HelloSign Privacy Policy

TRUSTe

Posted: August 7, 2019

Effective as of: September 24, 2019

Introduction

Your privacy is important, so JN PROJECTS Inc., a Delaware corporation d/b/a HelloSign ("HelloSign"), has created the following Privacy Policy to let you know what information we collect when you visit our Site, why we collect it and how it is used. This Privacy Policy explains the data collection and use practices of HelloSign. The terms "you," "your," "yours" and "Customer" refer to the customer/purchaser utilizing our Site. The terms "HelloSign," "we," "us," and "our" refer to HelloSign and its subsidiaries and affiliates. This Privacy Policy is governed by our Terms of Use / Terms of Service. The terms "Site", "Website", "Application", "Product", and "Service" refer to the websites and services provided by HelloSign. This Privacy Policy does not apply to any third-party websites and apps that you may use, including any that are linked to in our Services. You should review the terms and policies for third-party websites and apps before clicking on any links.

HelloSign provides on-demand electronic signature services, which includes the ability to upload, display, deliver, receive, and acknowledge documents for electronic signature. HelloSign also provides the HelloWorks service, which provides a simple way to complete complex workflows through document automation and integrated electronic signature services. We also have application programming interfaces (APIs) that allows you to build seamless embedded electronic signature or workflow/document automation services into your website, application and other properties. Finally, HelloSign also provides an electronic facsimile service, which includes the ability to upload, display, deliver, and receive faxes without a traditional fax machine through our HelloFax service.


Sections

1. Information we Collect

Information you provide to us. When registering for or using the HelloSign Service we collect personal information provided by you. For example, when you create a HelloSign account, you may provide us with your email address and a password, your phone number, your address, your name, your address, and an electronic image of your signature.

You may provide us with personal information about other individuals when you use our Service, such as when you send or receive a signature request/workflow transaction, share information about such transactions, or ask others to electronically sign documents. You may also provide us with access to your contacts to make it easy to you to do things like share and collaborate with others, send messages, and invite others to use the Services. If you share your contracts with us, we will store those contacts on our severs for you to use.

Information that we collect automatically. We collect information related to how you use the Services, including actions you take in your account (like sharing, editing, viewing, creating, and signing documents). We use this information to provide, improve, promote our Services, and protect HelloSign users. We also collect information from and about the devices you use to access the Services. This includes things like IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services. For example, we use device information to detect abuse and identify and troubleshoot bugs.

Information that we collect from third parties. We may share and/or collect additional information about you from third parties primarily to assist us in understanding how we can maintain and improve the services we offer to better serve you. For example:

  • Analytics: We use services like Google Analytics and Heap, which use cookies and other tracking technologies to gather usage data that allows us to improve our products and services.
  • Advertising: We use certain Google advertising features including Google Analytics Demographics and Interest Reporting and Remarketing. Third-party vendors, including Google, may show this Sites' ads on sites across the Internet. You may opt out at any time here. We and third-party vendors, including Google, use first-party cookies and third-party cookies together to inform, optimize, and serve ads based on someone's past visits to our website.
  • We partner with third parties to manage our advertising on other sites. Our third-party partners may use cookies or similar technologies to provide you advertising based on your browsing activities and interests. If you wish to opt out of interest-based advertising, click http://preferences-mgr.truste.com [or if located in the European Union click http://www.youronlinechoices.eu]. Please note you will continue to receive generic ads.
  • Mobile: We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personal information you submit within the application.

Information we collect and process on behalf of you. The use of information collected through our service shall be limited to the purpose for which you have engaged HelloSign. When you use our Services, we process and store certain information on your behalf as a data processor. For example, when a customer upload a documents for review or signature, we act as a data processor and process information on the customer’s behalf and in accordance with the customer’s instructions. In this situation, the customer is the data controller and is responsible for most aspects of the processing of the information. HelloSign acknowledges that you have the right to access your personal information. HelloSign has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete data should direct their questions to HelloSign’s customers (the data controller). If requested to remove data we will respond within a reasonable timeframe. If you have any questions or concerns about how information is processed in these cases, including how to exercise your rights as a data subject, we recommend contacting the relevant customer.

Cookies and other technologies. We use technologies like cookies and pixel tags to provide, improve, protect, and promote our Services. For example, cookies help us with things like remembering your username for your next visit, understanding how you are interacting with our Services, and improving them based on that information. We may also use third-party service providers that set cookies and similar technologies to promote HelloSign services.

HelloSign and its partners use cookies or similar technologies to analyze trends, administer the website, track users' movements around the website, and to gather demographic information about our user base. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Website or Service. To manage Flash cookies, please click here.

We do not recognize or respond to browser-initiated Do Not Track signals.

2. How we use your information

We may use the information we collect through our products for a number of reasons, including to:

  • provide, improve, protect, and promote our products and services;
  • set your account(s);
  • send you records of your use of the service, including for purchases or other events;
  • understand how you use our products and customize your experience;
  • send you marketing communications (in accordance with your subscription preferences);
  • record details about your electronic signature requests, workflows and other transactions (such as when they were opened, signed, and when/where this took place);
  • provide customer support;
  • respond to with your enquiries and requests;
  • fix issues or problems with our products and services;
  • prevent abuse of the products and services we offer; and
  • carry out other lawful purposes about which we will notify our users and customers.

We may also combine the information we collect (or that is otherwise provided to us) through aggregation and other means to limit the identification of any particular individual to help with our business goals (such as research and marketing).

We give users the option to use some of our Services free of charge. These free Services are made possible by the fact that some users upgrade to one of our paid Services. If you register for our Services, we will, from time to time, send you information about upgrades when permissible. Users who receive these marketing materials can opt out at any time. If you don’t want to receive a particular type of marketing material from us, click the ‘unsubscribe’ link in the corresponding emails, or by contacting us using the contact details provided below (if using the contact details please provide your complete name, e-mail address, and any other relevant information that may be required to respond to your request).

We sometimes contact people who don’t have a HelloSign account. For recipients in the EU, we or a third party will obtain consent before reaching out. If you receive an email and no longer wish to be contacted by HelloSign, you can unsubscribe and remove yourself from our contact list via the message itself.

Legal Basis for processing your information. We collect and use the personal data described above in order to provide you with the Services in a reliable and secure manner. We also collect and use personal data for our legitimate business needs. To the extent we process your personal data for other purposes, we ask for your consent in advance or require that our partners obtain such consent.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the 'How to contact us’ heading below.

3. How we may share your information

We may use your personally identifiable information as described below:

  • Vendors and other third-party service providers. We may share your information with third parties that we use to provide and support our Services. These parties provide services such as authentication, billing and collections, customer support, or data storage. We enter into legally binding agreements with these third-party service providers that protects your personal information and are not permitted to use your information for their own purposes.
  • Other Dropbox Companies. HelloSign shares infrastructure, systems, and technology with other companies owned or operated by Dropbox, Inc. (“Dropbox Companies”) to provide, improve, protect, and promote services provided by Dropbox Companies. We process your information across the Dropbox Companies for these purposes, as permitted by applicable law and in accordance with their terms and policies.
  • Compliance with Law, Safety, Security, Business Transactions: We may also disclose your information to third parties: (a) where required by law or regulatory requirement, court order or other judicial authorization, (b) in response to lawful requests by public authorities, including for the purposes of meeting national security and law enforcement requirements; (c) in connection with the sale, transfer, merger, bankruptcy, restructuring or other reorganization of a business; (d) to protect or defend our rights, interests or property, or that of third parties; (e) to investigate any wrongdoing in connection with our products and services; and (f) to protect the vital interests of an individual.
  • To other persons with your consent (e.g. fulfilling your fax or signature requests).
  • Other users. Our Services display information like your name, profile picture, device, email address, and usage information to other users you collaborate or choose to share with. When you register your HelloSign account with an email address on a domain owned by your employer or organization, we may help collaborators and administrators find you and your team by making some of your basic information - like your name, team name, profile picture, and email address- visible to other users on the same domain. This helps you sync up with teams you can join and helps other users share files and documents with you.
  • If you choose to opt-in to HelloSign updates or marketing, we will email you with updates, offers, or inform you about other services and features.

4. Retention of information

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other lawful purposes.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

5. How we protect your information

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at legal@hellosign.com.

6. Your choices about your information

General. Upon your written request (for which email is sufficient), HelloSign will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account, or by contacting us using the contact details below. We will respond to your request within a reasonable timeframe.

European Economic Area (EEA) or Switzerland: If you are based in the EEA or Switzerland you have other rights as provided below:

  • Access: If you wish to access your personal information that HelloSign collects, you can do so at any time through the Service or by contacting us using the contact details provided below.
  • Correction, update or deletion: You can correct, update or request deletion of your personal information through the Service interface, or by contacting us using the contact details provided below.
  • Object to processing: When we reply on your consent to process your personal information, you may withdraw consent at any time by contacting us using the contact details provided below. This will not affect the lawfulness of processing prior to the withdrawal of your consent.
  • Data Protection Authority: You have a right to raise questions or complaints with your local data protection authority at any time.
  • Marketing: You have the right to opt-out of marketing communications we sent you at any time. You can do this by clicking the “unsubscribe” link in the marketing e-mails we sent you or by contacting us using the contact details provided below (if using the contact details please provide your complete name, e-mail address, and any other relevant information that may be required to address your request). Please note that such marketing opt-out does not impact any transaction or operation notices that we may need to send you.

7. Children’s Privacy

This site and our Services are not intended for or directed to minors. We do not knowingly collect or ask for information from minors. We do not knowingly allow minors to use our Services. Any person who provides their information to HelloSign through the Account Login page for new customers, Signup Page, or any other part of the HelloSign Site represents to HelloSign that they are of legal age (18 years of age or older or otherwise of legal age in your resident jurisdiction) and competent to agree to these Terms. We will delete any information we discover is collected from a minor without permission from their parent(s) or legal guardian(s). Please contact us using the contact details below if you believe you may have provided HelloSign with a minor’s information without permission from their parent(s) or legal guardian(s).

8. WHERE WE MAY STORE, PROCESS, OR TRANSMIT YOUR INFORMATION

General: By using the HelloSign Services you acknowledge and agree that: (i) your information will be processed as described in this Privacy Policy; and (ii) you consent to have your information transferred to us and our facilities in the United States or elsewhere, including those of third parties as described in this Privacy Policy.

Around the world. To provide you with the Services, we may store, process, and transmit data in the United States and locations around the world—including those outside your country. Data may also be stored locally on the devices you use to access the Services.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. When transferring data from the European Union, the European Economic Area, the United Kingdom, and Switzerland, HelloSign relies upon a variety of legal mechanisms, including contracts with our customers and affiliates. HelloSign complies with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, the European Economic Area, the United Kingdom, and Switzerland to the United States. HelloSign has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such data. You can find HelloSign’s Privacy Shield certification here. You can also learn more about Privacy Shield at https://www.privacyshield.gov.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider, JAMS, free of charge, at https://www.jamsadr.com/eu-us-privacy-shield.

Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, HelloSign is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, HelloSign may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

9. Changes to this policy

If we change our privacy policies and procedures materially, we will post those changes to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page. When we change the policy in a material manner we will update the ‘effective date’ at the top of this page, and we may also notify you of the change via email or other prominent notice posted on this site or the Service.

10. How to contact us

For questions or concerns regarding the collection, use, or disclosure of your information, you can contact us by sending an email to legal@hellosign.com.