Privacy policy.
Effective date: 04/30/2024
Our Privacy Policy describes the information collection practices of hdln’s corporate website and the proprietary technology that we use to perform services for our customers.
Introduction
hdln is a technology company that aggregates data from leading workplace applications and provides a dashboard of actionable insights for individuals and teams.
Following a one-time configuration by a hdln end user, over the course of each day, hdln runs in the background, making periodic API calls to specified applications. At a date and time designated by the hdln end user, e.g., 6 PM EST on Fridays, an email is sent with a link to that week’s hdln, a data-driven visualization capturing the week’s activities.
Hdln has prepared this Privacy Policy to describe our practices regarding the information we collect from:
Visitors to our website located at www.getheadline.io (the “Corporate Website”), including all subdomains, and
Users who connect to, access and use hdln’s personal analytics reporting and functionality (the “hdln Service”) using a desktop or laptop PC, mobile phone, tablet, or other connected device.
This Privacy Policy does not describe the information collection practices of any applications that our end users connect to their hdln accounts. We recommend that you refer to the privacy policies of the applications that you connect to via hdln to learn about their information collection practices.
Changes to this Privacy Policy. Hdln will update this Privacy Policy to reflect changes to our practices. We will post all Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice. The Privacy Policy posted on this page will say when that version went into effect. If you visit the Corporate Website or use the hdln Service after a change, then you will have accepted hdln’s new Privacy Policy. You are advised to review our Privacy Policy periodically for any changes.
A. Corporate Website at www.getheadline.io
INFORMATION COLLECTED BY THE CORPORATE WEBSITE
Our Corporate Website provides information about our company, business, and the services we provide. It is also the portal used by our customers to access their hdln dashboard.
The Corporate Website collects Personal Data, Usage Data, and Tracking Data when you visit the site at www.getheadline.io. As used in our discussion about the Corporate Website in this Section A:
“Personal Data” is the information about an individual that can be used to identify that individual. If you access the Corporate Website from the EEA, Switzerland, or the UK, we use a different definition of Personal Data to comply with the General Data Protection Regulation (GDPR).
“Tracking Data” is the information collected by cookies and similar tracking technologies (e.g., pixel tags, web beacons, or scripts) that we use to keep track of visitor activity on the Corporate Website. (Note that the Tracking Data collected by the hdln Service is different, and is discussed in Section B.)
Cookies are small files that contain a small amount of data, typically including a unique identifier. They are generally placed on your browser by a website or other browser-based service. Our Corporate Website uses cookies.
“Usage Data”, in the context of the Corporate Website, is the information that your browser sends to hdln’s servers when you visit the Corporate Website.
As with other Internet services, our web servers gather information automatically each time your browser or device interacts with the Corporate Website, and store that information in “log files.” The information stored in our web servers’ log files includes information that we call Personal Data, Usage Data and Tracking Data, and that we describe more fully in the following sections.
Note for visitors who access the Corporate Website from the EEA, Switzerland, or the UK:
Personal Data. In the EEA, Switzerland and the UK, Personal Data is defined differently than in the U.S., and means a variety of data that identifies or can identify a particular unique user or device (e.g., names, addresses, cookie identifiers, mobile device identifiers, precise location data and biometric data). For visitors who access the Corporate Website from the EEA, Switzerland, or the UK, elements of Usage Data and Tracking Data – such as a visitor’s full Internet Protocol (IP) address, and the information that we associate with a unique identifier (like a cookie or other tracking technology) – are Personal Data under the General Data Protection Regulation (GDPR).
Legal grounds for processing your Personal Data when accessing the Corporate Website. For visitors who access the Corporate Website from the EEA, Switzerland, or the UK, we process your Personal Data for the purposes set out in Section 2.a.a., on one or more of the following legal grounds:
You provided your consent;
It is necessary for our contractual relationship;
The processing is necessary for us to comply with our legal or regulatory obligations; and/or
The processing is in our or a relevant data controllers’ legitimate interest, for instance, where we use data to protect the security and integrity of our systems and to provide services or other benefits.
Your Data Protection Rights under the California Online Privacy Protection Act (CalOPPA)
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. See more at:
ABOUT PERSONAL DATA
a. Personal Data Collected by the Corporate Website. Personal Data includes your name, email address, postal address, and telephone number. It also includes any information that we have associated with your Personal Data.
The Corporate Website collects Personal Data from you when you engage in any of the following:
Request information about a product or service on the Corporate Website.
Register on the Corporate Website for emails, newsletters, or other communications.
As an employee or authorized agent of hdln, use a login account on the Corporate Website to access the customer dashboard for the hdln Service.
We may combine Personal Data that you submit on or through the Corporate Website with information that we collect from and about you from other sources, offline and online.
b. How We May Use Personal Data. We use the Personal Data that you provide on the Corporate Website for the following activities:
Provide the services that you request.
Send you administrative information, including information regarding changes to the Corporate Website’s terms, conditions, and policies.
Personalize your experience on the Corporate Website (including through the use of cookies and similar technologies).
Send you messages that you request.
Target you to receive ads and other marketing messages from us about the hdln Service.
For our business purposes, such as data analysis, audits, developing new products, enhancing the Corporate Website, improving our services, and identifying usage trends and determining the effectiveness of our marketing.
As we believe appropriate (a) to comply with applicable law and legal process, including to respond to valid requests by public authorities (e.g., a court, government agency, or law enforcement), (b) to enforce our terms and conditions, (c) to prevent or investigate possible wrongdoing in connection with the Corporate Website, hdln technology or the like, (d) to protect our operations or those of our affiliates, (e) to protect our rights, property, privacy, safety, or that of our affiliates, you or others, or (f) to allow us to pursue available remedies or limit the damages that we may sustain (these purposes, collectively, the “Compliance Purposes”).
c. When We May Disclose Personal Data. The Personal Data that you provide to the Corporate Website may be disclosed:
Service Providers. To our third-party service providers who provide services such as hosting, data analysis, IT infrastructure, IT services, customer service, email delivery, payment processing, billing and collections, data enhancement, order fulfillment, auditing, security, fraud, and other services to enable them to provide such services. These third parties have access to your Personal Data only to perform these tasks on our behalf.
Transfer of Business. To a third party to which we have transferred our business, assets, or stock if hdln is involved in a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of some or all of our business, assets or stock, including during due diligence related to any such transaction (and also including in connection with any bankruptcy or similar proceeding).
As we believe appropriate for Compliance Purposes.
d. How Long We Retain Personal Data. We retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required for the security or integrity of the Corporate Website, or to comply with our legal obligations, resolve disputes, or enforce our legal agreements or policies.
e. No Sensitive Information. Please do not disclose through the Corporate Website any sensitive Personal Data (e.g., social security numbers, detailed financial information, health information, information related to racial or ethnic origin, political opinions, religion or other beliefs, criminal background, or trade union membership).
f. About Usage Data and Tracking Data
a. Usage Data and Tracking Data Collected by the Corporate Website. The Usage Data and Tracking Data collected by the Corporate Website include:
i. Information collected through cookies, pixel tags and other tracking technologies.
ii. Browser type and version.
iii. Your Internet Protocol (IP) address.
iv. If you are accessing the Corporate Website through a mobile phone, tablet, or other connected device: the type of device, unique device ID, device IP address, device operating system, and diagnostic data.
v. Information about how you interact with the Corporate Website, such as the date and time of your visit, the pages that you visit, and the time spent on those pages.
vi. Other aggregated information.
b. How We May Collect Usage Data and Tracking Data. Usage Data and Tracking Data are collected by the Corporate Website:
i. When your browser or device sends it. Standard information is sent by most browsers. This information includes your device type, screen resolution, operating system version, and Internet browser type and version.
ii. Through web technologies. We and our service providers may use cookies, pixel tags, web beacons, and other similar technologies to, among other things, facilitate your ongoing access to and use of the Corporate Website, present you with more tailored information about our products and services, and collect and store information about your use of the Corporate Website.
iii. When you volunteer it. You may volunteer demographic information, as well as other information, such as your preferred means of communication.
iv. Through activity reports. Information about how you interact with the Corporate Website is collected with every visit, and is used to determine usage levels, diagnose server problems, and operate and maintain the Corporate Website.
v. By aggregating information. We may aggregate or de-identify information collected by the Corporate Website.
c. How We May Use and Disclose Usage Data and Tracking Data. We may use and disclose Usage Data and Tracking Data collected on the Corporate Website for any purpose permitted by applicable law.
Note: If we are required by law to treat any element of Usage Data or Tracking Data as Personal Data, then we will handle those elements as Personal Data. If we combine any Usage Data or Tracking Data with Personal Data, we will treat the combined information as Personal Data as long as it is combined.
YOUR CHOICES ON THE CORPORATE WEBSITE
a. Your Choices Regarding Cookies. If you do not want cookies on the Corporate Website to collect information about you, there is a simple procedure on most devices that allows you to decline the use of cookies. To learn more about cookies, please visit www.allaboutcookies.org/. However, if you choose to decline cookies, then some or all of the features, functionality and promotions available through the Corporate Website may not be available to you.
b. How You Can Access, Change or Delete the Personal Data About You Collected by The Corporate Website. If you have a login to the Corporate Website (i.e., you are a hdln customer), log into your account to make changes to the Personal Data we have on file for your account. If you do not have a login to the Corporate Website (e.g., a prospective customer or a website visitor) and would like to access, change, or delete the Personal Data that you have previously provided to the Corporate Website, contact us by emailing us at hello@hdln.io to make the requested changes. We will comply with your request as soon as reasonably practicable. If you have requested that some Personal Data be deleted, note that we may need to retain some of the information for backup or Compliance Purposes. In addition, there could remain residual traces of the deleted Personal Data in our databases and other records. We are not responsible for changing or deleting information from the databases of third parties that have previously accessed your information.
c. Your Choices Regarding Use of Your Personal Data. You may opt out from receiving marketing-related messages from us either by using the unsubscribe mechanism provided in the message or by emailing us at hello@hdln.io. If you opt out from receiving marketing-related messages from us, we may still send administrative messages to you. You cannot opt out from receiving administrative messages.
Service Providers We use third party companies and individuals to provide services and functionality for the Corporate Website. These service providers may have access to your Personal Data in order to perform tasks on our behalf (e.g., to send you information that you request or that we believe is of interest to you).
Transfer of Information. As hdln works with global companies and technologies, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who are likely located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Note for visitors who access the Corporate Website from the EEA, Switzerland, or the UK: If we transfer Personal Data outside of the EEA, Switzerland or the UK, we will take steps to make sure that appropriate safeguards are in place to protect your Personal Data.
B. The hdln Service
INFORMATION COLLECTED BY THE HDLN SERVICE
The hdln Service allow you to connect with various third-party applications. To connect with third-party applications, you must have an account with each third-party application you integrate, and the Services will require you to authenticate with each application. We will store the login credentials for each third-party application that you authenticate to allow us to continue to provide the Services. When you enable the Services, the third-party applications you integrate will provide us with access to the information you provided to the third-party application. When you integrate third-party applications, we will collect the information that is necessary to enable access to the third-party application and any data or content contained within the third-party application required to affect the action or command. We allow you, or your account administrator, to delete or export your account data by logging in to your account and deleting or exporting account data. If you have any questions about deleting or exporting account data, please contact hello@hdln.io.
Categories of Information We Collect
Information You Provide Us
When You Create an Account
Content or Information You Provide in the Services
Content You Provide Through Our Site
Other Information Sources
a. Information You Provide Us: When you sign up to create an account in the Service, download content from the Site, fill out a form or survey or respond to communications, you provide us with information like your name, email address, address, company, phone number or other information. You may provide comments, communications, feedback, ratings, or other information when you use the Services.
b. When You Create an Account: When you create an account, you provide us with your account registration and profile information (name, email address, company, and similar information). We automatically track certain information about your use of the Services. We collect information about you when you login and how you interact with the Services, the features you use, clicks, log information about your use of the Services, and how you interact with other users.
c. Content or Information You Provide in the hdln Service: The hdln Service allow you to connect with various third-party applications that you use. When you use the hdln Service, information or content is transferred from one or more third-party application to hdln. We collect the information that is transferred from the third-party applications. Other users may provide information about individuals when they submit content or information through the hdln Service. Users may also provide information about their teammates, including name and email address, to invite teammates to use the hdln Service. Similarly, an administrator may provide your contact information if they designate you as a user, the billing contact, technical contact, or administrator. You or your administrator may integrate the hdln Service with third-party applications. In such case, we will receive information that allows us to identify your account within the third-party applications (like name, email address, phone number, tokens, or other identifying information), the log data, content, and device information. The information or content we receive from your organization is subject to your organization’s privacy policies. When you integrate our Services with a third-party application, the information we receive depends on the settings, permissions, and privacy Statement controlled by that third-party application.
d. Content You Provide Through Our Site: If the Site or our social media platform pages allow you to upload content or information, we will collect the content or information you upload. For example, when you provide feedback, participate in any interactive features, surveys, contests, promotions, sweepstakes, activities, or events, you may provide us information or content.
e. Marketing Information: We receive information about you directly from you when you engage with the Site and automatically when you engage with the Site or open or click the emails we send you. We receive information from third-party sources like lead generation providers, content sponsors, event sponsors, or social media platforms. The information we collect from third-party sources may include marketing or demographic information, contact information (name, email, company, address, job title), information about your profile on those platforms, or information about purchasing intent. We may combine this information with the information we collect.
f. Payment Processing Information: When you create a paid account within the hdln Service or otherwise initiate a transaction with us, we will use a third-party payment processor to process the payment. We do not collect your credit card number, expiration date, or pin number. The transaction details we retain are those details that allow us to verify that you paid for the Services or transaction, including price, currency, date of payment, payment method, name, and account name. We will combine that information with your account information.
g. Technical, Device, and Connection Information: When you use the hdln Service or interact with our Site, we automatically collect information about the device you use to access the Site or Services. When you interact with our branded social media sites, the social media platform automatically collects information and provides it to us. This information includes information that identifies you and connection type, settings, operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data.
h. Other Information Sources: We receive information about you from other sources like third-party service providers, public databases, and our business and channel partners. This information may include business contact information, address, job title, email address, phone number. We may combine this information with information we collect through other means.