Your privacy is important to us. The purpose of this Products Privacy Statement (“Privacy Statement”) is to make you aware of what personal data Hologram collects from you through your use of our products and services and how we use that data. Our “Products and Services” include:
This Privacy Statement describes how Hologram, Inc. ("Hologram," "we," “us,” or “our”) collects, uses, discloses and otherwise processes personal data regarding (i) the personnel and other representatives of our business customers (“Customer Personnel”) and (ii) the end users of such business customers (“End Users”) (such Customer Personnel and End Users referred to collectively herein as “you” or “your”) through the Products and Services. This Privacy Statement applies to personal data that we collect through the Products and Services as a controller (such as when we process your personal data in order to improve our Products and Services and for our own analytics purposes), and personal data that we collect through the Products and Services and process on behalf of our business customers as a processor or service provider (such as when we collect personal data from End Users through our business customers’ implementation of our Products and Services and on the behalf of such business customers).
Hologram’s processing of personal data on behalf of Hologram’s business customers in connection with the Products and Services is governed by this Privacy Statement and the relevant agreement with our business customer. In the event of any conflict between this Privacy Statement and the relevant business customer agreement, the relevant business customer agreement will control to the extent permitted by law. This Privacy Statement does not apply to the processing of personal data by our business customers. Hologram does not control the privacy practices of our business customers. If you have questions or concerns regarding the processing of your personal data by our business customers, please contact the relevant business customer. This Privacy Statement also does not apply to information collected through the use of cookies and other tracking technologies. For information concerning our processing of personal data in connection with such cookies and other tracking technologies, please see our Cookie Notice.
If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), please also consult the EEA/UK GDPR supplemental notice below.
Information that you provide or information about you provided to us by our business customers may include:
AS A PROCESSOR:
AS A PROCESSOR:
We may share your personal data with the following categories of third parties:
We are headquartered in the United States and may use service providers / sub-processors that operate in other countries. Your personal data may be transferred to the United States or other locations where privacy laws may be different from those in your state, province, or country.
If you are located in the EEA or the UK, we will transfer your personal data outside the EEA/UK in accordance with the provisions on data transfers in the EEA/UK GDPR supplementary notice below.
Under certain circumstances, if and to the extent provided by any law applicable to your personal data, you may have certain rights with respect to your personal data. Such rights may include the right to access, update, rectify, or erase certain personal data that we have about you or restrict or object to certain activities with respect to your personal data. To the extent you have such rights, you may exercise them as described herein.
AS A PROCESSOR:
In all circumstances where we process your personal data on behalf of a business customer, our business customer is the data controller or data owner and is responsible for receiving and responding to your request to exercise any rights afforded to you under any such applicable law. In these circumstances, you will have to address your request to the relevant business customer in the first instance. In this case Hologram will not assist you directly but will assist our business customer in answering your request, if and to the extent required by applicable law or by our agreement with such business customer.
AS A CONTROLLER
Where we process your personal data as a data controller or data owner, you may exercise any rights you may have under applicable privacy laws by contacting us using the details in the “Contact Us” section above. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We may retain your personal data as long as necessary for the purpose for which it was collected, including to comply with and enforce the terms of our agreements with our business customers, and beyond such time to the extent legally permitted and based on our legal obligations or legitimate interests (e.g. in retaining data for the purposes of responding to possible disputes or complaints).
Hologram uses technical, organizational and physical safeguards designed to protect information from loss, theft, misuse, and unauthorized access, disclosure, alteration and destruction. We cannot, however, guarantee that any safeguards or security measures will be sufficient to prevent a security issue.
The Products and Services are not intended for children under the age of sixteen (16) and we do not knowingly collect data relating to such children. If we learn that we have collected personal data through our Products or Services from a child under 16 without the consent of the child’s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information. We encourage parents or guardians with concerns to contact us.
Our Products and Services may integrate with or enable access to third party tools. If you register, install or access any third-party tools, you may be required to accept privacy notices provided by those third parties. Please review any applicable third-party notices carefully. Hologram does not control and is not responsible for these third parties’ privacy or information security practices.
Hologram reserves the right to modify this Privacy Statement at any time. We thus advise you to check this Privacy Statement regularly. Any material changes will be announced via our homepage or by other appropriate means.
If you are located in the EEA or the UK, this EEA/UK GDPR supplemental notice applies to you.
Hologram, Inc. (“Hologram”), established at: 1608 S. Ashland Ave 25937, Chicago, IL 60608, United States is the controller of your personal data for the purposes referred to in Section 4 of the Privacy Statement.
Hologram has appointed PLANIT//LEGAL as its EEA representative, which can be contacted at PLANIT//LEGAL, Attn: Hologram, Inc., EU Representative, Jungfernstieg 1, 20095 Hamburg, Germany, E-Mail: hologram_eu_representative@planit.legal and Sapphire Consulting Group as its UK representative, which can be contacted at Sapphire – Data Protection Consultants, Attn: Hologram, Inc., Central Point, Beech Street, London EC2Y 8AD, England, E-Mail: info@sapphireconsulting.co.uk.
AS A PROCESSOR:
We process your personal based on contractual necessity:
AS A CONTROLLER:
We process your personal data based on compliance with our legal obligations:
We process your personal data based on our legitimate interests:
AS A PROCESSOR:
Please refer to Section 7 “Your Privacy Rights” of the Privacy Statement.
AS A CONTROLLER:
You have the following rights in relation to the personal data we hold about you:
Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations
We may transfer your personal data outside of the EEA and/or UK. Some of these recipients are located in countries in respect of which either the European Commission and/or UK Government (as and where applicable) has issued adequacy decisions, in which case, the recipient’s country is recognized as providing an adequate level of data protection under UK and/or European data protection laws (as applicable) and the transfer is therefore permitted under Article 45 of the GDPR.
Some recipients of your personal data may be located in countries outside the EEA and/or the UK for which the European Commission or UK Government (as and where applicable) has not issued adequacy decisions in respect of the level of data protection in such countries (“Restricted Countries”). For example, the United States is a Restricted Country. Where we transfer your personal data to a recipient in a Restricted Country, we will either:
You may ask for a copy of such appropriate data transfer agreements by contacting us using the contact details above.
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before disclosing any personal data.