1. Personal information that we collect
Personal data, or personal information, may be defined as any information about an individual from which a person can be identified. It does not include data where the identity has been removed (anonymous data). We actively collect a variety of data from our customers and visitors to our website, both automatically and when you register an account with us. When you register an account with us, we collect your full name, email address, full address, Phone Number and some verification documents if needed to avoid fraud (such as a Photo ID issued by a government entity or Payment Information). In order to acquire a service with us, the information you provide should be valid, otherwise it would break our terms and conditions which will result in termination of the account. When you visit our website, we automatically obtain browser and device information (IP address, operating system, device manufacturer and model, Internet browser type and version) and record your activities on our website (time spent on pages, pages visited, links clicked, referrals, etc.). We may also collect information about your online activities on websites and connected devices over time and across third-party websites, devices, applications, and other online feature and services. We actively use Google Analytics to help us analyze our website traffic. When you use our hosting services, your files will be retained until such time as the active service is terminated, files and all backups will get purged from our systems.
2. Cookies and analytics
3. Other data collection
When we conduct fraud monitoring, prevention, and detection activities, we may also receive personal data from you from our business partners, financial service providers, and publicly available sources (e.g., name, address, phone number) as needed to confirm your identity and prevent fraudulent activity. You may also choose to submit information to us through other methods including, but not limited to, (i) in response to marketing or other communications, (ii) through social media or online forums, (iii) through participation in an offer or promotion, (iv) in connection with ongoing or prospective business relationship with us, or (v) by giving us your business card or contact details at conventions or other similar events. We do not knowingly collect any details pertaining to your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, credit or financial history, trade union membership, and/or information about your health and genetic and biometric data. We also do not knowingly collect any information pertaining to criminal convictions or offenses. It is important to note that such details may be recorded through server logs if you discuss such information throughout your use of our services and/or through our support communication systems.
4. Where information is processed
Heronode is based in Mexico City, MX. However, no matter where you are located, you consent to the processing and transferring of your information in and to Mexico, the United States and other countries per your use of our website and/or services. To that effect, Heronode operates hosting infrastructure in a number of different countries, including countries outside of the EU and United States, in order to provide the best experience possible. As such, your data may be transmitted to systems in these countries at any time. For example: if you visit our website from a computer in Australia, your personal data may be sent from our systems in the United States to systems in Singapore, Australia, or other nearby countries, for the purpose of providing a web application that works for everyone, no matter their geographic location.
5. How we use your personal information
We use your information in correlation with the way we collect it in order to service you and provide the best experience possible on our website. In example, if you provide your information to obtain service, we’ll use the information you’ve provided to monitor your use of such services. We may use your email address for marketing purposes.
6. Our legal bases for handling your personal information
The laws in some jurisdictions require companies to inform you of the legal grounds they rely on to use and/or disclose your personal information. To the extent those laws apply, our legal grounds for collecting your information in response to the actions listed below are necessary for our legitimate interests, including but not limited to: record-keeping, studying how customers use our services, advertising and marketing strategy and development, fraud monitoring and prevention, business administration and development, compliance with legal obligations, keeping our website updated and relevant, defining our services, and defending against legal claims. Personal information is needed to: register your account, process and deliver your order to you, manage our relationship with you, deliver direct marketing to you, enable you to take part in a survey, beta test, competition, and/or prize draw, administer and protect our business and our website, use data analytics to improve our website, services, marketing, customer relationship, and experiences, prevent and detect unlawful acts, or in order to resolve legal claims or disputes involving you or us.
7. How we secure your personal information
Continuing in our commitment to protect your privacy, we have appropriate security measures in place to prevent your personal information from being accessed, altered, disclosed, lost, or used without authorization. We have always limited access to personal information on a business need-to-know basis and all of our contractors are bound by non-disclosure agreements. We use HTTPS with valid SSL certificates for all public-facing web services, as well as for communication between CDN servers and our systems, ensuring that your personal data is encrypted from the time it is sent by the browser until the time it reaches our servers. Account passwords are stored in hashed form using modern, one-way cryptographic hashing functions. We never create our own implementations of these functions; we only use widely accepted open-source libraries to perform encryption and password hashing. We are also committed to continually reevaluating these methods as new security advice and information is published to ensure that your information is secure. In the event of a security breach in which we are involved, or potentially involved, you will be notified where we are legally required to do so. Personal information will only ever be kept for as long as necessary to fulfill the purposes we collected it for, including such purposes of satisfying any accounting, legal, or reporting requirements. Data may be retained for a minimum of 180 days after the last payment completed successfully via any financial means or until such time as the account is deemed "Inactive".