/Julio/2020]

HERMAN PRIVACY POLICY

Last Revised26/08/2019

Herman Pro, LLC (“we”, “us”, “our”) is committed to protecting the privacy of visitors to its website(s), web application(s), mobile application(s), and other online products and services that link to this Privacy Policy, and users of its services (each a “Service” and collectively the “Services”). When you access, browse, or use the website or Services, information will be collected, transferred, processed, stored, and disclosed in accordance with this privacy policy (“Policy”). This Policy governs the information collection and disclosure practices for the Services.  By accessing, browsing, or using the Services, including registering an account with our Services, you expressly consent to the collection, transfer, use, processing and storage of your information (including personal information), as described in this Policy. IF AT ANY TIME YOU DO NOT AGREE WITH THIS POLICY OR THE INFORMATION COLLECTION, USE, AND DISCLOSURE PRACTICES DESCRIBED IN THIS POLICY, DO NOT USE THE SERVICES.  Subject to applicable law, by using the Services, you accept the terms of this Policy and consent to the data collection, use, and sharing described herein. Where necessary under applicable law, we may seek your consent by other means such as by asking you to click on a button or to change a setting.

IMPORTANT: THIS POLICY REQUIRES YOU TO RESOLVE DISPUTES WITH US THROUGH FINAL AND BINDING ARBITRATION ON AN INDIVIDUAL BASIS, RATHER THAN THROUGH JURY TRIALS OR CLASS ACTIONS, AND ALSO LIMITS THE REMEDIES AVAILABLE TO YOU IN THE EVENT OF A DISPUTE. YOU EXPRESSLY ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND ALL THE TERMS OF THIS POLICY.

  1. INFORMATION COLLECTION PRACTICES

  1. General. When you visit a website without registering, you can browse without submitting personal information about yourself. If you register for an account within or to access a Service, we will collect some personally identifiable information from you, including your full name, street address, email address, and a password that you select. When you interact with the Services, we also receive and store certain additional types of information which, in general, do not directly identify you. For example, we automatically receive and record information on our server logs from your browser or device including your IP address, browser type and language, referring/exit pages and URLs, device type, Wi-Fi network information, platform type, number of clicks, landing pages, cookie information, the pages you requested and viewed, the amount of time spent on particular pages, and the date and time. This Section of the Policy outlines the various ways that information is collected from the Services. Please fully review this Policy before you use the Services or submit information to us. [We are responsible for the collection and use of your personal information and act as controller under the European Union’s General Data Protection Regulation (“GDPR”).]
    1. Information that that You Provide.
  1. Registration and Login.  Certain Services require you to register for an account (“Account”). When you register for an Account you will be asked to provide some personally identifiable information, including your full name, company or organization name (if applicable), street address, email address, phone number, and a password that you select. When you register an Account and log in to a Service you must provide your current, complete, and accurate information. It is your responsibility to keep your information up to date. We are not responsible for any problems, interruptions in access, or liability that may arise if you do not give us complete and accurate information or if you fail to update your information so that it is current.
  2. Bulletin Boards and Review. We may provide areas within our Services where you can post information about yourself, as well as post reviews, or upload content (e.g., pictures, videos, audio files, etc.). Such postings may appear on other websites or when searches are executed on the subject of your posting. Also, whenever you voluntarily disclose personal information on publicly-viewable web pages, that information will be publicly available and can be collected and used by others. For example, if you post your email address or social media tag, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information.
  3. User Content.  By submitting, uploading or granting permission on social media to use your photos, text, graphics, audio, video, location information and comments (“Content”), you represent and warrant that you are at least 18 years old and own all rights to the Content, including all rights of copyright, that you hereby give us the unrestricted rights to use Content in perpetuity in any form, channel or medium and for any purpose, that you release all claims whether known or unknown arising from our use of the Content and that you agree to indemnify, defend and hold us and its affiliates harmless from any claim that our use of the Content infringes on the rights of, or causes injury to, any third party. We shall have the right to determine in its sole discretion whether to use, and shall have no obligation to use, the Content, which it may delete or remove it at any time for any reason or for no reason.  You may revoke the granting of rights to us by submitting a request to: support@hermanpro.com  We will process your request as soon as reasonably possible.
  4. Surveys.  We may use any information you volunteer in surveys or questionnaires you answer for us and combine them with answers from other users in order to better understand our Services and how we may improve our website, mobile application, or Services.  Feedback and your participation are voluntary. When you provide feedback you will be asked to provide some personally identifiable information, including your full name and email address. We and our affiliates may also use your personally identifying information to inform you about other products and services, or to request your participation in surveys seeking your opinion relating to the subject matter of our Services or offerings which may be of interest to you. Information gathered may be shared with third parties in order to improve our Services or offerings.
  5. Newsletter Sign-Up.  If you sign-up for our newsletter updates, we may collect and store personally identifiable information that you provide when signing-up, such as your email address.  We may use a third-party service provider to collect this information, and if we do, we do not control the information collected by that third-party service provider and are not responsible for their use of that information.  Please see Section 4 (Third-Party Providers) for more information about third-party service providers.
  6. Correspondence. If you send us personal correspondence, such as emails or letters, or if other users or third parties send us information about your use of the Services, we may save the information in a profile specific to you.
  1. Automatically Collected Information. We will collect some information about you and the computer or device you use to access or use the Services automatically using a variety of technologies. In general, automatically collected information about use of the Services does not directly identify you and the information may include your diagnostic log information, IP address, browser type and language, referring/exit pages and URLs, other browser history, platform type, number of clicks, landing pages, cookie information, the pages you requested and viewed, the amount of time spent on particular pages, and the date and time. We collect this information for the purposes described in this Policy, including to better understand our customer base and to improve the quality of our Services and the services we provide. This information does not allow personal identification and is not connected with your personal information. It is only used to facilitate and improve your access to and the usage of the Services[, which is our legitimate interest pursuant to Sec. 6 para. 1 lit. f) GDPR]. The practices we use to automatically collect some information about you are described below:

  1. Cookies. A cookie is a small text file that is stored on a user’s computer or device. We use cookies to record information about your activities on the Services to “remember” you when you return to the Services. Some cookies remain on your computer or device until you delete them. Others, like session ID cookies, expire when you close your browser. You may set your browser setting to attempt to reject cookies and you may still use the Services. See the section “Do-Not Track Settings” below for more information on how the Services may respond to your browser settings. We do not control the use of cookies by third parties. See Section 4 (Third Party Providers) for more information and review the privacy policies of all third party providers for more information on third party cookies.

  1. Pixels (aka web beacons/web bugs/java script). Pixels are tiny graphics with a unique identifier that are used to track the online movements of web users. Unlike cookies, which are stored on a user’s computer hard drive, pixels are small graphics that are about the size of the period at the end of the sentence and are embedded invisibly on web pages or in HTML-based emails. Our third-party analytics provider may place pixels on our Services that track what other services you visit (both before and after visiting the Services). Our third-party analytics provider uses information obtained from pixels to help us improve our business and the Services. We do not control the use of pixels by third parties. See Section 4 (Third Party Providers) for more information and review the privacy policies of each of the third party providers for more information on third party pixels.

  1. Location Data. We collect data about the location of the computer or device that you use to access the Services (“Location Data”) using IP address, Wi-Fi access points and information made available by you or others that indicates the current or prior location of the user. How we collect Location Data depends on how you access the Services.

  1. USE OF INFORMATION

  1. General. We may use your personally identifiable information (including tracking information) to:  (a) operate, maintain, and improve the Services and services that we provide (including providing you a more personal experience); (b) communicate with you; (c) provide you information about products and services (including products and services of third parties); (d) market; (e) conduct research; (f) resolve disputes; (g) detect and protect against errors, fraud, and criminal activity; (h) assist law enforcement; (i) enforce this Policy and any the terms related to the Services or our services; and (j) fulfill any other purpose described in this Policy or that we describe to you at the time of collection. This information processing serves our legitimate interest of enhancing the performance of the website, mobile application, and the services[, eliminating errors, and being able to offer you a better customer experience, pursuant to Art. 6 para. 1 lit. f) GDPR].

  1. Email Communications. We may use your personally identifiable information to send you emails or other communications related to the Services or other services we provide to you, or in response to your inquiries or requests. You may not opt-out of receiving Services- or service-related messages that are not promotional in nature. We may also send you marketing emails, surveys, or newsletters to notify you about products or services that may be of interest to you. If you would like to stop receiving marketing emails from us, please click on the unsubscribe link at the bottom of any marketing email you receive. If you opt-out, you will continue to receive Services- and service-related emails.

  1. Non-identifying Information. We may use non-identifying information for any lawful purpose, including analyzing trends, research, services administration, tracking users’ movements around the Services, and to improve our business, the Services, and the services.

  1. Retaining Your Information. In general, we will retain your information indefinitely, or as long as legally required or allowed. If you cancel your Account or your Account is otherwise terminated, we may, but are not obligated to, delete information we have collected or obtained from third parties and we may continue to use and disclose it in accordance with this Policy. If we no longer need your information for any of the purposes described in this Policy, and if we are required to do so pursuant to GDPR or any other applicable law, we will delete that information once it is no longer needed.  

  1. INFORMATION SHARING

  1. Generally. We will not sell or rent any of your personal information to third parties for marketing purposes. However, we may disclose your information to any affiliated entity or organization and to agents and service providers. We may share non-identifying information with third parties for any lawful purpose, including analyzing trends, research, services administration, tracking users’ movements around the Services, and to improve our business, products, services, and the Services. Use of information by affiliated entities and organizations will be subject to this Policy or an agreement that is at least as restrictive as this Policy. For information on use of information by agents and service providers see Section 4 (Third Party Providers).

  1. Legal Requirements. In some cases, we may disclose your personally identifiable information as required by law; if we believe that disclosure is needed to protect our rights; to government regulators; to law enforcement authorities; in connection with any judicial proceeding, court order, subpoena, or legal process served on us; and to respond to a physical threat to you or another person [(pursuant to Art. 6 para. 1 lit. c) GDPR)].

  1. Insolvency and Business Transitions. If we ever file for bankruptcy or engage in a business transition such as a merger with another company or if we purchase, sell, or reorganize all or a part of our services or our business or assets, we may disclose your personal information, including to prospective or actual purchasers in connection with one of these transactions [(pursuant to Art. 6 para. 1 lit. f) GDPR)].

  1. Disclaimer. We cannot ensure that all of your personal information will never be disclosed in ways not otherwise described in this Policy. For example, we may be required to disclose personal information to the government or third parties under certain circumstances, third parties may unlawfully intercept or access transmissions or private communications, or users may abuse or misuse your personal information that they collect from the Services. No transmission of data over the internet can be 100% secure, although we will take appropriate technical and organizational measures consistent with industry standards to safeguard your personal information against loss, theft and unauthorized use, access, or modification.

  1. THIRD-PARTY PROVIDERS.

  1. General.  We use third parties to help us operate and improve the Services and our services. We may provide these third parties with information we collect from you. If we do provide to third parties information that we collect about you, that information will, unless specifically noted otherwise in this Policy, be governed by this Policy and may only be used by those third parties to help us operate or improve our business or the Services or to provide services to us. These third parties may themselves also collect information from you and/or about your use of the Services. We do not control information collected by those third parties and are not responsible for their use of that information. Please review their privacy policies for more information on their information collection, use, and sharing practices.

  1. Google Analytics. We use Google, a third-party analytics provider, to collect information about the users of the Services, including demographic and interest-level information. Google uses cookies and pixels in order to collect demographic and interest-level information and usage information from users that visit the Services, including information about the pages where users enter and exit the Services and what pages users view on the Services, time spent, browser, operating system, and IP address. Cookies and pixels allow Google to recognize a user when a user visits the Services and when the user visits other services. Google uses the information it collects from the Services and other websites to share with us and other website operators’ information about users, including age range, gender, geographic regions, general interests, and details about the devices used to visit websites and purchase items. We do not link information we receive from Google with any of your personally identifiable information. For more information regarding Google’s use of cookies, pixels, and collection and use of information, see the Google Privacy Policy. If you would like to opt out of Google Analytics tracking, please visit the following link: Google Analytics Opt-out Browser Add-on.

  1. ONLINE TRACKING AND YOUR CHOICES

As discussed above, because we and our third party service providers automatically collect Services usage information through the use of cookies, pixels and other tracking technologies (including as described in the “Automatically Collected Information” section above, and otherwise in this Policy), your selection of the “Do Not Track” option provided by your browser may not have any effect on our collection of automatically collected information. One way to attempt to “opt out” of the collection of any information through cookies and some (but not all) other tracking technology is to actively manage the settings on your browser to delete and disable cookies and other tracking or recording tools. However, getting a “Do Not Track” signal to work as you might want is difficult and may not be possible. Using browsers as an example, not all tracking technologies can be controlled by browsers; unique aspects of your browser might be recognizable even if you disable a tracking technology; not all settings will necessarily last or be effective; even if a setting is effective for one purpose data still may be collected for another; and even if one website observes a “Do Not Track” signal, that website usually will not be able to control other websites.

  1. INFORMATION SECURITY MEASURES

Keeping secure personal information that we collect is of great concern to us. While we have mechanisms in place to safeguard your personal information once we receive it, no transmission of data over the Internet or any other public network can be guaranteed to be 100% secure. When you provide information to the Services, you do so at your own risk.

  1. CHILDREN
  1. The Services is not for or Directed Toward Children. Our primary audience is adults. We do not intend to and will not knowingly collect any personal information from children under the age of 13. Children under the age of 13 are prohibited from using the Services without their parent’s or guardian’s supervision and consent. If we learn that we have collected information from a child under the age of 13, we will remove that information immediately and delete it from our servers (subject to applicable law and this Policy). If you believe Content from a child under the age of 13 has been posted to the Services, please contact us using the contact information in the Privacy Questions section at the bottom of this Policy. We also recommend that children over the age of 13 ask their parents for permission before sending any information about themselves to anyone over the internet.
  2. California Minors. If you are a California resident who is under age 18 and you are unable to remove publicly available Content that you have submitted to us, you may request removal by contacting us using the contact information in the Privacy Questions section at the bottom of this Policy. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information is located, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the Content or information. REMOVAL OF YOUR CONTENT OR INFORMATION FROM THE SERVICES DOES NOT ENSURE COMPLETE OR COMPREHENSIVE REMOVAL OF THAT CONTENT OR INFORMATION FROM OUR SYSTEMS OR THE SYSTEMS OF OUR SERVICE PROVIDERS.  We are not required to delete the Content or information posted by you. Our obligations under California law are satisfied so long as we anonymize the Content or information or render it invisible to other users and the public.
  1. CALIFORNIA SHINE THE LIGHT LAW

California Civil Code Section 1798.83 permits California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed personal information (as defined under that statute) of that California resident, for direct marketing purposes in the preceding calendar year and the categories of that kind of personal information that was disclosed to them. If you are a California resident and you wish to make such a request you may contact us by using the contact information in the Privacy Questions section at the bottom of this Policy.

  1. ACCESSING AND UPDATING YOUR PERSONAL INFORMATION

If you do not want your information accessed or stored as described in this Policy, you should not access or use the Services.

  1. MODIFICATION OF THIS POLICY

The Effective Date of this Policy is set forth at the top of this webpage.  We reserve the right to change this Policy as business needs require. When we post changes to this Policy, we will revise the “last updated” date at the top of this Policy. If we make material changes to the way we use personal information, we will provide advance notice to you by email or by posting a message on the Services.  Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Policy. The amended Policy supersedes all previous versions.

  1. EUROPEAN PRIVACY LAW

11.1 Data Subject Rights

If you reside in the EU you may be entitled to a number of other rights under the GDPR. These rights are summarized below. We may require you to verify your identity before we respond to your requests to exercise your rights. If you are entitled to these rights, you may exercise any of these rights with respect to your personal information that we collect and store. You have the right to:

• Withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent;

• Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;

• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us;

• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request;

• Request the transfer of your personal information to you or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you;

• Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the information’s accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it;

• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

You may exercise these rights free of charge. These rights will be exercisable subject to limitations as provided for by GDPR. Any requests to exercise the above listed rights may be made to support@hermanpro.com

11.2 European Data Retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

  1. NOTICE TO USERS OUTSIDE OF THE UNITED STATES

We are headquartered in the United States. Your use of the Services and any services provided to you though the Services are governed by United States law. If you are using the Services from outside of the United States, your information may be transferred to, stored and processed in the United States where our servers are located. In accordance with and as permitted by applicable law and regulations, we reserve the right to transfer your information, process and store it outside your country of residence to wherever we or our third party service providers operate. We participate in the E.U. – U.S. Privacy Shield Framework and comply with the Privacy Shield Principles.  Click https://www.privacyshield.gov to learn more.  Any transfer from a European Herman entity to a US Herman entity is done under compliance with the “Privacy Shield”-certification.

  1. DISPUTE RESOLUTION

This Policy, and any dispute between you and us, shall be governed by the laws of the State of California, without regard to its rules or principles of conflicts of law. You agree that all such disputes must be settled only through binding arbitration, which will be subject to the Federal Arbitration Act and not any state arbitration law. Arbitration shall be conducted by one commercial arbitrator with substantial experience in resolving commercial contract disputes from the American Arbitration Association (“AAA”) and will be governed by the AAA’s Commercial Arbitration Rules. YOU UNDERSTAND THAT BY AGREEING TO THIS POLICY, YOU ARE AGREEING TO GIVE UP YOUR RIGHT TO GO TO COURT OR HAVE A JUDGE OR JURY HEAR ANY DISPUTE THAT MAY ARISE BETWEEN YOU AND US. YOU ALSO HEREBY WAIVE ANY RIGHT YOU MIGHT HAVE TO RESOLVE ANY DISPUTE ON ANY BASIS (INCLUDING, BUT NOT LIMITED TO A CLASS ACTION BASIS) INVOLVING CLAIMS BROUGHT IN A PURPORTED REPRESENTATIVE CAPACITY ON BEHALF OF THE GENERAL PUBLIC OR OTHER PERSONS SIMILARLY SITUATED. YOU AGREE THAT THIS ALSO MEANS THAT THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON’S CLAIMS. All arbitrations shall be conducted solely based on written submissions or, if the damages you claim exceed the amounts that could otherwise be brought in small claims court, a telephonic hearing, unless the arbitrator deems a face-to-face hearing is appropriate, in which case one will be held in San Francisco, California. The arbitrator’s ruling is binding and confidential. You shall be responsible for your attorneys’ fees and other costs in bringing any claim against us, including all costs associated with the arbitration, and we shall be responsible for our own such costs. Notwithstanding the preceding, you agree that claims of defamation, violation of the Computer Fraud and Abuse Act, and infringement or misappropriation of intellectual property rights are not required to be arbitrated, but such claims must be brought exclusively in the state or federal courts located in San Francisco, California, and each of you and us hereby consents to the jurisdiction of those courts. Actions seeking equitable relief are also not required to be arbitrated, and each of you and us may enforce any provision of this Policy by seeking equitable relief (in addition to all other remedies available to it) without the need to prove the inadequacy of monetary damages or to post bond or other security.

  1. PRIVACY QUESTIONS

If you have any concerns or questions about these policies, please contact us at support@hermanpro.com.