Hello Insight/Algorhythm Privacy Policy
Effective November, 2020
Our Commitment to Privacy:
We take privacy very seriously here at Algorhythm (also doing business as Hello Insight) and post this Privacy Policy (this “Policy”) to explain what Hello Insight/Algorhythm (“we”, or “us”) does with the information and data that we collect from our users who visit our website or use our products and services (“Service”). For ease of reference our Policy is drafted in a question and answer format.
WHAT PRIVACY LAWS PROTECT INFORMATION SUBMITTED TO HELLO INSIGHT/ALGORHYTHM?
Information we collect may be subject to some, or all, of the following privacy laws. As new jurisdictions develop new requirements, please be assured that we will be adding compliance with them.
This section of the Privacy Policy describes the steps we take specifically to ensure our and your compliance with these important laws.
COPPA (Children’s Online Privacy Protection Act) Compliance. COPPA requires that operators of websites and online services that collect the personal information of children under 13 years of age (i) inform parents and legal guardians about their practices for collecting, using and disclosing such personal information and (ii) obtain verifiable consent from parents and legal guardians for doing so. We only collect personal information through the Services from a child under 13 if that young person’s school, school district, teacher, youth program or researcher has agreed to obtain parental/caregiver consent for that child to use the Services and disclose basic personal information to us for purposes of providing the Services, or we have directly obtained such parental/ caregiver consent.
If you are a young person under 13, you must not send any personal information about yourself to us if your young person’s school, school district, teacher, youth program or researcher has not obtained this prior consent from your parent or guardian, or we have not obtained such consent, and please do not send any personal information other than what we request from you in connection with the Services. If we learn we have collected personal information from a young person under 13 without parental consent having been obtained, or if we learn a young person under 13 has provided us personal information beyond what we request from him or her, we will delete that information as quickly as possible. If you believe that a young person under 13 may have provided us with personal information in violation of this Privacy Policy, please contact us.
FERPA Compliance (Family Educational Rights and Privacy Act). FERPA protects personally identifiable information contained in a young person’ education records from unauthorized disclosure. Consistent with FERPA, we will only use education records, as defined under FERPA, for the purpose of providing agreed services to a young person’s school, school district, teacher, youth program or researcher. We will never share or sell FERPA-protected information, or use it for any other purposes, except as otherwise directed or permitted by the young person’s school, school district, teacher, youth program or researcher. If a parent or eligible young person requests access to education records that are hosted on our servers, we will help facilitate such access. Our license agreement with you will describe additional commitments we make to assist you to comply with your FERPA obligations.
GDPR (General Data Protection Regulation) Compliance. We do not maintain information outside of the United States. However, you may access or create information outside the United States which is covered by privacy laws and to the extent applicable, the EU GDPR protects all applicable rules, laws and regulations, enactments, standards, court or administrative orders or decrees of any federal, provincial, local or other governmental unit which has jurisdiction in such circumstance [including, without limitation, those concerning privacy, security, and/or data protection].
CCPA (California Consumer Privacy Act) Compliance. If you are a California resident, the California Consumer Privacy Act of 2018 provides you with additional rights regarding our use of your personal information. You have a right to request that Hello Insight/Algorhythm delete any of the personal information that we collected. You have the right to request that Hello Insight/Algorhythm disclose certain information to you about our collection and use of your personal information over the past twelve months.
Identity Theft. In addition, there is an Identity Theft Prevention Program pursuant to the Federal Trade Commission’s “Red Flags Rule,” which implements Section 114 of the Fair and Accurate Credit Transactions Act of 2003. The purpose this federal regulation and legislation is to identify, detect, prevent and mitigate against potential identity theft risks. Within Hello Insight/Algorhythm, our platform does not collect personal identifiable information that can track a young person to their place of residence or to directly contact them or their caregivers.
HOW DOES HELLO INSIGHT/ALGORHYTHM COLLECT INFORMATION?
Hello Insight/Algorhythm maintains a website that is generally accessible to the public but contains certain features that may only be seen and used by those who have accounts with us (“members”). Our primary focus is the design and administration of social impact tools and systems, driven by our next-generation impact analytics that empower our users to make data-driven decisions to improve social impact programs. We obtain personally identifiable information (“PII”) and non-personally identifiable information (“NPII”) in two primary ways.
Communicating with Hello Insight/Algorhythm. We may obtain PII and NPII when users visit its website or send emails, or otherwise provide PII or NPII to us through our website, or in the case of members, establish and maintain accounts with us or otherwise communicate with us through the Service.
Completing Surveys. We may also obtain PII and NPII when it interacts with participants (“participants”) completing a survey (“surveys”) as instructed by their Hello Insight/ Algorhythm member or its representative. Participants develop their own identification code based on the members’ program information and the participants’ initials and date of birth in order to match individual participants’ survey responses before and after completion of the survey. For the benefit of the member, we will provide the individual identification codes, so that the member may identify the participant in order to provide more tailored services to that participant based on the results of the use of the Service. As such, statistical information reported by us to the member may include PII of the participants.
WHAT INFORMATION IS COLLECTED?
Depending on your use of the Service, we may collect two types of information: personality identifiable information and non-personally identifiable information.
Personally Identifiable Information (PII) – Personally identifiable information or PII is information that identifies you or can be used to identify or contact you. PII includes in the case of the member or other account holders, name, address, e-mail address, telephone number, credit card or other information regarding method of payment, and any other information that can personally identify you and, in the case of participants, in surveys, their initials and date of birth.
Non-Personally Identifiable Information (NPII) – Non-personally identifiable information or NPII is information which, by itself, cannot be used to identify or contact you, including demographic information (such as age, gender, family income, special needs status, current location, or race, provided the covered population is large and diverse enough to maintain reasonable anonymity despite disclosure) and anonymous statistical data involving the use of the Service. Certain NPII may be considered a part of your PII if it is combined with other identifiers in a way that enables you to be identified (or if the total participant population is too small or uniform to provide anonymity when that information is disclosed). But the same pieces of information are considered NPII when they are taken alone or combined only with other NPII (for example, your viewing preferences) (and the participant population is sufficiently large and diverse).
WHERE AND WHEN IS INFORMATION COLLECTED (INCLUDING THROUGH THE USE OF COOKIES AND ACTION TAGS)
We collect information that you submit to us. We may also receive, now or in the future, information about you from third parties and fraud screening services as part of your use of the Service.
Registering to Use the Service. You may be required to establish an account in order to take advantage of certain features of the Service. If you wish to establish an account you will be required to provide us with information (including PII and NPII) such as name, postal address, email address, username, password, and billing details, including billing address and your selected method of payment. We may also receive PII about you from third parties providing fraud screening services as part of the registration process.
Managing Your Account. If you have established an account with us, you can set various preferences and personal details. For example, you can update your account username and password.
Surveys. We collect data from surveys, including demographic information, to perform statistical analyses of participant responses both for the purpose of fulfilling a specific subscription and may use this data, now or in the future, for the purposes of publishing or other commercial uses. We will extract all individual pieces of PII (such as name, e-mail address, and, if appropriate, login ID, if any) from any survey data before sharing such data with any third party. PII collected from surveys may be disclosed by us to a member as explained above.
Other information you intentionally share. We may collect PII or NPII if you submit it to us in other contexts.
Cookies and Action Tags. Technologies such as cookies, beacons, tags and scripts are used by Hello Insight/Algorhythm and our service providers These technologies are used in analyzing trends, administering the website, tracking users’ movements around the website and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. In addition to cookies that we may place on your computer or mobile device, cookies might also be placed on your computer by the third parties we use to provide functionality related to the Service. In the course of providing other services related to the Service, such third parties could place or recognize unique cookies on your browser. Please note this does not opt you out of being served advertising. You may continue to receive generic ads. You do not have to accept cookies to use the website. Although most browsers are initially set to accept cookies, you may reset your browser to notify you when you receive a cookie or to reject cookies generally. Most browsers offer instructions on how to do so in the “Help” section of the toolbar. However, if you reject cookies, certain features or resources of the Service may not work properly.
Log Files. We also collect NPII through our Internet log files, which record data such as user IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Service. This information may be used to analyze trends, to administer the Service, to monitor the use of the Service, and to gather general demographic information. We link this information to PII for these and other purposes such as personalizing your experience on the Service and evaluating the Service in general.
Collection of IP Addresses . As with many sites, an IP address is visible to us when users visit our website. An IP address is a number automatically assigned to an individual computer whenever the individual is connected to the Internet. Among other uses, Algorhythm uses IP addresses to help diagnose problems with our servers.
DOES HELLO INSIGHT/ALGORHYTHM COLLECT INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE?
We comply with applicable laws pertaining to the protection of children’s privacy, including, without limitation, the U.S. Children’s Online Privacy Protection Act (“COPPA”). If a member desires to use our Service with children under the age of 13, we will only permit the use of our Service by a member if it has obtained the parental/ caregiver consent required under COPPA or if the member is a school, youth program or researcher, the member has consented on behalf of the participants in the manner required by COPPA. The information we collect from children that participate in surveys and how we use it is described in this Privacy Policy and is limited to personally identifiable information that is reasonably necessary to enable our sponsors to conduct surveys and for us to provide the results and analysis of such surveys. Except for the collection of such information we do not knowingly collect personally identifiable information from children under 13. If a parent or guardian requests, we will stop collecting, using, and/or disclosing PII from or about your child in accordance with your request (for example, for just one survey or for all), but we reserve the right to keep certain information necessary for record-keeping to the extent permitted and/or required by law, including any statutory retention requirements. You may make such a request by contacting us at admin@algorhythm.io.
WHAT DOES HELLO INSIGHT/ALGORHYTHM DO WITH THE INFORMATION IT COLLECTS?
To Provide the Service. In general, we use the information collected to provide the Service to you and process your transactions, to help us understand who uses the Service, for internal operations such as operating and improving the Service, to contact you for customer service and billing purposes, and so that we can contact you about products and services that may be of interest to you.
Communication. We may use a Service user’s information to send a welcoming or introductory email that may confirm the user’s username, I.D. number, password or status. Unless you “opt out,” we may send you electronic newsletters, contact you about the Service, products, services, information and news that may be of interest to you, and provide you with targeted feedback. If you no longer desire to receive these communications, we will provide you with the option to change your preferences by clicking on the “unsubscribe” link in the emails you receive. If a user identifies himself or herself to us when sending us an email with questions or comments, we may use the user’s information (including PII) to respond to the user’s questions or comments, and we may file such questions or comments (with the user’s information) for future reference. We may also use the information collected to send announcements and updates regarding the Service or, if applicable, about billing account status. You will not be able to unsubscribe from these Service announcements and updates for as long as you remain identified as a user, as they contain important information relevant to the use of the Service. You will need to email admin@algorhythm.io to deactivate your account.
Analyses. We may also use the information gathered to perform statistical analysis of user behavior and questionnaire responses to evaluate and improve the Service. We may link some of this information to PII for internal purposes or to improve your experience with the Service.
To Enforce our Terms of Use and Prevent Potentially Illegal Activities. WHEN DOES HELLO INSIGHT/ALGORHYTHM DISCLOSE INFORMATION TO THIRD PARTIES?
Unless specifically authorized by you, we will only disclose information we gather from you through the Service as follows.
Sponsors. We may share certain information about a participant’s use of and performance on the Service with the sponsor that provides the participant with access to the Service. Such information may include survey responses attributable to a particular participant, aggregate statistical data, and other PII and NPII.
Funding Sources. If we have received consent from a member, as selected when establishing an account with us or by emailing us at admin@algorhythm.io, we may provide such funding sources with access to a summary report of the questionnaire responses. Such summaries will not include any PII of any participant.
Laws, Law Enforcement and Legal Rights. We will disclose a Service user’s information (including PII) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process. We will disclose PII in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the Terms of Service for our Service, to detect fraud, for assistance with a delinquent account, or to protect the safety and/or security of our users, the Service or the general public.
Third Parties Generally. We may provide to third parties NPII about Service users, including where such information is combined with similar information of other users of the Service. For example, we might inform third parties regarding the number of unique users who visit the Service, the demographic breakdown of our registered users of the Service, and the results and progress of users. The third parties to whom we may provide NPII may include affiliates, actual or potential commercial partners, prospective customers, students, customers, sponsors associated with Service users, licensees, researchers and other similar parties.
Information you expressly consent to be shared. For example, we may expressly request your permission to provide your contact details to third parties for research purposes.
Outside Contractors. We may employ independent contractors, vendors and suppliers (collectively, “Outside Contractors”) to provide specific services related to the Service, such as hosting and maintaining the Service, providing fraud screening, and developing applications for the Service and e-mail services. In the course of providing services to us, these Outside Contractors may sometimes have limited access to information collected through the Service, including users’ PII. We require our Outside Contractors to treat all PII as confidential and not disclosable, except as may be required by our contract with them or as required by law.
Sale of Business. We reserve the right to transfer information (including PII) to a third party upon a sale, merger or other transfer of all or substantially all assets of Hello Insight/Algorhythm, or upon discontinuance our business or filing a petition, or have filed against us a petition, in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Policy.
DOES THIS PRIVACY POLICY APPLY WHEN I LINK TO OTHER WEBSITES OR SERVICES?
Our website may contain links to other websites not owned or operated by Hello Insight/Algorhythm. However, please be aware that we are not responsible for the privacy practices of any websites or services other than the Service. We encourage you to read the privacy policies or statements of each and every such website and service. This Privacy Policy applies solely to information collected by us through the Service.
IS THE INFORMATION COLLECTED THROUGH THE SERVICE SECURE?
We want your information (including PII) to remain secure. We strive to provide transmission of your information from your computer or mobile device to the servers on which your information is maintained through means that are consistent with industry standards and to employ administrative, physical, and electronic measures designed to protect your information from unauthorized access. When you enter sensitive information (such as login credentials) we encrypt the transmission of that information using secure socket layer technology (SSL).
COULD MY INFORMATION BE TRANSFERRED TO OTHER COUNTRIES?
Yes, Hello Insight/Algorhythm leverages the industry standard technologies around the world, and our survey data may be processed in, or transferred or disclosed to, countries in which our service providers are located or have servers. We maintain industry standard security for all of our products and services.
WHAT CHOICES DO I HAVE REGARDING THE COLLECTION, DISCLOSURE AND DISTRIBUTION OF PERSONALLY IDENTIFIABLE INFORMATION?
Choices Generally. We will only use PII for the purposes described above or as otherwise disclosed at the time we request such information from you. You must “opt in” and give us permission to use your PII for any other purpose. You may also change your preference and “opt-out” of receiving certain marketing communications by following the directions provided in association with the communication, or by contacting [admin@algorhythm.io].
Online Tracking. We currently do not process or comply with any web browser’s “do not track” signal or other similar mechanism that indicates a request to disable online tracking of individual users who visit our websites or use our Service.
WHAT ARE MY RIGHTS TO MY INFORMATION?
Account Information. You can update your registration and other account information by visiting your account management page.
Access and Correct Your PII. If you are an account holder you have the right to request the restriction of certain uses and disclosures of PII (your PII and if you are a sponsor, the PII of your participants) as follows. You can contact us in order to (i) review , update or correct the PII, or (ii) change your preferences with respect to communications and other information you receive from us, by contacting admin@algorhythm.io. Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third-parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your PII may exist in a non-erasable form that will be difficult or impossible for us to locate. We promise that promptly after receiving your request, all PII stored in databases we actively use and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably practicable.
If you are in California and subject to CCPA of 2018, you have the right to request that we provide (a) the categories of personal information we collected about you; (b) the categories of sources for the personal information we collected about you; (c) our business or commercial purpose for collecting or selling that personal information (however, we do not sell any information); (d) the categories of third parties with whom we share that personal information (e) the specific pieces of personal information we collected about you (also call data portability request); (f) and, if we sold or disclosed your personal information for a business purpose, two separate lists showing sales, identifying the personal information categories that each category of recipient purchase and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained. Note that you generally will have the right to request deletion of personal information under the CCPA subject to specific ongoing use of it set forth in the CCPA.
Download/backup your questionnaire data. Depending on what subscription plan you have, upon written request to us at admin@algorhythm.io no more than twice a year, we will provide you with the ability to export, share and publish your questionnaire data in a variety of formats.
HOW WILL I KNOW IF THERE ARE ANY CHANGES TO THIS PRIVACY POLICY?
Hello Insight/Algorhythm may amend this Policy from time to time. We will not make changes that result in significant additional uses or disclosures of your PII without requiring that you “Opt In” to such changes. We may also make non-significant changes to this Policy that generally will not significantly affect our use of your PII, for which your Opt In is not required. We will provide users with notification of any material changes, significant and non-significant, by posting in the privacy page of the website prior to the changes becoming effective. If any future non-significant changes to this Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Service. We encourage you to check this page periodically for any changes. Your continued use of the Service following the posting of non-significant changes to this Privacy Policy constitutes acceptance of those changes.
WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?
If you have any questions about this Privacy Policy or our security measures at Hello Insight/Algorhythm, please contact us at: admin@algorhythm.io