Heels and Yield Limited (referred to as “Company”, “we”, “us”, or “our”) recognises and values your privacy and is committed to protecting your personal data. This Privacy Policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from), read our blog or newsletter or when you browse and participate in our social media channels on Facebook, LinkedIn or Instagram (hereinafter collectively known as our “Site”) or when you purchase or use our products or services (for example, our Workshops and private coaching sessions).
Purpose of this Privacy Policy
This Privacy Policy aims to give you information on the types of information we collect from you when you visit our Site, use our products or services, or otherwise interact with us; how we collect, use, process, store, secure and share your information, including personal data (as defined below); and how you may access and control the information. All personal data collected by us is treated in accordance with this Privacy Policy, and the provisions of the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong (the “Ordinance”).
It is important that you read this Privacy Policy so that you are fully aware of how and why we are using your data.
Data Controller and Processors
We are the data controllers as we are collecting and using your personal data. We use trusted third parties as our data processors for technical and organizational purposes, including for payments and email marketing.
The Information we collect about you
In this Privacy Policy, “personal data” refers to any data, information, or combination of data and information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). Any data that is provided by you to us, or through your use of our Site or by purchasing our products or services, may be classified as personal data.
In order to provide you with a positive experience when you are on our Site or utilizing our content, we collect the following types of personal data about you:
- Email address and profile information that you provide when you register for an account or sign up for our products or services, for example your name, username or similar identifier, other personal description, job title, date of birth and gender, physical address (billing or delivery or both), email address, telephone numbers(s);
- information you provide through support channels, for example when you report a problem to us or interact with our support team, including any contact information, documentation, or screenshots;
- content you provide through use of our Site or our products or services, for example blog posts, comments, discussion forums, chats, reviews;
- communication, marketing, and other preferences that you set when you set up your account or profile, or when you participate in a survey, quiz or a questionnaire that we send you;
- information about your device or connection, for example your internet protocol (IP) address, log-in data, browser type and version, time-zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our products or services and information we collect through cookies and other data collection technologies (please read our Cookies Policy for details); and
- Information about your use of or visit to our Site, for example your clickstream to, through, and from our Site, products you viewed, used, or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods to browse away from the page.
We collect the above information when you provide it to us, when you purchase our products or services or when you use or visit our Site.
We do not collect sensitive data or special category data about you. This includes details about your race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, or sexual orientation.
What We Do With Information We Collect
We only use your personal data where the law allows us to. We use your personal data only where:
- we need to perform the agreement we have entered into (or are about to enter into) with you, including to operate our products or services, to provide customer support and personalized features, and to protect the safety and security of our Site;
- it satisfies a legitimate interest which is not overridden by your fundamental rights or data protection interests, for example for research and development, and in order to protect our legal rights and interests;
- you’ve given us consent to do so for a specific purpose, for example we may send you our newsletter or publish your information as part of our testimonials or customer stories to promote our products or services with your permission; or
- we need to comply with a legal or regulatory obligation.
If you have given us consent to use your personal data for a specific purpose, you have the right to withdraw your consent any time by contacting us at support@heelsandyield.com, but please note this will not affect any use of your data that has already taken place.
We do not share your personal data with any company outside our group for marketing purposes, unless with your express specific consent to do so.
Consequences of failing to provide personal data
Please note that the personal data that you are giving to us is voluntary, and by you providing this information to us you are giving consent for us to use, collect and process your personal data. You are welcome to opt-out or request for us to delete your personal data at any point by contacting us at support@heelsandyield.com.
However, if you choose not to provide us with sufficient personal data, you may not be able to participate fully in certain aspects of our Site or we may not be able to provide you with the full content of our products and services (for example, we may not be able to fully customize your private coaching session to suit your needs).
How we share information we collect
We share information with third parties that help us operate, provide, support, improve, and market our products and services (for example, our hosting provider, newsletter provider, or payment processors).
Third-party service providers have access to your personal data only for the purpose of performing their services and in compliance with applicable laws and regulations. We require these third-party service providers to maintain confidentiality and security of all personal data that they process on our behalf and to implement and maintain reasonable security measures to protect the confidentiality, integrity, and availability of your personal data.
We take commercially reasonable steps to confirm that all third-party service providers that we engage process personal data in the manner that provides at least the same level of protection as is provided under this Privacy Policy.
We may share personal data on aggregated or de-identified basis with third parties for research and analysis, profiling, and similar purposes to help us improve our products and services.
If you use any third-party software in connection with our products or services, for example any third-party software that our Site integrates with, you might give the third-party software provider access to your account and information. Policies and procedures of third-party software providers are not controlled by us, and this policy does not cover how your information is collected or used by third-party software providers. We encourage you to review the privacy policies of third-party software providers before you use the third-party software.
Our Site may contain links to third-party websites over which we have no control. If you follow a link to any of these websites or submit information to them, your information will be governed by their policies. We encourage you to review the privacy policies of third-party websites before you submit information to them.
We may share your information with government and law enforcement officials to comply with applicable laws or regulations, for example when we respond to claims, legal processes, law enforcement, or national security requests.
It is important to note that we may transfer data internationally. For users in the European Union, please be aware that we may transfer personal data outside of the European Union. By using our Site and providing us with your personal data, you consent to these transfers in accordance with this Privacy Policy.
If we are acquired by a third party as a result of a merger, acquisition, or business transfer, your personal data may be disclosed and/or transferred to a third party in connection with such transaction. We will notify you if such transaction takes place and inform you of any choices you may have regarding your information.
How we store and secure information we collect
Personal data that you provide to us is stored internally or through a data management system. We have adopted the following measures to protect the security and integrity of your personal information:
- information is encrypted using TLS/SSL technology;
- your account is password-protected by a password that is only known to you;
- access to your personal information is restricted to personnel or service providers on a strictly need-to-know basis, who will only process your information on our instructions and who are subject to a duty of confidentiality; and
- our information collection, storage, and processing practices are reviewed regularly.
We take commercially reasonable steps to protect the personal data you provide to us from misuse, disclosure or unauthorized access and will notify you and any applicable regulator of a breach where we are legally required to do so.
While we implement safeguards designed to protect your information, please note that no transmission of information on the Internet is completely secure. We cannot guarantee that your information, during transmission through the Internet or while stored on our systems or processed by us, is absolutely safe and secure.
Passwords
To use certain features of the Site, you may need a username and password. You are responsible for maintaining the confidentiality of your username and password, and you are responsible for all activities, whether by you or by others, that occur under your username or password and within your account. We cannot and will not be liable for any loss or damage arising from your failure to protect your username, password or account information. If you share your username or password with others, they may be able to obtain access to your personal data at your own risk.
You agree to notify us immediately of any unauthorized or improper use of your username or password or any other breach of security. To help protect against unauthorized or improper use, make sure that you log out at the end of each session requiring your username and password.
We will use our best efforts to keep your username and password(s) private and will not otherwise share your password(s) without your consent, except as necessary when the law requires it or in the good faith belief that such action is necessary, particularly when disclosure is necessary to identify, contact or bring legal action against someone who may be causing injury to others or interfering with our rights or property.
Use of “Cookies”
We may use the standard “cookies” feature of major web browsers. We do not set any personally identifiable information in cookies, nor do we employ any data-capture mechanisms on our Site other than cookies. You may choose to disable cookies through your own web browser’s settings. However, disabling this function may diminish your experience on our Site and some features may not work as intended.
Viewing by Others
We ask you to take note that whenever you voluntarily make your personal data available for viewing by others online through our Site, it may be seen, collected and used by others, and therefore, we cannot be responsible for any unauthorized or improper use of the information that you voluntarily share (for example, sharing a comment on a blog post, posting in a Facebook group that we manage, sharing details on a group coaching call).
Data Retention
We retain your personal data for the minimum amount of time necessary to provide you with the information and products or services that you requested from us. We only retain personal data for so long as it is reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. After such time, we will delete or anonymize your information, or if this is not possible, we will securely store your information and isolate it from further use. We periodically review the basis and appropriateness of our data retention policy.
Confidentiality
We aim to keep the personal data that you share with us confidential. Please note that we may disclose such information if required to do so by law or in the good-faith belief that: (1) such action is necessary to protect and defend our rights or property or those of our users or licensees, (2) to act as immediately necessary in order to protect the personal safety or rights of our users or the public, or (3) to investigate or respond to any real or perceived violation of this Privacy Policy or of our Disclaimer, Terms and Conditions, or any other terms of use or agreement with us.
How You Can Access, Update or Delete Your Personal Data
You have the right to:
- Request information about how your personal data is being used and request a copy of what personal data we use.
- Restrict processing if you think the personal data is not accurate, unlawful, or no longer needed.
- Rectify or erase personal data and receive confirmation of the rectification or erasure. (You have the “right to be forgotten”).
- Withdraw your consent at any time to the processing of your personal data.
- Lodge a complaint with a supervisory authority if you feel we are using your personal data unlawfully.
- Receive personal data portability and transference to another controller without our hinderance.
- Object to our use of your personal data.
- Not be subject to an automated decision based solely on automatic processing, including profiling, which legally or significantly affects you.
Any request above will normally be addressed free of charge. However, we may charge a reasonable administration fee if your request is clearly unfounded, repetitive, or excessive.
We will respond to all legitimate requests within one (1) month. Occasionally, it may take us longer than a month if your request is particularly complex or if you have made a number of requests.
Unsubscribe
You may unsubscribe from our e-newsletters or updates at any time through the unsubscribe link at the footer of all email communications. If you have questions or are experiencing problems unsubscribing, please contact us at info@heelsandyield.com.
Anti-Spam Policy
We have a no spam policy and provide you with the ability to opt-out of our communications by selecting the unsubscribe link at the footer of all correspondence.
Policy towards Children
Our Site and our products and services are directed to individuals who are at least 18 years old or older. We do not knowingly collect personal data from individuals under 18 in compliance with COPPA (Children’s Online Privacy Protection Act) and the GDPR (General Data Protection Regulation of the EU). If we become aware that an individual under 18 has provided us with personal data, we will take steps to delete such information. Contact us if you believe that we have mistakenly or unintentionally collected information from an individual under 18.
Changes to this Policy
We reserve the right, at our sole discretion, to change, modify or otherwise alter this Privacy Policy at any time. Such changes and/or modifications shall become effective immediately upon posting our updated Privacy Policy on our website. Please review this Privacy Policy periodically. Continued use of any of information obtained through or on Site or its content following the posting of changes and/or modifications constitutes the acceptance of the revised Privacy Policy. Should there be a material change to our Privacy Policy, we will contact you via email or by a prominent note on our website.
If you have any questions about this Privacy Policy, please contact us at support@heelsandyield.com.
Last Updated: January 2019