HYLONOME PRIVACY POLICY

 

Updated on October 18, 2018

This Privacy Policy (the “Policy”) describes how Hylonome, LLC (“Hylonome,” "we," "us," and “our") is committed to protecting your privacy when you use our websites and mobile and other software applications that display or reference this Policy, including, without limitation, our website located at www.hylofit.com (our web sites and mobile and other software applications displaying or referencing this Policy, collectively the "Site").

Summary

This Policy applies to all information you upload, post or provide to the Site and all information we collect from you through your use of the Site (“Information”). This Information includes both Information that may be reasonably associated with, linked to you or your horse(s), or used to identify you or your horse(s), allowing you to be personally identified or contacted (“Personal” Information) and Information that may not by itself be reasonably associated with, linked to, or used to you (“Non-Personal” Information). This includes all exercise and fitness data, training plans, training logs, and any other information that you upload or enter into your Account on the Site.

Although we encourage you to read the entire Policy, the following provides a summary of some of the important aspects of our privacy practices:

  • We allow you to “opt out” of certain uses of your information.

  • We use your information to provide you with products, services, and information.

  • We may combine the information we collect about you and your horse(s) with information collected from other sources.

  • We may share your information with third parties in some situations, such as in processing registration and payment for our Site, administering our Site, and for advertising and direct marketing.

  • We take reasonable and appropriate measures to secure your information, but we cannot promise that your information will remain secure in all circumstances.

EU Personal Data.

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as further described in the “Privacy Notice for EU Residents” section below.  

Your Consent to This Policy.

By using a Site, you are agreeing to the collection, use, and sharing of your and your horse(s) information as described in this Policy. We will not use or share the information we receive, collect, or obtain regarding you and your horse(s) other than as stated in this Policy. If you do not consent to the receipt, collection, use, and disclosure of your information as described in this Policy, you are not permitted to use the Site.

Questions and Communications.

If you have any questions or concerns regarding this Policy or our Information practices, please send an email to hello@hylonome.com or send us a letter to “Privacy” at: 180 Millstone Road, Wilton, CT 06897.

If we need, or are required, to contact you concerning any event that involves any of your Information that we collect, use, or share, we may do so by email, telephone, or mail using the address or number we have on file for you.

This Policy May Change.

We reserve the right to update or modify this Policy, at any time and without prior notice, by posting the revised version of this Policy on the Site. Changes made to this Policy will be effective 30 days following posting for existing users, and immediately for new users. Your use of the Site following the effective date of any change to this Policy constitutes your acceptance of that change.

Unless we seek and receive consent from you, we will use your Information in accordance with the version of this Policy effective when the Information was last collected. You may contact us as described above regarding any change to this Policy, including to prevent your Information from being used pursuant to any change to this Policy.

Additional Privacy Notices on the Site.

This Policy is supplemented by additional notices regarding privacy posted on the Site. These notices provide details about the Information we collect, use and share through the Site, why we need that Information, and choices you may have about the ways we use that Information.

Personal Information We Collect Through the Site.

We may receive, collect, and obtain Personal Information regarding you and your horse(s) as described in this Policy. In particular, we may collect Personal Information from you voluntarily through your use of the Site or your interactions with others through the Site. We may also automatically collect Personal Information from you when you use the Site or interact with others through the Site. For example:

Personal Information You Volunteer.

We collect Personal Information you voluntarily upload, provide, or post when you use the Site. For example, the Personal Information you provide when you register on the Site (including, your age, gender, and contact information as well as your horse(s) age, gender and discipline, ), when you use your Account on the Site (including, your fitness and data, as well as geo-location information regarding your training), or when you upload, provide, or post other content to the Site (including, text, photographs, images, illustrations, graphics, audio and video clips, and other content).

Information Obtained from Third Parties.

We may obtain Personal Information from other third parties regarding you or your horse(s). For example, if you register with a third party provider to participate in one of the services offered through our Site, we may automatically import the Information you provide to that third party into your account for the Site.

Personal Information Sent to Us by Your Web Browser or Mobile Device.

We collect Personal Information that is sent to us automatically by your web browser or mobile device. This Information may include, for example, your IP address, the address of the web page you were visiting when you accessed the Site, the name of your operating system, the name and version of your browser, your mobile device identifier, your location, your wireless carrier and mobile phone number, and the date and time of your visit. The Personal Information we receive depends on the settings on your web browser and mobile device. Please consult the documentation for your web browser or mobile device regarding how to adjust the Personal Information you share through your web browser or mobile.

Personal Information Collected Using "Cookies" and Tracking Technologies.

We use "cookies," “flash cookies,” “Oauth tokens,” “web beacons” and similar technologies to collect Information and manage the Site. A cookie is a small text file that is placed on your hard disk or mobile device by a Web server. Each time you visit the Site, our server will recognize you by "searching" the Information contained in these cookies. This permits us to offer you a personalized experience when you use the Site.

We may use cookies and other tracking technologies that expire once you close your web browser or that persist and stay on your computer or device until you delete them. If you do not wish to allow cookies or other tracking technologies, please refer to your browser or device instructions or help screen to learn more about your ability to limit or delete cookies and other tracking technologies. Although you are not required to accept our cookies when you visit the Site, if you set your browser to reject cookies, you will not be able to use all of the features and functionality of the Site.

Please note that our advertisers and third party providers may also use cookies, web beacons, or these other tracking technologies in messages and advertisements displayed on the Site. We do not have access to information that would confirm all uses of cookies, web beacons, or other tracking technology by our advertisers and other third party providers.

Use and Sharing of Your Personal Information.

We may use and share the Personal Information we receive, collect, and obtain regarding you as described in this Policy. The Personal Information that we receive, collect, and obtain may be used for a variety of purposes, including by way of example:

To provide the products, information and services you request;

For security, credit or fraud prevention purposes;

To provide you with effective customer service;

To provide you with a personalized experience when you use the Site;

To create a profile from the dealings we have with you to help understand what information you might be interested in receiving from us;

To contact you with special offers and other information we believe will be of interest to you;

To contact you with information and notices related to your use of the Site;

To provide targeted advertising to you through the Site;

To invite you to participate in surveys and provide feedback to us;

To contact you to satisfy any legal or regulatory obligation;

To improve the content, functionality and usability of the Site;

To improve our products and services and develop new products and services;

To improve our marketing and promotional efforts;

YOU SHOULD NOT PROVIDE ANY PERSONAL INFORMATION THROUGH THE SITE OR ANY COMMUNICATIONS WITH OTHERS THROUGH THE SITE UNLESS YOU WOULD LIKE THAT INFORMATION TO BE USED IN ACCORDANCE WITH THIS POLICY.

In addition to the other uses of Personal Information described above, we may share your Personal Information in the following ways:

Public Postings on the Site.

The Site permits you to post, upload, or otherwise make Personal Information publicly available on the Site or through third party web sites and services, including, for example, blogs, Facebook®, Twitter® or other social media applications. When you do this, the Personal Information will be made publicly available through the Site or through the other third party web site or service. You are responsible for determining when and where you would like to make your Personal Information publicly available and the Site will not alert you when you make your Personal Information publicly available.

Service Providers.

We may share your Personal Information with companies and organizations that perform services on our behalf; for example, companies that provide support services to us (such as data storage, web hosting, and data analytics services) or that help us process your payments (such as payment card processors). We require that these third parties agree to use the Information we share with them only to perform their obligations to us and to treat all Information they receive from us in compliance with this Policy.

For instructions on how to “opt-out” of disclosure of your Personal Information to these third parties, please see the “Your Choices / Opt-Out / Changing Your Information” section below.

Collection, Use, and Sharing of Non-Personal Information.

We may also generate Non-Personal Information from the Personal Information we receive, collect, and obtain under this Policy. When we do so, we will take reasonable measures to ensure that the Non-Personal Information is no longer personally identifiable and may not later be reasonably associated with, linked to, or used to identify you. Once we generate any Non-Personal Information from any Personal Information, we will not later attempt to again make that information personally identifiable. However, we may combine and enhance that Non-Personal Information with other Non-Personal Information received or obtained from third parties.

Provided that any Non-Personal Information remains in non-personally identifiable form and may not be reasonably associated with, linked to, or used to identify any individual, we may use or share that Non-Personal Information for any lawful purpose without a further duty or obligation to you. This will include, by way of example, developing product and service offerings based on Non-Personal Information and providing those offerings to you or to other third parties.

Sensitive Information.

You are not required to provide us with any Information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs, or other sensitive Information in order to use our Site. You may, however, choose to provide these types of sensitive information to improve your use of the Services. HYLONOME IS NOT A HEALTHCARE PROVIDER OR A BUSINESS ASSOCIATE OF ANY HEALTHCARE PROVIDER AND IS NOT SUBJECT TO THE PRIVACY RULE OF THE HEALTH INFORMATION PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA).

Protection of the Sites and Others.

We may disclose the Information we collect through the Site when we, in good faith, believe disclosure is appropriate to comply with the law (or a court order or subpoena); to prevent or investigate a possible crime, such as fraud or identity theft; to enforce the Terms of Use or other agreements that govern the use of the Site; to protect the rights (including our intellectual property rights), property or safety of Hylonome, our users or others; or to protect your vital interests.

Business Transfers.

If we elect, in our reasonable discretion, to transfer ownership or control of the Site to a third party, whether or not in the context of an acquisition, merger, or reorganization, your Information (both Personal and Non-Personal) may be transferred to that third party (either an affiliate or an unrelated third party). If such a transfer occurs, the acquiring company's use of your personal information will still be subject to this Policy and the privacy preferences you have expressed to us.

Your California Privacy Rights.

California law provides that California residents have a right to request that businesses tell them how their Personal Information has been shared with third parties for use in direct marketing purposes. However, there is an exception to this requirement for businesses that have adopted and disclosed, in their privacy policy, a policy of not disclosing a person’s Personal Information to third parties for use in direct marketing purposes if that person has exercised an option to opt-out of the disclosure of their Personal Information to third parties for such purposes.

We have adopted a policy of allowing you to opt-out of the disclosure of your Personal Information to third parties for their direct marketing purposes and thus falls within this exception. Instructions for opting out can be found in the section below entitled “Your Choices / Opt-Out / Changing Your Information.”

Your Choices / Opt-Out /Changing / Deleting Your Personal Information.

We respect your right to make choices about the ways we receive, collect, use and disclose your Personal Information. If you no longer wish to receive messages from us through the Site, or to have your Personal Information shared with third parties as permitted by this Policy, you may opt-out of receiving those messages from us or having your Personal Information shared with third parties.

In many cases, opting out of receiving messages or having your Personal Information shared with a third party will not affect your ability to use or access the Site. However, some messages (e.g. account notifications, service announcements, and billing information) are considered necessary to our operation of the Site. Likewise, some of the third parties with which we share your Personal Information are used by us to provide necessary functionality for the Site. If you wish to opt-out of receiving these messages or of sharing your Personal Information with those third parties, we may be required to limit or cancel your access to and use of some or all of our Site. Note also that while you may opt-out of receiving messages from us, you may be required to contact other third parties directly to also opt-out of receiving emails or other messages from those third parties. All opt-out requests can be made by contacting us at xxx using the email address we have on file for your account on the Site.

While we take reasonable steps to ensure that the Personal Information we collect is reliable for its intended use, accurate, complete, and current, we rely on you to update and correct your Personal Information. You may update, correct or modify any of your Personal Information by emailing us at hello@hylonome.com using the email address we have on file for your account on the Site.

You may also contact us at xxx using the email address we have on file for your account on the Site to instruct us to delete your Personal Information. If you wish for us to delete your Personal Information, we will be required to limit or cancel your access to and use of some or all of our Site.

Note that it may take up to 10 business days for us to comply with any request you make to remove your contact information from our lists, to cease sharing your Personal Information, to update, correct or modify your Personal Information, or to delete your Personal Information.

Children's Privacy.

The Site is not directed at nor targeted to children under the age of 13. We do not use the Site to knowingly solicit Personal Information from or market to children under the age of 13. If you are under the age of 13, do not provide us with any Personal Information. If we learn that someone under 13 has provided Personal Information to one of the Site, we will use reasonable efforts to remove such Information from our databases.

Do Not Track.

Certain web browsers and other devices you may use to access the Site may permit you to indicate your preference that you do not wish to be “tracked” online. At this time we do not modify your experience on the Site or the Information we collect from you through the Site based on whether such a preference is indicated.

Security.

We are committed to protect and secure your Personal Information. We will take all reasonable and appropriate steps to insure the safety and security of your Personal Information. This includes using at least industry standard security measures to protect the loss, misuse, and unintended alteration of the Personal Information under our control. For example, our policy is that only those individuals who need your Personal Information to perform a specific job for us are granted access to that Personal Information. Likewise, all employees and contractors are kept up-to-date on our security and privacy practices. Finally, the servers that we store personally identifiable information on are kept in a secure environment. Although we take these measures to protect your Personal Information, "perfect security" does not exist, and we can not guarantee that your Personal Information will be secure in all situations.

PRIVACY NOTICE FOR EU RESIDENTS

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.  

For this section, “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Hylonome will be the controller of your Personal Data processed in connection with the Services.

Where applicable, this section is intended to supplement, and not replace, this Privacy Policy. If there are any conflicts between this section and any other provision of this Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at hello@hylonome.com.  

Grounds for Processing Personal Data.

Hylonome will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.

Contractual Necessity:  We process the following categories of Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Use with you, which enables us to provide you with the Services.  When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data. 

First and last name

Email address 

Phone number 

Date of birth  

Gender

Legitimate Interest:  We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties.  

IP address

Physical address 

Device identifiers 

Usage information and Log Data

Examples of these legitimate interests include:

Operation and improvement of our business, products and services

Marketing of our products and services 

Provision of customer support

Protection from fraud or security threats

Compliance with legal obligations

Completion of corporate transactions 

Consent:   In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data.  When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. 

Other Processing Grounds:  From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

How and with whom we share your personal data.

We share Personal Data with vendors, third party service providers and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy or our Terms of Use. These parties include:

  • Payment processors

  • Fraud prevention service providers

  • Ad networks

  • Analytics service providers

  • Staff augmentation and contract personnel 

  • Hosting service providers

  • Co-location service providers

  • Telecommunications service providers

We also share Personal Data when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested.  In addition to those set forth above, these parties also include:

  • Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services) 

  • Social media services (if you interact with them through your use of the Services)

  • Third party business partners who you access through the Services

  • Other parties authorized by you

We also share Personal Data when we believe it is necessary to:

  • Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies

  • Protect us, our business or our users, for example to enforce our terms of use, prevent spam or other unwanted communications and investigate or protect against fraud

  • Maintain the security of our products and services

We also share information with third parties when you give us consent to do so.

Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.

How long we retain your personal data.

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services and you ask us to delete your account and data.  In all cases, unless explicitly asked, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. After an account deletion, we retain some information regarding usage of the system in a depersonalized form but not in a way that would identify you personally. We continue to use this data in a depersonalized form to improve our algorithms.

Security measures we use.

We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. The servers that host and process your data are physically secured and logically secured from the outside internet. Only authorized employees of Hylonome who have a legitimate and approved reason for accessing Personal Data have access to the data.  Before viewing Personal Data, consent from the data owner is required.

Rights you have regarding your personal data.

You have certain rights with respect to your Personal Data, including those set forth below.  For more information about these rights, or to submit a request, please email hello@hylonome.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request. 

Access:  You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging into your account. 

Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your account.  

Erasure: You can request that we erase some or all of your Personal Data from our systems.  

Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services. 

Portability:  You can ask for a copy of your Personal Data in a machine-readable format.  You can also request that we transmit the data to another controller where technically feasible.

Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes. 

Restriction of Processing:  You can ask us to restrict further processing of your Personal Data.

Right to File Complaint:  You have the right to lodge a complaint about Hylonome’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. 

By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Hylonome in the U.S. and will be hosted on U.S. servers, and you authorize Hylonome to transfer, store and process your information to and in the U.S., and possibly other countries.  You hereby consent to the transfer of your data to the U.S. pursuant to EU-U.S. Hylonome also uses service providers who are deemed adequate via EU-U.S. and Swiss-U.S. Privacy Shield Framework.

General questions, suggestions, or concerns about this policy, or about use of your information, please contact us at hello@hylonome.com.