Introduction:
This privacy policy provides information on the use of Personally Identifiable Information (PII) online. PII refers to information that can identify, contact, or locate an individual, either alone or in combination with other data, according to US privacy law and information security. Please read our privacy policy carefully to understand how we collect, use, protect, and handle your Personally Identifiable Information in accordance with our website.
Our Privacy Policy outlines the information collected by Hyacen (“Company” or “we”) when you visit our website at https://hyacen.com (referred to as “Website” or “Site”), as well as our practices for collecting, using, maintaining, protecting, processing, and disclosing that information. By accessing or using this Site, you agree to comply with this Privacy Policy.
Changes and Updates:
We recommend reviewing our Privacy Policy and Terms of Use with each visit, as they may have been updated since your last visit. By using our Site, you indicate your agreement to the current Privacy Policy and the latest Terms of Use posted on our Site.
Scope of the Policy:
This Policy applies to information collected:
On this Site
When making purchases through this Site
In email and other electronic messages between you and this Website
When signing up for our newsletters
When registering and creating an account with us
When interacting with our advertising on third-party websites (e.g., Facebook, Google, Tiktok, LinkedIn, Twitter, and other social media sites and third-party sites that may advertise our products and include a link to this Site)
This Policy does not apply to information collected:
Offline or through any other means, including on any other website operated by the Company or any third party (including our affiliates and subsidiaries)
By any third party (including our affiliates and subsidiaries), except as expressly stated in this Privacy Policy.
Data Collected During Your Visit or Purchase on This Website:
We collect personal information from visitors of our website, blog, social media pages or app when they order or register on our site. This information may include their name, email address, mailing address, phone number, credit card details, or other necessary information to enhance their shopping experience.
Please review the following categories, examples, and sources to understand the type of information we collect on our website:
1. Category: Identifiers and Other Personal Information
Examples:
Name
Alias
Mailing address
Billing address
IP address
Email address
Account name
Password
Phone number
Signature
Credit card or other payment information (stored only by our payment processor and third-party fraud detection service provider)
Source: You, when you visit, create an account, make a purchase, or receive a gift from our site.
2. Category: Other Personal Information
Examples:
Phone number
Signature
Credit card or other payment information (stored only by our payment processor and third-party fraud detection service provider)
Source: You or the person who sent you a gift from this site.
3. Category: Internet and Other Network Activity
Examples:
Browsing history
Browser type
IP address
Device used to connect to this site
Search history
Your interaction with the website, including dates and times
Advertisements clicked on
The site you used to link here
Source: Automated technology such as cookies, Google Analytics, and web beacons.
4. Category: Your Consent, Selections, and Elections
Examples:
Your opt-out selections regarding advertising
Your opt-in and opt-out regarding newsletters
Source: You and your opt-in/opt-out selection.
Please refer to our section for California and EU residents for information regarding data collection and retention when exercising certain rights.
When do we collect information?
We collect information from you in the following instances:
When you register on our site
When you place an order
When you subscribe to a newsletter
When you provide feedback on our products or services
How do we use your information?
We may use the information we collect from you in the following ways:
When you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features, we utilize the information collected through automated technology to improve our website and provide a better and more personalized service. This enables us to:
Estimate audience size and usage patterns
Send you advertisements
Assist with site navigation
Store your preferences
Recognize you upon your return to our website
To personalize your experience and deliver the type of content and product offerings you are most interested in.
To better service you in responding to your customer service requests.
Uses of Other Information We Collect and/or You Provide:
We utilize the information collected about you or provided by you, including any personal information, for the following purposes:
Fulfilling orders, returns, and addressing your inquiries
Creating and maintaining your account with us, if you choose to create one
Detecting and preventing fraud
Sending you advertisements
Sending you newsletters if you opt-in to receive them
Providing information, products, or services requested by you
Maintaining the safety, security, and integrity of our website, databases, technology assets, and business
Carrying out obligations and enforcing rights arising from purchases and transactions between you and us, including billing and collection
Notifying you about changes to our website or products
Testing and improving our website
Responding to law enforcement requests and complying with applicable laws, court orders, or governmental regulations
Utilizing the information for any other purpose with your consent, as described when you choose to provide the information on this site
To ask for ratings and reviews of services or products
To follow up with you after correspondence (live chat, email, or phone inquiries)
Sell of your personal data:
We Do Not Sell Your Information:
We are committed to not selling your personally identifiable information to third parties, except for onward transfers.
For example, this may occur when transferring data to a buyer or successor in the event of a merger, divestiture, restructuring, or other sale or transfer of the Company’s assets.
What is Onward Transfer:
Onward transfer refers to the transfer of personal data to a fourth party or beyond. In the context of binding corporate rules, this may involve transferring data from the data subject (first party) to the controller (second party), the processor (third party), and a sub-contractor of the processor (fourth party). In cases of onward transfer, the controller remains accountable for the processing of personal data
Aggregated, Anonymous Information:
We may disclose aggregated information about our users, which does not identify any individual or include personal information. This information may be shared without any restrictions and may be anonymized by removing personally identifying details.
Retention of Your Information:
We retain your information only for as long as necessary to fulfill the purposes described in our privacy policy, meet our internal business needs, and comply with any legal requirements.
Right to Erasure or “Forget”:
Depending on your location, you may have the right to request the erasure or “forgetting” of your information. Please refer to our EU and California information for further details.
Our Information Protection Measures:
Vulnerability Scanning and PCI Standards:
We do not employ vulnerability scanning and/or scanning to PCI standards.
Payment Processing:
All credit card (CC) transactions are handled by an external PCI compliant payment gateway.
Malware Scanning:
We do not utilize Malware Scanning.
Secure Networks and Limited Access:
Your personal information is securely stored behind protected networks.
Access to this information is limited to a restricted number of individuals who possess special access rights.
These authorized personnel are obligated to maintain strict confidentiality of the information.
Encryption:
Any sensitive/credit information you provide is encrypted using Secure Socket Layer (SSL) technology.
Order Security Measures:
We have implemented various security measures to ensure the safety of your personal information when placing an order.
Transaction Processing:
All transactions are processed through a gateway provider.
We do not store or process any transaction data on our servers.
By following these measures, we aim to safeguard your information and maintain the highest level of security for our users.
Third-Party Service Providers and Your Purchasing/Return Activities:
When it comes to your purchasing and return activities, we don’t collect or store sensitive payment information such as credit card numbers, gift card details, or debit card information. To handle these transactions, we rely on trusted third-party service providers. Currently, we use PayPal for processing payments and other third-party providers to prevent fraud in our transactions.
If you choose to use specific payment methods like Apple Pay or PayPal, please note that the respective platforms will collect your transaction information. We advise you to carefully review the terms of use and privacy policies of these providers. During the checkout or return process, your transaction information, including your name, password, email, and payment details, will be stored securely by our third-party provider(s).
You have the option to check out as a guest without creating an account. Our payment processing and fraud detection service providers have obtained certification for compliance with Payment Card Industry (PCI) standards. They are committed to maintaining your information in accordance with applicable laws such as the CCPA and GDPR.
Please be assured that these third-party providers are authorized by us solely to facilitate our business with you and to meet legal obligations, such as verifying the absence of fraudulent transactions. Moreover, they have committed to cooperating with us in honoring your choices, such as exercising your right to be forgotten under EU or California laws.
Automated Technology and Your Options:
Cookies:
We use cookies, which are small files transferred to your computer’s hard drive through your web browser, to enhance your browsing experience. Cookies enable our site or service provider to recognize your browser, capture and remember certain information, and understand your preferences based on previous or current site activity. They help us remember and process items in your shopping cart, compile aggregate data about site traffic and interaction, and improve our services. Cookies also assist in tracking advertisements.
By adjusting your browser settings, you can choose to receive a notification each time a cookie is sent or disable all cookies. However, please note that turning off cookies may affect the efficiency and functionality of certain features on our site, impacting your user experience.
Web Beacons:
Our website, emails, and services may contain web beacons, which are small electronic files such as clear GIFs, pixel tags, or single-pixel GIFs. These web beacons allow us to track various statistics, including the number of users who visit specific pages or open emails, and assess system and server integrity. They help us understand the popularity of content and improve our offerings.
Google Analytics:
We may utilize “Google Analytics” to collect information about the use of our site. Google Analytics gathers data on user visits, pages visited, and previous websites accessed. This information is used solely to enhance our site and is not combined with personally identifiable information. Google Analytics places a permanent cookie on your web browser to identify you as a unique user during future visits. The use and sharing of this information are subject to the Google Analytics Terms of Use and Google Privacy Policy. For more information on Google Analytics, please refer to their privacy policy [https://policies.google.com/technologies/partner-sites]. If you prefer not to have your data used by these cookies, you can opt-out using the Google Analytics opt-out available [Google Analytics Opt-Out URL].
Handling Do Not Track Signals:
While some web browsers may transmit “Do Not Track” signals, there is currently no standard governing the response of websites and online services to these signals. We do not currently take any action in response to these signals. If a standard is established, we may revise our policy accordingly.
Correction of Information & Requests to Erase:
To correct, update, or request the erasure of your personal information (“forgetting you”), we require identity verification before processing the request. We also collect your contact information to respond. We maintain records of these requests, including requester details, response method, response time, and provided information.
Please note that we do not collect sensitive information like religious beliefs or health data.
Choices and Opting In or Out:
We offer control over your personal information through the following mechanisms:
Online Advertising: Opt out of receiving advertising from us by clicking here. Some platforms we use may also allow you to opt out of receiving further advertising from us.
Newsletters: Opt out of receiving newsletters about our products at any time by clicking the unsubscribe link at the bottom of the newsletter.
Continued Communication After Opting Out: Even if you opt out, we may still send you correspondence regarding specific topics, such as purchases, identity verification for “forget you” requests, rights enforcement, or alerts related to fraud, payments, or our website.
Accessing and Correcting Your Information:
If you believe your information is incorrect or needs updating (e.g., change of shipping address), we’ll assist you. clicking here or access your registered account to make changes. Identity verification may be required for certain requests (explained for children, California residents, and EU residents).
Please note that we may not accommodate requests to change information if it violates the law or results in incorrect information.
User Account Passwords:
When creating an account on our site, please choose a unique password for your protection. Avoid using the same password for multiple accounts, such as your HYACEN account, bank account, or Gmail account. Do not share your password with anyone. If you suspect any compromise of your password or account, please contact us immediately at support@hyacen.com.
Disclosure of Personal Information:
We may disclose personal information to the following parties:
Our subsidiaries, affiliates, and trusted third-party contractors who support our business, such as payment processors and fraud detection services.
In the event of a merger, acquisition, or asset transfer, personal information about our website users or customers may be transferred to a buyer or successor, either as part of a going concern or a bankruptcy, liquidation, or similar proceeding
Parties to whom you request us to disclose your information, as outlined in the California and EU resident sections below.
Other parties with your explicit consent.
Additionally, we may disclose your personal information:
To comply with court orders, laws, or legal processes, including government or regulatory requests.
To enforce our terms of use (available at [insert terms of use URL]).
If we believe disclosure is necessary to protect our business, users or customers, or others.
Third-Party Links:
We may occasionally include or provide third-party products or services on our website, at our discretion. These third-party sites have their own separate and independent privacy policies. We are not responsible or liable for the content and activities of these linked sites. However, we value the integrity of our site and appreciate any feedback regarding these sites.
COPPA (Children Online Privacy Protection Act):
COPPA (Children Online Privacy Protection Act) empowers parents to control the collection of personal information from children under 13 years old. The COPPA Rule, enforced by the Federal Trade Commission (FTC), outlines obligations for website and online service operators to ensure children’s privacy and safety online.
We don’t target children under 13 for marketing purposes.
Children:
If you’re under 13, please refrain from using this site.
In certain EU countries, if you’re at least 13 but not yet 16, you may need parental or guardian approval. Check this link for your EU member state’s specific requirements: [https://europa.eu/youreurope/business/dealing-with-customers/data-protection/data-protection-gdpr/index_en.htm#shortcut-12].
We’ll request your birthdate only if mandated by law; otherwise, it’s optional. If you’re under 18, parental or guardian consent is required to register an account.
Parent/Guardian Right of Access:
Your parent/legal guardian can inquire about the information we’ve collected on you. Before sharing the information, we’ll verify their identity and collect their contact details for proper response.
For more information on children’s online privacy, visit the FTC’s resource page: [https://www.ftc.gov/business-guidance/privacy-security/childrens-privacy].
We don’t knowingly collect information on children under 13. If a parent/legal guardian believes we’ve obtained information on their child under 13, please contact us at support@hyacen.com.
California Privacy Rights:
Our privacy policy explains the information we collect, how we use it, its sources, and the parties we share it with. We also address security practices, provide dispute resolution contact details, and explain how to correct your information. This policy also covers information collected about children.
As a California resident, you have additional rights. Here’s more information about our practices:
We do not collect sensitive information such as social security numbers, passport numbers, driver’s license numbers, health information, sexual orientation, and more.
We do not profile you based on psychological trends, intelligence, aptitudes, or behavior.
If you’re a California resident, we use personal information to:
Process requests to change, access, or delete your information.
Verify your identity for processing these requests.
In the past twelve months, we haven’t sold your personal information. If we consider selling it in the future, we will notify you and provide an opt-out option.
Your Rights and Choices:
Under the California Consumer Privacy Act (CCPA), you have specific rights concerning your personal information. This section explains your CCPA rights and how to exercise them.
Access to Information and Data Portability:
You can request information about our collection and use of your personal information over the past year. We’ll disclose:
Categories of personal information collected.
Sources from which we collected your information.
Business or commercial purpose for collection.
Categories of third parties with whom we share your information.
Specific pieces of personal information collected (data portability request).
Disclosures of your information for business purposes, the purpose, and the categories obtained by each recipient.
Deletion Request (Right to Be Forgotten): You can request the deletion of your personal information we collected and retained, with exceptions. Once we verify your request, we’ll delete your information (and direct our service providers to do the same), unless an exception applies.
We may deny your deletion request if retaining the information is necessary for:
Completing a transaction or providing requested services.
Detecting and protecting against security incidents and illegal activity.
Complying with legal obligations.
Making other lawful uses compatible with the context of your information.
Exercising Access, Data Portability, and Deletion Rights: To exercise your rights, submit a verifiable consumer request to us at support@hyacen.com.
Please note that we may require information to verify your identity and ensure CCPA compliance.
We’ll respond within the required timeframes, up to 45 days, as mandated by law.
Verifiable Consumer Requests for Personal Information:
Only you or your legally authorized representative can submit a verifiable consumer request for your personal information. If you are making a request on behalf of your minor child (under 18 years old in California), you may do so as well.
Please note that you can make a verifiable consumer request for access or data portability twice within a 12-month period. To ensure your request is valid, please:
Provide sufficient information for us to verify your identity or the identity of the person whose personal information we have collected, or demonstrate your authority to act on their behalf.
Clearly describe your request so that we can properly understand, evaluate, and respond to it.
If we are unable to verify your identity or authority, or confirm that the personal information pertains to you, we will be unable to fulfill your request or provide you with the requested information.
Creating an account with us is not necessary to make a verifiable consumer request.
Any personal information provided in a verifiable consumer request will solely be used to verify the identity or authority of the requestor.
Response Timing and Format:
We aim to respond to your verifiable consumer request within 45 days of receiving it. If we require additional time, we will notify you in writing and explain the reason for the extension. Our response can be delivered to you either by mail or electronically, depending on your preference.
The information we provide will cover the 12-month period preceding the receipt of your verifiable consumer request. If applicable, we will also explain any reasons for being unable to fulfill a request. For data portability requests, we will provide your personal information in a readily usable format that allows for easy transmission to another entity.
We do not charge a fee for processing or responding to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If a fee is warranted, we will provide an explanation and estimate the cost before proceeding with your request.
Non-Discrimination:
We do not engage in discriminatory practices against you for exercising your CCPA rights.
Under the CCPA, we will not:
Deny you goods or services.
Charge different prices or rates for goods or services, including granting discounts or other benefits, or imposing penalties.
Provide a different level or quality of goods or services.
Suggest that you may receive a different price, rate, level, or quality of goods or services.
Hyacen may offer financial incentives permitted by the CCPA, which may result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will be based on the value of your personal data and will include written terms explaining the essential aspects of the program. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
California Online Privacy Protection Act:
California Online Privacy Protection Act (CalOPPA) is a pioneering state law that mandates commercial websites and online services to display a privacy policy. This law applies not only to California but also to any person or company operating websites within the United States (and potentially worldwide) that gather Personally Identifiable Information from California consumers. The privacy policy must be prominently visible on the website, explicitly stating the information collected and the entities it is shared with. (Source: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf)
In accordance with CalOPPA, we adhere to the following guidelines:
Users can visit our site anonymously.
Our privacy policy will be linked on our home page or, at the very least, on the first significant page users encounter upon entering our website.
The link to our Privacy Policy contains the term ‘Privacy’ and is easily accessible on the specified page.
You will be notified of any changes made to the Privacy Policy on our dedicated Privacy Policy Page.
To modify your personal information, you have two options:
Emailing us
Logging in to your account
EU, Swiss, and European Economic Area Site Visitors:
Dear Visitors from the EU, EEA, and Switzerland,
We would like to provide you with additional information regarding the collection, use, and disclosure of your information when visiting our site in the United States.
Consent: When you register for an account or choose to receive our newsletters, we will explicitly request your consent. If you grant consent, the information you provide during registration will be transferred to our servers and third-party processors located in the United States. If you previously consented to receive advertisements and/or newsletters, you can opt out by unsubscribing the newsletter. Please note that identity verification may be required before we can cancel an account.
Purchases: If you make a purchase through our site, your payment information and transaction details will be received by our third-party payment processor. However, if you decide not to make a purchase, there is no obligation to provide payment information, shipping details, or contact points. Our third-party service providers assist us in processing payments and preventing fraud. As stated in this policy, these third parties have agreed to process your information in compliance with the GDPR. Ultimately, the choice to proceed with a purchase on this site is yours.
EU, EEA, and Swiss Residents’ Rights:
We are committed to ensuring the reliability, accuracy, completeness, and currency of your information. This site provides information and resources to help you exercise your rights.
Third-Party Transfers:
We may transfer your information to third-party agents (referred to as “processors” under GDPR) or service providers who perform functions on our behalf. These providers are obligated to handle your data in compliance with GDPR through contractual clauses or data transfer agreements. They are restricted to using your data only for the specified services we require. We take appropriate measures to ensure their compliance.
Security:
We maintain reasonable and appropriate security measures to protect your information in accordance with GDPR. This includes safeguards against loss, misuse, unauthorized access, disclosure, alteration, or destruction.
Accessing, Correcting, and Deleting Your Information:
You have the right to access, correct, amend, or delete the information we hold about you if it is inaccurate or processed in violation of GDPR. To exercise these rights, please contact us using the following email id: support@hyacen.com.
Retention and Destruction:
Unless you request otherwise, we have procedures in place to delete your information when it is no longer needed and not legally required to be retained.
Exceptions to Access Rights:
Access rights may not apply in certain cases, such as when providing access would be unreasonably burdensome or expensive, or if it would violate someone else’s rights. We may also decline erasure requests if we need to retain the information for legal claims.
Requesting Access or Making Complaints:
To request access, correction, amendment, deletion, or if you have any questions or complaints regarding the use or disclosure of your information, please submit a written request using the contact information provided below.
Verification and Response Time:
To confirm your identity, we may request specific information. In some cases, a reasonable fee may be charged for providing access. We will respond to verified requests within a reasonable timeframe, but no later than 30 days.
Complaints:
If we have not followed your consent or honored your lawful requests and you are a resident of the EEA, you have the right to lodge a complaint with your local data protection supervisory authority. Contact details for these authorities can be found at [URL for data protection supervisory authorities].
Security:
We have implemented reasonable measures to secure your personal information, regardless of your location. Your information is stored on our servers in the United States, protected by firewalls.
Your Responsibility:
If you have been provided with a password to access specific parts of our website, please keep it confidential. We kindly request that you do not share your password with anyone.
Fair Information Practices
The Fair Information Practices Principles are fundamental to privacy law in the United States and have played a significant role in shaping data protection legislation worldwide. Understanding and implementing these principles is crucial for compliance with privacy laws that safeguard personal information.
In the event of a data breach, we will promptly take the following actions in accordance with Fair Information Practices:
Notify you via email within 7 business days.
We also uphold the Individual Redress Principle, which grants individuals the right to pursue enforceable rights against data collectors and processors who fail to comply with the law. This principle ensures that individuals not only have the ability to enforce their rights against data users but also have access to legal recourse through courts or government agencies to investigate and prosecute non-compliance by data processors.
Protection of Your Information:
At our organization, we recognize the significance of safeguarding your personal information. It is important to note, however, that transmitting information online cannot be entirely guaranteed to be secure. While we take reasonable precautions to protect your personal information, we cannot provide absolute assurance regarding the security of information transmitted to our website. Therefore, any transmission of personal information is undertaken at your own risk. Unless otherwise mandated by law, we cannot be held responsible for any unauthorized access to privacy settings or circumvention of security measures on this site.
Responsibility of Third-Party Partners:
We would like to emphasize that we cannot be held accountable for any data breaches that may occur with our third-party partners, including those involved in web services, payment processing, logistical supply, goods delivery, third-party analytics, social media marketing, or any other services. Although we carefully select our partners and ensure their adherence to industry standards, we do not have control over their data protection practices.
Need more help to understand the privacy policy?
We prioritize transparency, and we will promptly update this page with any revisions to our privacy policy.
If you have any inquiries or feedback regarding our privacy policy and practices, please reach out to us at: support@hyacen.com
When contacting us, please provide your country and state of residence.