PRIVACY POLICY

Last updated: 1st June 2023.

Welcome to Handprint (https://handprint.tech). We prioritize the privacy of our visitors, and this Privacy Policy outlines the types of information collected and recorded by Handprint, as well as how we utilize it. This policy specifically applies to our online activities and governs the information shared and/or collected on Handprint by visitors. Please note that this policy does not extend to any offline information collection or data gathered through channels other than this website. By providing your personal data to us or using our website, you acknowledge and consent to the practices described in this Privacy Policy. We encourage you to carefully read the following sections to comprehend our stance and procedures concerning cookies, your personal data, and the treatment of such information. For detailed information about cookies, please refer to our separate Cookie Policy.

INFORMATION WE COLLECT ABOUT YOU

We gather information about you through various means, including when you provide it directly to us, when you utilize our products, services, and website, and when other sources furnish it to us. The information we collect encompasses the following:

Account information: When you subscribe to our products or services or establish an account with us, we collect pertinent details such as your name, email address, username, phone number, address, and organization. Additionally, we request and obtain personal information, such as the name and email address of any individual authorized by you to use our products or services.

Billing information: In the event that you need to make a payment for our products or services, we gather your billing particulars, which include a billing address and financial and payment information.

Information provided by you or your employer: we diligently collect the information that you voluntarily provide to us or your employer provides on your behalf. This includes instances when you:

Contact us through various means such as phone, email, online chat, or any other communication channel.
Complete forms on our website.
Register for an account to access our website.
Subscribe to receive our newsletters and promotional materials.
Participate in surveys conducted by us, aimed at gathering feedback on our services and training courses.
Enrol in and attend our events or training courses.
Engage in discussions and forums on our website.
Reach out to us for customer support.

Technical information: Additionally, we may utilize the information we collect in an aggregated or anonymized manner, ensuring that your identity remains undisclosed. This aggregated or anonymized data is used for purposes such as analyzing user interactions with our platforms and products, conducting research, facilitating development, implementing marketing strategies, and performing analytics.

Third-party services: in the event that you opt to enable or connect a third-party application or service in conjunction with our products and services, please note that said third-party service may disclose certain information about you to us. This may include details such as your name and email address for authentication purposes. We advise you to review and adjust your privacy settings on these third-party services to comprehend and govern the information shared with us through these services.

Information from other users: furthermore, other users of our products or services have the potential to provide us with information pertaining to you. For instance, when another individual grants you authorization to utilize our products and services, they may provide us with your name and email address. Additionally, within your organization, an individual may furnish us with your contact information if they designate you as the billing or technical contact for your organization’s account.

USE OF GATHERED INFORMATION

We utilize the information we gather about you in the following ways. For each of these purposes, we have established a legal basis for processing your information:

Providing products and services: we employ your information to deliver the products and services you have subscribed to or requested. This includes offering customer support and ensuring you benefit from any relevant product or service’s auto-update feature. Such processing is necessary for the performance of our contractual obligations to you concerning these products and services.

Payment Collection: we employ your information to facilitate the collection of fees owed to us for your usage of our products and services. This processing is essential for the fulfilment of our contractual obligations to you.

Please note that this section does not pertain to your Survey Data. We handle such data solely in accordance with your instructions and the terms of our agreement with you.

Responding to inquiries: we will utilize your contact information and any details you provide to us in order to address your inquiries, requests for information, or complaints. Depending on the nature of your inquiry, we may do so to fulfill our contractual obligations to you, comply with legal obligations, provide you with optimal service, and gain insights on how to enhance our products and services based on your feedback and experience.

Third-Party services: in instances where you choose to enable or connect to a third-party application or service, we will use the information shared with us by that application or service to facilitate the performance of our contractual obligations to you.

Protection of business, products, services, and website: we will utilize your information in alignment with our legitimate interests, which involve administering and maintaining our systems, ensuring network and information security, and safeguarding our business, products, services, and website. This includes preventing unauthorized access to our networks, investigating faults, mitigating the misuse of our products or services, averting denial of service attacks, and monitoring system usage and server load.

Development, Testing, and Improvement: we will utilize your information regarding your usage of our products, services, and website to enhance the user experience for all our users. This includes ensuring the availability of appropriate features, supporting compatible browsers and devices, and presenting our website content in the most effective manner. We undertake these efforts based on your consent to our use of cookies and in accordance with our legitimate interests in refining our existing products, services, and website, gaining insights for further improvements, and developing new offerings.

Legal Requests: there may be instances where we need to utilize your information to fulfil a legal obligation, such as responding to a court order, complying with a request from a supervisory authority or government entity, or preventing fraudulent activities.

Marketing: we may utilize your information to provide you with details about our products, services, offers, and events that we believe may be of interest to you. These communications solely pertain to our own products and services, and we do not disclose your information to third parties for marketing purposes. We send such communications either with your consent (where you have explicitly provided consent to receive such communications) or in accordance with our legitimate interests in expanding our business.

Legal basis for processing (EEA and UK only): for individuals from the European Economic Area (EEA) or the UK, if your data is processed by Handprint, we are required to have a legal basis for collecting and using your information as a data controller. The legal basis will fall under one of the following categories:

Contractual Necessity: we may require your information to fulfil a contract with you. For example, this may include delivering the services you have requested from us.
Consent: in certain cases, we may rely on your consent to collect and use your information. If we do so, you have the right to withdraw or refuse to give your consent at any time. Please note that the withdrawal of consent does not affect the lawfulness of any processing based on your consent before its withdrawal.
Legitimate Interests: we may process your information based on our legitimate interests, provided that such interests do not override your own interests or fundamental rights and freedoms.
Legal or regulatory obligation: in some instances, we may need to process your information to comply with a legal or regulatory obligation.

If you have any questions regarding the legal basis for the collection and use of your information, including information about our legitimate interests, please feel free to contact us for further clarification and information at support@handprint.tech

DISCLOSURE OF YOUR INFORMATION

We only share your information in the following circumstances:

Our service providers: we may disclose your information to third-party service providers who assist us in delivering our services. We have established agreements with these service providers to ensure that they maintain appropriate safeguards for your information. They are only permitted to use your information as instructed by us and solely for the purpose of providing the relevant services to us. For example, we engage third parties to manage credit card processing, host our application and landing page, provide online chat service, offer analytics information, and provide database and media services.

We take great care in selecting and vetting our service providers to ensure the security and confidentiality of your information.

Professional advisers: we may need to disclose your information to our professional advisers, such as lawyers, bankers, auditors, and insurers. This is done to ensure compliance with legal and regulatory requirements, seek legal advice, manage financial matters, and maintain appropriate insurance coverage.

Competent authorities, courts, and tribunals: there may be instances where we are obligated to disclose your information if it is reasonably necessary to comply with applicable laws, regulations, or legal processes. This includes responding to requests from government or regulatory bodies. Additionally, we may disclose your information to enforce our agreements, policies, and website terms of use.

Forums: if you choose to utilize the forums on our website, please be aware that any personal information you submit there can be accessed, collected, or used by other users of those forums. They may use this information to send you unsolicited messages. We do not take responsibility for the personal information you choose to share in these forums or for any private messages sent via the forum. If you wish to have your personal information removed from our community forum, please contact us at support@handprint.tech

SECURITY

We prioritize the security of your information and have implemented appropriate physical, electronic, and managerial measures to prevent unauthorized access or disclosure. These measures aim to safeguard and secure the information we collect online.

Handprint’s data centers are managed by AWS (Amazon Web Services), which adheres to stringent security standards. The following are some of the technical and organizational measures (TOMs) employed:

Physical security: data centers are situated in nondescript facilities with robust perimeter controls and natural boundary protections. They have obtained accreditations such as ISO 27001, SOC 1, SOC 2/SSAE 16/ISAE 3402, PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX).

Environmental safeguards: measures include fire detection and suppression systems, reliable power systems, and climate and temperature control mechanisms.

Network security: firewalls, DDoS (Distributed Denial of Service) mitigation, protections against spoofing and sniffing, and port scanning safeguards are in place.

Data security: SSL encryption is employed for customer applications and Postgres databases to ensure secure transmission and storage of data.

System Security: system configurations are optimized for security, and customer applications are isolated to prevent unauthorized access. Robust system authentication protocols are implemented.

Vulnerability management: ongoing vulnerability assessments are conducted to identify and mitigate potential risks.

Backups: regular backups are performed for customer applications, customer Postgres databases, and customer configuration and meta-information.

Disaster Recovery: customer data retention and destruction practices are in place to ensure effective disaster recovery procedures.

By implementing these security measures, we strive to maintain the confidentiality, integrity, and availability of your information.

HOW WE USE COOKIES

For more information on our use of cookies, please read our Cookie Policy.

YOUR RIGHTS AS A DATA SUBJECT

As a data subject, you have certain rights regarding the processing of your personal information. These rights may vary depending on your jurisdiction and the specific circumstances of the processing. We are committed to upholding these rights and facilitating their exercise. Please note that if we act as a data processor on behalf of our customers, you may need to contact them directly to exercise your rights related to your Survey Data.

Right to Access: You have the right to request information about whether we hold any of your personal information and to obtain a copy of that information. To exercise this right, please contact us at support@handprint.tech. We will respond to your request in a timely manner.

Right to rectification: you have the right to request the correction or amendment of any inaccurate or incomplete personal data that we hold about you. If you believe that your personal data is incorrect or requires updating, please contact us, and we will promptly address your request.

Right to erasure: in certain circumstances, you have the right to request the erasure of personal information held about you. However, please note that this right may be subject to qualifications, such as when it is necessary for us to retain the information for record-keeping purposes or to comply with our legal obligations. If you wish to exercise your right to erasure, please contact us, and we will assess your request based on the applicable legal requirements.

Additional rights: depending on the applicable laws and regulations, you may have other rights, such as the right to restrict the processing of your personal data or the right to data portability. If you have any inquiries or wish to exercise any of these additional rights, please contact us, and we will assist you accordingly.

We are committed to handling your requests in a prompt and transparent manner, ensuring that your rights as a data subject are respected and upheld to the extent required by applicable laws and regulations.

Right to object: in certain circumstances, you have the right to object to the processing of your personal data based on our legitimate interests. However, we may demonstrate compelling legitimate grounds for the processing that override your rights and freedoms.

Right to restrict processing: you may have the right to request the restriction of processing your personal data. This right can be exercised, for example, when you believe that the personal data we hold about you is inaccurate or unlawfully processed.

Right to data portability: under certain conditions, you have the right to receive your personal data in a structured, machine-readable format and have the right to transmit that data to another data controller.

To exercise any of these rights, please contact us at support@handprint.tech. To ensure the security and protection of your personal information, we may need to verify your identity before proceeding with your request.

You also have the right to withdraw your consent at any time if we rely on consent as the legal basis for processing your personal information. Please note that withdrawing consent does not affect the lawfulness of any processing carried out prior to the withdrawal. To withdraw your consent, you can contact us via email at support@handprint.tech or by post using the address provided below. We will respond to your request within a reasonable timeframe.

If you have any concerns about the way we handle your personal data, you have the right to lodge a complaint with the supervisory authority, which in this case is the Personal Data Protection Commission Singapore (PDPA).

DATA RETENTION AND DELETION POLICY

We will retain your personal information for the duration of your active account or as necessary to fulfil the purposes outlined in this policy, which includes meeting any legal, accounting, or reporting obligations. If you wish to have your personal information deleted, you can contact us at support@handprint.tech at any time. In the event that we are unable to fulfil your deletion request, such as if we are required to retain certain information to comply with a legal obligation, we will inform you of the reasons for our inability to delete the information.

CONTACT

If you have any questions, comments, complaints, or requests concerning your personal data or this Privacy Policy, please reach out to us at support@handprint.tech Alternatively, you can contact us via postal mail at the following address:

Attention: Handprint Data Protection
HANDPRINT PTE. LTD.
160 Robinson Road
#14-04 Singapore Business Federation Centre
Singapore 068914

We will promptly address any inquiries or concerns you may have regarding your personal data or our privacy practices.

UPDATES TO OUR PRIVACY POLICY

We reserve the right to amend, supplement, modify, and update this Privacy Policy as necessary. Any changes to the policy will be effective immediately upon posting the revised version on our website. We encourage you to check back regularly to stay informed about any updates. By continuing to use our website or services after any modifications to this Privacy Policy, you acknowledge and agree to the updated terms.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID	session	New Relic uses this cookie to store a session identifier so that New Relic can monitor session counts for an application.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
vuid	1 year 1 month 4 days	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website.

Cookie	Duration	Description
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.