For more information about General Data Protection Regulations (GDPR) and compliance, please visit: https://gdpr.eu/.
Address: 58 London Street, Whitchurch, Hampshire, RG28 7LN
- What data do we collect?
- How do we collect data?
- How will we use your data?
- How do we store your data?
- What are your data protection rights?
- What are cookies?
- What types of cookies do we use?
- How to manage your cookies
- Privacy policies of other websites
- How to contact us
- How to contact the appropriate authorities
What data we collect?
Handi collects the following data:
- Personal identification information:
- Job title
- Email address
- Phone number
- Location (country)
How do we collect data?
You directly provide Handi with most of the data we collect. We collect and process data when you:
- Register online
- Use or view our website via your browser’s cookies
- Voluntarily complete a customer survey or provide feedback on via email
Handi may also receive your data indirectly from the following sources:
- A representative of your company registering an online account on your behalf
How will we use your data?
Handi collects your data so that we can:
- Offer products and services in relation to Handi totems and networks
- Manage your account
- Email you with information and offers on products and services we think you may like
Where data is shared, and in relation to GDPR standards and compliance, Handi will be the ‘data controller’ (i.e. responsible for the means and purpose of processing personal data) and any third parties will be ‘data processors’ (i.e. a third party that processes data on behalf of the data controller).
How do we store your data?
Handi securely stores your data via Amazon Web Services:
- The Handi backend ecosystem is hosted on Amazon Web Services (AWS). This hosts the database, application and web server needed to provide the dashboard services.
- AWS protected infrastructure running AWS services in the AWS Cloud
- Data is stored on a password protected database operating behind an Amazon Virtual Private Cloud (VPC)
- Customer data is only accessible within the VPC in which the application and web layers operate.
- The VPC provides a public facing subnet, only to serve the dashboard’s webpages
- Website accessible to customers using HTTPS and SSL encryption
- The website dashboard can only be accessed using a username and password created by users
- Passwords are not stored in plain text and therefore hashed in the database
- Once authenticated, the website uses token-based authorisation which is required for each piece of data that the user requests
- Website uses role-based permissions, isolating client data to specific users
- The application layer does a final check to ensure customers only get served data they have permission to see. This further frustrates any malicious attempts to change web request parameters
Handi would like to send you information about products and services of ours that we think you might like, as well as those of our partner companies:
- Sanitiser solution partners
If you have agreed to receive marketing, you may always opt out at a later date.
You have the right at any time to stop Handi from contacting you for marketing purposes or giving your data to other members of the group.
If you no longer wish to be contacted for marketing purposes, please contact Handi at firstname.lastname@example.org.
What are your data protection rights?
Handi would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Handi for copies of your personal data. We may charge a small fee for this service.
The right to rectification – You have the right to request that Handi correct any information you believe to be inaccurate. You also have the right to request Handi to complete information you believe is incomplete.
The right to erasure – You have the right to request that Handi erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Handi restrict the processing of personal data, under certain conditions.
The right to object to processing – You have the right to object to Handi’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Handi transfer the data we have collected to another organisation, or directly to you, under certain conditions.
If you make a request we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: email@example.com
What are cookies?
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect information from you and automatically through cookies or similar technology.
For further information, visit www.allaboutcookies.org
- Keeping you signed in
- Understanding how you use our website
What types of cookies do we use?
There are a number of different types of cookies, however, our website uses:
- Functionality – Handi uses these cookies so that we recognise you on our website and remember your previously selected preferences. These could include what language you prefer, what location you are in. A mix of first-party and third-party cookies are used.
- Advertising – Handi uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and the information about your browser, device and IP address. Handi sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
How to manage your cookies
Privacy policies of other websites
How to contact us
How to contact the appropriate authorities
Should you wish to make a complaint about how we use your information, you have the right to lodge a complaint with the appropriate data protection supervisory authority in your country.