- Information We Collect from You Directly
- Information We Gain from Our Customers
- How We Share Information
- Security of Your Data
- Access to Your Information, Correction and Right to Be Forgotten
- Legal Interception and Retention Period
- Cookies and Analytics
- Our Policy Towards Children
- How to Contact Us
Information We Collect from You Directly - HORISEN as Data Controller
When we collect some personal data from you directly we are acting as Data Controller. Here you can see how, for what purposes and what personal data we collect from you: when you fill out our Contact Forms, register to our Newsletter, contact us directly or register to our services. In section that considers Security of your data you can find out where we store and how we protect your data. For any of these situations we are highly determined to guarantee security and appropriate use of your data.
Contact FormsWhen you fill out our Contact Form on any HORISEN’s website, either to ask us something about our products or to request a recall or offer, you are providing us with your personal data like: e-mail address, first name, last name, etc. We will use this data only to provide you with appropriate answer and to give you adequate update regarding our products. Depending on subject of your request, we might ask you to fill out some additional fields, like company name, to assure that you are legitimate potential customer.
NewsletterIf you want to subscribe to our Newsletter we will need to collect your e-mail address. We will use your e-mail address for sending you our Newsletter information and give you proper update regarding our products and services and to inform you about any news that could be of interest to you as our subscriber.
Direct contactWhen you ask for assistance from our Customer Support team, or make any kind of direct contact with us, we may collect and store contact information you provide (generally your name and e-mail address), as well as information about your usage of HORISEN Services so that we can appropriately respond to inquiries. We will also store the correspondence and any related information.
Registration to our servicesIn the process of creating your account, we collect and store your personal data which are then bound to your user account. This process is led and managed by our Customer Support team. For the purposes of security issues mitigation and auditing, in case that some problem occurs, we also track changes you make in your account during the usage of our services. When you create or confirm activation of your account on any of our websites, we will collect and store your personal data in order to provide you with requested service. All collected data will be used only for the purposes of providing you specified service and appropriate support.
Media agency servicesHORISEN GROUP also acts as a media agency and provides digital ad control services via Google Adwords, Bing, Facebook and other channels. Furthermore, we organize and detain workshops for small and medium-sized enterprises with the goal to support them in growth hacking and digital transformation. In the case that you are interested in our services you get in touch with us via e-mail, telephone or via contact form on our web page. We need your personnel data to share our offer with you and subsequently to create a contract. For this purpose, we use only data which you have delivered in the context of your service request, which includes in the normal case company name, address, contact persons, telephone numbers, e-mail, etc. All Ad – Accounts and analytics tools are created in cooperation with you. You/Your company is owner of these accounts. We use data from these tools only to control these accounts and to create and share reports and analysis with you. All these data will be stored on a protected data storage and will not be used for other purposes. We need your personnel data to share our offer with you and subsequently to create a contract. Furthermore, we use your personnel data to keep in contact for the ongoing support and also to share reports and analysis with you. All these informations about you and your company are saved in a protected digital document, and all signed contracts are stored in a locker physically.
Job Applications and HREvery time you apply for a position in HORISEN, we collect, process and store your personal data, including: your e-mail address, name, surname and information in your CV, during selection process period. Personal data you sent us, either using our application form or sending your application to our job application e-mail address, will be only used for potential employment purposes. After selection process is finished, we will store your data during six months period in case there is another suitable position for you. After that period your personal data will be erased from our systems. We also collect and store personal data of our employees, both on our servers and hard copy due to legal obligations.
Information We Gain from Our Customers - HORISEN as Data Processor
In accordance with our Data Protection Agreement we process personal data obtained from our customers only to provide requested service and appropriate support. In these cases, we act as Data Processor. Our customers are Data Controllers and they have provided us with personal data they collected lawfully as regulated in our Terms of Services. For providing Bulk SMS, Winning, Voting, MNP, SMS Collector/Reply and IVR we only require and process data subjects’ phone numbers. Some additional personal data (name, surname, e-mail address, address, etc.) can be obtained and processed for iCard and nGage services. We store and process our customer’s personal data in our ISO 27001 and PCI DSS certified data center in Zurich and we do not transfer any data outside EEA area, unless it is specifically requested by our customer for personal data they are responsible for.
How We Share Information
In some cases we might share personal data and information we colected or we gained from our customers, as described in previos sections of this Policy. In this section we provide you with information in which cases and to whom we provide personal data and what we do in order to maintain privacy of shared data.
HORISEN GROUPHORISEN GROUP is a group of companies that are processing, either collected or customers’ personal data, for providing mutual services. HORISEN GROUP members apply the same information security and privacy measures following ISO 27001 ISMS and GDPR related security and privacy practices. Personal data of our customers processed by any group member is stored and processed in Interoute Managed Services data center in Switzerland (ISO 27001 and PCI DSS certified). As noted in Data Protection Agreement in any case where one group member signed Agreement with a customer other group members are considered as sub-processors of that group member. List of HORISEN GROUP members is given on our website www.horisen.com/en/horisen-group.
Our Sub-ContractorsThere are cases where we use services of third party companies that are somehow involved in processing of personal data. List of these sub-contractors are given on our website www.horisen.com/en/sub-contractors. These companies process only personal data we collected and they do not process any personal data of our customers. If you provide us with your personal data we might use some software or service of Sub-Contractor and in these cases, we are Data Controllers (cases described in previous section) and Sub-Contractors are acting as Data Processors. HORISEN performs due diligence on the information security practices and data protection compliance of all sub-contractors and requires each to commit to written obligations (Data Protection Agreement) regarding their security controls and applicable regulations for the protection of personal data.
Legal Requests and SafetyWe may transfer and disclose information, including personal information and usage information and your device identifier (including IP address), to third parties to comply with a legal obligation: when we believe in good faith that the law requires them; at the request of governmental authorities conducting an investigation; to verify or enforce our Terms of Services or other applicable policies; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, users of the HORISEN services or the public. We may also use device identifiers to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers or law enforcement agencies, in our discretion. Such disclosures may be carried out without notice to you.
Change of Ownership or ControlHORISEN reserves the right to disclose and transfer user information, including personal information, in connection with a corporate merger, consolidation, restructuring, the sale of certain stock and/or assets, or other corporate change including, without limitation, during the course of any due diligence process.
Security of Your Data
We take precautions to protect your information. When you submit personal information via the website, your information is protected both online and offline. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secured environment.
We implemented technical and organizational security measures for the protection of personal data before processing of any personal data and additional security measures as mutually agreed with our customers. HORISEN has been adopting security measures including encryption, pseudonymization, resilience of processing systems and backing up personal data in order to be able to reinstate the system.
Security and privacy of our information, including personal data as important information asset, is build and based on our Information Security Policies and Procedures and applied measures in accordance to these documents. All of organizational and technical measures are applied in accordance with ISO 27001 standard and GDPR requirements.
Access to Your Information, Correction and Right to Be Forgotten
You have the right to request a copy of the information that we hold about you. If you would like a copy of personal data we have on you, where we store it and how we use it please send us your request. We might make a small charge for this service. We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate or use your right ̎to be forgotten ̎ with consideration of lawfull interception bounds. You can also unsubscribe from specificed channel or service using „Unsubscribe your data“ option on our website or you can send your request to our DPO by sending an e-mail to email@example.com. Requests regarding changes or deletation of any data we gained from our customers have to come from that customer as described in our Data Protection Agreement.
Retention Period and Legal Interception
The duration of the processing of data we gained from our customers is limited to the duration needed to perform our obligations considering Contract of providing services between our companies, unless a legal obligation applies. Our obligation with regard to the data processing shall in any case continue until the data has been properly deleted or has been returned at the request of our customer. For the purposes of fulfillment of our legal obligation, we will store data for the period of six months in separate, encrypted instance, in case of legal interception request. This applies also to any request, regarding unsubscribing from our services, we obtain from any data subject. Their user accounts will be removed from our services but their data will be stored for additional six month on encrypted instance, after expiration of this period data will be permanently deleted from our systems.
Cookies and Analitics
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. You can set your browser not to accept cookies if you are not confortable with them. On our sites we are using Cookies listed below:
|Cookie provided by||Cookie name||Expiration time||We use it for|
|PHP session cookie||PHPSESSID||Session||The PHPSESSID cookie is native to PHP and enables websites to store serialized state data.|
|Matomo||_pk_id.1.a91e||1 year||These cookies are used by the analytics software Matomo to allow us to count page visits and traffic sources, so we can measure and improve the performance of our site|
|HORISEN||saved_lang||60 min||Save language of our visitors|
|Google Analytics||_ga||2 years||Helps to identify sessions of visitors|
|Google Analytics||_gid||1 day|
|Google Analytics||__utma||2 years|
|Google Analytics||_utmb||30 min||Helps to identify new visitors to the Site|
|Google Analytics||__utmt_UA-47738979-13||10 min||Helps to throttle traffic rate for Google servers|
|Google Analytics||_gat_UA-47738979-13||6 months|
|Google Analytics||__utmz||1 min||Helps to identify the traffic source of visitors|
|1P_JAR||1 month||Google advertising cookie used for user tracking and ad targeting purposes|
|Google Adwords||HSID||2 years||Provides information about the effectiveness of Google Adwords|
|Google Adwords||NID||6 months|
|Google maps||APISID||2 years||Google maps associated cookies are used to display a user-friendly map and location designations.|
|Google maps||SIDCC||3 months|
|Google maps||SSID||2 years|
|Google maps||SAPISID||2 years|
|Google maps||SID||2 years|
|Google Tag Manager||_dc_gtm_UA-66028946-1||1 min||These cookies collect information in an anonymous form. This includes the number of visitors to the site|
|BizoID||6 months||LinkedIn Ad analytics|
|bcookie||2 years||Browser ID cookie|
|bscookie||2 years||Secure browser ID cookie|
|HORISEN||lidc||1 day||Used for routing|
|UserMatchHistory||6 months||LinkedIn Ad analytics|
We implemented Matomo service on premise and we control and protect any analysis and data we collect from Matomo. We take measures to protect the technical information collected by our use of Google Analytics and Matomo. Colected data will only be used for analitics and on a need to know basis to resolve technical issues, administer the site and identify visitor preferences. In these cases, the data will be in non-identifiable form. We do not use any of these information to identify visitors or users.
Our Policy Towards Children
The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support services.
How to Contact Us
Please contact us with any questions or comments about this Policy, your personal data or your consent choices. If you have any concerns to adress, any questions or complaints about this Policy or your personal data, you may contact HORISEN’s Data Protection Officer by sending an email to firstname.lastname@example.org.
Last update: 23rd of May, 2018.