GDPR POLICY
GDPR POLICY
Updated: April 28, 2022
This General Data Protection Regulation Policy (“GDPR Policy”) governs Hesperios’s collection and use (“Processing”) of the personal information of persons residing in the European Union and other jurisdictions that have adopted the EU’s Data Protection Regulation (“Data Subjects”), and is incorporated by reference into Hesperios’s. Hesperios’s obligations to Data Subjects as an entity that determines the purposes and means of the collection and use of your personal information (“Data Controller”) and/or as an entity that process the information (“Data Processor”) are set forth below.
The capitalized terms that appear in this GDPR Policy have the same meanings as in Hesperios’s Terms and Policies and Privacy Policy unless they are defined in this policy. Other capitalized terms that are defined in this policy have the same meanings as in the GDPR. Please click for the text of the GDPR.
By using the Services, you agree to this GDPR Policy. If you do not agree to this GDPR policy, you may not use the services.
We reserve the right to modify this GDPR Policy at any time without prior notice. It is your responsibility to check this GDPR Policy periodically for changes. Your continued use of the Website or the Services following the posting of changes to this GDPR Policy constitutes your acceptance of the changes.
Consent to processing
Data Subjects who create an Account to use the Services will be asked to affirmatively consent to the Processing of their personal information and the receipt of electronic communications pursuant to Hesperios’s Privacy Policy. Data Subjects are not required to provide their consent. However, if Data Subjects do not consent to the Processing of their personal information, they will not be able to use the Services, and if they do not wish to provide certain types of information, their use of the Services may be adversely affected and they may not receive certain communications.
Purpose of processing
The purpose of Processing Data Subjects’ personal information is to provide the Website and the Services available on the Website.
Legal basis for processing
The legal bases for the Processing of Data Subjects’ personal information may include one or more of the following:
- The Data Subject’s consent, which may be provided when the Data Subject creates an Account to use the Services.
- Hesperios’s legitimate interest in collecting and using such information, such as when we use the Data Subject’s information to provide and improve the Services.
- Hesperios’s legal obligations (other than its contractual obligations to the Data Subject), such as when Hesperios is required to respond to governmental demands for such information.
Rights of data subjects
Data Subjects have the following rights under the GDPR.
- The right to be informed about Hesperios’s policies regarding their personal information, including with respect to the purposes of Processing the information, the legal basis for the Processing, the recipients of the information, where the Processing of the information takes place and contacting Hesperios.
- The right to access their information.
- The right to the correction of their information.
- The right to the deletion of their information (i.e., the “right to be forgotten”), including if the information is no longer required for the purpose for which it was collected, if they withdraw their consent for the Processing of their information, if they request the deletion of their information, and if the Processing of the information has been unlawful.
- The right to restrict the Processing of their information, including if they contest the accuracy of the information or if the Processing of the information is unlawful.
- The right to receive a copy of the information that they provided to Hesperios in a structured, commonly used, and machine-readable format and to transmit the information to another entity.
- The right to object to the Processing of their information, including if the legal bases for the Processing no longer apply, or if the information is used for direct marketing purposes or profiling related to direct marketing purposes.
- The right not to be subject to decisions based solely on automated decision-making processes.
To the extent that Data Subjects do not believe such rights are being provided, they may contact Hesperios as provided below.
Data processing
Data transfers
Data Subjects’ personal information may be transferred outside the EU given that Hesperios’s servers are located in the United States, and you consent to any such transfers that are made in accordance with the terms of this GDPR Policy.
Data Protection Officer
Data Subjects who wish to direct questions, complaints, or other communications to the person at Hesperios who monitors compliance with the GDPR (“Data Protection Officer”), including with regard to all issues related to the Processing of their personal information and the exercise of their rights under the GDPR, should contact Hesperios as set forth in the “Contact us” section of this policy. Data Subjects who are not satisfied with the Data Protection Officer’s responses and who wish to obtain the contact information of the entity authorized to act on Hesperios’s behalf in the European Union (“Representative”), or the entities responsible for overseeing compliance with the GDPR in the countries where Hesperios provides the Services (“Supervisory Authority”), should also contact Hesperios as follows.
Questions? Contact Us
If you have any questions, comments, or concerns, please contact ben@hesperios.com
Hesperios, INC.
+1 (212) 226.2413
hello@hesperios.com