Description for Item 1
Description for Item 2
Effective Date: 30 June 2021
Hamilton Systems Limited (“HSL”) respects and protects the privacy of persons that access its website (https://www.hamilton-systems.io), affiliated URLs, API’s, social media accounts or any HSL mobile application (collectively the “HSL Site” or “Site”) and/or any services provided by HSL, as set out in HSL’s Terms of Service, (“HSL Services” or “Services”). This Privacy Policy Agreement (“Privacy Policy”) describes HSL’s information handling practices when s persons access the HSL Site and/or the HSL Services.
Persons visiting the Site or accessing the HSL Services should read this Privacy Policy carefully and, if such persons have any questions, should contact Hamilton Support at (https://www.hamilton-systems.io/support).
Persons accessing the HSL Site and/or the HSL Services, (“End User”) thereby signify their acceptance to the terms of this Privacy Policy as applicable. Where HSL requires End User’s consent to process his/her personal information, HSL shall request User’s consent to the collection, use, and disclosure of his/her personal information as described further below. HSL may provide additional "just-in-time" disclosures or information about the data processing practices of specific Services. These notices may supplement or clarify HSL’s privacy practices or may provide End User with additional choices about how HSL processes User’s data.
If End User does not agree with or is not comfortable with any aspect of this Privacy Policy, End User should immediately discontinue access to the Site or Services.
To the furthest extent consistent with the purpose of this Privacy Policy, same shall be governed by the Laws of Anguilla.
HSL may modify this Privacy Policy from time to time which will be indicated by changing the date at the top of this page hosted on the Site. If HSL makes any material changes, HSL shall notify End User’s of the Services by email (sent to the email address specified in End User’s account), by means of a notice on the Services prior to the change becoming effective, or as otherwise required by law.
End User may be asked to provide personal information anytime End User is in contact with HSL. HSL may share End User’s personal information with affiliate companies or firms and use such personal information in a manner consistent with this Privacy Policy. HSL may also combine such personal information with other information to provide and improve HSL’s products, services, and content (additional details below). If End User has any questions about the Site or Services, End User’s personal information or this Privacy Policy, End User should contact HSL Support at (https://www.hamilton-systems.io/support).
Personal information is typically data that identifies an individual or relates to an identifiable individual. This includes information End User provides to HSL, information which is automatically collected about End User, and information HSL obtains from third parties. The definition of personal information depends on the applicable law based on End User’s physical location. Only the definition that applies to End User’s physical location will apply to him/her under this Privacy Policy.
Information End User provides to HSL
End Users wishing to use the Services must register for and establish a HSL Account (“HSL Account” or “account”). To establish an account and access the Services, HSL shall request End User to provide HSL with important information about End User. This information is either required by law or policy (e.g. to verify End User’s identity), necessary to provide the requested services (e.g. End User will need to provide End User’s bank account number if he/she like to link that account to the Services), or is relevant for certain specified purposes, described in greater detail below. As HSL adds new features and services to the Services, End User may be asked to provide additional information.
Please note that HSL may not be able to serve End User as effectively or offer End User its Services if End User chooses not to share certain information with HSL. Any information End User provides to HSL that is not required is voluntary.
HSL may collect the following types of information from End User:
Personal Identification Information: including full name, date of birth, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email.
Formal Identification Information: including government issued identity document such as passport, number, driver's license details, national identity card details, visa information, and/or any other information deemed necessary to comply with HSL’s legal or policy obligations and/or under any applicable financial or anti-money laundering regulations.
Institutional Information: including proof of legal formation, personal identification information for all material beneficial owners.
Financial Information: including bank account information and transaction history.
Transaction Information: including information about the transactions End User undertakes on or through the Services, such as the name of the recipient, End User’s name, the amount, and/or timestamp.
Employment Information: including office location, job title, and/or description of role.
Correspondence: including survey responses, information provided to HSL’s support team or user research team.
Information Automatically Collected by HSL
To the extent permitted under applicable law, HSL may collect certain types of information automatically, such as whenever End User interacts with the Site or Services. This information assists HSL to address customer support issues, improve the performance of the Site and Services, provides End User with a streamlined and personalized experience, and protects End User accounts from fraud by detecting unauthorized access.
Information collected automatically by HSL includes:
Online Identifiers: including geo location/tracking details, browser fingerprint, operating system, browser name and version, and/or personal IP addresses.
Usage Data: including authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies and similar technologies. Please read HSL’s Cookie Policy at (https://www.hamilton-systems.io/cookie-policy) more information.
For example, HSL may automatically receive and record the following information on HSL’s server logs:
How End User accesses and uses the Services;
Device type and unique device identification numbers;
Device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of End User’s request and referral URL);
How End User device interacts with the Site and Services, including pages accessed and links clicked;
Geographic location; and
Other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify End User’s browser.
HSL may also use identifiers to recognize End User when he/she accesses the Site via an external link, such as a link appearing on a third-party site.
Information collected from Third Parties
From time to time, HSL may obtain information about End User from third party sources, as required or permitted by applicable law. These sources may include:
Public Databases, Credit Bureaus & ID Verification Partners: HSL obtains information about End User from public databases and ID verification partners for the purposes of verifying End User’s identity in accordance with applicable law. ID verification partners use a combination of government records and publicly available information about End User to verify End User’s identity. Such information may include End User’s name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. HSL obtains such information to comply with HSL’s legal or policy obligations. In some cases, as applicable, HSL may process additional data about End User to assess risk and ensure the Services are not used fraudulently or for other illicit activities. In such instances, processing is necessary for HSL to continue to perform its contractual obligations with End User and others.
Blockchain Data: HSL may analyze public blockchain data to ensure parties utilizing the Services are not engaged in illegal or prohibited activity under HSL’s Terms of Service, and to analyze transaction trends for research and development purposes.
Joint Marketing Partners & Resellers: Unless prohibited by applicable law, joint marketing partners or resellers may share information about End User with HSL so that HSL can better understand which of the Services may be of interest to End User.
Advertising Networks & Analytics Providers: HSL works with such providers to provide HSL with de-identified information about how End User found the Site and/or how End User interacts with the Site and Services. This information may be collected prior to the creation of an HSL Account. For more information on how End User can manage collection of this data, please see HSL’s Cookie Policy at (https://www.hamilton-systems.io/cookie-policy) more information.
Anonymization is a data processing technique that modifies personal information so that it cannot be associated with a specific individual. Except for this section, none of the other provisions of this Privacy Policy applies to anonymized or aggregated customer data (i.e. information about HSL’s users that HSL combines together so that it no longer identifies or references an individual user).
HSL may use anonymized or aggregate End User data for any business purpose, including to better understand End User and user needs and behaviors, improve HSL’s products and services, conduct business intelligence and marketing, and detect security threats. HSL may perform its own analytics on anonymized data or enable analytics provided by third parties.
Types of data HSL may anonymize include, transaction data, click-stream data, performance metrics, and fraud indicators.
HSL’s primary purpose in collecting personal information is to provide End User with a secure, smooth, efficient, and customized experience. HSL generally uses personal information to create, develop, operate, deliver, and improve the Services, content and advertising, for legal/regulatory purposes and for loss prevention and anti-fraud purposes.
HSL may use this information in the following ways:
To maintain legal and regulatory compliance
The Service may be subject to laws and regulations that require HSL to collect, use, and store End User’s personal information in certain ways. In any event HSL’s policy promotes the collection, use and storage of End User’s personal information, with respect to use of the Services, to ensure the highest standards for the purposes for Anti Money Laundering and Control of Financing of Terrorism. For example, HSL shall identify and verify persons using the Services in order to conform with its obligations as a licensed service provider pursuant to the Money Services Business Act (c. M104), the Externally and Non-Regulated Service Providers Regulations (c. P98-6) and the global standards for anti-money laundering. This includes collection and storage of End User’s photo identification. In addition, HSL may use third parties to verify End User’s identity by comparing the personal information End User provides against third-party databases and public records. When End User seeks to link a bank account to his/her HSL Account, HSL may require End User to provide additional information which HSL may use in collaboration with service providers acting on HSL’s behalf to verify End User’s identity or address, and/or to manage risk as required under applicable law or policy. If End User does not provide personal information required by law or policy, HSL will/will be required to terminate End User’s account.
To enforce Terms of Service and other agreements
HSL handles sensitive information for users of the Services, such as End User’s identification and financial data, so it is very important to HSL and End User that HSL actively monitors, investigates, prevents, and mitigate any potentially prohibited or illegal activities, enforce HSL’s agreements with third parties, and/or prevent and detect violations of HSL’s Terms of Service. In addition, HSL may need to collect fees based on End User’s use of the Services. HSL collects information about End User’s account usage and closely monitors End User’s interactions with the Services. HSL may use any of End User’s personal information collected for these purposes. The consequences of not processing End User’s personal information for such purposes is that HSL will/will be required to terminate End User’s account.
To detect and prevent fraud and/or funds loss
HSL processes End User’s personal information in order to help detect, prevent, and mitigate fraud and abuse of the Services and to protect End User against account compromise or product/asset/fund loss.
To provide HSL Services
HSL processes End User’s personal information to provide the Services to End User. For example, when End User wants to store USD in an HSL Account, HSL will require certain information such as End User’s identification, contact information, and payment information. HSL cannot provide End User with Services without such information. Third parties such as identity verification services may also access and/or collect End User’s personal information when providing identity verification and/or fraud prevention services.
To provide Service communications
HSL sends administrative or account-related information to End User to keep him/her updated about HSL’s Services, inform him/her of relevant security issues or updates, or provide other transaction-related information. Without such communications, End User may not be aware of important developments relating to his/her account that may affect how he/she can use the Services. End User may not opt-out of receiving critical service communications, such as emails or mobile notifications sent for legal, policy or security purposes.
To provide service
HSL processes End User’s personal information when he/she contacts HSL to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing End User’s personal information for such purposes, HSL cannot respond to End User’s requests and/or ensure End User’s uninterrupted use of the Services.
To ensure quality control
HSL processes End User’s personal information for quality control and staff training to ensure that HSL continues to provide End User with accurate information with regard to the Services. If HSL does not process personal information for quality control purposes, End User may experience issues on the Services such as inaccurate transaction records or other interruptions.
To ensure network and information security
In relation to the Services, HSL processes End User’s personal information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable laws, regulations and policies. The threat on the internet is constantly evolving, which makes it important that HSL has accurate and up-to-date information about End User’s use of the Services. Without processing End User’s personal information, HSL may not be able to ensure the security of the Services.
For research and development purposes
HSL processes End User’s personal information to better understand the way End User uses and interacts with the Site and/or Services. In addition, HSL uses such information to customize, measure, and improve the Services and the content and layout of the Site, and to develop new services. Without such processing, HSL may not be able to ensure End User’s continued use and enjoyment of the Site and/or Services.
To enhance End User’s experience
HSL processes End User’s personal information to provide a personalized experience and to implement the preferences requested by End User’s use of the Services. For example, End User may choose to provide HSL with access to certain personal information stored by third parties. Without such processing, HSL may not be able to ensure End User’s continued use and enjoyment of the Services.
To facilitate corporate acquisitions, mergers, or transactions
HSL may process any information regarding End User’s account and use of the Services as is necessary in the context of corporate acquisitions, mergers, or other corporate transactions. End User has the option of closing his/her account if he/she does not wish to have their personal information processed for such purposes.
To engage in marketing activities
Based on End User’s communication preferences, HSL may send End User marketing communications (e.g. emails or mobile notifications) to inform End User about HSL events or HSL partner events in order to deliver targeted marketing and/or to provide End User with promotional offers. HSL’s marketing will be conducted in accordance with End User’s advertising marketing preferences and as permitted by applicable law.
For any purpose
HSL may disclose End User’s personal information for any purpose End User consents to and/or as required by the Anguilla Financial Services Commission.
The following chart summarizes how HSL uses the categories of personal information HSL collects from End User:
| Personal Information Category [See “Collection of Personal Information” (supra)] | Sources of Personal Information | Purpose of Collecting Personal Information | Disclosure of Personal Information (see “HSL Sharing Personal Information With Other Parties” below for more information) |
|---|---|---|---|
| (A) End User identifiers such as Personal Identification Information | Information End User provides to HSL. Information collected from Third Parties. | Sections 1, 2, 3, 4, 5, 6, 8, 9, 11, 12 |
- Third party identity verification services - Financial institutions - Service providers - Professional advisors |
| (B) End User Records e.g. signature | Information End User provides to HSL. Information collected from Third Parties. | Sections 1, 2, 5, 6, 11 |
- Third party identity verification services. - Financial institutions. - Service providers. |
| (C) Classified End User Information e.g. gender, age and citizenship | Information End User provides to HSL. Information collected from Third Parties. | Section 1 | Third party identity verification services. Professional advisors. |
| (D) Commercial End User information e.g. records of services purchased, obtained, or considered | Information End User provides to HSL. Information Automatically Collected by HSL. Information collected from Third Parties. | Section 3, 4, 5, 6, 8, 9, 10, 11, 12 |
- Third party identity verification services - Financial institutions - Service providers - Professional advisors |
| (E) Biometric information | Information End User provides to HSL. | Section 1 |
- Third party identity verification services - Financial institutions |
| (F) Usage Data | Information Automatically Collected by HSL. | Sections 2, 3, 4, 6, 7, 8, 9, 10, 12 |
- Third party identity verification services - Service providers - Professional advisors |
| (G) Online Identifiers | Information Automatically Collected by HSL. | Sections 1, 3, 9, 12 |
- Third party identity verification services - Service providers - Professional advisors |
| (H) Sensory data e.g. audio, electronic, visual information | Not Collected | Not Applicable | Not Applicable |
| (I) Professional or Employment Related information | Information End User provides to HSL. Information collected from Third Parties. | Sections 1, 12 |
- Third party identity verification services - Service providers |
| (J) Inferences about preferences, characteristics, predispositions, etc. | Information End User provides to HSL. Information Automatically Collected by HSL. | Sections 9, 10, 12 |
- Service providers - Professional advisors |
HSL will not use End User’s personal information for purposes other than those purposes HSL has disclosed to End User, without End User’s permission. From time to time, and as required under applicable law or policy, HSL may request End User’s permission to allow HSL to share End User’s personal information with third parties. End User may opt out of having his/her personal information shared with third parties, or allowing HSL to use End User’s personal information for any purpose that is incompatible with the purposes for which HSL originally collected it or subsequently obtained End User’s authorization. If End User chooses to limit the use of his/her personal information, certain features or services may not be available to End User.
NOTWITHSTANDING ANY PROVISION OF THIS PRIVACY POLICY, ALL END USER PERSONAL INFORMATION AND DATA IS SUBJECT TO DISCLOSURE TO THE ANGUILLA FINANCIAL SERVICES COMMISSION, IN ACCORDANCE WITH THE LAWS AND REGULATIONS OF ANGUILLA, INCLUDING BUT NOT LIMITED TO THE MONEY SERVICES BUSINESS ACT (c. M104) AND EXTERNALLY AND NON-REGULATED SERVICE PROVIDERS REGULATIONS (C. P98-6).
EEA Data Subjects
Legal Bases for Processing End User Information
For any End Users who are located in the European Economic Area, United Kingdom or Switzerland (collectively “EEA Residents”) at the time their personal data is collected (if any), HSL relies/shall rely on legal bases for processing End User’s information under Article 6 of the EU General Data Protection Regulation (“GDPR”). HSL generally only processes End User’s data where HSL is legally required to, where processing is necessary to perform any contracts HSL entered with End User (or to take steps at End User’s request prior to entering into a contract with End User), for HSL’s legitimate interests to operate its business or to protect HSL’s or End User’s, property, rights, or safety, or where HSL has obtained End User’s consent to do so. Below is a list of the purposes described in HSL’s policy with the corresponding legal bases for processing.
| Section & Purpose of Processing | Legal Bases for Processing |
|---|---|
|
(2) To enforce HSL’s terms in Terms of Service and other agreements (4) To provide HSL Services (5) To provide Service communications (6) To provide End User service (7) To ensure quality control |
Based on HSL’s contract with End User or to take steps at End User’s request prior to entering into a contract. |
| (9) For research and development purposes (10) To enhance End User’s experience (11) To facilitate corporate acquisitions, mergers, or transactions (12) To engage in direct marketing activities |
Based on HSL’s legitimate interests. When HSL processes End User’s personal data for HSL’s legitimate interests HSL always ensures that HSL considers and balances any potential impact on End User and End User’s rights under data protection laws. |
| (1) To maintain legal and regulatory compliance (3) To detect and prevent fraud and/or loss of products, assets or funds (8) To ensure network and information security |
Based on HSL’s legal obligations, the public interest, or in End User’s vital interests. |
|
(10) To enhance End User’s experience (12) To engage in third party marketing activities (13) For any purpose |
Based on End User’s consent. |
Marketing
Direct Marketing: Direct marketing includes any communications to End User that are only based on advertising or promoting HSL’s products and services. HSL will only contact End User by electronic means (email or SMS) based on HSL’s legitimate interests, as permitted by applicable law, or End User’s consent. To the extent HSL can rely on legitimate interest under applicable law, HSL will only send End User information about HSL’s Services that are similar to those which were the subject of a previous sale or negotiations of a sale to End User with respect to the Services. If End User is a new End User of the Services, HSL will contact End User by electronic means for marketing purposes only if End User has consented to such communication. If End User does not want HSL to send him/her marketing communications, End User should go to End User’s account settings to opt-out or submit a request via HSL Support at (https://www.hamilton-systems.io/support). End User may raise such objection with regard to initial or further processing for purposes of direct marketing, at any time and free of charge. Direct marketing includes any communications to End User that are only based on advertising or promoting HSL products and services.
Third Party Marketing: HSL will obtain End User’s express consent before HSL shares End User’s personal information with any third parties for marketing purposes.
HSL shall take care to allow End User’s personal information to be accessed only by those persons who require access to perform their tasks and duties, and to share only with third parties that have a legitimate purpose for accessing such personal information. HSL SHALL NEVER SELL OR LEASE END USER’S PERSONAL INFORMATION TO THIRD PARTIES WITHOUT END USER’S EXPLICIT CONSENT. HSL shall only share End User’s information in the following circumstances:
With third party identity verification services in order to prevent fraud. This allows HSL to confirm End User’s identity by comparing the information End User provides to HSL to public records and other third-party databases. These service providers may create derivative data based on End User’s personal information that can be used in connection with the provision of identity verification and fraud prevention services.
With financial institutions with which HSL partners to process payments End User has authorized.
With service providers under contract that help with parts of HSL’s business operations. HSL’s contracts require these service providers to only use End User’s information in connection with the services such service providers perform for HSL, and prohibit them from selling End User’s information to anyone else. Examples of the types of service providers HSL may share personal information with (other than those mentioned above) include:
With companies or other entities that HSL plans to merge with or be acquired by. End User utilizing the Services shall receive prior notice of any change in applicable policies.
With companies or other entities that purchase HSL assets pursuant to a court-approved sale or where HSL is required to share End User’s information pursuant to any applicable insolvency law.
With HSL’s professional advisors who provide banking, legal, compliance, insurance, accounting, or other consulting services in order to complete third party financial, technical, compliance and legal audits of HSL’s operations or otherwise comply with HSL’s legal obligations.
With law enforcement, officials, or other third parties when HSL is compelled to do so by a subpoena, court order, or similar legal procedure, or when HSL believes in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of HSL’s Terms of Service or any other applicable policies.
If End User establishes a HSL Account indirectly on a third party website or via a third party application, any information that End User enters on that website or application (and not directly on a HSL Site) will be shared with the owner of the third party website or application and End User’s information will be subject to such third party’s privacy policies.
If End User authorizes one or more third-party applications to access the Services utilized by End User, then information End User has provided to HSL may be shared with those third parties. A connection End User authorizes or enables between End User’s HSL Account and a non-HSL account, payment instrument, or platform is considered an “account connection.” Unless End User provides further permissions, HSL will not authorize these third parties to use this information for any purpose other than to facilitate End User transactions using the Services. Third-parties that End User interacts with may have their own privacy policies, and HSL is not responsible for their operations or their use of data they collect. Information collected by third parties, which may include such things as contact details, financial information, or location data, is governed by their privacy practices and HSL is not responsible for unauthorized third-party conduct. HSL strongly encourages End User to learn about the privacy practices of those third parties.
Examples of account connections include:
Merchants: If End User uses his/her HSL Account to conduct a transaction with a third party merchant, the merchant may provide data about End User and End User’s transaction to HSL.
End User’s Financial Services Providers: For example, if End User sends funds to HSL from End User’s bank account, such bank will provide HSL with identifying information in addition to information about End User’s account in order to complete the transaction.
Information that HSL shares with a third-party based on an account connection will be used and disclosed in accordance with the third-party's privacy practices. End User should review the privacy notice of any third-party that will gain access to End User’s personal information. HSL is not responsible for such third party conduct.
HSL understands how important End User’s privacy is, which is why HSL maintains (and contractually requires third parties it shares End User’s information with to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the personal information End User entrusts to HSL.
HSL may store and process all or part of End User’s personal and transactional information derived from the Services, including certain payment information, such as End User’s encrypted bank account and/or routing numbers, anywhere in the world where HSL facilities or HSL’s service providers are located. HSL protects End User’s personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations and policies.
HSL cannot, however, guarantee that loss, misuse, unauthorized acquisition, or alteration of End User’s data will not occur. End User should recognize that he/she plays a vital role in protecting his/her own personal information. When registering with the Services, it is important for End User to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify HSL if End User become aware of any unauthorized access to or use of his/her HSL Account.
HSL cannot ensure or warrant the security or confidentiality of information End User transmits to HSL or receive from HSL by internet or wireless connection, including email, phone, or SMS, since HSL has no way of protecting that information once it leaves and until it reaches HSL. If End User has reason to believe that his/her data is no longer secure, End User must contact HSL using the contact information provided in this Privacy Policy and/or by contact HSL Support at (https://www.hamilton-systems.io/support).
HSL stores End User’s personal information securely throughout the life of End User’s HSL Account. HSL will only retain End User’s personal information for as long as necessary to fulfil the purposes for which HSL collected such information, including for the purposes of satisfying any legal, regulatory, accounting, policy, or reporting obligations or to resolve disputes. HSL’s typical retention periods for different aspects of End User’s personal information are described below.
Personal information collected to comply with HSL’s legal obligations under any financial or anti-money laundering laws or regulations, or under HSL’s policy, may be retained after account closure for as long as required under such laws or policy.
Contact Information such as End User’s name, email address and telephone number for marketing purposes is retained on an ongoing basis until End User terminates his/her HSL Account or unsubscribes to any mailing list. Thereafter HSL will add End User’s details to HSL’s suppression list to ensure HSL do not inadvertently market to End User.
To the extent applicable, content that End User posts on the Site, such as support desk comments, photographs, videos, blog posts, and other content may be kept after End User closes his/her account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
Recording of any HSL telephone calls with End User may be kept for a period of up to six years.
Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.
HSL does not knowingly request to collect personal information from any person under the age of 18. If an End User submitting personal information is suspected of being younger than 18 years of age, HSL shall require him/her to close his/her account and will not allow him/her to continue using the Services. HSL shall also take steps to delete the information as soon as possible. End Users should notify HSL if he/she knows of any individuals under the age of 18 using the Services so as to enable HSL to take action to prevent access to the Services.
To facilitate HSL’s operations, HSL may transfer, store, and process End User’s information within HSL’s affiliates, partners, and service providers based throughout the world. HSL contractually obligates recipients of End User’s personal information to agree to at least the same level of privacy safeguards as required under applicable data protection laws and HSL policies. By communicating electronically with HSL, End User acknowledges and agrees to his/her personal information being processed in this way.
If End User has a complaint about HSL privacy practices and the collection, use or disclosure of personal information, End User should contact HSL Support at https://www.hamilton-systems.io/support).
Data transferred out of the EU
HSL shall rely primarily on Model Contractual Clauses approved by the European Commission to facilitate any (if any) international transfer of personal information collected in the EEA, the United Kingdom and Switzerland (“European Personal Information”), and any onward transfer of such information to the extent the recipients of the European Personal Information are located in a country that the EU considers to not provide an adequate level of data protection. To the extent applicable (if any) HSL may also rely on an adequacy decision of the European Commission confirming an adequate level of data protection in the jurisdiction of the party receiving the information.
HSL is responsible for the processing of personal information it receives and subsequently transfers to a third party acting as an agent on its behalf. Before HSL shares End User’s information with any third party, HSL shall enter into a written agreement that the third party provides at least the same level of protection for the personal information as required under applicable data protection laws.
Depending on any applicable law, End User may be able to assert certain rights related to End User’s personal information identified below. If any of the rights listed below are not provided under any applicable law, HSL shall have absolute discretion in providing End User with such rights.
End User’s rights to personal information are not absolute. Depending upon the applicable law, access may be denied: (a) when denial of access is required or authorized by applicable law; (b) when granting access would have a negative impact on another's privacy; (c) to protect HSL’s rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.
Access and portability. End User’s rights to personal information are not absolute. Depending upon the applicable law, access may be denied: (a) when denial of access is required or authorized by applicable law; (b) when granting access would have a negative impact on another's privacy; (c) to protect HSL’s rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.
Rectification of incomplete or inaccurate personal information. End User may request HSL to rectify or update any of End User’s personal information held by HSL that is inaccurate. End User may do this at any time by logging in to End User’s HSL Account and clicking the Profile tab.
Erasure. End User may request to erase his/her personal information, subject to applicable law and regulations. If End User closes his/her HSL Account, HSL will mark such account in its database as "Closed," but will keep certain account information, including End User’s request to erase, in HSL’s database for a period of time as described above. This is necessary to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account, and to comply with HSL’s legal, regulatory and policy obligations. If, however, End User closes his/her account, his/her personal information will not be used by HSL for any further purposes, nor shared with third parties, except as necessary to prevent fraud and assist law enforcement, as required by law or regulations, or in accordance with this Privacy Policy.
Withdraw consent. To the extent the processing of End User’s personal information is based on End User’s consent, End User may withdraw his/her consent at any time. End User’s withdrawal will not affect the lawfulness of HSL’s processing based on consent before such withdrawal.
Restriction of processing. Applicable law may give End User the right to restrict or object to HSL processing his/her personal information under certain circumstances. HSL may continue to process End User’s personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
Automated individual decision-making, including profiling. HSL relies on automated tools to help determine whether a transaction or an End User account presents a fraud or legal risk. In certain cases, End User may have the right not to be subject to a decision based solely on automated processing of End User’s personal information, including profiling, which produces legal or similarly significant effects on End User, save for the exceptions applicable under applicable data protection laws.
Privacy Request by End User
Subject to applicable law, End User may make privacy rights requests relating to his/her personal information by contacting HSL Support at (https://www.hamilton-systems.io/support).
End User’s complaints
If End User believes that HSL has infringed his/her rights, End User is encouraged to first submit a request to HSL Support at (https://www.hamilton-systems.io/support), so that HSL can try to resolve the issue or dispute informally. If that action does not resolve End User’s issue, End User may contact the HSL’s Data Protection Officer at dpo@hamilton-systems.io.
Any person residing in the EU, may file a complaint with the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor, or End User’s relevant data protection authority.
In the UK, the relevant data protection authority is Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, 0303 123 1113, casework@ico.org.uk (casework@ico.org.uk).
In Ireland, the relevant data protection authority is the Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois; phone: +353 (0761) 104 800; LoCall: 1890 25 22 31; Fax: +353 57 868 4757; email: info@dataprotection.ie)
Any person residing in California, has the right to request information regarding whether certain categories personal information is shared with third parties for the third parties' direct marketing purposes. To the extent such personal information is shared in this way, such persons may receive the following information:
(a) the categories of information disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and
(b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.
Effective January 1, 2020, pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights in relation to their personal information, subject to limited exceptions. Any terms defined in the CCPA have the same meaning when used in this California Privacy Rights section.
For personal information collected during the preceding 12 months that is not otherwise subject to an exception, California residents have the right to access and delete their personal information. The exercise of such rights cannot lead to a denial of any services or additional charges or different charges for services or the provision of a different level or quality of services.
To the extent that a California resident’s personal information is sold to third parties, such person also has the right to request that the seller discloses: (i) the categories of such persons personal information that was sold, and (ii) the categories of third parties to whom such person’s personal information was sold. California resident’s have the right to direct that their personal information is not sold.
California residents, may designate an authorized agent to make a request to access or a request to delete on their behalf and such requests should be honoured upon submission of proof such authorized agent is registered with the California Secretary of State to be able to act on behalf of the California resident, or the authorized agents submits evidence that he/she has been provided with power of attorney pursuant to California Probate Code section 4000 to 4465. Requests may be denied from authorized agents who do not submit proof that they have been authorized to act on behalf of the California resident, or are unable to verify their identity.
If End User has questions or concerns regarding this Privacy Policy, or if End User has a complaint, End User should contact HSL at HSL Support at (https://www.hamilton-systems.io/support).