Last Updated February 28th, 2020
Thank you for choosing to be part of our community at ProHabits, Inc. (“Company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at firstname.lastname@example.org.
1. Personal Data We Collect
In Short: We collect personal information that you provide to us. Some information — such as IP address and/or browser and device characteristics — is collected automatically when you visit our Services.
If you provide Personal Data to us electronically, you acknowledge and agree that such Personal Data may be transferred from their current location to offices and servers of ours and our subcontractors located in the United States and other countries in order to provide our services to you, consistent with applicable law.
We also may obtain Personal Data by recording how you use our products, for example through error reports or other usage data or by interacting with the daily microactions, reflections, and surveys issued by email, SMS messages, or through the ProHabits website.
ProHabits, in delivering its behavior change management products and services, also processes data supplied by its Clients about their employees in order to provide Clients with the full benefit of those products and services. Such data, like name, job title or function, e-mail address and phone number are collected under instructions set forth in the contract between ProHabits and its Clients.
When you utilize the Services, we may receive certain personally non-identifiable information about your use of the Website, product of Services. We may store such information ourselves or it may be included in databases owned and maintained by us, our subcontractors, agents or our business partners. We may use such information and pool it with other information to track, for instance, the total number of visitors, the domain names of our visitors’ Internet service providers.
Cookies and Similar Technologies
We also collect and/or log specific Website visitor information, which may include both non-identifiable information and Personal Data, including browser type, operating system, IP-addresses, cookie information, time stamp, and clickstream information. This data is collected through the use of log files, “cookies” or other similar technologies. “Cookies” are small files of data that may be sent to your web browser and stored on your computer. We may collect and store this information and combine it with other Personal Data you have provided.
We also use first-party and third-party cookies in online advertising efforts. When you visit the Website or use the Services, third parties may set cookies on your computer and use those cookies to collect information about you, including about your computer and how you use the Website or Services.
2. How We Use Personal Data
In Short: We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.
When ProHabits collects and processes Client employee data in accordance with a Client’s instructions set forth in our Client contract, we only use that employee data to provide products and services consistent with those Client instructions.
The collection, retention, and destruction of all Client employee data is, at all times, controlled by the Client (as the employer), and any questions or requests with regard to a Client employee’s Personal Data should be directed to that employer. However, if you would choose to direct yourself to ProHabits, we will forward your question or requests without undue delay to our Client and from then on, all communication regarding that question or request will be directly between you and our Client.
We may use your Personal Data in connection with the reason for which it was provided, such as to deliver the product or service you requested, answer the question you posed, or diagnose a technical support issue. We also may use it to send you product or service notices that may be of importance to you, prevent, detect or investigate the illegal or fraudulent activity, or use it as otherwise disclosed to you when you provide us the information.
3. Disclosing Personal Data
In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.
We will not use, share or distribute your Personal Data except as follows: i) as necessary to maintain the security of our products, ii) as required by applicable law, iii) for Client employees, as described in a contract between ProHabits and our Client, iv) or as otherwise set forth in the subsequent paragraphs of this Section directly below.
In the event of a sale, merger, reorganization, dissolution or similar event of/by ProHabits relating to all or a portion of its business, assets, Website or Services, Personal Data may be part of the transferred assets.
Service providers, subcontractors, agents
We sometimes hire other companies to perform certain business-related functions, for example hosting services or maintaining databases and conducting mailings on our behalf. When we employ another party to perform a service or function, we may need to provide them with access to certain Personal Data. In that event, we only provide them with the information that they strictly need to perform their specific service or function. We are accountable for any Personal Data that it receives from you and subsequently transfers to these third parties, in accordance with applicable privacy law. We remain responsible if a third-party that we engage to process Personal Data on our behalf does so in a manner inconsistent with applicable law unless we can prove that we are not responsible for the activities or circumstances giving rise to the claim.
We are adamant about ensuring our service providers have adequate safeguards and security frameworks in place and are in compliance with applicable data privacy laws and regulations.
We also may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) act in urgent circumstances to protect the personal safety of users of the Website or Services or the public, or (iv) protect against legal liability.
4. Access & Control of Personal Data
Visitors to the Website:
You can always choose whether you wish to receive communications from ProHabits and when you otherwise contact us directly, you can control what Personal Data you provide to us.
Employees of Clients of ProHabits should contact the appropriate person within their employer’s organization to understand, access, change and/or control what employee information is provided by the employer to ProHabits so that ProHabits may deliver its products and Services to the employer under their contract.
Publicly Available Information
Children & Minors
We do not knowingly collect data from or market to children under 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at email@example.com.
Links to Other Websites
The Website or Services may frame or contain references or links to other websites not owned, operated or controlled by ProHabits, and their privacy policies may differ from ours (the “External Websites”). We are not responsible for the privacy policies and procedures of External Websites and the privacy policies and procedures we describe here do not apply to External Websites. We recommend that you read and understand the privacy policies of External Websites.
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
We utilize commercially reasonable physical, technical, and administrative controls and procedures to safeguard the Personal Data provided to ProHabits and protect it from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully safe nor secured nor error-free. In particular, e-mail sent to or from us may not be secure. You should therefore take care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Data to us or our service providers electronically.
By visiting the Website or using the Services, you are responsible for maintaining the security of your forms of authentication needed to access secure areas or services. We may suspend your access to the Services, without notice and pending our investigation if a security breach is suspected.
7. Transfer of the Personal Information
Since your Employer may operate globally, they may transfer your data to other entities that may be located outside of the EEA. Where this is the case, your Personal Data shall remain protected by your Employer’s corporate rules and policies which guarantee an adequate level of data protection at all-time.
ProHabits, as a third-party service provider is also located outside of the EEA, where we are transferring some personal data. Your Employer has ensured that such transfer is subject to appropriate safeguards by, for example, putting in place standard data protection clauses adopted by the European Commission.
8. Retention Period
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
9. Privacy Rights
In Short: You may request to review, revise, or delete your Personal Data or information collected at any time.
You may ask us to provide you with access to any Personal Data ProHabits processes about you. You are also entitled to request for any incomplete or inaccurate Personal Data which relates to you to be corrected or to have your data completely deleted from the ProHabits platform (see: Account Information section below).
If you are resident in the European Economic Area, you also have the right to lodge a complaint with your national data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If your Employer has an EU-approved complaint resolution mechanism under its Binding Corporate Rules, you should consult those.
If you would at any time like to review or change the information in your account or terminate your account, you can contact us using the contact information provided.
Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. To opt-out of interest-based advertising by advertisers on our Services visit http://www.aboutads.info/choices/.
10. Compliance Mechanisms
When collecting, using and processing Personal Data, ProHabits will only do so in or to countries that guarantee an adequate level of data protection, as provided by the applicable European Data Protection legislation.
We also receive and process some data from Clients who operate in the European Union and transfer data to us under other compliance mechanisms, such as agreements to process data under the EU Standard Contractual Clauses.
11. Privacy Complaints
We are committed to safeguarding your privacy. ProHabits understands the significant importance of data protection and privacy and is fully committed to achieving compliance with the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
ATTN: Data Privacy Team
116 W Hubbard St., Ste. 200
Chicago, IL, 60654, USA