PLEASE READ THIS PRIVACY POLICY CAREFULLY AS IT CONTAINS IMPORTANT INFORMATION AND WE HAVE RECENTLY UPDATED IT. BY USING OUR PRODUCTS AND/OR ACCESSING OUR WEBSITE OR DESKTOP APPLICATION YOU ARE SIGNIFYING THAT YOU ARE AGREEING TO THIS PRIVACY POLICY, SO PLEASE CHECK THE NOTICE PERIODICALLY FOR UPDATES. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOU SHOULD NOT USE OUR PRODUCTS, WEBSITE, AND DESKTOP APPLICATION.
Last Updated: June 25, 2023
As a company involved in assisting others with deploying and configuring their software, harpoon Corp. (“harpoon”, “us”, “we”, “our”) stores and processes personal data on behalf of our users. We understand that the privacy of our user’s information is important. We are committed to privacy, protecting such personal data, and being transparent about how we use, share, and protect such information. To further this commitment, we developed this privacy policy (“Privacy Policy”) to allow our users to better understand the types of information we collect, why we collect it, how we will use it, and the various options users have to manage the privacy of their information.
Scope of the Privacy Policy
The Privacy Policy describes our privacy practices for the collection, use, and disclosure of the personal information that we collect in our usual course of business, including through our services, websites (including harpoon.io, app.harpooncorp.com, and all affiliated websites, collectively “Website”), products, desktop applications, and software (collectively, “Products”), and other initiatives such as in communications between you and us as well as through our marketing and product trainings.
In addition to the Privacy Policy, we may provide additional “just-in-time” disclosures or additional information about the data collection, use, and sharing privacies of those specific Products. These notices may supplement or clarify our privacy practices or may provide users with additional choices about how we will process their personal information.
The Privacy Policy applies to those that visit our Website and those that purchase and/or use our Products. The Privacy Policy does not apply to other companies and individuals, including products or websites that may be displayed or linked to on our Website or Products. Such companies and individuals may have separate privacy policies and procedures; we are not responsible for such policies and procedures. Additionally, users may also be subject to internal employer policies and procedures; we are not responsible for such policies and procedures.
Responsible Entity
Unless otherwise provided in the Privacy Policy, we are the controller of data and information as herein described.
Personal Rights with Respect to Data; Summary of Key Points
Some data protection laws, including those of specific states and countries, provide individuals with certain rights in connection with their personal data. Such rights may generally include:
The right to be informed with how your data will be used. The Privacy Policy provides such information.
The right to access a copy of your data. Section 15 provides details regarding making such requests.
The right to request changes to data if the information is incorrect. Section 15 provides details regarding making such requests.
The right to have data deleted when it is no longer necessary for harpoon to retain such data. Sections 5, 7, and 15 provide details regarding this process.
The right to opt out of certain uses of your data at any time, including but not limited to any profiling related to direct marketing. Sections 5 and 8 provide details regarding this process.:
The right to have a portable copy of your data. Section 15 provides details regarding making such requests.
The right to refuse to be subjected to automated decision making and insist on human intervention. The Privacy Policy provides multiple means for users to communicate directly with our personnel, including those listed in Sections 11 and 12.
The right to lodge a complaint with a supervisory authority. Section 12 provides details regarding making such a complaint.
The right, in certain circumstances, to object to the processing of your personal information. Section 4 provides details regarding our data processing and Section 11 provides you with our contact information where you can make such requests.
We will consider and act upon any request in accordance with applicable data protection laws.
Further, there are certain common questions which users may have:
What personal information do we process? When you visit our Website or use our Products, we may process personal information. The personal information we process will depend on how you interact with us, the choices you make, and the products and features you use.
Do we process any sensitive personal information? We do not intentionally process any sensitive personal information.
Do we receive information from third parties? Yes, we may receive information from public databases, marketing partners, and other outside sources.
How do we process your information? We process your information to provide, improve, and administer our Products, communicate with you, for security and fraud prevention, and to comply with applicable law. Additionally, we may process information for other purposes with your consent. We only process your information when we have a valid legal reason to do so.
Do we share user personal information? We may share information in specific situations and with specific third parties.
How do we keep information safe? We have organization and technical process and procedures in place to protect your personal information. However, no electronic transmission or information storage can be guaranteed as 100% safe and secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal or modify user information. Accordingly, although we will do our best to protect your personal information, transmission of personal information to and from our products is at your own risk.
You can find more details about any of the above topics in this Privacy Policy.
1. INFORMATION COLLECTED BY HARPOON
The information we receive depends on the context of how a user interacts with us, how their account is configured, and choices that users make, including privacy settings. Such information includes, but is not limited to, identification information, employment related information, and information regarding internet activity, preferences, and behaviors. Most personal identification information and other data we collect comes directly from our users (and their employers, as applicable). This occurs when users interact with our Products, such as registering on our Website, making purchases, and agreeing to receive marketing information. Also, when a user interacts with our Products, including using our Website or our desktop application, we use Cookies (as defined below) to collect information about them and their systems and use of our Products. Additionally, the information provided to us or obtained from Cookies is combined with other information that may come from third parties. If we combine or connect non-personal, demographic, or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal data. Further, notwithstanding the foregoing, we do not knowingly process sensitive information. Below we will describe a high-level view of the various sources of personal data that we receive.
Information Users Provide Us
Account Information. When anyone creates an account with us or downloads certain content, we are provided with and collect information that allows us to set up or open the account. This information may include but is not limited to names, addresses (physical and electronic), ages, usernames, passwords, password hints, and billing information. We may also collect additional information if a user syncs its account with a third-party account.
Payment Information. We collect data necessary to process your payment if you make purchases. All payment data is stored by Stripe. You may find their privacy notice link here: https://stripe.com/privacy
Identification Information. We also collect information to verify its user’s identity.
Products Information. When a user accesses or uses our Products, we receive information. This information may include but is not limited to invoices, statements, financial information, payment information, as well as information regarding user’s preferences.
Information Stored with and/or Submitted to Us. We offer our users the option to submit and store data with us. Such data may include pictures, documents, software (including source code), and other files.
Support, Feedback, and Requests. When a user reaches out to us for support, gives feedback, participates in surveys, uses beta services, requests additional information, or participates in trainings, we may also collect information.
Information We Obtain From User's Access and Use
When users access or use our Products, including accessing or using our Website or desktop application, and communicate with us, we may automatically collect certain information about them and how they use the Products. Such information may include:
Content Collection. We may collect content that users provide through the Products, such as personal information including names, usernames, email addresses, and account information; information about their business including affiliations (e.g. working relationships) and job titles; content provided to customer support; and other feedback users provide regarding the Products.
Usage Information. We may collect usage information from users including information regarding pages they have viewed, the features used, browser types, time spent on web pages, what data and files have been downloaded, and any links clicked on to leave or interact with our Products.
Information Regarding Devices. We may collect device information such as Media Access Control (MAC) address, Internet Protocol (“IP”) address, operating system name and version, browser type, log information, error messages, device type, network type, and unique device identifiers.
Location Information. Certain Service features may collect users’ precise location data, device motion data, or both. How much information we collect also depends on the type of device you use to access our Website and Products.
Phone Calls. Anyone who communicates with us by phone may be monitored and/or the call may be recorded.
Local Storage. We may collect and store information (including personal information) locally on user’s devices.
Cookies. We may use commonly-used tools such as cookies, web beacons, server logs, pixel tags, browser analysis tools, local shared objects, and similar technologies (collectively, “Cookies”) to provide the Products requested, recognize visitors, track interactions with our Products, and improve user’s experience. By way of example, when a user visits our Website, we place Cookies on their computer which allow us to recognize them upon their return. This permits us to provide a more customized experience as well as enables us to detect certain types of fraud. By way of a separate example, pixel tags and web beacons are small graphic images contained on web pages and in emails that allow us to determine whether a person has performed a specific action. For instance, when a person accesses a page or clicks on an email, the pixel tag or web beacon generates a notice. This allows us to measure responses and improve our Products and business operations. In general, Cookies provide us with a broad range of information including information regarding our user’s devices, operating systems, browser type, domain, system setting, system language uses, time zone/physical location, IP address, websites visited prior to coming to our Website and websites visited after leaving our Website. Users have some control over the data we collect from Cookies and how we use it. For more information about cookies see http://www.allaboutcookies.org.
The information we collect automatically may include personal information and we may maintain it or associate it with personal information we collect in other ways or receive from third parties. This information helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
Estimate our audience size and usage patterns.
Store information about your preferences, allowing us to customize our Website according to your individual interests.
Recognize you when you return to our Website.
Information From Third Parties
We may also receive information about our users from third parties when permitted by applicable law. Such third parties may include:
Parties with whom a user has an account or receives a service when they choose to sync that third-party account/service with their harpoon account or integrate their data from that third party into the Products we provide.
Parties who help us to supplement the information users have provided and to ensure the accuracy of such information.
Parties who provide us with information about users or users’ interaction with our Website and Products, including but not limited to non-personal data such as demographic information, statistics, or aggregate information.
Parties who provide us with support services.
Parties that provide us with risk management, cybersecurity, and anti-fraud services.
Publicly available sources, such as government databases, and government agencies.
Other users, administrators, and employers, as described below in “Employers and their Work Force; Notice to Users”.
Such information may include email addresses, intent data (or user behavior data), Internet Protocol (IP) addresses, and customer profiles, for purposes of targeted marketing and event promotion. To the extent permitted by law, such information from third parties may be combined with information provided by or obtained directly from employers and users.
Employers and their Work Force; Notice to Users
If a user grants access to an organization or an organization creates an account for a user, the owner of the organization and/or one or more designated administrators may view, control, and administer details of the user’s account. Additionally, such user’s use and access to the account may be subject to additional internal policies and procedures as determined by the organization. We are not responsible for such policies and procedures. If you are an employee, contractor, or other worker of an organization that you have granted access to or that has created an account for you, we will obtain, process, retain, and use your data in accordance with the instructions we receive from such organization (e.g., your employer). Accordingly, we may disclose personal information to your employer and to other entities when instructed to do so by your employer if you have granted your employer access to your account or your employer created your account for you. Additionally, we may disclose your personal information as needed to provide the Products that you and such third-party organization has requested and as required by law, such as in response to a subpoena.
We may also receive personal information from our enterprise customers regarding their current, prospective, and former employees, contractors, and other workers. Any administrator or organization that provides such information, such as personal identification information, regarding its work force represents that it has the authority to do so and if necessary, has obtained the necessary consents from such work force. Additionally, it is acknowledged that any information so provided is subject to the Privacy Policy. We have implemented reasonable technical, physical, and administrative safeguards to help protect such information from unlawful use and disclosure. We will only disclose sensitive personal data as stated in this Privacy Policy.
Should a member of customer’s work force have any questions regarding their privacy rights, they should contact their employer’s human resource department. If a member of a customer’s work force has any questions regarding the Privacy Policy, they may contact us at legal@harpoon.io.
Required Information
Some of the functionalities in our Products may require certain information to be provided in order to use the Products. A user may not be able to use certain features of the Products if they do not wish to provide such information.
2. HOW HARPOON USES INFORMATION
harpoon uses user information in a variety of ways, each being part of our business purpose. Such uses include the following:
To provide, initiate, improve, protect, develop, and deliver the Products, including to personalize experience, provide support, identify usage trends, and to protect the security and safety of the Products, our enterprise customers, our users, harpoon, the data that we maintain, and others, and to otherwise operate our business, including management, training, reporting, assessment, and analysis activities.
To communicate with our users, including to provide information regarding our Products or user accounts and to offer products and services (including third-party products and services), and expand business relationships, including marketing services (including targeted advertising), investor communications, user communications (e.g. alerts, updates, trainings, and invitations), and surveys.
To analyze our users’ information, using both manual and automated systems, to assess and improve our Products, determine the effectiveness of our marketing and promotional campaigns, perform quality control, personalize our users’ experience, automate certain functions, aggregate and de-identify certain information, provide features, perform risk management, and to protect the safety and security of the Products, our users, us, and others.
To send transactional communications, including requests for information, responses, orders, confirmations, training, and updates.
To perform data mapping.
To create a profile or summary about users, including through automated processes, such as a user’s preferences or characteristics for marketing purposes. By agreeing to this Privacy Policy, you are consenting to such automated decision processes. However, applicable law may permit you to withdraw this consent at any time as detailed in Section 5 below.
To facilitate the creation of and manage accounts, perform accounting and finance tasks, perform risk mitigation services (including internal and external audits and investigations), perform compliance functions, and for dispute resolution purposes.
To enforce, remedy, or apply our agreements.
To license and protect intellectual property and other assets.
To perform business structure activities, including mergers, acquisitions, and divestitures.
To perform disaster recovery and business continuity services.
To perform research.
To determine a person’s eligibility for offers, products, and services.
For legal, compliance, and insurance purposes.
In any other way we may describe when you provide the information.
For any other purpose with your consent.
Generally, we will only use user’s collected personal information in the manner described in the Privacy Policy or for the purposes we designate at the time we collect such information. Notwithstanding the foregoing, to the extent permitted by law, we may use personal information for other purposes which are not incompatible with our business purposes and which are permitted by applicable law. To the extent required by law, we will provide users with further information on any such additional use when it happens.
3. HOW AND WITH WHOM HARPOON SHARES INFORMATION
How We Share Your Personal Information
We may occasionally need to share our users’ information, including personally identifiable information. However, we will only share such information as follows:
With the user’s consent (e.g., as part of a testimonial).
To provide the Products and to otherwise operate our business.
For joint sales, promotions, and events.
For legal reasons, such as if we reasonably believe disclosure is required or permitted by law, to enforce our agreements (including debt collection), or to protect the rights, property, or safety of us, the Products, our users, or others.
For any other purpose disclosed by us when you provide the information.
As otherwise expressly stated in this Privacy Policy.
Please note, we do not permit our third-party service providers to use the personal information we share with them for their marketing purposes or for any other purpose other than in connection with providing services to us.
With Whom We Share Your Personal Information
We may share your data with our contractors, service providers, and other third parties who provide services on our behalf (e.g., IT services, hosting, payment processing, research and analytics, marketing, and customer support). We have contracts in place with these third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct. Such third parties and what we share with them are as follows:
Advertising, direct marketing, lead generation, and social media sharing and advertising: LinkedIn, Twitter, Facebook, etc.
Allowing users to connect to third-party accounts: Docker Desktop, GitHub, etc.
Cloud Computing Services: Amazon Web Services, Google Cloud, Azure, etc.
Communicate and chat with users: LiveChat, Email
Content Optimization: Google Search Console, Google Analytics
Data Backup and Security
Invoice and Billing: Stripe
Website hosting: Webflow, Amazon Web Services
Website performance monitoring: StatusCake and LogRocket
We may also need to share your personal information with:
Our subsidiaries and affiliates, in which case we will require those parties to honor this Privacy Policy.
Relevant third parties in the event that we are a party to a merger, acquisition, asset sale, financing, liquidation, or bankruptcy, we may share user information before and after the transaction date.top, GitHub, etc.
Our business partners, including professional advisors acting as our service providers (e.g. lawyers, bankers, auditors, and insurers).
Third parties for research purposes, but only combined, unidentifiable user data which does not allow any user or other person to be identified.
User’s employer, in the event said employer created, owns, or maintains the account (e.g., portions of an employee’s account may be visible and subject to access, change, copy, or deletion by their employer).
Notwithstanding the foregoing, we have no duty to disclose such information and therefore shall not be liable to users in connection with any nondisclosure.
4. PROCESSING USER INFORMATION
Our legal basis for collecting and using the information described in the Privacy Policy depends on the type of information and the specific context in which we collect it. We will normally collect user information from where the user has consented, where we need the information to perform an agreement with the user, or where the processing is in our legitimate interests and not overridden by user’s data protection interests or fundamental rights and freedoms. Additionally, we may have a legal obligation to collect information from our users. If a user has any questions regarding the legal basis on which we collect and use information, please contact us using the contact details provided below.
If you are located in the EU or UK, the following applies to you:
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal basis we rely on in order to process your personal information. As such, we may rely on the following legal basis to process your personal information:
Consent. We may process your information if you have given us permission to use your personal information for a specific purpose. You can withdraw consent at any time.
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including in providing our Products, in responding to your inquiries, to send administrative information to you, or at your request prior to entering into a contract with you.
Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes below:
To send users information about special offers and discounts on our Products.
To develop and display personalized and relevant advertising content.
To analyze how our Products are used so we can improve them to engage and retain users.
To support our marketing activities.
To diagnose problems and/or prevent fraudulent activities.
To understand how our users use our Products to help us improve our users’ experience.
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations. Such obligations may include, but are not limited to, cooperating with a law enforcement body or regulatory agency, to exercise or defend our rights, or to disclose information as evidence in litigation in which we are involved.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of third parties, including but not limited to situations involving potential threats to the safety of any person.
If you are located in Canada, the following applies to you:
We may process your information if you have given us express consent to use your personal information for a specific purpose, including data mapping, or in a situation where your permission can be inferred. By using the Website and our Products, you hereby consent to us using personal information we have obtained about you for data mapping. You can withdraw your consent at any time. Additionally, in some exceptional cases, we may be legally permitted under applicable law to process your information without consent. Examples of these exceptional cases include:
If collection is clearly in the interests of an individual and consent cannot be obtained in a timely fashion.
For investigations and fraud detection and prevention.
For business transactions provided certain conditions are met.
If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim.
For identifying injured, ill, or deceased persons and communicating with next of kin.
If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse.
If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province.
If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records.
If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purpose for which the information was produced.
If the collection is solely for journalistic, artistic, or literary purposes.
If the information is publicly available and is specified by the regulations.
5. HOW USERS CAN MANAGE THEIR PRIVACY
Users have choices when it comes to managing their privacy. Such rights include:
Unlink any third-party integration which you have previously linked.
Updating their privacy settings through our Website or desktop application by visiting their account settings, including deleting their account.
Based upon applicable laws of the user’s country, the user may have the right to request access to personal information we collect about you, change that information, or delete it. In such instances, to request, review, update, or delete your personal information, you may email legal@harpoon.com.
Updating their preferences, including opt ins and opt outs of marketing communications. To update preferences, users can:
Email legal@harpoon.com; or
Click “unsubscribe” at the bottom of any harpoon email;
Please note, if an individual is currently receiving services from us and decides to opt out of promotional emails, it will not impact messages we send for purposes of performing such services.
In many cases a user can change browser settings to opt out of Cookies and other data collection technologies. Please note, disabling Cookies and opting out of data collection may cause partial or permanent interruption of the Products.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from the members of the National Advertising Initiative on their website at https://thenai.org/opt-out/. Additionally, you may visit the Digital Advertising Alliance’s Network Advertising Initiative’s website at https://www.networkadvertising.org/. Please note, even if you opt out of Cookies or otherwise opt out of interest-based advertising, you will still receive advertisements, however they will not be tailored to your interests. Additionally, please note if you opt out and later delete your Cookies, use a different browser, or buy a new computer, you may need to renew your opt-out choices.
Users of certain states may have additional personal information rights and choices. Please see “Your State Privacy Rights” below for more information.
Withdrawing consent if you are a user located in the EU, UK, or Canada. To withdraw your consent, simply contact us using the contact information in Section 11. Please note, this will not affect the lawfulness of processing which occurred before the withdrawal nor, when applicable law allows, will it affect the processing of personal information conduct in reliance on lawful processing grounds other than consent.
6. PERSONALLY IDENTIFIABLE INFORMATION
Generally, information collected from Cookies is used in non-identifiable ways and without reference to any user’s personal data. By way of example, we may use such information to optimize our Website and understand traffic patterns. In some instances, however, information collected from Cookies will be coupled with the user’s personal data. In those instances, the Privacy Policy applies to such associated information. In an effort to preserve our users’ privacy, we agree that we will treat any personally identifying information that users submit through our Website or application in accordance with the terms outlined in the Privacy Policy.
7. DATA ACCURACY AND RETENTION
We will use reasonable measures to keep our users’ data accurate, complete, and up-to-date for purposes of providing the Products. However, in many cases we will rely on our users to use their own ability to access and correct such data to ensure its accuracy. Accordingly, all information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Unless a longer retention period is required or permitted by law, we will retain user information for so long as we deem necessary for purposes of maintaining accounts, providing Products, and for our business purposes. Such time period may vary depending on the amount, nature, and sensitivity of the particular data. Generally, after a user terminates their account or otherwise ceases to use the Products (including if we determine your account is inactive), then we will no longer retain such user’s information except as follows:
To send marketing communications in accordance with such user’s marketing preferences, as detailed above;
For our legal or regulatory compliance; to exercise, establish or defend legal claims; and to protect against fraudulent or abusive activity on our service; and
For general product improvement purposes in accordance with the Privacy Policy, provided that any data retained for this purpose will be used only for a limited period and handled securely and in confidence.
If we no longer need a user’s information for the above purposes, we will generally delete or de-identify it in accordance with our standard data retention practices. However, there may be occasions where we are unable to fully delete or de-identify information due to technical or other operational reasons. If this occurs, we will take reasonable measures to securely isolate such information from any further processing until such time as we are able to delete or de-identify it.
8. THIRD-PARTY PRODUCTS AND INTEGRATIONS
Third-party products, services, and applications may use or integrate with our Products, or otherwise be offered through our Products (“Third-Party Products”). If a user chooses to use any Third-Party Products or link or sync any of these Third-Party Products with their harpoon account, such user is permitting us to provide their information and any information associated with their account to the third party. These features may collect your IP address and/or which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Additionally, these features are either hosted by each respective platform or hosted directly on our Website. We do not control these third parties’ tracking technologies or how they use them. For purposes of clarification, a user’s interactions with Third-Party Products are governed by the privacy policy of the third-party company providing such services.
9. SECURITY
We understand the importance of security of information, particularly PHI, and will provide commercially reasonable administrative, physical, technical, and organizational security controls and safeguards. Such controls and safeguard include but are not limited to disk level encryption, field level encryption, Transport Layer Security (TLS), firewalls, and regular vulnerability scans and penetration tests. Additionally, we will only authorize access to user information to the extent necessary to serve its applicable business purposes, and our staff will access such information subject to confidentiality obligations. These are designed to prevent unauthorized use, access, processing, destruction, alteration, or disclosure of our users’ information. However, even with our best efforts, we cannot ensure or warrant the security of any information. Accordingly, we will not be liable for unauthorized disclosure of personal information due to no fault of harpoon including, but not limited to, errors in transmission and unauthorized acts of third parties.
Additionally, there are steps that each user should take to protect themselves and their organization. Such steps include:
Choosing strong passwords, not sharing passwords, and periodically changing passwords.
Using multi-step verification for logging into the Products.
Using fingerprint or facial recognition if your device has such features.
Logging out of Products when they are not in use.
Not sharing devices that are used to access the Products.
Reviewing our email reminders, such as log-in notices.
Monitoring for fake emails (please note, we will never ask a user for a password in an unsolicited phone call or email and our emails will always come from an email address that ends with “@harpoon.io”.
Avoiding customer support scams (please note, we will not reach out to you to fix problems with your computer).
Notify us immediately if information related to your payments (e.g. login information or credit cards) are lost or stolen.
We will investigate all known or suspected security breaches and shall document the facts relating thereto, their effects, and remedial actions taken. We will also notify a user upon becoming aware of a material incident that has actually compromised the security, confidentiality, or integrity of their information as required by applicable law.
10. INTERNATIONAL DATA TRANSFERS
At this time, we are headquartered in the United States of America. Our servers are located in the United States, but we also transfer certain customer information to the Philippines for customer support services.
If you are a resident in the European Economic Area or UK, then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. However, we will take all necessary measures to protect your personal information in accordance with this Privacy Policy and applicable law.
11. HOW TO CONTACT US
Please contact us if there are any questions or comments about the Privacy Policy or our practices, as follows:
Phone: (858) 208-0790
Email: legal@harpoon.io
Address: harpoon Corp. Attn: Compliance Department - Data Protection Officer PO Box 501736 San Diego, CA 92150
If you send a letter, please provide your name, address, email address, title (if you are contacting us on behalf of a business entity), and detailed information about your question or comment.
12. HOW TO MAKE A COMPLAINT
If any user believes its personal information has been provided to us improperly by a third party or that we have not handled their information properly or have breached its privacy obligations, either under any agreement between us and such user, the Privacy Policy, or applicable law, such user can file a complaint in writing to the address listed above under “How to Contact Us” or via email to legal@harpoon.io.
We will use reasonable efforts to investigate each complaint and notify such user within a reasonable timeframe of the outcome of such investigation.
If you are located in the European Economic Area or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
If you are located in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html
13. CHANGES TO OUR PRIVACY POLICY
We reserve the right to make changes or updates to the Privacy Policy at any time and from time to time.
If material changes are made, we will provide you with notice via the Products or by other communication channels, such as by email, and by posting such new Privacy Policy on our Website and making it available via our desktop application. Please review any changes carefully.
14. COLLECTION AND USE OF CHILDRENS’ PERSONAL INFORMATION
The Products are intended for and directed to persons eighteen (18) years of age or older, or nineteen (19) years of age or older for persons residing in Alabama or Nebraska, or twenty-one (21) years of age or older for persons residing in Mississippi. We do not knowingly collect personal information from or provide Products to minors. Minors may not provide any information to or on our Website. If you are a minor, do not use or provide any information on our Website or through any of our features, register on our Website, make any purchases through our Website, or provide any information about yourself to us, including your name, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a minor, we will delete that information. If you believe we might have any information from or about a minor, please contact us at legal@harpoon.io.
15. ACCESSING AND CORRECTING INFORMATION
We respect our users’ rights to access, correct, and delete their information and update their information if it is incorrect. Users who have registered accounts with us can log into their account to access, update, or delete the information provided to us to the extent required by law. Additionally, to the extent required by applicable law, users may contact legal@harpoon.io to request access to their data (and that of their work force, as permitted by law) and to exercise any other individual rights afforded to them by the Privacy Policy or applicable data protection laws. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. Notwithstanding the foregoing, we will also seek to protect other individuals’ rights as required by law.
Users of certain states may have additional personal information rights and choices. Please see Your State Privacy Rights for more information.
16. Your State Privacy Rights
Depending on the state in which you live, you may have certain state-specific legal rights with respect to your personal information and how it is collected and processed.
Nevada Privacy Rights
We collect personal information from our users in the course of providing Products. Under Nevada law, certain Nevada consumers may opt out of the sale of certain “Covered Information”. Unless otherwise stated, we do not sell any Covered Information, as defined under Nevada law (NRS 603A.320). If any Nevada user of the Products would like to make further inquiry regarding the selling of their Covered Information, as defined under Nevada law, or would like to request to opt out of any potential future sales please contact legal@harpoon.io. Please note, we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.
California “Do Not Track” Disclosures
While some internet browsers offer a “Do Not Track” option that lets you tell websites if you want to have your online activities tracked, we are not currently configured to monitor, recognize, or respond to browsers’ “Do Not Track” signals at this time as no form “Do Not Track” standard has been adopted. Accordingly, we do not currently commit to monitoring, recognizing, or responding to browsers’ “Do Not Track” signals with respect to our Website, but will continue to monitor developments around such technology and the implementation of such standards.
