Dated July 22, 2022
What we collect
We collect information you provide by completing forms on our website. If you provide additional content through social media about our business, we may link this information with your personal information.
We collect information about the pages you visit and how you access and use our website using cookies and third-party analytics tools (e.g. log files, event data, GPS data, clear gifs and scripts). This information includes information about the device(s) you use to access the websites including unique device identifiers, IP address, operating system, browser, internet service provider, referring/exit pages, clickstream data and cookies. Depending on your device settings, we may also collect information about your geographical location.
Depending on the products or services that your institution hires us to perform, we may collect the following types of identifiable information either from your institution or from you directly: your email address, home address, student ID, student record data and financial aid information.
Why we collect your personal data
We collect your personal data to sell or provide our services to you or the institution. If you fill out and then send us the completed web form, we use the data you provide to contact you to sell you our services or for whatever purpose you filled out the form. If you send us a login and password to access our services, then we collect that information. We may need to use your personal data for other access and authentication, such as other dashboards and services we may provide in the future. If you are a business and you are concerned about the data we store on your behalf, you may request deletion of such data at any time (although deleting any data may result in poor functioning of the service).
How we use your personal data
We use personal data to deliver the services to you or to communicate with you or to try to sell you our services. If you want to opt out, you always have that right. If at any time you need to contact us, please use this email address firstname.lastname@example.org.
How We Use Log Files
HAI follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Who we share your personal information with and why
We do use service providers, such as Alteryx, Microsoft Office and Tableau, so they have access to the data we process on your behalf and you can read all about their security on their website. We also enlist the services of independent contractors to help us with the operation of the business. Eventually, we may use other tools and we intend to update this statement when we do. We do comply with law and any valid legal requests, such as subpoenas etc. We will seek to contact you first if the subpoena or other legal request pertains to your personal data and we will also seek to limit the scope of any response. If we are unable to reach you by the deadline, then we may share your personal data without your knowledge. We may also disclose your personal information if we believe it is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of HAI, our customers, users, employees, or others. We reserve the right to sell the company. In that case, we may sell, transfer or otherwise share some or all of our assets, including your information, whether personally identifiable or not, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Retention of Personal Data
If you are a customer, you have control over the information you provide to us and may delete it or transfer it to another provider at any time. However, we will still retain some information about you such as the original contracts between you and us, payment history, invoice history, performance metrics, emails, texts and case studies on your use of our services. We may also retain copies of your data in our backups until the backups are purged. Contact us at email@example.com for more information or to discuss options.
The California Consumer Privacy Act (“CCPA”) is a comprehensive privacy law that took effect on January 1, 2020. The CCPA creates several new rights so individuals may control access and use of their personal information. These include the right to access or delete personal information collected by a business and the right to opt out of a “sale” of their personal information. However, transfers to “service providers” are not considered “sales.” HAI is a “service provider” as defined under the CCPA. HAI does not sell personal information. HAI does (a) engage other service providers as subcontractors, where the subcontractor also meets the requirements for a service provider under the CCPA; (b) use personal information for providing the services and for internal use by HAI to build or improve the quality of our services, but that use does not include building or modifying household or consumer profiles, or cleaning or augmenting personal information acquired from another source; © use personal information to detect security incidents; and (d) use personal information to protect against fraudulent or illegal activity or for reasons specified in CCPA, subsections 1798.145(a)(1) – (a)(4) (e.g., to comply with laws).
The European Union (“EU”) privacy regulation, the General Data Protection Regulation (“GDPR”), went into effect on May 25, 2018. The GDPR impacts companies located in the EU or when they are processing data of EU residents, among other criteria. The principles of GDPR include putting the data subject in control of their data, providing them with access and correction rights, minimizing data collection, securing the data and maintaining accuracy of the data.
As of the date written above, HAI does not have any EU offices but it will enter into standard contractual clauses for the processing of personal information provided to us for the provision of services. As of July 16, 2020, the CJEU invalidated the Privacy Shield. We are aware that those outside of the United States may be interested in our services. Under GDPR, we are considered a processor since the information we process is collected by our customers. If you do reside outside of the United States, all our technology service providers are located in the United States.
Our website is not targeted at children. If you are a child or you attend an institution where you believe your data has been sent to us, please contact us.
We will post changes on this website with a corresponding date of the change. If you have specific questions about a change, you may also email us at firstname.lastname@example.org.