Last revised and effective as of: March 31, 2019
Welcome to our website! Please take a few minutes to carefully review these terms and conditions. By accessing and using this website you agree to follow and be bound by these terms and conditions. If you do not agree to follow and be bound by these terms and conditions, you may not access, use or download materials from this website.
Please click on the headings below for more information.
What information about me is collected?
Does HiFiBiO collect information from children?
What does HiFiBiO do with the information it collects?
When does HiFiBiO disclose information to third parties?
Is the information collected through the Site secure?
Could my information be transferred to other countries?
For how long will my personally identifiable information be kept?
What choices do I have regarding my personally identifiable information?
What does HiFiBiO do in response to “Do Not Track” requests?
Who do I contact if I have any privacy questions?
Depending on your use of the Site, we may collect two types of information: personally identifiable information and non-personally identifiable information.
Personally Identifiable Information
Personally identifiable information is information that identifies you or can be used to identify or contact you. Such information may include your name, address, e-mail address and telephone number. Personally identifiable information amounts to ‘personal data’ for the purposes of and as defined in the GDPR. All references to personally identifiable information shall be deemed to include ‘personal data’ as defined and used in the GDPR.
We will collect personally identifiable information that you submit to us. We may also receive personally identifiable information and non-personally identifiable information about you from third parties providing analytics as part of your use of the Site.
Cookies and Action Tags
We may collect non-personally identifiable information passively using “cookies” and “action tags.”
“Cookies” are small text files that can be placed on your computer or mobile device in order to identify your Web browser and the activities of your computer on the Site and other websites. Cookies can be used to personalize your experience on the Site (such as dynamically generating content on webpages specifically designed for you), to assist you in using the Site (such as saving time by not having to reenter your name each time you use the Site), to allow us to statistically monitor how you are using the Site to help us improve our offerings, and to determine the popularity of certain content.
You do not have to accept cookies to use the Site. Although most browsers are initially set to accept cookies, you may reset your browser to notify you when you receive a cookie or to reject cookies generally. Most browsers offer instructions on how to do so in the “Help” section of the toolbar. However, if you reject cookies, certain features or resources of the Site may not work properly or at all and you may experience some loss of convenience.
For the avoidance of doubt, the Site uses third-party service platforms (including to help analyze how users use the Site). In addition to cookies that we may place on your computer or mobile device, cookies might also be placed on your computer or mobile device by third parties that we use to provide analytics and other services. In the course of providing such services, such third parties could place or recognize unique cookies on your browser, computer or mobile device. If you would like to disable “third party” cookies, you may be able to turn them off by going to the third party’s website.
Here is a link to the main third-party platform we use:
“Action tags,” also known as web beacons or gif tags, are a web technology used to help track website usage information, such as how many times a specific page has been viewed. Action tags are invisible to you, and any portion of the Site, including e-mail sent on our behalf, may contain action tags.
By using cookies and action tags together, we are able to gain valuable information to improve the Site.
We also collect non-personally identifiable information through our Internet log files, which record data such as user IP addresses, internet service provider, device types, date and time of usage, the way in which your device navigates the Site, requested URL, referring URL, the content you view on the Site and any searches or queries that you conduct during your visit to the Site, browser types, domain names, and other anonymous statistical data involving the use of the Site. This information may be used to analyze trends, to administer the Site, to monitor the use of the Site, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing your experience on the Site and evaluating the Site in general.
We are committed to protecting the privacy of children. The Site is not designed for or directed to children under the age of majority in the countries where the Site is accessed. We do not collect personally identifiable information from any person we actually know is under the age of majority in that country where the Site is accessed.
We will only use your personally identifiable information to the extent that the law allows us to do so. Pursuant to the GDPR, legal bases for our processing your personally identifiable information may include (without limitation):
(a) where you have given consent to the processing;
(b) where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Site or otherwise); and/or
(c) where it is necessary for the purposes of our legitimate interests (or those of a third party) and your interests or fundamental rights and freedoms do not override those legitimate interests.
We use the information collected to provide the Site to you and process your transactions, to help us understand who uses the Site, for administrative and technical operations such as operating and improving the Site, and, if you “opt in”, so that we can contact you about products and services that may be of interest to you.
If you opt in, we and third parties may send you electronic newsletters, contact you about the Site, products, services, information and news that may be of interest to you. If you no longer desire to receive these communications, we will provide you with the option to change your preferences. If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personally identifiable information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.
We may also use the information gathered to perform statistical analysis of user behavior or to evaluate and improve the Site. We may link some of this information to personally identifiable information for internal purposes or to improve your experience with the Site.
Laws and Legal Rights
We may disclose your information (including personally identifiable information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. We may disclose personally identifiable information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone to detect fraud, to meet contractual obligations with content and technology providers, to protect our rights to our property, for assistance with a delinquent account, or to protect the safety and/or security of our users, the Site or the general public. Without limitation of the foregoing, although unlikely, HiFiBiO or a trusted third party may need to access personally identifiable information in connection with a digital forensic investigation of a potential security incident.
Third Parties Generally
We may provide to third parties non-personally identifiable information, including where such information is combined with similar information of other users of the Site. For example, we might inform third parties regarding the number of unique users who use the Site, the demographic breakdown of our users of the Site, or the products and/or services purchased using the Site and the vendors of such products and services. In addition to the above, when users use our Site, third parties (including analytics providers) may directly collect information about our users’ online activities over time and across different websites. The third parties to which we may provide or who may independently directly collect information may include providers of products or services (including analytics service providers, vendors (including providers of hosting services and cloud storage) and website tracking services), merchants, affiliates and other actual or potential commercial partners, sponsors, licensees, researchers and other similar parties.
Please note in particular that the Site uses Google Analytics integrated via Google Tag Manager, including its data reporting features. Information collected by Google Analytics includes but is not limited to web metrics. For information on how Google Analytics collects and processes data, please see the site “How Google uses data when you use our partners’ sites or apps,” currently located at www.google.com/policies/privacy/partners/. For information on opting out of Google Analytics, we encourage you to visit Google’s website, including its list of currently available opt-out options presently located at https://tools.google.com/dlpage/gaoptout.
Sale of Business
We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with commercially reasonable standards and to employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.
Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information over the Internet. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.
We will only retain your personally identifiable information for as long as necessary to fulfill the purposes for which we collected it.
To determine the appropriate retention period for personally identifiable information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Under certain circumstances and in compliance with the GDPR, you have the right to:
Request access to your personally identifiable information (commonly known as ‘subject access request’). This enables you to receive a copy of the personally identifiable information we hold about you and to check that we are lawfully processing it;
Request correction of the personally identifiable information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
Request erasure of your personally identifiable information. This enables you to ask us to delete or remove your personally identifiable information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personally identifiable information in certain circumstances;
Object to processing of your personally identifiable information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
Request the restriction of processing of your personally identifiable information. This enables you to ask us to suspend the processing of your personally identifiable information, for example, if you want us to establish its accuracy or the reason for processing it;
Request the transfer of your personally identifiable information to another party;
Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your personally identifiable information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.
If you want to update, review, verify, correct or request erasure of your personally identifiable information, object to the processing of your personally identifiable information, or request that we transfer a copy of your personally identifiable information to another party, please contact firstname.lastname@example.org.
You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personally identifiable information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.
The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to automated Do Not Track requests. However, if you wish to stop such tracking, please contact us with your request, using our contact details provided below.
By postal mail or courier:
Attn: Legal Department
237 Putnam Avenue
Cambridge, MA 02139