This privacy statement (“Privacy Statement” or "Statement") provides information about how Humu, Inc. (“Humu”, "we", "our", or "us") collects, uses and discloses your personal data and how you can exercise your privacy rights.
We recommend that you read this Statement in full to ensure you are fully informed.
Processing activities covered
This Statement applies (unless a different statement or notice is displayed) to the processing of personal data collected by us when you:
Together, we refer to these activities as the "Processing Activities Covered".
For the avoidance of doubt, this Statement does not apply:
This Statement applies to all users across the world. Some users, including residents of the European Economic Area and UK, may have additional rights depending on where they are located, which are described in this Statement.
Information about Humu
Humu is the data controller of your personal data as described in this Statement, unless expressly specified otherwise. Humu provides a software-as-a-service application that supports companies, teams and employees to create better workplaces. Humu is headquartered in Mountain View, California, with teams also based in other U.S. states and in the United Kingdom. For more information about Humu, see https://www.humu.com/company.
Collection & Use of Personal Data
The data we collect depends on the context of your interactions with Humu and the choices you make, the features you use, your location and applicable laws, but can include information you voluntarily provide to us, information we automatically collect from you, and information we obtain from third party sources.
Information You Voluntarily Provide to Us
The types of personal data you may provide include contact information (such as your name, job title, company name, email address, postal address, phone number, company name, fax number).
Many of the Processing Activities Covered require us to process some personal data about you. Humu collects information you submit through our website when signing up to receive information about our product, services, and industry, or when registering for an event. If you choose not to provide data necessary for instance to register for an event, you will not be able to register for such event.
We may also collect other information from or about you, such as information about your interests, demographic information, and photographs and videos that you choose to upload. You may also provide us with additional data.
Information We Collect Automatically
This information may include: information about your computers, devices, applications and networks, including your Internet Protocol (IP) address (or that of the proxy server you use to access the internet), device and application identification numbers, your approximate location, browser type and language, your internet service provider or mobile carrier, the pages, files, and videos you viewed, your searches, your operating system and system configuration information, and date and time stamps associated with your usage of the website.
We also may automatically collect certain device and usage information when you interact with our emails. We collect this information by using pixel tags, for the purpose of tracking certain activity, such as when an email is opened.
Information We Obtain from Third Party Sources
In some instances, Humu engages with third party sources to obtain additional information about you (including third parties from whom we have purchased personal data) and combine that information with the data we collect through other means described above. For example, Humu collects business contact information from Humu partners, industry event providers, or business intelligence providers. Information collected by business intelligence providers is publicly available and used by Humu marketing and sales teams to determine your company’s interest in Humu’s products and services. You may opt out of these communications at any time by clicking the “unsubscribe” link in the email correspondence.
This information may include mailing addresses, job titles, email addresses, phone numbers, intent data (or user behaviour data), IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, delivering more relevant email content, event promotion and profiling.
Analytics: Third parties who provide us with analytics services may also automatically collect some of the information described above, including, for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information. Please consult the respective privacy policies and statements of these third parties for more information, including how Google Marketing Platform, Pardot, LinkedIn and Salesforce use this data.
Social Media Features: Our website may include plugins of social media platforms, such as Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA; Twitter Inc., 795 Folsom St., Suite 600, San Francisco CA 94107, USA; YouTube, Inc., 1000 Cherry Avenue San Bruno, CA 94066, USA; and LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. You can identify the plugins by the respective network’s logo. Details about purpose and extent of data collection, as well as processing and use of the data, by the social media networks can be obtained by reading the privacy policies of Facebook, Twitter, YouTube and LinkedIn.
How We Use Personal Data and our Legal Bases (for residents of the EEA and United Kingdom only)
We collect and process personal data about you for a variety of purposes and on the legal bases described in this Statement, unless expressly specified otherwise, including:
In carrying out these purposes, we combine data we collect from different contexts or obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes.
Sharing of Personal Data
We do not share your personal data with third parties, other than as follows:
We may also share aggregated or deidentified usage data with our service providers for the purposes of helping Humu in such analysis and improvements. Additionally, Humu may share such anonymous usage data on an aggregate basis in the normal course of operating our business.
For further information on the recipients of your personal data, please contact us by using the information in the "Contact Us" section below.
Transfers of your Personal Data
Personal data we collect may be stored and processed in your region, in the United States or in any other country where we or our affiliates, subsidiaries, partners or service providers maintain facilities. We maintain primary data centers in the United States. We take steps designed to ensure that the data we collect under this Statement is processed in accordance and as described in this Statement and applicable law wherever the data is located.
Therefore, we may transfer personal data from the European Economic Area (EEA), United Kingdom and Switzerland (collectively "Europe") to other countries which may not have the same level of data protection as applies in your jurisdiction and which have not been determined by the European Commission to have an adequate level of data protection. In this event, we use a variety of legal mechanisms to ensure that the recipient of your personal data offers an adequate level of protection, including entering into the standard contractual clauses for the transfer of European data approved by the European Commission or where required, we will ask you for your prior consent to such international data transfers.
Security of your Personal Data
Humu maintains a comprehensive security program with appropriate organizational, physical and technical security practices measures to to help safeguard your personal data against accidental or unlawful destruction, loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We are an ISO 27001:2013 and SOC 2 Type 2 certified provider whose Information Security Management System (ISMS) has received third party accreditation.
However, no security measure or modality of data transmission over the Internet is 100% secure. While we follow generally accepted standards to protect data, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.
Although we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. If you have any questions about the security of our website, please contact us by using the information in the “Contact us” section below.
Storage and Retention of your Personal Data
We may retain your personal data for as long as necessary for the purposes it was collected, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly. We determine the appropriate retention period for personal data on the basis of the amount, nature and sensitivity of your personal data processed, the potential risk of harm from unauthorized use or disclosure of your personal data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your personal data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data. For further information on applicable data retention periods, please contact us by using the information in the “Contact us” section below.
Your Privacy Rights
Your preferences for email marketing
You may opt out from receiving marketing emails by clicking the “unsubscribe” link at the bottom of our communication with you. If you exercise your right to opt out of marketing emails, you will be added to Humu’s opt-out list as required by applicable law.
If you choose to no longer receive marketing communications, we may still communicate with you regarding such things as security updates, product functionality, responses to service requests, or other transactional, non-marketing purposes.
You can also send requests about changes to your information or your contact preferences, including requests to opt-out of sharing your personal data with third parties. For these purposes, see our "Contact Us" section below.
Collection of Personal Data of Minors
Humu’s website and services are directed to people who are at least 16 years of age or older. We do not knowingly collect, use, or disclose personal data from children under 16. If you are a parent or guardian and you learn that your children under 16 have provided us with personal data, please contact us using the contact information provided under the “Contact us” section below.
Changes to this Statement
Humu may change this Statement from time to time. If we make any changes to this Statement, we will post an amended version and change the “Last Updated” date above or if we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you using the email address you provided. Please review this Statement periodically.
If you have any questions or comments about this Statement or the practices of this website, or unresolved privacy and data use concerns, or if you wish to lodge a complaint about our privacy practices, please contact Humu by emailing firstname.lastname@example.org, faxing (650) 321-3156, calling (650) 321-3000, or writing Attention: Privacy, Humu, Inc., 548 Market St, PMB 65781, San Francisco, CA 94104