Unless otherwise stated, this Policy describes and governs the information collection, use, and sharing practices of Heroify with respect to your use of our website (https://heroify.co) and the services (“Services”) we provide and/or host on our servers.
If you do not agree to this Policy, please do not use our Services.
Heroify has designed this Policy to be consistent with the following principles:
We collect information in multiple ways, including when you provide information directly to us; when we passively collect information from you, such as from your browser or device; and from third parties.
We will collect any information you provide to us. We may collect information from you in a variety of ways, such as when you: (a) create an online account, (b) contact us or provide feedback, or (c) subscribe to our newsletter. This information may include but is not limited to your name, surname, email address, phone number, your IP and connection time, and your geographic location. If you complete our online tests, we may also process other information like your answers provided to the test available in our Service and its results, however we will do so as a data processor and on behalf of the company that arranged the test for you.
We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Cookies and Other Tracking Technologies
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Cookies placed in the Service User’s end device may also be used by entities cooperating with us, in particular: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA), HotJar (HotJar Ltd based in Malta).
We may use the information we collect from and about you to:
We may aggregate and/or de-identify information collected through the Services and use such data for research and marketing purposes.
Activities involving automated decision-making, including profiling, may be undertaken in relation to you for the purpose of providing services under the contract concluded and for the purpose of direct marketing by the data controller.
We use remarketing techniques to match advertising messages with the user’s behaviour on the website, which may give the illusion that the user’s personal data is being used to track the user, but in practice no personal data is transferred from us to the advertising operators. A technological prerequisite for this is that cookies are enabled.
We use a solution to study user behaviour by creating heat maps and recording behaviour on the website. This information is anonymised before it is sent to the operator of the service so that the operator does not know which natural person it relates to. In particular, typed passwords and other personal data are not recorded.
We also use a solution which automates the operation of the Website in relation to users, e.g. it may send an e-mail to the user after he/she visits a particular subpage, provided that he/she has consented to receive commercial correspondence from us.
We may transfer your data to entities processing the data at our request, but only for the purpose and within the scope necessary to perform the above mentioned purposes. This applies to such groups of recipients:
We may disclose your information to any third parties based on your consent to do so. We may also disclose de-identified and/or aggregated data for any purpose to third parties, including advertisers, promotional partners, and/or others.
Our legal grounds for processing your personal data are as follows:
Much of our processing of information is to meet our contractual obligations to provide services to our users.
In many cases, we handle information on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals, these include:
We may also process information for the same legitimate interests of our users and business partners.
We may need to use and disclose information in certain ways to comply with our legal obligations.
Where required by law, and in some other cases where legally permissible, we handle information on the basis of consent. Where we handle your information on the basis of consent, you have the right to withdraw your consent; in accordance with applicable law.
You have various rights with respect to the collection and use of your information through the Services. Those choices are as follows:
You may unsubscribe from our marketing emails at any time by clicking on the “unsubscribe” link at the bottom of each newsletter or by emailing email@example.com with your request.
If you have registered for an account with us through our Services, you can update your account information or adjust your email communications preferences by logging into your account and updating your settings.
You have the following legal rights (subject to applicable exceptions and limitations):
To exercise these rights, please email us at firstname.lastname@example.org with the nature of your request. You also have the right to go directly to the relevant supervisory or legal authority, which for Poland would be Prezes Urzędu Ochrony Danych Osobowych, but we encourage you to contact us so that we may resolve your concerns directly as best and as promptly as we can.
Whilst no data transmission over the internet or any other network can be guaranteed as 100% secure, we take all reasonable steps to safeguard the personal data we hold. We have implemented technical, physical, and organisational security measures to protect against the loss, misuse, and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store.
We will delete the non-active users accounts if there is no activity at those accounts for at least a year since last log in. Users may also request deletion of their account at any time through a request sent to email@example.com. Following an account deletion request, we delete the user’s account and data within 3 months, unless they must be retained due to legal or regulatory requirements, for purposes of safety, security, and fraud prevention, or because of an issue relating to the user’s account such as an outstanding credit or an unresolved claim or dispute.