Privacy policy

Effective as of Oct 23, 2018

This policy explains who we are and what information we collect when you use Hacken OÜ’s website, services, products and content (“Services”). It also has information about how we store, use, transfer, and delete that information. We want not just to comply with the law, our main goal is to earn your trust.

We are Hacken OÜ, company that controls and manages Website: https://hackenproof.com/ ( “Website” ).

This Privacy Policy applies to personal data that we collect through our Website.

Company doesn’t earn money from ads. So, we don’t collect data in order to advertise to you. The tracking we do at our website is aimed to make our Services better. We collect personal information from you and any devices (including mobile devices) you use when you: use our Services, register for an account with us, provide us information on a web form, update or add information to your account. We may also collect other personal information from, as described below.

This Privacy Policy describes the policies and practices with regard to the collection and use of your personal data and sets forth your privacy rights. The Company recognizes that data privacy is an ongoing responsibility, and, therefore, the Company will from time to time update this Privacy Policy and its privacy practice as the Company undertakes new personal data practices or adopt new privacy policies.

1. Consent rule

  1. 1.1. If you have given consent to the processing of your data, you can freely withdraw such consent at any time by emailing the Company to [email protected].
  2. 1.2. If you do withdraw your consent, and if the Company does not have another legal basis for the processing of your data, then the Company will stop the processing of your personal data.
  3. 1.3. If the Company has another legal basis for the processing of your data (legitimate Interests, for example), then the Company may continue to do so subject to your legal interests and rights.

2. How we use Your personal data

  1. 2.1. We use your personal information to provide and improve our Services, provide you with a personalized experience on our website, contact you about your account and our Services, provide you customer service, provide you with personalized advertising and marketing, and to detect, prevent, mitigate and investigate fraudulent or illegal activities.
  2. 2.2. In particular, we use your information:
    • to allow us in our legitimate interest, to support, sign-in and verify access by registered users;
    • to establish and administer commercial relationships and transactions under our Terms and Conditions;
    • to contact you about your account or reply to any communications you send us;
    • to troubleshoot, in our legitimate interest, any problems with your account or the Services;
    • to review and enforce compliance with our Terms and Conditions and guidelines and policies;
    • to analyze the use of our Website in order to understand how we can improve our content and services.
  3. 2.3. Except as otherwise described in this Privacy Policy, we will only share Your Information with your consent, and after letting you know what information will be shared and with whom. We do not sell Your Information to any third party.
  4. 2.4. We will cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose Your Information to government or law enforcement officials or private parties as we, in our sole discretion.

3. Collected data

  1. 3.1. The Company collects data when you interact with its Website, especially when:
    1. 3.1.1. you browse any page of the Website;
    2. 3.1.2. the Company contacts you;
    3. 3.1.3. you use the Website;
    4. 3.1.4. you receive emails from the Company;
    5. 3.1.5. you chat with the Company for customer support;
    6. 3.1.6. you connect integrations;
    7. 3.1.7. you opt-in to marketing emails.
  2. 3.2. The Company collects the following categories of data:
    1. 3.2.1. Сontact details such as your first name, last name, nickname, address, telephone number, email address, website url, reference to your Twitter, LinkedIn, Facebook, Google Plus account, Date Of Birth, Gender, Id number, and id scan;
    2. 3.2.2. business details such as your company, your job title, website, links to any security related achievements;
    3. 3.2.3. financial information such as your wallet details;
    4. 3.2.4. data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version;
    5. 3.2.5. data on how you use the Website such as your URL clickstreams (the path you take through the Website), goods/services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.
    6. 3.2.6. The Company collects the following categories of data within the Website 3.2.7. The Company collects the following categories of data within the Website https://hackenproof.com/
      1. 3.2.6.1. contact details such as your first name, last name, nickname, country, telephone number, email address, website url, reference to your Twitter, LinkedIn, Facebook, Google Plus account;
      2. 3.2.6.2. business details such as your company, your job title, website, links to any security related achievements;
      3. 3.2.6.3. financial information such as you’re your wallet details;
      4. 3.2.6.4. data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version;
      5. 3.2.6.5. data on how you use the Website such as your URL clickstreams (the path you take through the Website), goods/services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.
  3. 3.3. The recipients of the collected data are the highest management level of the Company, its employees and contractors, and other third party service providers mentioned below.

4. Purposes and legal basis for the processing

  1. 4.1. The Company processes the data for:
    1. 4.1.1. Providing Services:
      1. 4.1.1.1. Details: the Company needs to provide services accessible via the Website.
      2. 4.1.1.2. Legal basis: Consent; Contract; Legitimate Interests.
    1. 4.1.2. Keeping the Website running:
      1. 4.1.2.1. Details: managing your requests (like orders), login and authentication, remembering your settings, processing payments, hosting and back-end infrastructure.
      2. 4.1.2.2. Legal basis: Contract; legitimate Interests.
    1. 4.1.3. Improving the Website
      1. 4.1.3.1. Details: testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping the Website, traffic optimization and data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
      2. 4.1.3.2. Legal basis: Contract; legitimate Interests.
    1. 4.1.4. Customer support
      1. 4.1.4.1. Details: notifying you of any changes to the service, solving issues, any bug fixing.
      2. 4.1.4.2. Legal basis: Contract; Legitimate Interests.
    1. 4.1.5. Marketing purposes (with your consent)
      1. 4.1.5.1. Details: sending you emails and messages about new functions, goods and services, and content.
      2. 4.1.5.2. Legal basis: Consent.

5. Privacy rights

  1. 5.1. You may choose not to provide the Company with personal data. If you choose to do so, you can continue to visit the Website and browse its pages, but the Company will not be able to process transactions without personal data.
  2. 5.2. You may turn off cookies in your browser via settings. You can block cookies on your browser refusing cookies. You may delete cookies. If you turn off cookies, you can continue to use the Website and browse its pages, but the Website and certain services will not work properly.
  3. 5.3. You may ask us to refrain from using your data for marketing. You can opt out from marketing by emailing us at [email protected].
  4. 5.4. You can exercise the following rights by sending us an email [email protected].
    1. 5.4.1. You have the right to access information about you, especially:
      1. 5.4.1.1. the categories of data;
      2. 5.4.1.2. the purposes of data processing;
      3. 5.4.1.3. third parties to whom the data disclosed;
      4. 5.4.1.4. how long the data will be retained and the criteria used to determine that period;
      5. 5.4.1.5. other rights regarding the use of your data.
    2. 5.4.2. You have the right to make the Company correct any inaccurate personal data about you.
    3. 5.4.3. You can object to the Company using your personal data for profiling you or making automated decisions about you. The Company may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour).
    4. 5.4.4. You have the right to the data portability of your data to another service or Website. The Company will give you a copy of your data in readable format so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you.
    5. 5.4.5. You have the right to be “forgotten”. You may ask erasing any personal data about you, if it is no longer necessary for the Company to store the data for purposes of your use of the Website.
    6. 5.4.6. You have the right to lodge a complaint regarding the use of your data by the Company. You can address any complaint to the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) as directed on their website at http://www.aki.ee/en/inspectorate/staff-and-contacts (in English) or http://www.aki.ee/et/inspektsioon/kontaktid-nouandetelefon (in Estonian).
  5. 5.5. In the context of the right to access information the Company shall provide you with the information within one month of your request unless there is a justified requirement to provide such information faster.

6. Security

  1. 6.1. We have security and organizational measures and procedures to secure the data collected and stored. We have security policies and data processing agreements with all our employees and contractors who are obliged to follow and maintain appropriate technical and organizational measures.
  2. 6.2. Connections to the Website are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.
  3. 6.3. We use servers that comply with strict international data security standards, including ISO 27001.
  4. 6.4. You acknowledge that no perfect security infrastructure exists, no data transmission is guaranteed to be 100% secure, and there may be some security risks.
  5. 6.5. You are responsible for your login information and password. You shall keep them confidential.
  6. 6.6. In case if your privacy has been breached, please contact the Company immediately on [email protected].

7. Location of the processing of personal data

  1. 7.1. The personal data collected by the Company is processed at the Company’s offices in Tallinn. The Company is international and can have foreign branches and departments. The Company’s Research and Development department is based in Kyiv at secure premises.
  2. 7.2. Our servers for storing the data are located in Germany.

8. Retention period

The Company will delete your personal data from the databases no later than 7 years from the last time you used the Website.

9. Transfer of your personal data

  1. 9.1. The Company has departments outside the EEA, especially the Company’s Research and Development department is based in Ukraine, Kyiv, therefore, some data the Company collects from you will be processed in Ukraine. Ukraine has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR.
  2. 9.2. The Company relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, the Company collects and transfers to Ukraine personal data only: with your consent (Personal Data Protection Act of Estonia § 12); to perform a contract with you; or to fulfill a compelling legitimate interest of the Company in a manner that does not outweigh your rights and freedoms. The Company endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with the Company and the practices described in this Privacy Policy. The Company also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.

10. Age limit

The Company’s Services are not intended for children under 13 years old. Children aged 13 or older should not submit any personal information without the permission of their parents or guardians. By using the Company’s Services, you are representing that you are at least 18, or that you are at least 13 years old and have your parents’ or guardians’ permission to use the service.

11. Cookies

  1. 11.1. Cookies are pieces of data that a Web site transfers to a user's hard drive for record-keeping purposes.
  2. 11.2. The Company uses cookies to provide proper functionality on the Website and aggregate traffic data (e.g., what pages are popular).
  3. 11.3. The Website capture limited data (user-agent, HTTP referrer, last URL requested by the user, client-side and server-side clickstream) about visits to the Website. The Company may use this data to analyze patterns and to perform system maintenance.
  4. 11.4. You have several options how to manage cookies on your device. All browsers allow you to block or delete cookies from your device. You may consult the privacy features in your browser to understand what you should do if you need to manage cookies.

12. Contact details of the Data Controller

Feel free to contact us:

Hacken OÜ,
Harju maakond, Tallinn, Kesklinna linnaosa, Kai tn 1-5M, 10111,
Email: [email protected].