Heartbeat Privacy Policy

Last Modified: June 5, 2019

Heartbeat is dedicated to protecting your personal information.  This privacy policy (“Privacy Policy”) applies to Heartbeat Technologies, Inc. as well as any other present or future affiliated or related companies (hereinafter, variously “Heartbeat”, “we”, “our”, or “us”), and our websites, and/or any mobile versions and/or applications and any sites Heartbeat may have now or in the future (collectively, the “Services”) and outlines our principles for collecting, using and protecting personal information.    

By using the Services in any manner, you indicate to Heartbeat that you have read and accept our Privacy Policy and consent to Heartbeat’s privacy and data practices, including without limitation the collection and use of your personal information described in this Privacy Policy.  If you do not agree to and accept this Privacy Policy, then you shall not use the Services.

CHANGES AND SERVICES ELIGIBILITY

Changes to Privacy Policy.  Heartbeat may update this Privacy Policy at any time, with or without advance notice, so please review it periodically.  We will update the ‘Last Modified’ date above and may provide you additional forms of notice of modifications and/or updates as appropriate under the circumstances.  Your continued use of the Services after any modifications to this Privacy Policy will constitute your acceptance of such modifications.

Children and Minors.  The Services are not directed at children under the age of thirteen (13) and Heartbeat does not knowingly collect personally identifiable information from children under the age of thirteen (13). If we learn that we have collected personal information from a child under the age thirteen (13), we will delete such information as quickly as possible. If you believe that a child under the age of thirteen (13) may have provided us personal information, please contact us at support@heartbeat.com  By using the Services, you represent and warrant that (i) you understand that you must be at least eighteen (18) years old in order to create an account and (ii) you are at least eighteen (18) years old or a minor over the age of thirteen (13) that has provided Heartbeat legal parental or guardian consent to use the Services under such parental or guardian supervision.

INFORMATION WE COLLECT

When you use the Services, you may provide Heartbeat with two (2) main types of information (i) personally identifiable information that you knowingly choose to disclose, which is collected on an individual basis, and (ii) general user information that does not contain personally identifiable information, which is collected on an aggregate basis as you browse and use the Services. We collect information from you when you (a) use and/or access the Services, (b) register an account and/or subscribe to Heartbeat, (c) open and/or respond to our emails, (d) visit any page online that displays our content, and/or (e) contact Heartbeat.

Personally Identifiable Information you Choose to Provide

We may ask for certain personal information from you for the purpose of providing to you content and/or Services.  Such information will be shared in relation to the Services between Heartbeat and its users, such as ambassadors, businesses and brands.  Please do not provide any information that you do not want to share or do not feel comfortable providing. Please note that if you do not provide certain information, it may impact your use of the Services.  We collect personal information such as your (i) contact information (including without limitation your name, telephone number, email, address and social media handle), (ii) financial information (such as credit card number, expiration date, verification number, and billing address as submitted through our third-party payment processor), (iii) username and password (specifically chosen by you), (iv) demographic information (including age, birthdate and gender), (v) location information (such as geographic location of the device you are using), and (vi) preferences and behavior (such as record of reviews, comments, responses and questions asked).  In addition, we may receive information about you from other sources in the event you choose to sign up using a social network (such as Instagram, Facebook, etc.). Once you register, you have opted in to receive electronic communications from Heartbeat. Heartbeat may also provide you with the opportunity to participate in surveys through the Services. If you participate, we will request certain personally identifiable information. Participation in surveys is completely voluntary and you therefore have a choice whether to disclose such information.

Credit Card and Payment Information.  Please note that when your bank account information or credit card information is transmitted via the Services, it will be protected by encryption technology used by our third-party payment processor.  Heartbeat does not store credit card details and instead utilizes a third party to process payments made to Heartbeat. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers.  Rather, all such information is provided directly to our third-party payment processor and is then subject to and governed by such third-party payment processor’s privacy policy.

Information We Collect Automatically

When you access and/or use the Services, we may automatically collect information about you, including without limitation the following:

Cookies: In an effort to be transparent with our data collection practices and the technologies we use to provide the Services, the following explains how we use Cookies. We use Cookies and web log files for the primary purpose of providing the functionality of the Services. A “Cookie” is a tiny data file that resides on your computer, mobile phone, or other device, and allows Heartbeat to recognize you as a user when you return to our Services using the same device and web browser and enables Heartbeat to collect information about how you use our Services.  Information gathered through Cookies may include the date and time of visits, the pages viewed, and time spent at using the Services. If you do not agree to our use of Cookies, you should set your browser settings accordingly or do not use the Services. Heartbeat uses Cookies and web log files for the following, which may include without limitation (i) to track usage and trends, (ii) to improve the quality of the Services, (iii) to customize your experience and/or (iv) to compile anonymous, aggregated information that allows us to understand how our Services are used. Cookies are categorized by how long they are stored and their function.  The Cookies that Heartbeat uses are as follows:

  • Persistent Cookies: Persistent Cookies remain on a visitor’s device for a set period of time specified in the Cookie. They are activated each time the visitor visits the Services that created that particular Cookie.
  • Session Cookies: Session Cookies are temporary and deleted from your computer when you close your web browser. They allow Heartbeat to link the actions of a user while using the Services.
  • Strictly Necessary Cookies: Strictly necessary Cookies are essential to navigate around the Services and to use its features.
  • Performance Cookies: Performance Cookies collect anonymous data for statistical purposes on how users use the Services, they don’t contain personal information and are used to improve the user experience.
  • Functionality Cookies: Functionality Cookies allow Heartbeat to operate the Services in accordance with your choices, such as remembering you between visits.

You may remove or block Cookies by adjusting the privacy and security settings in your browser, but in some cases that may impact your ability to use our Services and/or user experience while using the Services.  By accessing or using the Services, you consent to the placement of Cookies on your device as described in this Privacy Policy.

Device Data: We use device data, which is information concerning a device you use to access, use, and/or interact with the Services, such as operating system type and/or mobile device model, browser type, domain, and other system settings, the language your system uses and the country and time zone of your device, geo-location, unique device identifier and/or other device identifier, mobile phone carrier identification, and device software platform and firmware information.

Aggregate: We may collect non-identifying and statistical information about the use of our Services, such as how many visitors visit a specific page, how long they stay on that page and which links, if any, they click on, system configuration information, and/or other interactions with the Services.  This information represents a generic overview of our users, including without limitation their collective habits. Information collected in the aggregate is not associated with you as an individual.

Analytics: We use analytic software to gather statistics and usage trends for product and service improvement purposes.  The Services may record data from your phone, tablet, or computer such as how frequently you use the Services, what actions you take and performance data.

Other Tracking Technologies: We may supplement information you provide to us with information from other sources, such as information to validate and/or update your address, payment card and/or other demographic information.  This information is used to maintain the accuracy of information on our Services. We may also use clear gifs, pixel tags and web beacons, which are tiny graphic images placed on website pages and/or in our emails that allow us to determine whether you have performed specific actions and are further used to track online movements of our users.  In contrast to Cookies, which are stored on your computer’s hard drive, clear gifs are embedded invisibly on web pages. We do not tie the information gathered by clear gifs to your personally identifiable information.

Third Party Services: To support the Services we provide to you, we may use third party products and/or services (“Third Party Services”).  These Third Party Services may collect information sent by a browser as part of a web page request, including without limitation ‘Internet Protocol’ addresses, browser software, and/or clickstream patterns.  If such Third Party Services collect information, they do so anonymously without identifying individual visitors. Heartbeat may link the information it records using tracking technology to personal information it collects.  In addition, Third Party Services may use Cookies in connection with your use of the Services.

HOW WE USE INFORMATION

General Use

We use information collected as described in this Privacy Policy to provide you with the Services and/or information and/or content that you have requested, and, in some cases, to contact you about the Services, our products, features and/or other services.  We also use the information collected to take the following actions:

  • operate, maintain and improve the Services;
  • answer questions and respond to your requests;
  • perform analytics and conduct research;
  • send you reminders, support and marketing messages;
  • manage our administration of the Services;
  • improve the design and content of the Services;
  • collect feedback from you about third-party products and/or services;
  • inform you about products, events and/or other promotional or advertising purposes;
  • use information for other purposes about which we will notify you;
  • market and share information you provide to us to the public and other users;
  • share information you provide us with other users, such as ambassadors, businesses and brands for the purposes of identifying ambassadors for campaigns or identifying potential customers;
  • share information you provide us with other users for the purposes of conducting campaigns and analysis;
  • process any transactions related to the use of Services; and/or
  • analyze the Services, programs, products and other services we offer.

The information collected in the aggregate enables Heartbeat to better understand its users use of the Services.  The information collected may also assist businesses and brands better understand their products and/or services. If you use the Services, you agree to receive certain communications from us including but not limited to the following:

Special Offers, Newsletters and Updates.  We will occasionally send you information on products, special deals, surveys, promotions and newsletters.  Out of respect for your privacy, you may elect not to receive these types of communications by contacting us at support@heartbeat.com. You may also opt out of or change settings regarding communications preferences by accessing your profile.

Customer Service.  Based upon the personally identifiable information you provide us, we will communicate with you in response to your service reviews and inquiries, to provide the services you request and to manage your account. We will communicate with you via the Services, by email, app notification, or telephone (including SMS/text messaging), as you may elect.

Communication:  Some of the information you provide will be shared with and/or visible to other users of the Services to facilitate communication between users, such as ambassadors, businesses and brands. When you sign up for an account or use certain features, you are opting to receive messages from other users, brands, and Heartbeat. You can manage some of your messaging preferences by adjusting settings in your profile or contacting us, but note that you cannot opt out of receiving certain administrative, transactional or legal messages from us.  We may not deliver messages that we believe are objectionable, such as spam or fraudulent messages. If you are a representative of a business or brand listed with Heartbeat or signed up to use Heartbeat services as an ambassador, we may contact you, including by phone, app notification, text message or email, using the contact information you provide us, make publicly available, or that we have on record for your business.

Businesses and Brands on Heartbeat: Heartbeat may share information from you and about you with other users, such as sharing information about ambassadors with businesses and brands.  When you choose to follow certain businesses and brands on Heartbeat, or choose to apply for or opt into a campaign, the businesses and brands will have access to the information you provide to Heartbeat, including survey data.  Businesses and brands may see public activity, posts and reviews from ambassadors and may receive information from or about ambassadors when ambassadors follow or communicate with businesses and brands through the Services or otherwise. Please do not answer survey questions or provide data to Heartbeat if you are not comfortable sharing data with the brands you follow or engage with on the platform.

Parties with whom we may share your information:

Service Providers.  We may share your personally identifiable information as well as information from tools like Cookies, log files, and device identifiers and location data (such as usage data, referring/exit pages and URLs, platform types, number of clicks, etc.), with employees, contractors, and/or agents that help Heartbeat provide the Services to you (“Service Providers“). Our Service Providers will be given access to your information as is reasonably necessary to provide the Services.  We will not share your personally identifiable information in ways unrelated to those described in this Privacy Policy without providing you with an opportunity to opt out of such use or otherwise prohibit such unrelated use.  Certain Service Providers will automatically collect non-identifying information about your use of the Services by using Cookies and other technologies as similarly used by Heartbeat.

Compliance with Laws.  Heartbeat will not disclose your personal information to third parties except as set forth in this Privacy Policy and in the following circumstances (i) to investigate and defend Heartbeat and/or its users against any third party claims and/or allegations and/or otherwise to protect Heartbeat from liability, (ii) to investigate, prevent and/or take action regarding suspected and/or actual illegal activities, (iii) to assist government enforcement agencies, respond to a legal process and/or comply with the law, (iv) to exercise or protect the rights, property and/or personal safety of the users of the Services and/or (v) to protect the security and/or integrity of the Services.

Business Transfer.  If we sell or otherwise transfer part or all of Heartbeat or our assets to another organization (i.e. in the course of a transaction such as a merger, acquisition, bankruptcy, dissolution, liquidation, etc.), your information such as name and email address, user content and/or any other information collected through the Services may be among the items sold and/or transferred.

INFORMATION CHOICES

Your Information Choices

We respect your privacy and give you an opportunity to opt out of receiving announcements of certain information.  Although we think that you benefit from a more personalized experience when we know more about you and what you like, you can limit the information you provide to Heartbeat, and you can limit the communications that Heartbeat sends to you.  If you visit the Services and volunteer personally identifiable information, you can opt out of receiving notifications, and you may review, modify, update, and/or delete such personally identifiable information by contacting and/or by changing your preferences on the Services.  Please be aware that even after your request for a change is processed, Heartbeat may, for a time, retain residual information about you in its backup and/or archival copies of its database, and reserves the right to access and utilize collected user data in the future. Please be aware that we may still email you non-commercial emails related to your account and your transactions through the Services.  Following termination and/or deactivation of your account, Heartbeat may retain collected information and data for a commercially reasonable time for backup, archival, and/or audit purposes, and reserves the right to access and utilize collected user data in the future. In some cases, if you choose not to provide Heartbeat with requested information, you may not be able to use and/or access all of the Services.  

Your California Privacy Rights

Under California Consumer Privacy Act (“CCPA”), California residents are entitled to receive the right to access and obtain a copy of their personal information. You may write us and ask for records of any and all personal information. The CCPA requires businesses to disclose (i) the categories of personal information the business collected about you, (ii) the categories of sources from which personal information is collected, (iii) the business or commercial purpose for collecting or selling personal information, (iv) the categories of third parties with whom the business shares personal information, and (v) the specific pieces of personal information the business has collected about you. To obtain such information from Heartbeat, please send a written request to us at the following address: Heartbeat Technologies, Inc., Attn: Legal Department – CCPA Request, 1507 7th Street, #441, Santa Monica, CA 90401.  Heartbeat will provide such information within thirty (30) days after Heartbeat’s receipt of such request.  This request may be made no more than two (2) times per calendar year. We reserve the right not to respond to requests submitted in ways other than specified above.  The following exceptions may prevail with respect to fulfillment of data access requests (a) Heartbeat may not provide personal data to you, if management determines that we cannot identify you in our systems because the data we have has been de-identified to the extent that identification is not possible; and/or (b) Heartbeat may not provide personal data to you if you are involved in a civil or criminal proceeding with Heartbeat.

Information You Share

The Services may allow you to share your actions, content and information publicly and/or with other users.  We are not responsible for maintaining the confidentiality of such information. The Services may also allow you to connect with us on, share on, and use third-party websites, applications and services.  Please be mindful of your personal privacy needs as you choose what to share and make public. As a reminder, we do not control the privacy practices of third parties, so please contact such third parties to learn more about their privacy practices.

SECURITY

We use commercially reasonable efforts to secure your personal information from unauthorized access to and/or unauthorized alteration, disclosure and/or destruction.  Heartbeat has adopted appropriate physical, electronic and managerial procedures to safeguard and secure the personal information we process. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. Your account is protected by password for your privacy and security.  We periodically review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. Because the internet is not a completely secure environment, Heartbeat cannot warrant the security of any information you transmit to Heartbeat or guarantee that information on the Services may not be accessed, disclosed, altered, and/or destroyed by breach of any of our physical, technical and/or managerial safeguards.  Please do your part to help Heartbeat. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to emails between you and Heartbeat, at all times. Please limit your access to your computer and/or mobile device and/or browser by signing off after you have finished accessing your account. We are not responsible for the functionality, privacy and/or security measures of any other organization.

LAWS OF THE UNITED STATES

Please be aware that the Services are subject to United States laws, including those governing privacy and security of your information.  By using the Services, you agree and consent (and represent that you have the authority to provide such consent) to the information collection, use and sharing practices described in this Privacy Policy and understand that the laws of the United States and other countries and territories related to the foregoing may differ from those of other countries and may not be as protective as the laws in the country where you reside.  Regardless of the laws in place in such countries, we will treat the privacy of your information in accordance with this Privacy Policy.

OTHER WEBSITES AND SERVICES

We are not responsible for the practices employed by any websites and/or services linked to and/or from the Services, including the information and/or content contained therein.  Please remember that when you use a link to go from the Services to another website and/or service, our Privacy Policy does not apply to such third-party websites and/or services. Your browsing and interaction on any third-party website and/or service, including those that have a link on the Services, are subject to such third party’s own rules and policies. In addition, you agree that we are not responsible and do not have control over any third-parties that you authorize to access your personal information. If you are using a third-party website and/or service and you allow them to access your personal information, you do so at your own risk.

LANGUAGE

The governing language of this Privacy Policy is English, which shall prevail over any other languages used in any translated document.

HOW TO CONTACT US

If you have questions and/or comments about this Privacy Policy, please email us at support@heartbeat.com.