Effective as of: May 25, 2018
HelloSign provides on-demand electronic signature services, which includes the ability to upload, display, deliver, receive, and acknowledge documents for electronic signature. HelloSign also provides the HelloWorks service, which provides a simple way to complete complex workflows through document automation and integrated electronic signature services. We also have application programming interfaces (APIs) that allows you to build seamless embedded electronic signature or workflow/document automation services into your website, application and other properties. Finally, HelloSign also provides an electronic facsimile service, which includes the ability to upload, display, deliver, and receive faxes without a traditional fax machine through our HelloFax service.
1. Information we Collect
Information you provide to us. When registering for or using the HelloSign Service we collect personal information from you. For example, when you create a HelloSign account, we ask for your email address and a password. We may also collect information such as your phone number (for two factor authentication), your address for billing purposes, or your electronic signature. You may also provide us with personal information about other individuals when you use our Service, such as when you send or receive a signature request/workflow transaction, share information about such transactions, or ask others to electronically sign documents.
Information that we collect automatically. We collect information from you and about your device. This includes data about your software, the operating system version you use when accessing our service, your Internet Protocol address, precise geolocation information, unique device identifiers, and your usage data (such as web logs, time spent on a URL, etc.). We also collect data related to requests/transactions such as: names, addresses, email addresses of individuals who are party an e-signature request, workflow transaction, and the history of such (e.g. sent date/time, when request was opened, reviewed, signed etc.).
Information that we collect from third parties. We may share and/or collect additional information about you from third parties primarily to assist us in understanding how we can maintain and improve the services we offer to better serve you. For example:
- We use certain Google advertising features including Google Analytics Demographics and Interest Reporting and Remarketing. Third-party vendors, including Google, may show this Sites' ads on sites across the Internet. You may opt out at any time here. We and third-party vendors, including Google, use first-party cookies and third-party cookies together to inform, optimize, and serve ads based on someone's past visits to our website.
- Mobile: We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personal information you submit within the application.
Information we collect and process on behalf of you. The use of information collected through our service shall be limited to the purpose for which you have engaged HelloSign. When you use our Services, we process and store certain information on your behalf as a data processor. For example, when a customer upload a documents for review or signature, we act as a data processor and process information on the customer’s behalf and in accordance with the customer’s instructions. In this situation, the customer is the data controller and is responsible for most aspects of the processing of the information. HelloSign acknowledges that you have the right to access your personal information. HelloSign has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete data should direct their questions to HelloSign’s customers (the data controller). If requested to remove data we will respond within a reasonable timeframe. If you have any questions or concerns about how information is processed in these cases, including how to exercise your rights as a data subject, we recommend contacting the relevant customer.
We do not recognize or respond to browser-initiated Do Not Track signals.
2. How we use your information
We may use the information we collect through our products for a number of reasons, including to:
- provide, operate, optimize and maintain our products and services;
- set your account(s);
- send you records of your use of the service, including for purchases or other events;
- understand how you use our products and customize your experience;
- send you marketing communications (in accordance with your subscription preferences);
- record details about your electronic signature requests, workflows and other transactions (such as when they were opened, signed, and when/where this took place);
- provide customer support;
- respond to with your enquiries and requests;
- fix issues or problems with our products and services;
- prevent abuse of the products and services we offer; and
- carry out other legitimate business purposes, such as to improve our products and services, as well as other lawful purposes about which we will notify our users and clients.
We may also combine the information we collect (or that is otherwise provided to us) through aggregation and other means to limit the identification of any particular individual to help with our business goals (such as research and marketing).
Legal Basis for processing your information. If you are a visitor/Customer located in the European Economic Area ("EEA"), our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate business interests. In some cases, we may also have a legal obligation to collect personal information from you. If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the 'How to contact us' heading below.
3. How we may share your information
We may use your personally identifiable information as described below:
- Vendors and other third party service providers. We may share your information with third parties that we use to provide and support our Services. These parties provide services such as authentication, billing and collections, customer support, or data storage. We enter into legally binding agreements with these third party service providers that protections your personal information and are not permitted to use your information for their own purposes.
- Compliance with Law, Safety, Security, Business Transactions: We may also disclose your information to third parties: (a) where required by law or regulatory requirement, court order or other judicial authorization, (b) in response to lawful requests by public authorities, including for the purposes of meeting national security and law enforcement requirements; (c) in connection with the sale, transfer, merger, bankruptcy, restructuring or other reorganization of a business; (d) to protect or defend our rights, interests or property, or that of third parties; (e) to investigate any wrongdoing in connection with our products and services; and (f) to protect the vital interests of an individual.
- To other persons with your consent (e.g. fulfilling your fax or signature requests)
- If you choose to opt-in to HelloSign updates, we will email you technical updates or inform you about other services and features.
4. Retention of information
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
5. How we protect your information
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at email@example.com.
6. Your choices about your information
General. Upon your written request (for which email is sufficient), HelloSign will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account, or by contacting us using the contact details below. We will respond to your request within a reasonable timeframe.
European Economic Area (EEA) or Switzerland: If you are based in the EEA or Switzerland have other rights as provided below:
- Access: If you wish to access your personal information that HelloSign collects, you can do so at any time through the Service or by contacting us using the contact details provided below.
- Correction, update or deletion: You can correct, update or request deletion of your personal information through the Service interface, or by contacting us using the contact details provided below.
- Object to processing: When we reply on your consent to process your personal information, you may withdraw consent at any time by contacting us using the contact details provided below. This will not affect the lawfulness of processing prior to the withdrawal of your consent.
- Data Protection Authority: You have a right to raise questions or complaints with your local data protection authority at any time.
- Marketing: You have the right to opt-out of marketing communications we sent you at any time. You can do this by clicking the “unsubscribe” link in the marketing e-mails we sent you or by contacting us using the contact details provided below (if using the contact details please provide your complete name, e-mail address, and any other relevant information that may be required to address your request). Please note that such marketing opt-out does not impact any transaction or operation notices that we may need to send you.
7. Children’s Privacy
This site and our Services are not intended for or directed to persons under the age of 18. We do not knowingly collect or ask for information from minors. We do not knowingly allow minors to use our Services. Any person who provides their information to HelloSign through the Account Login page for new customers, Signup Page, or any other part of the HelloSign Site represents to HelloSign that they are 18 years of age or older. We will delete any information we discover is collected from a minor. Please contact us using the contact details below if you believe we might have information about a minor.
8. Users from outside of the United States
EU-U.S. PRIVACY SHIELD AND SWISS-U.S. PRIVACY SHIELD
HelloSign participates in and has certified its compliance with the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (each, a "Privacy Shield Framework," or "Framework"). HelloSign is committed to subjecting all personal information received from European Union (EU) member countries and Switzerland, respectively, in reliance on the Privacy Shield Frameworks, to the Framework's applicable Principles (as such term is defined in each of the Frameworks). To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List. [https://www.privacyshield.gov/list]
HelloSign is responsible for the processing of personal information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. HelloSign complies with the Privacy Shield Frameworks for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, HelloSign is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, HelloSign may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
9. Changes to this policy
10. How to contact us
For questions or concerns regarding the collection, use, or disclosure of your information, you can contact us by sending an email to firstname.lastname@example.org or by contracting us at:
JN Projects, Inc. (dba HelloSign)
c/o Legal Team
301 Howard Street
San Francisco, CA 94105