Privacy Policy | Huddle

Privacy Policy

Last Updated: February 27, 2017

Ninian Solutions Ltd (t/a Huddle) whose registered offices are 2nd Floor, Aldgate Tower, 2 Leman Street, London, E1 8FA, UK and it’s US subsidiary Huddle Inc (dba Huddle) a Delaware Corporation whose offices are at Huddle, Inc., 156 2nd Street, San Francisco, CA 94105 (“we”, “us” “our” or “Huddle”) are committed to protecting and respecting your privacy. When we collect personal information from you, we follow the privacy principles and comply with the United Kingdom Data Protection Act 1998, EU General Data Protection Regulation (EU) 2016/679, and the U.S. Department of Commerce EU-U.S. Privacy Shield Frameworks. These govern the collection, use, and retention of personal data to and from the European Union, the U.S., and globally.

This policy, together with our Subscriber Agreement for Huddle Services http://www.huddle.com/subscriber-agreement/, our Master Services Agreement and our End User License Agreement (“Terms of Use”) http://www.huddle.com/terms-of-use and any other documents referred to in them, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following information carefully to understand our views and practices regarding your personal data and how we will treat it.

Changes to our Privacy Policy

We may modify this Policy from time to time. If we make any changes to this Policy, we will change the “last updated” date above. We encourage you to check this Policy whenever you use our Sites and Services to understand how your personal information is used.

For the purpose of the United Kingdom Data Protection Act 1998 (the Act), the Data Controller for Huddle’s own information is Ninian Solutions Ltd. The Data Processor for Huddle customers is Ninian Solutions Ltd.

Information we may collect from you

  • We may collect and process the following data about you:
  • We collect information from you when you complete forms on our websites (huddle.com, huddle.net, these Services can also be accessed using a custom domain name e.g. myaccount.huddle.net, myaccount.huddle.com) – “our sites” – including when registering to use our Sites or subscribing to our Services or updating your profile. The information you provide is stored in Huddle managed repositories. The information we may collect about you includes, your name and email address; your title, company and other profile information you provide as well as aggregate information about your use of the features of the Services we provide to you such as the number of times You upload/download files and documents.
  • Information that you provide to us by completing surveys on our site or as carried out by our approved third parties.
  • If you contact us for customer or technical support, we may keep a record of that correspondence or conversation.
  • Information we receive from third-party search engines such as but not limited to Google, Yahoo and Microsoft (Bing and MSN) relating to your search activity.
  • Details of your visits to our site including, but not limited to, traffic data, location data, IP addresses, weblogs and other communication data and the resources that you access.

On registration with Huddle or when completing forms on our Sites, Huddle does not require nor ask for sensitive personal data such as – General medical information, race/ethnicity, gender, political opinions or sexuality. Where you believe you have either submitted or been asked to provide this information as part of registration or completion of forms, you are to contact privacy@huddle.com to have this information deleted or removed from our records.

Uses made of the information

  • Huddle may use the information you provide in the following ways:
  • To provide our Services and features to you, to measure and improve those services and features and to provide you with customer and technical support through Customer Relationship Management systems.
  • To contact you with any service-related announcements from time to time.
  • To ensure that content from our site is presented in the most effective manner for you and for your computer.
  • To provide you with information concerning our products or services that you request from us or which we feel may interest You by email
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To provide you with advertisements concerning our products and services through our Third-Party Partners Programme (see Third-Party Partners programme below for more details).

You may at any time opt-out of receiving Marketing centric communications by clicking on the opt-out link in the footer of the email you have received or by sending us an email at privacy@huddle.com. Opt-out requests will not apply where Huddle sends you a notice regarding the status of service, upgrades to platform, additional features, security alerts, quality survey or NPS requests, or any notice pertinent to your service and account.

Information We collect may be stored and processed in and transferred between any Huddle offices to enable us to use the information but strictly in accordance with this privacy policy.

Huddle may use trusted 3rd parties to assist in the delivery, provision, analysis and improvement of the Services including but not limited to data storage, maintenance services, database management, analytics, payment processing, Customer Relationship Management services/systems and improvement to the Services features. Huddle is not liable for the quality or accuracy of any onward transfer of information. 3rd parties may have access to your Information only for the purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy. All 3rd parties will be risk assessed by Huddle before receiving any Information to ensure compliance to Huddle’s ISO 27001:2013 certified Information Security Management System, the relevant agreements and frameworks including but not limited to the U.S.-EU Privacy Shield to ensure the protection of Your Information.

Huddle’s trusted 3rd parties utilise your personal data for the following business purposes:

  • Support services
  • Customer relationship management services
  • Financial management services
  • Communication management services
  • Digital signature service.

All onward transfers of data to trusted 3rd parties will be completed within agreed contracted terms which include:

  • Data will only be processed for already agreed limited and specified purposes
  • Data will be protected to the same level of the U.S. Privacy Shield Notice and Choice Principles and the E.U. General Data Protection Regulation. If it is determined that they can no longer meet this obligation then the 3rd party provider is contractually obligated to notify us.

Cookies, Web Beacons and IP addresses

We may collect information about Your computer, including where available Your IP address, operating system, browser type, for system administration and to report aggregate information which helps us improve the service. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies

We use Cookies which are information packets sent by web servers to web browsers, and stored by the web browsers. The information is then sent back to the server each time the browser requests a page from the server. This enables a web server to identify and track web browsers. There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are deleted from Your computer when You close Your browser, whereas persistent cookies remain stored on Your computer until deleted, or until they reach their expiry date. Cookies contain information that is transferred to Your computer’s hard drive. We use Cookies to help us to improve our site and to deliver a better and more personalised service.

We use the following cookies within our Services:

Type

Name

Domain

Explanation

Session

sectok

huddle.net

This is a security ID used by the Huddle service to perform anti-XSRF to ensure that the source of the data/content being submitted is what it should be. This safeguards the integrity of our customer’s data/content stored within Huddle.

Session

JSESSIONID

newrelic.com

New Relic provides infrastructure management services to Huddle. It allows us to understand the capacity requirements of our customers. All customer information sent to New Relic is anonymized.

Persistent

mp_fef9a865cb6b76f1c0a17d22d29a916a_mixpanel

.huddle.net

Mixpanel provides a service which allows Huddle to understand the features most used by Huddle customers. This cookie allows tracing of functionality within the application by our customers.

Session

auth_token

.huddle.net

Huddle’s utilises OAUTH (used by many large and secure websites) to verify and maintain customer’s sessions for the duration of their usage on our service.

Persistent

ajs_user_id

.huddle.net

Segment.io allows Huddle to plugin behavioural and functionality by trusted; and risk assessed third-party providers (such as Mixpanel). This cookie allows Huddle to follow the events that a user is performing.

Persistent

__utma

.google.com

These functional cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

__utmb

__utmz

Session

__utmc

.google.com

These functional cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Persistent

PREF

youtube.com

Google stores language preferences and user selection of ‘SafeSearch’ in this cookie for all our embedded videos used on the www site. Customer created video content is only stored on Huddle’s servers.

Persistent

VISITOR_INFO1_LIVE

youtube.com

We use YouTube to embed videos on our blog and www sites. However, if the ‘Share’ button is clicked YouTube will set these two cookies. The VISITOR_INFO1_LIVE cookie attempts to estimate your bandwidth. These cookies don’t gather information that identifies a user.

Session

YSC

youtube.com

Used by Google for Google Maps preferences on our contact us page.

Persistent

rmbMe

huddle.net

Used to pre-populate login page with a username.

Persistent

Settings

huddle.net

Indicates user preference for single or multiple file uploader

Persistent

New Dashboard

huddle.net

Indicates user preference for new or old Dashboard design

Refusing Cookies

You may refuse to accept our cookies by activating the functionality on Your browser which allows You to refuse the setting of cookies. However, if You enable this functionality, this may adversely affect Your user experience of our site.

Web Beacons

We use Web Beacons – sometimes called single-pixel gifs – which allow the Sites to collect web log information. A web beacon is a graphic on a web page or in an email message designed to track pages viewed or messages opened. Web log information is gathered when You visit one of more of our Sites by the computer which hosts our website (webserver). The webserver automatically recognises some non-personal information, such as the date/time You visited our site, the pages You visited, the website You came from, the type of browser You are using (e.g. Chrome, Firefox, Internet Explorer), the allocated Internet Service Provider DNS (domain name service) and the Internet Protocol (IP) addresses. We may also include web beacons in promotional emails to determine whether messages have been opened. Web beacons may also be used to deliver cookies.

IP Addresses

Our Sites use Internet Protocol (IP) addresses. IP addresses are assigned to Your computer by Your Internet Service Provider (ISP), so You can access the internet. The IP address assigned to You may or may not change each time You connect to the internet. If You are accessing our Sites via broadband connection it is possible that the IP address we collect or even a cookie we might use may contain information that could be deemed identifiable. This is because with some broadband connections the IP address does not change and so is termed static which could be associated with Your personal computer. We use Your IP address to report aggregate information on usage and to help improve our Sites.

Areas of our Sites that collect Your information use industry standard Transport Layer Security encryption (TLS); You must utilise a modern, up-to-date browser to take advantage of the higher levels of encryption that are supported.

Third-Party Partners Programme

When You visit our site, we place a cookie file on Your hard drive of Your computer so that our advertising partners can recognise You when You visit their websites. We do this so that our advertising partners can show You advertisements relating to our products and services when You visit their website.

You may opt out of receiving our advertisements through our advertising partners by:

  • Adjusting Your browser setting to refuse the setting of cookies or by clearing Your cookies. Please refer to Your browser help resource to describe how to do this.

Our Sites will issue cookies when You visit our site again.

Third-Party Websites

We are not responsible for the privacy policies or practices of third-party websites.

Marketing communications and opting-out

We will provide You with information concerning our products or Services that You request from us or which we feel may interest You by email unless You have opted-out of receiving this information.

You may at anytime opt-out of receiving this information by clicking on the opt-out link in the footer of a marketing email You have received or by sending us an email at privacy@huddle.com

How You can access, change or remove Your personal information

You understand that by accepting an invitation into Huddle, those who are in a workspace with you will be able to identify you by your Huddle profile.

You may view, change, or remove Your profile information displayed through our site at any time by going to Your profile and editing Your information. You have the right to obtain a copy or change the personal information we hold about You in our and our trusted 3rd party services and systems. You will need to email Your request to privacy@huddle.com or send to our postal address : Head of Information Security (Privacy Dept.), Huddle, 2nd Floor, Aldgate Tower, 2 Leman Street, London, E1 8FA

If You want to stop using Your account, You may deactivate it. When You deactivate an account, You will not be able to use our Sites or Services, and Your information will not be capable of being viewed through our sites. However, even after You deactivate Your account, copies of Your information including but not limited to name and email address may be retained by us as backup copies for legal and compliance reasons.

Where we store Your personal data

The data that we collect from You may be transferred to and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers. Such staff maybe engaged in, among other things, the provision of CRM services, marketing campaigns, and support services on our behalf. We will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this privacy policy.

All information You provide to us is stored on secure servers operated by us or our third-party providers. Where we have given You (or where You have chosen) a password which enables You to access certain parts of our site, You are responsible for keeping this password confidential. We ask You not to share Your password with anyone including employees of Huddle.

Although we will do our best to protect Your personal data, we cannot guarantee the security of Your data transmitted to our site; any transmission is at Your risk. Once we have received Your information, we will use strict procedures and security features to try to prevent unauthorised access.

Security and Management of Your personal information

Huddle’s Information Security Management is 3rd party ISO 27001:2013 certified by BSi. We will take all reasonable technical and organisational precautions to prevent loss or misuse of Your personal information. Your information is stored on protected servers and transmission of data is encrypted. Huddle stores and processes your information for as long as required and removes when no longer needed or upon Your request. Safeguards using appropriate technical or organizational measures to minimise the risk of accidental loss, unlawful processing, destruction or damage have been implemented. Huddle will endeavour to ensure Your information is accurate, adequate, limited to what is necessary for concerning the purpose for which it was gathered, kept up to date and erased or rectified without delay. You acknowledge that the transmission of information over the internet is inherently insecure and we cannot guarantee the security of data that is sent over the internet. We have implemented security capability including encryption where applicable in all transmission of data. You are responsible for the safe storage of Your access credentials to our Services.

Children ages 16 or under are not permitted to utilise the Sites and Services without parental or guardian consent.

Disclosure of Your information

We may disclose Your personal information to any of our employees, officers, agents within Huddle which means our subsidiaries in so far as reasonably necessary for the purposes set out in this privacy policy.

We may disclose Your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose Your personal data to the prospective seller or buyer of such business or assets.
  • If we or substantially all of our assets are acquired by a third-party, in which case personal data held by us will be one of the transferred assets.
  • If we are under a duty to disclose or share Your personal data to comply with any on-going or prospective legal proceedings, new legal obligations, or to enforce or apply our Subscriber Agreement or Terms of Use. This includes local and federal/national law enforcement, relevant public authorities, and regulatory bodies such as but not limited to the Federal Trade Commission (FTC).
  • To establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).

Privacy Shield

Huddle Inc complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Huddle Inc has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, Huddle Inc commits to resolve complaints about our collection or use of your personal information. Individuals have the possibility, under certain conditions, to invoke binding attribution to swiftly and with minimal cost resolve complaints. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Huddle Inc at privacy@huddle.com or our postal address: Head of Information Security (Privacy Dept.), Huddle, 2nd Floor, Aldgate Tower, 2 Leman Street, London, E1 8FA

Huddle has the responsibility for the processing of personal information it receives and subsequent transfers to 3rd parties. Huddle shall ensure that Your personal data is processed under the terms of the Privacy Shield Principles and thus are liable unless we were not responsible for the event giving rise to the damage.

Huddle Inc has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to either:privacy@huddle.com, or

Head of Information Security (Privacy Dept.)
Huddle 2nd Floor, Aldgate Tower, 2 Leman Street, London, E1 8FA

Further Information

United Kingdom Data Protection Act 1988: http://www.legislation.gov.uk/ukpga/1998/29/contents
General Data Protection Regulation: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf
Privacy Shield: https://www.privacyshield.gov
Information Commissioners Office (UK): https://ico.org.uk


Request Demo
trillatron