Personal information is data that can be used to identify or contact a single person.
We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:
If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.
If you want to disable cookies check with your provider to find out how to disable cookies. Please note that certain features of the Directory website will not be available once cookies are disabled.
As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.
We use this information to understand and analyze trends, to administer the site, to learn about user behavior on the site, to improve our product and services, and to gather demographic information about our user base as a whole. Directory may use this information in our marketing and advertising services.
In some of our email messages, we use a “click-through URL” linked to content on the Directory website. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on our website. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
Pixel tags enable us to send email messages in a format customers can read, and they tell us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.
At times Directory may make certain personal information available to strategic partners that work with Directory to provide products and services, or that help Directory market to customers. For example, when you purchase and activate your Trustee, you authorize Directory and your Trustee host service provider to exchange the information you provide during the activation process to carry out service. If you are approved for service, your account will be governed by Directory and your host’s respective privacy policies. Personal information will only be shared by Directory to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.
Directory shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever Directory operates.
It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Directory to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
Directory takes the security of your personal information very seriously. Directory online services protect your personal information during transit using encryption such as Transport Layer Security (TLS). When your personal data is stored by Directory, we use computer systems with limited access housed in Digital Ocean, Inc. facilities using physical security measures. When you use some Directory products, services, or applications or post on a Directory or HIE of One forum, chat room, or social networking service, the personal information and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the personal information you choose to share or submit in these instances. For example, if you list your name and email address in a forum posting, that information is public. Please take care when using these features.
If you or anyone else with access to your Trustee logs on to a device that is owned by a third party, any information in your Trustee and accessible to that user including sensitive health information that you have authorized for access by that user—may be downloaded on to that third-party device thereby disclosing any such shared information.
You can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your account at https://dir.hieofone.org. For other personal information we hold, we will provide you with access (including a copy) for any purpose including to request that we correct the data if it is inaccurate or delete the data if Directory is not required to retain it by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction, or deletion requests can be made through the Privacy Contact Form.
We understand the importance of taking extra precautions to protect the privacy and safety of children using Directory products and services. Children under the age of 13, or equivalent minimum age in the relevant jurisdiction, are not permitted to create their own Trustees, unless their parent provided verifiable consent or as part of the child account creation process.
If we learn that we have collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, outside the above circumstances we will take steps to delete the information as soon as possible.
If at any time a parent needs to access, correct, or delete data associated with their child’s Trustee, they may contact us through our Privacy Contact Form.
Directory websites, products, applications, and services may contain links to third-party websites, products, and services. Our products and services may also use or offer products or services from third parties − for example, a Digital Ocean virtual machine.
Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
To make sure your personal information is secure, we communicate our privacy and security guidelines to Directory employees and strictly enforce privacy safeguards within the company.
When a privacy question or access/download request is received we have a dedicated team which triages the contacts and seeks to address the specific concern or query which you are seeking to raise. Where your issue may be more substantive in nature, more information may be sought from you. All such substantive contacts receive a response. If you are unsatisfied with the reply received, you may refer your complaint to the relevant regulator in your jurisdiction. If you ask us, we will endeavor to provide you with information about relevant complaint avenues which may be applicable to your circumstances.
HIE of One, PBC. 52 Marshall St., Watertown, MA, 02472