H4 PRIVACY NOTICE

Thanks for using H4! We collect data when you use H4’s services or interact with us. Here we describe how we collect, use, and handle your personal information.

What does this notice cover?

This notice applies to H4’s online documentation platform (our “Service”), H4’s corporate website at hfour.com (the “Website”) and other interactions (for example, when we provide you with customer support) you may have with H4.

This notice does not apply to information collected and controlled by third parties, third party websites, or content or applications of third parties, including any that may be linked to or accessible from or on our Service or Website.

What information do we collect?

We collect and process the following information:

How do we use this information?

We process this information for the following purposes:

As required by European Union law, where we process your personal data, as described above, we rely on certain legal grounds for doing so, depending on what processing we carry out and our relationship with you. These are as follows:

Objecting to marketing

We may from time to time send you marketing messages via email. You have an absolute right to opt-out of receiving such messages, and to object to any profiling we carry out for direct marketing, at any time. You can do this by following the instructions in our marketing emails, or by contacting us at privacy@hfour.com.

Who will we share this data with, where and when

In connection with the purposes identified above, your personal data may be transferred outside the EEA to the USA or the Republic of Macedonia. Where information is transferred to H4 group companies in these jurisdictions, H4 has an intra-company agreement incorporating the EU Commission approved standard contractual clauses. Where information is transferred to a stakeholder, service provider or other vendor in these jurisdictions, or any country outside the EEA that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or a vendor’s Processor Binding Corporate Rules.

Cookies and similar technologies

A cookie is a small text file that is stored on your computer or device when you access our service. We use cookies on the Website and Service in order to collect the information described above, and also to remember your settings and for authentication. You can manage the use of cookies through your browser. You may still use some areas of the Website and Service if you reject cookies, but it will limit your ability to use certain other areas of the Website and Service. You may learn more about our use of cookies at our Cookie Notice, which you can view here.

The Website and Service do not respond to “do-not-track” requests or similar browser settings.

Children’s Privacy

Our services are not intended for children, as children are defined by applicable local law, and we do not knowingly collect or solicit personal information from children. If we learn that we have collected or received personal information from a child, we will delete that information. If you believe that we may have any personal information about a child, please contact us as provided in this notice.

What rights do I have?

The rights described in this section are applicable to you if you reside in a jurisdiction where the provision of such rights are required by the applicable data protection and privacy laws in your jurisdiction . As such, where required by applicable law or regulation, you have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share this data to another controller. If you are a registered user of our products or services, you may also review and change your personal information on your account profile page.

In addition, you can object to the processing of your personal data in some circumstances where our processing is based on the performance of a task carried out in the public interest or the processing is necessary for our or a third party’s legitimate interests.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.

To exercise any of these rights, you can get in touch with us using the details set out below. If you have unresolved concerns, you have the right to complain to a data protection authority where you live, work or where you believe a breach may have occurred.

For the provision of information marked as mandatory on the sign-up page when you register to use the service, if such information is not provided, then you will not be able to use the service. All other provision of your information is optional. If you do not provide such information, our provision of certain services to you may be detracted from.

How long will you retain my data?

We store data until it is no longer necessary to provide our services. This is a case-by-case determination that depends on things such as the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. Some personal data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time. For example:

Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include security, fraud & abuse prevention, financial record-keeping, complying with legal or regulatory requirements (for example, if H4 receives a lawful subpoena), ensuring the continuity of our services, and when there have been direct communications with H4.

We try to ensure that our services protect information from accidental or malicious deletion. Because of this, there may be delays between when you delete something and when copies are deleted from our active and backup systems.

How do I get in touch with you?

If you have any questions or concerns about how we process your data, please contact us at privacy@hfour.com.

Which H4 entity is my data controller?

Any personal information provided to or gathered by H4 is controlled by Vanilr Limited (c/o Horizon Accounts Limited, Stapleton House, 110 Clifton Street, London EC2A 4HT, UK), H4 Services Dooel (Orce Nikolov 146b, 1000 Skopje, Macedonia) or H4 Services Inc (300 Delaware Avenue, Suite 210-A, Wilmington, DE 19801, USA). For more information on who is considered the specific data controller in connection with the collection of your personal information please contact us at privacy@hfour.com.

Changes to our privacy notice

We may change this privacy notice from time to time to reflect changes in the law or regulation, our information practices, our services, or our operational requirements. Depending on the type of change, we may notify you by updating this page or by email. We encourage you to periodically review this page to learn of any changes we have made.

Last modified: 25 September 2018