Handi Technology Limited Privacy Policy

Handi Technology Limited (“Handi”) is a company registered in the UK (#12543966) with a registered office at Beacon House, Beacon Hill, Penn, Buckinghamshire, HP10 8NU. This privacy policy will explain how our organisation uses the personal data we collect from you when you use our website.

For more information about General Data Protection Regulations (GDPR) and compliance, please visit: https://gdpr.eu/.

Topics:

  • What data do we collect?
  • How do we collect data?
  • How will we use your data?
  • How do we store your data?
  • Marketing
  • What are your data protection rights?
  • What are cookies?
  • What types of cookies do we use?
  • How to manage your cookies
  • Privacy policies of other websites
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities

 

What data we collect?

Handi collects the following data:

  • Personal identification information:
    • Name
    • Job title
    • Company
    • Email address
    • Phone number
    • Location (country)

 

How do we collect data?

You directly provide Handi with most of the data we collect. We collect and process data when you:

  • Register online
  • Use or view our website via your browser’s cookies
  • Voluntarily complete a customer survey or provide feedback on via email

Handi may also receive your data indirectly from the following sources:

  • A representative of your company registering an online account on your behalf

 

How will we use your data?

Handi collects your data so that we can:

  • Offer products and services in relation to Handi totems and networks
  • Manage your account
  • Email you with information and offers on products and services we think you may like

If you agree, Handi will share your data with partner companies so that we can provide our services, as well as offer you additional products and services:

  • Sanitising solution partners
  • WND UK, Sigfox supplier
  • LOKA, geolocation partner
  • DOOH.com, web & platform development

Where data is shared, and in relation to GDPR standards and compliance, Handi will be the ‘data controller’ (i.e. responsible for the means and purpose of processing personal data) and any third parties will be ‘data processors’ (i.e. a third party that processes data on behalf of the data controller).

 

How do we store your data?

Handi securely stores your data via Amazon Web Services:

  • The Handi backend ecosystem is hosted on Amazon Web Services (AWS). This hosts the database, application and web server needed to provide the dashboard services.
    • AWS protected infrastructure running AWS services in the AWS Cloud
    • Data is stored on a password protected database operating behind an Amazon Virtual Private Cloud (VPC)
    • Customer data is only accessible within the VPC in which the application and web layers operate.
    • The VPC provides a public facing subnet, only to serve the dashboard’s webpages
    • Website accessible to customers using HTTPS and SSL encryption
    • The website dashboard can only be accessed using a username and password created by users
    • Passwords are not stored in plain text and therefore hashed in the database
    • Once authenticated, the website uses token-based authorisation which is required for each piece of data that the user requests
    • Website uses role-based permissions, isolating client data to specific users
    • The application layer does a final check to ensure customers only get served data they have permission to see. This further frustrates any malicious attempts to change web request parameters

 

Handi IoT Security

The data provided into Handi totem module’s is standard RS232. The data is then converted and encrypted on the SigFox radio module, which is then sent across the Sigfox network.

Each Sigfox module message contains a sequence counter that is verified by the Sigfox Core Network in order to detect replay attempts. The encryption technology was designed in collaboration with CEA-LETI, specifically for use with short Sigfox messages; this allows message traffic between the device and the network to be fully encrypted data.

Each SigFox message contains a unique identifier (alphanumeric string), which is otherwise not identifiable in relation to specific users or locations. The SigFox data is only matched to customer data via the unique identifier in the secure backend system (as described above)

For full details of SigFox’s security measures, please refer to: https://www.sigfox.com/en/what-sigfox/technology#id_security

Handi will only keep your user data for a reasonable period, as advised by local laws. Once this period has expired, we will securely delete your data.

 

Marketing

Handi would like to send you information about products and services of ours that we think you might like, as well as those of our partner companies:

  • Sanitiser solution partners

If you have agreed to receive marketing, you may always opt out at a later date.

You have the right at any time to stop Handi from contacting you for marketing purposes or giving your data to other members of the group.

If you no longer wish to be contacted for marketing purposes, please contact Handi at privacy@itshandi.com.

 

What are your data protection rights?

Handi would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request Handi for copies of your personal data. We may charge a small fee for this service.

The right to rectification – You have the right to request that Handi correct any information you believe to be inaccurate. You also have the right to request Handi to complete information you believe is incomplete.

The right to erasure – You have the right to request that Handi erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that Handi restrict the processing of personal data, under certain conditions.

The right to object to processing – You have the right to object to Handi’s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that Handi transfer the data we have collected to another organisation, or directly to you, under certain conditions.

If you make a request we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: privacy@itshandi.com

 

What are cookies?

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect information from you and automatically through cookies or similar technology.

For further information, visit www.allaboutcookies.org

 

How do we use cookies?

Handi uses cookies in a range of ways to improve your experience on our website, including:

  • Keeping you signed in
  • Understanding how you use our website

 

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

  • Functionality – Handi uses these cookies so that we recognise you on our website and remember your previously selected preferences. These could include what language you prefer, what location you are in. A mix of first-party and third-party cookies are used.
  • Advertising – Handi uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and the information about your browser, device and IP address. Handi sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.

 

How to manage your cookies

You can set your browser not to accept cookies, and www.allaboutcookies.org not function as a result. You can at any time change or withdraw your consent from the Cookie Declaration on our website.

 

Privacy policies of other websites

The Handi website and Management System may contain links to other websites. Our privacy policy only applies to our website, so if you click a link to another website, you should read their privacy policy.

 

Changes to our privacy policy

Handi keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 30th June 2020.

 

How to contact us

If you have any questions about Our Company’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us: privacy@itshandi.com

 

How to contact the appropriate authorities

Should you wish to make a complaint about how we use your information, you have the right to lodge a complaint with the appropriate data protection supervisory authority in your country.