Who We AreInformation Collected
Changes to this Policy
General Data Protection Regulation (GDPR)
Data Processing Agreement (DPA)
#1 Who We Are
HP provides film related services to individuals, non-profit organizations and others. The personal information that we collect for the Services is hosted on servers located in the Netherlands.
#2 Information Collected
We collect the following types of information from you to provide you with the products and services you purchased and for the purposes described below. We may also collect non-personal information via automated means such as cookies. Personal Information. The personal information we collect depends on the type of service, support, or sales inquiry, and may include your name, address, telephone number, fax number and email address, IP address, domain name, dates of service provided, types of service provided, payment history, manner of payment, amount of payments, date of payments, credit card or other payment information. The financial information will only be used to bill you for the products and services you purchased. If you purchase by credit card, this information may be forwarded to your credit card provider.
There are several rights an individual may exercise under the GDPR, including:
Cookies and Tracking
Data and Information Submitted to Third Parties on Our Network
#3 Information Use
The information we collect is used for billing and to provide service and support to our customers. We take reasonable precautions to prevent unauthorized access to your information. And your personal data is stored with a high level encryption.
We may transfer (or otherwise make available) your personal information to third parties that help us provide our services or provide services on our behalf. For example, we may use service providers to authorize and process payments, like PayPal. Your personal information may be maintained and processed by our third party service providers in the United States or in other jurisdictions. Our service providers are given the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own marketing or other purposes.
#4 Disclosing Information
Sale of Business
If the Company is involved in a merger, acquisition, or sale of all or a material portion of its assets, change in corporate control, or insolvency or bankruptcy proceedings, you will be notified via email or a prominent notice will be placed on the website of any such change in ownership or use of your personal information as well as any choices you may have regarding your personal information.
#5 Your Options
Correcting/Updating Personal Information
If your information changes, or if you no longer desire our services, we will endeavor to provide a way to correct, update or remove that your personal data in our records. In most cases, this can be achieved via our billing system or by emailing us at firstname.lastname@example.org
#6 Data Security
We use technical security measures to prevent the loss, misuse, alternation or unauthorized disclosure of information under our control. We use security measures including and not limited to: physical, electronic and managerial procedures to safeguard and secure the information we collect online. All sensitive information is collected on a secure server. When we ask you to provide financial information (such as a credit card number) that data is protected using Secure Sockets Layer (“SSL”) technology.
This website is not directed towards children and we do not seek to collect any personal information from children. If we become aware that personal information from a child under the age of 13 has been collected, we will use all reasonable efforts to delete such information from our database.
#8 Changes to this Policy
#9 Contacting Us
#10 General Data Protection Regulation (GDPR)
In accordance to the new EU law for privacy protection (in effect from 2018-05-25 onward), EH complies to the following:
In case your personal data has been obtained by anyone other than HP or you, the client of HP will inform without any delay or within 72 hours of the breach. Please note that your personal data is stored in an encrypted way using globally acknowledged, top notch algorithms
Right to Access
At any time can the client access, change or delete information stored in their account. Changes are destructive and irreversible; no other version exists after the automated daily backup has been completed.
Right to be Forgotten
At any time can the client delete their account.
At any time can the personal data be transferred to another company, should the client choose to. This action is performed by the client. The data will be in a common readable format such as ‘.csv’ or ‘.pdf’
Privacy by Design
HP will only store personal information that’s absolutely necessary for the service. HP has written verification of all the EU based third party vendors we work with, to make sure the GDPR privacy law is uphold on all levels. Think of domain registrations and physical servers in data centers. Our servers reside in Dutch, German and American data centers.
HP does not and will never use your personal information for anything other than create and send invoices, and register domains in your name. Clients or any other person or company will never receive any marketing emails, digitally or physically. Your data will never be shared with anyone.
HP is only responsible for personal data the client entered on our own website/application. Any data or texts published on the client’s website by their own doing, or by software installed by the client, is the client’s own responsibility.
HP stores personal data in encrypted form on their own server. This is solely used for invoices and registration of domains. Note that a domain registration potentially exposes your personal information if you did not choose the ‘privacy add-on’. However currently, many registrars such as ICANN are adding so called GDPR-Privacy in order to comply to the EU laws. (source: https://www.dailyhostnews.com/with-gdpr-drawing-closer-icann-proposes-three-interim-models/)
HP creates daily, weekly and monthly backups of all websites, including the main company site where clients sign up. Any changes a client made to their account will be final and irreversible after the backups are overwritten.
Breach and Security
It’s not 100% guaranteed our servers will not be breached or accessed directly in the data center with mal intent. Actions to reverse this intrusion, and carefully inspect causes to prevent a repeat, will be swiftly and decisively. Note that your personal data is encrypted and will not be easily read by anyone.
#11 Data Processing Agreement (DPA)
EU citizens only!
As soon as you store personal data on a server with us, it is defined as an order for data processing according to Article 28 of the GDPR. If this applies to you, you are required by law to complete a Data Processing Agreement (DPA).