- privacy is one of your human rights
We welcome “GDPR” – EU’s new regulation for privacy protection. And although we are small team up in the North - we will do our utmost to protect your privacy. Not because there is a new regulation coming – but because your privacy is important to us. Always has been, always will be.
We want you to read something you understand – not just a simple ‘tick-box something font size 4 legal speak’. Because that wouldn’t really be true consent, would it?
Remember: You can always reach out to us inside haaartland or email firstname.lastname@example.org with any question.
Ok, here we go:
- Our service?
- Personal data collected?
- Purpose of collection this data?
- You, haaartland and the community owner?
- Data from haaartland to community owner?
- Communities can be commercial places
- Your rights?
- Who to contact?
- 3rd party services?
- What about apps through our API?
- What if there is a data breach?
The haaartland service is a community platform. It’s a product you use single-handedly or for setting up your own community that lives on haaartland.
The general rule under GDPR is that you must be 16 or older to be to able accept collection of personal data on a social platform all by yourself. Younger teenagers and kids need to have their parent’s consent. However, many countries in the EU (e.g. Sweden) have opted for the softer ‘13 years or older’ limit to be able to accept collection of personal data by yourself. When becoming a user on haaartland you confirm that you are of the right age in your country of citizenship and that you accept that your personal data is collected within the limits of this privacy and user agreement.
Personal data collected?
This means that you are likely to be engaged in lots of posting, liking, searching – even setting up of specific monitor pages for your interests. This personal data is being collected.
The purpose of collecting this data
We will collect this personal data to provide a good and relevant service for you. This means everything from securing who you are when logging in to trying to figure out posts, pages, people and conversations that might be of interest to you. Basically, we try to get to know you to help you find and be introduced to like-minded people, content, pages, communities that live on haaartland. And very sparsely – we will contact you with possible upgrades to our service.
The haaartland baseline
You deserve to feel safe and the fundamental principle is that what goes on haaartland stays on haaartland. This is a place for collaboration and trust. We will not sell ads. We will not sell your personal data. And we will not allow our community owners to do this as well, see next bullets below:
- haaartland and the community owner. haaartland can be said to be “a community of communities”. This means that we are an underlying platform where community owners bring - or start - their communities.
What data is given from haaartland to the community owner?
A community owner will get a list of email addresses from members. The community owner will also get aggregate analytics data – note: anonymized data – e.g. of content that interests the community and emotions coupled to topics – e.g. positive feelings towards low carb recipes in a diabetes community. The purpose is to help the community owner focus more on the right content and conversations. Make the community more relevant. To get to know her/his audience.
But key here is: ‘aggregate data’ and ‘purpose’. First, the data is not personal. A large group of members must be in a community before this feature can come alive – too small a circle and it is not activated. We don’t want to tempt community owners to try to parse data outside the platform and target outside you on ad platforms when you browse the rest of internet.
Can the community owner show ads on the platform?
No, we don’t run ads at the platform, there is no ad platform in the back-ground – either for targeting or for displaying ads. HOWEVER (we don’t like fine print so we spell this ‘however’ out) a community owner can run posts that designate pages to be SPONSORED by a brand.
Communities can be commercial places
– but things must be transparent. A community can be a place for commerce – BUT things should be out in the open. Regardless if they involve private data or not. For example: We think subscriptions or trials for Paid communities are open and transparent transactions. We think the concept of sponsorships is open. Coupons are open. Shopping on the platform is open.
But we have decided against ad targeting on the haaartland platform. We don’t not consider today’s advanced ad targeting solutions to be open and transparent enough – let alone the practise of allowing data of personal preferences to be used for ad targeting outside of the platform where they were collected.
You have several rights under GDPR. For example, you can ask us to delete your or export your data. Just contact us:
Who to contact?
Email us at email@example.com with any question you have as a haaartland-user on privacy.
3rd party services?
We use 3rd party service from established companies – AWS (cloud), stripe (payments). They have communicated with us that they are fully compliant with GDPR.
What about apps through our API?
What about, apps you have opted to use yourself? On haaartland you can opt to add apps, like Trello, slack, Google forms etc via our API. We recommend that you familiarize yourself with the privacy terms in these apps to be aware of specific rules in these apps.
We run on Amazon AWS. All services we use on AWS are GDPR-compliant and have a high level of security. Our team – with experience from mission critical systems in banks and retail systems – put much effort into making haaartland the safe place you can expect as a user.
What if there is a breach?
We will notify you if there is breach and we will comply with GDPR’s procedures regarding breach protocol.
Bottom line is this, privacy is a key pillar for haaartland. We work hard to be a safe platform for you personally and for your communities. If you have any questions – just reach out!
Stockholm, Bergen, Helsinki –
Greetings from your team in the Nordics : ) – haaartland
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your email address or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter, Open a Support Ticket or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To send periodic emails regarding your order or other products and services.
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use 'cookies'?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some features will be disabled. that make your site experience more efficient and may not function properly. However, you will still be able to place orders.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
- Users can visit our site anonymously.
Can change your personal information:
- By logging in to your account
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
We do not allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify you via email within 1 business day
- We will notify the users via in-site notification within 1 business day
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We collect your email address in order to:
- Send notifications
- Verify your account
If at any time you would like to unsubscribe from receiving future emails, you can:
- Email us at firstname.lastname@example.org
- Follow the instructions at the bottom of each email
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If there are any questions regarding these user terms, you may contact us using the information below:
Haaartland.com c/o United Spaces Klarabergsviadukten 63 111 64 Stockholm Sweden The Nordics
for user-terms and abuse: email@example.com