DESCRIPTION OF USERS AND ACCEPTANCE OF TERMS
THE INFORMATION WE COLLECT AND HOW WE USE IT
In the course of operating the Website and providing the Services, Hasty collects or receives the following types of information, which may include personal information.
When you sign up to receive our newsletter or use our Services, you will be asked to provide us with your contact information which may include your email address, company name (optional) and company type (optional) (“Contact Information”). We use the Contact Information to provide the requested service or information and to contact you for purposes of direct marketing of our current and future services.
Server Log Information
Our servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of such access, including the device’s IP address, user agent string (e.g., operating system and browser type/version), and the pages you’ve clicked on while on our Website, and details regarding your activity on the Website such as time spent on the Website and other performance and usage data. We may use these log files for purposes such as assisting in monitoring and troubleshooting errors and incidents, analyzing traffic, or optimizing the user experience.
We may collect information using “cookies” and other similar technologies. Cookies are small packets of data that a website stores on your computer’s or mobile device’s hard drive (or other storage medium) so that your computer will “remember” information about your use.
We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them). If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, certain aspects of the Website and the Services may not function properly or as intended.
Third-Party Analytics Providers
For Google Analytics, please visit: https://www.google.com/analytics Third Party Advertisers/Remarketers
In an ongoing effort to better understand our Website, Services and users of the Services, we might analyze your information in aggregate form to operate, maintain, manage, and improve the Website and the Services. This aggregate information does not identify you personally. We may share this aggregate data with service providers, and our affiliates, agents, and business partners. We may also disclose aggregated user statistics to describe the Services to current and prospective business partners and to other third parties for other lawful purposes.
Sharing With Third Parties
Like many businesses, we hire other companies to perform certain business-related services. We may disclose your information, including personal information to certain types of third party companies but only to the extent needed to enable them to provide such services. The types of companies that may receive personal information and their functions are: technical assistance, database management/back-up services, use analytics, email marketing platforms, customer service, and our hosting provider. We may also disclose personal information to our parent companies, subsidiaries, affiliates, joint ventures, or other companies under common control to support the marketing of the Services and sale of the Products.
Disclosure to Public Authorities
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
OPT-OUT OF MARKETING EMAILS AND COMMUNICATION PREFERENCES
You may manage your receipt of marketing and non-transactional communications by emailing us at [email protected] or by clicking on the “Unsubscribe” link located on the bottom of any Hasty marketing email. You cannot opt out of receiving transactional e-mails related to your account. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases.
HOW WE PROTECT YOUR INFORMATION
IMPORTANT NOTICE TO ALL NON-GERMAN RESIDENTS
It is important to note that the Website, the Services and their servers are located in Germany. Please be aware that your information may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your country of origin. If you are located outside of Germany and choose to use the Website and/or the Services, you do so at your own risk.
CALIFORNIA PRIVACY RIGHTS
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To make such a request, please contact us via email at [email protected] .
DO NOT TRACK
Hasty does not monitor, recognize or honor any opt-out or do not track mechanisms including general web browser, “Do Not Track” settings and/or signals.
NEVADA PRIVACY RIGHTS
If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal information to third parties who intend to license or sell that personal information. You can exercise this right by contacting us at [email protected] with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A.
LINKS TO EXTERNAL WEBSITES
HOW TO CONTACT US
The term “European Economic Area” (or “EEA”) shall mean the then-current member states and member countries of the European Union and European Economic Area.
The term “GDPR” shall mean the General Data Protection Regulation 2016/679, the Privacy and Electronic Communications Directive 2002/58/EC, the UK Data Protection Act 2018, the UK General Data Protection Regulation as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019, and the Privacy and Electronic Communications Regulations 2003, and any relevant law, statute, declaration, decree, directive, legislative enactment, order, ordinance, regulation, rule or other binding instrument which implements any of the above or which otherwise relates to data protection, privacy or the use of personal data, in each case as applicable and in force from time to time, and as amended, consolidated, re-enacted or replaced from time to time.
Controller Disclosure & Details: We are a data controller of personal data regarding the following categories of EEA Individuals: Users, business contacts at Users, vendors, suppliers, or other third parties (“Business Contacts”), and Visitors for the purposes and under the legal bases described in the table below. Please note that, in some cases, the categories of data subjects above may overlap (e.g., Users and Business Contacts using the Website are also Visitors).
Data Subject Category
|Purpose & Legal Basis of Processing|
Information Security: We process contact information, server log information and information collected through strictly necessary cookies (such as your IP address, browser information, geolocation data, operating system, request date/time, user agent string, referral and exiting URL) in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests (Article 6(1)(f) GDPR) i combating DDOS or other attacks, and removing or defending against malicious individuals or programs on the Sites. We may also process your contact information to comply with a legal obligation relating to how we manage our organization or our relationship with your organization. We may ask for your consent (Article 6(1)(a) GDPR) for collecting additional data via cookies to track Website usage and user behaviour.
Website Operation and Improvement: We process server log and information collected through cookies pursuant to our legitimate interest (Article 6(1)(f) GDPR) in operating and improving our Website.
Audience Measurement and Retargeting: Pursuant to a Visitor’s consent (Article 6(1)(a) GDPR), we use an assortment of marketing and analytics cookies, and collect identifiers through such cookies (such as your IP address, browser information, geolocation data, operating system, request date/time, user agent string, referral and exiting URL), for purposes of audience measurement, retargeting, and creating relevant Visitor experiences (such as based on their interaction with our Website).
General Business Development and Management: We will process personal data pursuant to our legitimate interest in creating and managing our business relationships with EEA Individuals, including without limitation:
Direct Marketing: Generally, we send email marketing to EEA Individuals pursuant to their consent. In cases where a User buys, or enters into negotiation for the sale of, a product or service, email marketing may be sent to such User pursuant to our legitimate interest in sending marketing communications to such Users in the context of such engagement.
Providing Access and Support for Services: We will process personal data pursuant to our legitimate interest and as necessary for the performance of contracts to provide customers with access and support for our Services.
Vendor Business Development: When entering into vendor relationships with EEA Individuals, we will receive the personal information of contacts employed or otherwise associated with such vendors. We process such information in our legitimate interest in establishing and developing our vendor relationships and obtaining information about their products and services.
Controller’s Representative: Our representative in the European Union is:
Hasty GmbH Zionskirchstraße 73a 10119, Berlin Germany
Recipients: Hasty personnel shall receive and process your personal data for the purposes described herein. Such personal data may also be disclosed to the following categories recipients to effectuate the purposes described herein: lawyers, auditors, and other professional advisors (based on our legitimate interest (Article 6(1)(f) GDPR) or based on legal obligations (Article 6(1)(c) GDPR), and third party providers of business-related services such as cloud storage, email marketing, customer relationship management systems, fraud prevention, travel and expense management, Website management and analytics databases (based on a processor controller agreement (Article 28 GDPR).
We may also disclose personal data to third parties (including but not limited to affiliated broker-dealers, custodial organizations, financial institutions and payment providers) who provide us with services relating to administration, telecommunications, payment, clearing, audit, accounting, risk management, credit, legal, compliance, operations, sales and brokerage, marketing, relationship management, securities management, information technology, records and data storage, performance measurement and compilation and analysis in connection with our Services (based on our legitimate interest (Article 6(1)(f) GDPR) or based on legal obligations (Article 6(1)(c) GDPR).
We may also (based on our legitimate interest (Article 6(1)(f) GDPR), your consent (Article 6(1)(a) GDPR or a processor controller agreement (Article 28 GDPR)) disclose personal data to our parent companies, subsidiaries, affiliates, joint ventures, or other companies under common control (“Affiliates”) to support the marketing and provision of the Sites and products and services. If we pass your personal data to one of our Affiliates so that it can respond to your inquiry if it relates to that Affiliate, that Affiliate will receive your personal data based on our legitimate interest (Article 6(1)(f) GDPR) and will be using your personal data as a separate data controller for the purposes of the GDPR.
We may also disclose personal data to respond to claims of violation of third party rights or to enforce and protect our rights (based on our legitimate interest (Article 6(1)(f) GDPR)).
Retention:Hasty shall not retain personal data we collect automatically from your browsers or device through server logs or cookies for a period longer than two (2) years from date of collection, IP addresses will be anonymized after one week. Data of users and business contacts will be retained for six calendar years, any data relating to payment or invoices will be retained for ten calendar years. Data of job applicants will be deleted six month after the decision for a candidate. Data of job applicants may be kept for 12 month if we inform the job applicant that he or she may fit for another position at Hasty and the job applicant does not object to further storing his or her data.
Your GDPR Rights: As a natural person, you have a right to: (i) request access to, correction, and/or erasure of your personal data; (ii) object to processing of your personal data; (iii) restrict processing of your personal data; (iv) request a copy of your personal data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability, and (v) withdraw your consent where consent is used as the legal basis for processing your personal data. You may exercise these rights and submit a GDPR complaint by contacting: [email protected] with the subject line “GDPR Privacy Notice.”
You also have the right to lodge a complaint about the processing of your personal data with a supervisory authority of the European state where you work or live or where any alleged infringement of data protection laws occurred. A list of most of the supervisory authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. The supervisory authority in the UK is the Information Commissioner’s Office (https://ico.org.uk/).
Objecting to Legitimate Interest/Direct Marketing: You may object to personal data processed pursuant to our legitimate interest. In such case, we will no longer process your personal data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email or by submitting your request to [email protected] with the subject line “GDPR Privacy Notice” (the latter for instances where, for example, you would not like to receive follow-ups from our sales team). In such case, your personal data will no longer be used for that purpose.
Transfer of Personal Data outside of Europe: We may transfer your personal data outside the EEA or the UK when necessary to provide the Services. We will only transfer your personal data outside the EEA or the UK pursuant to applicable data protection laws, and will not make such a transfer unless: (i) we have signed EU Commission Standard Contractual Clauses with the recipient, (ii) the recipient is located in a country that has received an adequacy decision from the European Commission, or (iii) where a derogation under GDPR Article 49 or similar provision applies.
Disclosure to Public Authorities: We may be required to disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Corporate Restructuring: In the event of a merger, reorganization, dissolution, or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal data, would be transferred to the surviving entity in a merger or the acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal data as set forth in this Notice.
Updates to this Notice: If, in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this Notice, and the “Effective Date” at the top of this page will be updated accordingly.
How to Contact Us: Please reach out to [email protected] for any questions, complaints, or requests regarding this Notice; please include the subject line “Notice to EEA Individuals.” You may contact our data protection officer at [email protected], or at Clive Ct, Ely CB7 4EA, United Kingdom.