Tigerhall Privacy Policy
Effective Date: 30 November 2023
Tigerhall Pte Ltd (“Tigerhall”, “we”, “us”, or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information.
1. Scope
This Privacy Policy describes the processing of information provided or collected on the site(s) and/or application(s) where this Privacy Policy is posted. This Privacy Policy applies to all users of our service. We follow this Privacy Policy in accordance with applicable law in the places where we operate and process personal information.
The personal information we collect is covered by this Privacy Policy. Please note that our site(s) and/or application(s) may contain links to other sites not owned or controlled by us, and therefore we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our sites or applications and to read the Privacy Policy of other sites that may collect your personal information.
2. Data Controller & Data Processor
We collect and process your personal information, and act as a “data controller” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for deciding why and how personal data is processed.
We also collect and process your personal information, and act as a “data processor” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for processing (or performing any actions on data, whether automated or manual, such as collecting, recording, organizing, structuring, storing, using, erasing, or etc.) personal data on behalf of a data controller.
3. Information We Collect
3.1: Personal Information
We may collect and process personal information about you, such as:
Name
Contact information (email address, phone number, address)
Identification information (i.e. government-issued ID, passport number, etc.)
Job Title
Company you work for
3.2: Automatically Collected Information
We may also collect certain information automatically when you visit our website or use our services, such as your IP address, browser type, and usage data.
3.3 Information From Other Sources
We may receive personal data about you from other sources to supplement data already collected. This may include publicly available data or data provided by third parties. We may combine this data with the data we already have. We will handle this data in accordance with this Privacy Policy and the purposes outlined when the data was collected. We will notify you if there are any material changes to the way we intend to use this data. Please note that we are not responsible for the accuracy of the data provided by third parties or any consequences arising from the use of such data.
3.4. Consent
By using our services, you agree to the terms and conditions outlined in this Privacy Policy. Your continued use of our services constitutes implicit consent to the collection, processing, and sharing of your personal data as described herein.
We make every effort to ensure that our privacy practices are transparent and understandable. By using our services, you acknowledge that you have read and understand this Privacy Policy.
If you do not agree with any terms outlined in this policy, please refrain from using our services.
4. How We Use Your Information
We collect information you provide for the following purposes:
Service Delivery: We use your personal information to provide you with the products or services you have requested. This may include processing your payment, shipping products to your address, or providing access to our online services. The lawful basis for this processing is typically the performance of a contract because we need to process your data to fulfill our contractual obligations to you.
Communication: We may use your contact information to communicate with you. This includes sending transactional emails, service updates, and responding to your inquiries or requests. We may also use your contact information for marketing purposes, such as sending newsletters or promotional offers if you have provided your consent or if we have a legitimate interest in doing so. The lawful basis for processing personal information for communication is legitimate interests and, when applicable, consent if you have provided it.
Account Management: We use your personal information to manage your account, including account setup, verification, and maintenance. This ensures the security and functionality of your account on our platform. The lawful basis for this processing is typically the performance of a contract to maintain your account.
Customer Support: Your information allows us to provide customer support when you have questions or encounter issues with our products or services. This may include troubleshooting, resolving complaints, and addressing your concerns. This processing is based on the legitimate interests to assist you in using our services effectively.
Social Learning: We may use your information to create your profile which can be viewed by fellow users on the platform.
Improvement of Services: We analyze your data to understand how our services are used and to make improvements. This includes enhancing the user experience, developing new features, and optimizing the performance and security of our products. This processing is also based on legitimate interests to improve and maintain the quality of our services.
Legal Compliance: We may process your personal information to comply with our legal obligations, such as tax reporting, responding to legal requests, or assisting law enforcement agencies when required by law. This processing is necessary to fulfill legal obligations.
Contractual Obligations: If you are a client or business partner, we may use your personal information to fulfill our contractual obligations, including managing contracts, invoicing, and providing support as agreed upon in our business relationship. The lawful basis for this processing is the performance of a contract.
Fraud Prevention and Security: We use your information to protect against fraud, unauthorized access, and other security risks. This may include monitoring account activities and implementing security measures. The lawful basis for this processing is legitimate interests to ensure the security and integrity of our services.
Aggregated and Anonymized Data: We may aggregate and anonymize your data to create statistical or research reports, which do not personally identify you. This information may be used for business analysis, marketing, and sharing with partners or clients. The lawful basis for processing aggregated and anonymized data is legitimate interests and the fact that this data is no longer considered personal information.
Other Purposes: In addition to the purposes listed above, we may use your personal information for other legitimate purposes, provided that they are compatible with the original reasons for which your data was collected. For these other purposes, we will rely on legitimate interests or other lawful bases as required by applicable laws.
5. Data Sharing
We will not share your personal information with third-parties, unless explicitly authorized to do so. Please note that when your personal information is shared with an authorized third- party, the information received by that third-party is controlled by that company, and therefore becomes subject to that company’s Privacy Policy.
We may share your personal information with the following categories of recipients:
Service Providers: We may share your personal information with third-party service providers who assist us in delivering our products and services. These service providers include AWS, New Relic, Retool, Segment, Amplitude, Metabase, Tableau, Braze, Hubspot, Apple and Stripe. We will only share the necessary data to fulfill their specific tasks and will have contracts or agreements in place to ensure they process your data securely. The lawful basis for sharing data with service providers is typically the necessity for the performance of a contract or, in some cases, legitimate interests, provided that these interests are not overridden by your data protection rights).
Business Partners and Affiliates: In some cases, we may share personal information with our business partners and affiliates, but only when it is necessary for the performance of a contract, the provision of services, or as part of a legitimate business interest. For example, we may share data with a partner organization involved in co-branded events or services. Sharing data with business partners and affiliates may be necessary for the performance of a contract or based on legitimate interests, especially when these partnerships are essential for delivering integrated or co-branded services.
Legal Authorities: We may be required to share personal information with legal authorities, regulatory bodies, or law enforcement agencies when necessary to comply with legal obligations or respond to valid requests for information, as permitted by the law. The lawful basis for sharing with legal authorities is the necessity to comply with a legal obligation.
Merger or Acquisition: In the event of a merger, acquisition, or sale of all or part of our business,thesharingofpersonalinformationwiththeacquiringentityorparties involvedinthetransactionmay be based on legitimate interests, as it's necessary for the legitimate interests pursued by us or the acquiring entity. We will ensure that your data remains protected and used in accordance with this Privacy Policy.
Publicly Available Information: We may share personal information that is publicly available, such as information from public records or online sources. However, we will do so only when it is relevant to the purposes for which your data was collected and used. Sharing publicly available personal information is typically based on legitimate interests, as it is in the legitimate interests of our business to use publicly available data for relevant purposes.
With Your Consent: We may share your personal information with third parties if you have provided your explicit consent for such sharing. We will always request your consent before sharing your data for specific purposes. If you have provided explicit consent for sharing your personal informationwithspecific third parties, the lawful basis for sharing is your consent.
Other Legitimate Business Interests: In certain cases, we may share personal information with other parties for legitimate business interests.The sharing of this personal information may be based on legitimate interests. We will always ensure that such sharing is conducted in accordance with applicable data protection laws and respect your rights.
6. Data Subject Rights
If you are a user under a company contract, please contact your company contact person to submit any data requests.As a data subject, we will provide you with the following rights:
6.1 Right to Access
You have the right to request access to your personal data that we process. This means you can ask us to provide you with information about what personal data we hold about you and how we use it.
6.2 Right to Rectification
You can request the correction or updating of your personal data if it is inaccurate or incomplete. We will make the necessary changes and inform any third parties to whom we have disclosed the data.
6.3 Right to Erasure (Right to Be Forgotten)
You can request the deletion of your personal data under certain circumstances. This right is not absolute and can be exercised if the data is no longer necessary, you withdraw consent, or the data processing is unlawful.
6.4 Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data under specific circumstances. This means we will limit the way we use your data but not delete it entirely. This right might be exercised when you contest the accuracy of the data, the processing is unlawful, or you need the data for legal claims.
6.5 Right to Data Portability
You can request a copy of your personal data in a structured, commonly used, machine- readable format, or you can ask us to transmit it directly to another data controller where technically feasible. This right is applicable when processing is based on consent or the performance of a contract.
6.6 Right to Object
You have the right to object to the processing of your personal data, including processing based on legitimate interests or for direct marketing purposes. We will stop processing your data for such purposes unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
6.7 Automated Decision-Making and Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal or significant effects on you.Youmay request human intervention in the decision-making process. We will inform you when such decisions are made, provide you with the opportunity to express your point of view, and ensure there are human interventions available.
6.8 Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Any requests submitted by data subjects will be assessed for validity before being processed, including confirming the identity of the data subject.
7. Data Security
We implement and maintain reasonable and appropriate technical and electronic safeguards to protect the security of your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
While we implement these security measures to protect your data, it is important to understand that no online platform can guarantee absolute security. Therefore, we encourage you to take necessary, best-practice security precautions such as strong, unique passwords and being cautious with the sharing of login credentials.
In the event of a data breach or security incident, we will take immediate action to isolate and resolve the incident based on our incident response resolution procedures, notify relevant authorities, and inform affected data subjects in compliance with applicable data protection laws.
8. Cookies and Tracking Technology
We may use “cookies” (or similar tracking technology) on our website. Cookies are text files that our web server may play on your hard disk to store your preferences. When you visit our website, you will be presented with a cookie banner or pop-up requesting your consent to use non-essential cookies. You have the right to accept or decline the use of such cookies. Your consent can be managed and changed at any time through your device or browser settings.
Cookies, by themselves, do not provide us with any PII unless you explicitly choose and consent to provide this information to us. Once you choose and consent to provide PII, however, this information may be linked to the data stored in the cookie. If you choose to turn off collection of cookies through your device or browser, certain features of our service may not function properly without the aid of cookies.
Our website may also incorporate third-party cookies and tracking technologies. These technologies are subject to the privacy policies and practices of the respective third parties. We encourage you to review the privacy policies of these third parties for information on how they collect and use your personal data.
9. Children
We do not knowingly collect any information from minors. In situations where personal data from anyone under the age of 16 is needed for data processing activities, we will obtain authorization from an appropriate parent or guardian. If such authorization is unable to be obtained, data processing activities for that data subject will be terminated. In the event that we discover that a minor under the age of 16 has provided PII to us, we will make efforts to delete the information ASAP. If you have concerns about our website or service offering, wish to find out if your child has accessed our services, or wish to remove your child’s personal data from our servers, please contact us atsupport@tigerhall.com
10. European Data Protection Rights
If the processing of personal data about you is subject to European Union (EU) data protection law, you have certain rights with respect to that data. Please refer to section “6. Data Subject Rights” above for a listing of these rights.
Additionally, our processing of your personal data is based on specific legal bases as defined in EU data protection law. Please refer to section “5. Data Sharing” above for a listing of these legal bases.
11. Location of Personal Information
Our service is hosted in Europe and all personal information collected with the service is stored in the United States & Europe. If you are visiting our site, using our service, or otherwise providing information to us outside Europe/Australia, please be aware that you are transferring personal data to the United States & Europe.
12. Updates to this Privacy Policy
We periodically review this Privacy Policy and may make updates to reflect changes in our practices, for legal reasons, or to meet new regulatory requirements. Your continued use of our services following any notice of changes to this Privacy Policy means you accept such changes. Please refer to the “Effective Date” above for details on when this Policy was last updated.
13. Contact Us
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at support@tigerhall.com. If you are a user under a company contract, please approach your company contact person for any queries or to submit any data requests relating to your rights as a data subject including the rights noted in section “6. Data Subject Rights”.
Tigerhall Pte Ltd (“Tigerhall”, “we”, “us”, or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information.
1. Scope
This Privacy Policy describes the processing of information provided or collected on the site(s) and/or application(s) where this Privacy Policy is posted. This Privacy Policy applies to all users of our service. We follow this Privacy Policy in accordance with applicable law in the places where we operate and process personal information.
The personal information we collect is covered by this Privacy Policy. Please note that our site(s) and/or application(s) may contain links to other sites not owned or controlled by us, and therefore we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our sites or applications and to read the Privacy Policy of other sites that may collect your personal information.
2. Data Controller & Data Processor
We collect and process your personal information, and act as a “data controller” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for deciding why and how personal data is processed.
We also collect and process your personal information, and act as a “data processor” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for processing (or performing any actions on data, whether automated or manual, such as collecting, recording, organizing, structuring, storing, using, erasing, or etc.) personal data on behalf of a data controller.
3. Information We Collect
3.1: Personal Information
We may collect and process personal information about you, such as:
Name
Contact information (email address, phone number, address)
Identification information (i.e. government-issued ID, passport number, etc.)
Job Title
Company you work for
3.2: Automatically Collected Information
We may also collect certain information automatically when you visit our website or use our services, such as your IP address, browser type, and usage data.
3.3 Information From Other Sources
We may receive personal data about you from other sources to supplement data already collected. This may include publicly available data or data provided by third parties. We may combine this data with the data we already have. We will handle this data in accordance with this Privacy Policy and the purposes outlined when the data was collected. We will notify you if there are any material changes to the way we intend to use this data. Please note that we are not responsible for the accuracy of the data provided by third parties or any consequences arising from the use of such data.
3.4. Consent
By using our services, you agree to the terms and conditions outlined in this Privacy Policy. Your continued use of our services constitutes implicit consent to the collection, processing, and sharing of your personal data as described herein.
We make every effort to ensure that our privacy practices are transparent and understandable. By using our services, you acknowledge that you have read and understand this Privacy Policy.
If you do not agree with any terms outlined in this policy, please refrain from using our services.
4. How We Use Your Information
We collect information you provide for the following purposes:
Service Delivery: We use your personal information to provide you with the products or services you have requested. This may include processing your payment, shipping products to your address, or providing access to our online services. The lawful basis for this processing is typically the performance of a contract because we need to process your data to fulfill our contractual obligations to you.
Communication: We may use your contact information to communicate with you. This includes sending transactional emails, service updates, and responding to your inquiries or requests. We may also use your contact information for marketing purposes, such as sending newsletters or promotional offers if you have provided your consent or if we have a legitimate interest in doing so. The lawful basis for processing personal information for communication is legitimate interests and, when applicable, consent if you have provided it.
Account Management: We use your personal information to manage your account, including account setup, verification, and maintenance. This ensures the security and functionality of your account on our platform. The lawful basis for this processing is typically the performance of a contract to maintain your account.
Customer Support: Your information allows us to provide customer support when you have questions or encounter issues with our products or services. This may include troubleshooting, resolving complaints, and addressing your concerns. This processing is based on the legitimate interests to assist you in using our services effectively.
Social Learning: We may use your information to create your profile which can be viewed by fellow users on the platform.
Improvement of Services: We analyze your data to understand how our services are used and to make improvements. This includes enhancing the user experience, developing new features, and optimizing the performance and security of our products. This processing is also based on legitimate interests to improve and maintain the quality of our services.
Legal Compliance: We may process your personal information to comply with our legal obligations, such as tax reporting, responding to legal requests, or assisting law enforcement agencies when required by law. This processing is necessary to fulfill legal obligations.
Contractual Obligations: If you are a client or business partner, we may use your personal information to fulfill our contractual obligations, including managing contracts, invoicing, and providing support as agreed upon in our business relationship. The lawful basis for this processing is the performance of a contract.
Fraud Prevention and Security: We use your information to protect against fraud, unauthorized access, and other security risks. This may include monitoring account activities and implementing security measures. The lawful basis for this processing is legitimate interests to ensure the security and integrity of our services.
Aggregated and Anonymized Data: We may aggregate and anonymize your data to create statistical or research reports, which do not personally identify you. This information may be used for business analysis, marketing, and sharing with partners or clients. The lawful basis for processing aggregated and anonymized data is legitimate interests and the fact that this data is no longer considered personal information.
Other Purposes: In addition to the purposes listed above, we may use your personal information for other legitimate purposes, provided that they are compatible with the original reasons for which your data was collected. For these other purposes, we will rely on legitimate interests or other lawful bases as required by applicable laws.
5. Data Sharing
We will not share your personal information with third-parties, unless explicitly authorized to do so. Please note that when your personal information is shared with an authorized third- party, the information received by that third-party is controlled by that company, and therefore becomes subject to that company’s Privacy Policy.
We may share your personal information with the following categories of recipients:
Service Providers: We may share your personal information with third-party service providers who assist us in delivering our products and services. These service providers include AWS, New Relic, Retool, Segment, Amplitude, Metabase, Tableau, Braze, Hubspot, Apple and Stripe. We will only share the necessary data to fulfill their specific tasks and will have contracts or agreements in place to ensure they process your data securely. The lawful basis for sharing data with service providers is typically the necessity for the performance of a contract or, in some cases, legitimate interests, provided that these interests are not overridden by your data protection rights).
Business Partners and Affiliates: In some cases, we may share personal information with our business partners and affiliates, but only when it is necessary for the performance of a contract, the provision of services, or as part of a legitimate business interest. For example, we may share data with a partner organization involved in co-branded events or services. Sharing data with business partners and affiliates may be necessary for the performance of a contract or based on legitimate interests, especially when these partnerships are essential for delivering integrated or co-branded services.
Legal Authorities: We may be required to share personal information with legal authorities, regulatory bodies, or law enforcement agencies when necessary to comply with legal obligations or respond to valid requests for information, as permitted by the law. The lawful basis for sharing with legal authorities is the necessity to comply with a legal obligation.
Merger or Acquisition: In the event of a merger, acquisition, or sale of all or part of our business,thesharingofpersonalinformationwiththeacquiringentityorparties involvedinthetransactionmay be based on legitimate interests, as it's necessary for the legitimate interests pursued by us or the acquiring entity. We will ensure that your data remains protected and used in accordance with this Privacy Policy.
Publicly Available Information: We may share personal information that is publicly available, such as information from public records or online sources. However, we will do so only when it is relevant to the purposes for which your data was collected and used. Sharing publicly available personal information is typically based on legitimate interests, as it is in the legitimate interests of our business to use publicly available data for relevant purposes.
With Your Consent: We may share your personal information with third parties if you have provided your explicit consent for such sharing. We will always request your consent before sharing your data for specific purposes. If you have provided explicit consent for sharing your personal informationwithspecific third parties, the lawful basis for sharing is your consent.
Other Legitimate Business Interests: In certain cases, we may share personal information with other parties for legitimate business interests.The sharing of this personal information may be based on legitimate interests. We will always ensure that such sharing is conducted in accordance with applicable data protection laws and respect your rights.
6. Data Subject Rights
If you are a user under a company contract, please contact your company contact person to submit any data requests.As a data subject, we will provide you with the following rights:
6.1 Right to Access
You have the right to request access to your personal data that we process. This means you can ask us to provide you with information about what personal data we hold about you and how we use it.
6.2 Right to Rectification
You can request the correction or updating of your personal data if it is inaccurate or incomplete. We will make the necessary changes and inform any third parties to whom we have disclosed the data.
6.3 Right to Erasure (Right to Be Forgotten)
You can request the deletion of your personal data under certain circumstances. This right is not absolute and can be exercised if the data is no longer necessary, you withdraw consent, or the data processing is unlawful.
6.4 Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data under specific circumstances. This means we will limit the way we use your data but not delete it entirely. This right might be exercised when you contest the accuracy of the data, the processing is unlawful, or you need the data for legal claims.
6.5 Right to Data Portability
You can request a copy of your personal data in a structured, commonly used, machine- readable format, or you can ask us to transmit it directly to another data controller where technically feasible. This right is applicable when processing is based on consent or the performance of a contract.
6.6 Right to Object
You have the right to object to the processing of your personal data, including processing based on legitimate interests or for direct marketing purposes. We will stop processing your data for such purposes unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
6.7 Automated Decision-Making and Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal or significant effects on you.Youmay request human intervention in the decision-making process. We will inform you when such decisions are made, provide you with the opportunity to express your point of view, and ensure there are human interventions available.
6.8 Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Any requests submitted by data subjects will be assessed for validity before being processed, including confirming the identity of the data subject.
7. Data Security
We implement and maintain reasonable and appropriate technical and electronic safeguards to protect the security of your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
While we implement these security measures to protect your data, it is important to understand that no online platform can guarantee absolute security. Therefore, we encourage you to take necessary, best-practice security precautions such as strong, unique passwords and being cautious with the sharing of login credentials.
In the event of a data breach or security incident, we will take immediate action to isolate and resolve the incident based on our incident response resolution procedures, notify relevant authorities, and inform affected data subjects in compliance with applicable data protection laws.
8. Cookies and Tracking Technology
We may use “cookies” (or similar tracking technology) on our website. Cookies are text files that our web server may play on your hard disk to store your preferences. When you visit our website, you will be presented with a cookie banner or pop-up requesting your consent to use non-essential cookies. You have the right to accept or decline the use of such cookies. Your consent can be managed and changed at any time through your device or browser settings.
Cookies, by themselves, do not provide us with any PII unless you explicitly choose and consent to provide this information to us. Once you choose and consent to provide PII, however, this information may be linked to the data stored in the cookie. If you choose to turn off collection of cookies through your device or browser, certain features of our service may not function properly without the aid of cookies.
Our website may also incorporate third-party cookies and tracking technologies. These technologies are subject to the privacy policies and practices of the respective third parties. We encourage you to review the privacy policies of these third parties for information on how they collect and use your personal data.
9. Children
We do not knowingly collect any information from minors. In situations where personal data from anyone under the age of 16 is needed for data processing activities, we will obtain authorization from an appropriate parent or guardian. If such authorization is unable to be obtained, data processing activities for that data subject will be terminated. In the event that we discover that a minor under the age of 16 has provided PII to us, we will make efforts to delete the information ASAP. If you have concerns about our website or service offering, wish to find out if your child has accessed our services, or wish to remove your child’s personal data from our servers, please contact us atsupport@tigerhall.com
10. European Data Protection Rights
If the processing of personal data about you is subject to European Union (EU) data protection law, you have certain rights with respect to that data. Please refer to section “6. Data Subject Rights” above for a listing of these rights.
Additionally, our processing of your personal data is based on specific legal bases as defined in EU data protection law. Please refer to section “5. Data Sharing” above for a listing of these legal bases.
11. Location of Personal Information
Our service is hosted in Europe and all personal information collected with the service is stored in the United States & Europe. If you are visiting our site, using our service, or otherwise providing information to us outside Europe/Australia, please be aware that you are transferring personal data to the United States & Europe.
12. Updates to this Privacy Policy
We periodically review this Privacy Policy and may make updates to reflect changes in our practices, for legal reasons, or to meet new regulatory requirements. Your continued use of our services following any notice of changes to this Privacy Policy means you accept such changes. Please refer to the “Effective Date” above for details on when this Policy was last updated.
13. Contact Us
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at support@tigerhall.com. If you are a user under a company contract, please approach your company contact person for any queries or to submit any data requests relating to your rights as a data subject including the rights noted in section “6. Data Subject Rights”.
Tigerhall Pte Ltd (“Tigerhall”, “we”, “us”, or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information.
1. Scope
This Privacy Policy describes the processing of information provided or collected on the site(s) and/or application(s) where this Privacy Policy is posted. This Privacy Policy applies to all users of our service. We follow this Privacy Policy in accordance with applicable law in the places where we operate and process personal information.
The personal information we collect is covered by this Privacy Policy. Please note that our site(s) and/or application(s) may contain links to other sites not owned or controlled by us, and therefore we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our sites or applications and to read the Privacy Policy of other sites that may collect your personal information.
2. Data Controller & Data Processor
We collect and process your personal information, and act as a “data controller” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for deciding why and how personal data is processed.
We also collect and process your personal information, and act as a “data processor” of the Personally Identifiable Information (PII) that you provide to us. As such, we are responsible for processing (or performing any actions on data, whether automated or manual, such as collecting, recording, organizing, structuring, storing, using, erasing, or etc.) personal data on behalf of a data controller.
3. Information We Collect
3.1: Personal Information
We may collect and process personal information about you, such as:
Name
Contact information (email address, phone number, address)
Identification information (i.e. government-issued ID, passport number, etc.)
Job Title
Company you work for
3.2: Automatically Collected Information
We may also collect certain information automatically when you visit our website or use our services, such as your IP address, browser type, and usage data.
3.3 Information From Other Sources
We may receive personal data about you from other sources to supplement data already collected. This may include publicly available data or data provided by third parties. We may combine this data with the data we already have. We will handle this data in accordance with this Privacy Policy and the purposes outlined when the data was collected. We will notify you if there are any material changes to the way we intend to use this data. Please note that we are not responsible for the accuracy of the data provided by third parties or any consequences arising from the use of such data.
3.4. Consent
By using our services, you agree to the terms and conditions outlined in this Privacy Policy. Your continued use of our services constitutes implicit consent to the collection, processing, and sharing of your personal data as described herein.
We make every effort to ensure that our privacy practices are transparent and understandable. By using our services, you acknowledge that you have read and understand this Privacy Policy.
If you do not agree with any terms outlined in this policy, please refrain from using our services.
4. How We Use Your Information
We collect information you provide for the following purposes:
Service Delivery: We use your personal information to provide you with the products or services you have requested. This may include processing your payment, shipping products to your address, or providing access to our online services. The lawful basis for this processing is typically the performance of a contract because we need to process your data to fulfill our contractual obligations to you.
Communication: We may use your contact information to communicate with you. This includes sending transactional emails, service updates, and responding to your inquiries or requests. We may also use your contact information for marketing purposes, such as sending newsletters or promotional offers if you have provided your consent or if we have a legitimate interest in doing so. The lawful basis for processing personal information for communication is legitimate interests and, when applicable, consent if you have provided it.
Account Management: We use your personal information to manage your account, including account setup, verification, and maintenance. This ensures the security and functionality of your account on our platform. The lawful basis for this processing is typically the performance of a contract to maintain your account.
Customer Support: Your information allows us to provide customer support when you have questions or encounter issues with our products or services. This may include troubleshooting, resolving complaints, and addressing your concerns. This processing is based on the legitimate interests to assist you in using our services effectively.
Social Learning: We may use your information to create your profile which can be viewed by fellow users on the platform.
Improvement of Services: We analyze your data to understand how our services are used and to make improvements. This includes enhancing the user experience, developing new features, and optimizing the performance and security of our products. This processing is also based on legitimate interests to improve and maintain the quality of our services.
Legal Compliance: We may process your personal information to comply with our legal obligations, such as tax reporting, responding to legal requests, or assisting law enforcement agencies when required by law. This processing is necessary to fulfill legal obligations.
Contractual Obligations: If you are a client or business partner, we may use your personal information to fulfill our contractual obligations, including managing contracts, invoicing, and providing support as agreed upon in our business relationship. The lawful basis for this processing is the performance of a contract.
Fraud Prevention and Security: We use your information to protect against fraud, unauthorized access, and other security risks. This may include monitoring account activities and implementing security measures. The lawful basis for this processing is legitimate interests to ensure the security and integrity of our services.
Aggregated and Anonymized Data: We may aggregate and anonymize your data to create statistical or research reports, which do not personally identify you. This information may be used for business analysis, marketing, and sharing with partners or clients. The lawful basis for processing aggregated and anonymized data is legitimate interests and the fact that this data is no longer considered personal information.
Other Purposes: In addition to the purposes listed above, we may use your personal information for other legitimate purposes, provided that they are compatible with the original reasons for which your data was collected. For these other purposes, we will rely on legitimate interests or other lawful bases as required by applicable laws.
5. Data Sharing
We will not share your personal information with third-parties, unless explicitly authorized to do so. Please note that when your personal information is shared with an authorized third- party, the information received by that third-party is controlled by that company, and therefore becomes subject to that company’s Privacy Policy.
We may share your personal information with the following categories of recipients:
Service Providers: We may share your personal information with third-party service providers who assist us in delivering our products and services. These service providers include AWS, New Relic, Retool, Segment, Amplitude, Metabase, Tableau, Braze, Hubspot, Apple and Stripe. We will only share the necessary data to fulfill their specific tasks and will have contracts or agreements in place to ensure they process your data securely. The lawful basis for sharing data with service providers is typically the necessity for the performance of a contract or, in some cases, legitimate interests, provided that these interests are not overridden by your data protection rights).
Business Partners and Affiliates: In some cases, we may share personal information with our business partners and affiliates, but only when it is necessary for the performance of a contract, the provision of services, or as part of a legitimate business interest. For example, we may share data with a partner organization involved in co-branded events or services. Sharing data with business partners and affiliates may be necessary for the performance of a contract or based on legitimate interests, especially when these partnerships are essential for delivering integrated or co-branded services.
Legal Authorities: We may be required to share personal information with legal authorities, regulatory bodies, or law enforcement agencies when necessary to comply with legal obligations or respond to valid requests for information, as permitted by the law. The lawful basis for sharing with legal authorities is the necessity to comply with a legal obligation.
Merger or Acquisition: In the event of a merger, acquisition, or sale of all or part of our business,thesharingofpersonalinformationwiththeacquiringentityorparties involvedinthetransactionmay be based on legitimate interests, as it's necessary for the legitimate interests pursued by us or the acquiring entity. We will ensure that your data remains protected and used in accordance with this Privacy Policy.
Publicly Available Information: We may share personal information that is publicly available, such as information from public records or online sources. However, we will do so only when it is relevant to the purposes for which your data was collected and used. Sharing publicly available personal information is typically based on legitimate interests, as it is in the legitimate interests of our business to use publicly available data for relevant purposes.
With Your Consent: We may share your personal information with third parties if you have provided your explicit consent for such sharing. We will always request your consent before sharing your data for specific purposes. If you have provided explicit consent for sharing your personal informationwithspecific third parties, the lawful basis for sharing is your consent.
Other Legitimate Business Interests: In certain cases, we may share personal information with other parties for legitimate business interests.The sharing of this personal information may be based on legitimate interests. We will always ensure that such sharing is conducted in accordance with applicable data protection laws and respect your rights.
6. Data Subject Rights
If you are a user under a company contract, please contact your company contact person to submit any data requests.As a data subject, we will provide you with the following rights:
6.1 Right to Access
You have the right to request access to your personal data that we process. This means you can ask us to provide you with information about what personal data we hold about you and how we use it.
6.2 Right to Rectification
You can request the correction or updating of your personal data if it is inaccurate or incomplete. We will make the necessary changes and inform any third parties to whom we have disclosed the data.
6.3 Right to Erasure (Right to Be Forgotten)
You can request the deletion of your personal data under certain circumstances. This right is not absolute and can be exercised if the data is no longer necessary, you withdraw consent, or the data processing is unlawful.
6.4 Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data under specific circumstances. This means we will limit the way we use your data but not delete it entirely. This right might be exercised when you contest the accuracy of the data, the processing is unlawful, or you need the data for legal claims.
6.5 Right to Data Portability
You can request a copy of your personal data in a structured, commonly used, machine- readable format, or you can ask us to transmit it directly to another data controller where technically feasible. This right is applicable when processing is based on consent or the performance of a contract.
6.6 Right to Object
You have the right to object to the processing of your personal data, including processing based on legitimate interests or for direct marketing purposes. We will stop processing your data for such purposes unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
6.7 Automated Decision-Making and Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal or significant effects on you.Youmay request human intervention in the decision-making process. We will inform you when such decisions are made, provide you with the opportunity to express your point of view, and ensure there are human interventions available.
6.8 Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Any requests submitted by data subjects will be assessed for validity before being processed, including confirming the identity of the data subject.
7. Data Security
We implement and maintain reasonable and appropriate technical and electronic safeguards to protect the security of your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
While we implement these security measures to protect your data, it is important to understand that no online platform can guarantee absolute security. Therefore, we encourage you to take necessary, best-practice security precautions such as strong, unique passwords and being cautious with the sharing of login credentials.
In the event of a data breach or security incident, we will take immediate action to isolate and resolve the incident based on our incident response resolution procedures, notify relevant authorities, and inform affected data subjects in compliance with applicable data protection laws.
8. Cookies and Tracking Technology
We may use “cookies” (or similar tracking technology) on our website. Cookies are text files that our web server may play on your hard disk to store your preferences. When you visit our website, you will be presented with a cookie banner or pop-up requesting your consent to use non-essential cookies. You have the right to accept or decline the use of such cookies. Your consent can be managed and changed at any time through your device or browser settings.
Cookies, by themselves, do not provide us with any PII unless you explicitly choose and consent to provide this information to us. Once you choose and consent to provide PII, however, this information may be linked to the data stored in the cookie. If you choose to turn off collection of cookies through your device or browser, certain features of our service may not function properly without the aid of cookies.
Our website may also incorporate third-party cookies and tracking technologies. These technologies are subject to the privacy policies and practices of the respective third parties. We encourage you to review the privacy policies of these third parties for information on how they collect and use your personal data.
9. Children
We do not knowingly collect any information from minors. In situations where personal data from anyone under the age of 16 is needed for data processing activities, we will obtain authorization from an appropriate parent or guardian. If such authorization is unable to be obtained, data processing activities for that data subject will be terminated. In the event that we discover that a minor under the age of 16 has provided PII to us, we will make efforts to delete the information ASAP. If you have concerns about our website or service offering, wish to find out if your child has accessed our services, or wish to remove your child’s personal data from our servers, please contact us atsupport@tigerhall.com
10. European Data Protection Rights
If the processing of personal data about you is subject to European Union (EU) data protection law, you have certain rights with respect to that data. Please refer to section “6. Data Subject Rights” above for a listing of these rights.
Additionally, our processing of your personal data is based on specific legal bases as defined in EU data protection law. Please refer to section “5. Data Sharing” above for a listing of these legal bases.
11. Location of Personal Information
Our service is hosted in Europe and all personal information collected with the service is stored in the United States & Europe. If you are visiting our site, using our service, or otherwise providing information to us outside Europe/Australia, please be aware that you are transferring personal data to the United States & Europe.
12. Updates to this Privacy Policy
We periodically review this Privacy Policy and may make updates to reflect changes in our practices, for legal reasons, or to meet new regulatory requirements. Your continued use of our services following any notice of changes to this Privacy Policy means you accept such changes. Please refer to the “Effective Date” above for details on when this Policy was last updated.
13. Contact Us
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at support@tigerhall.com. If you are a user under a company contract, please approach your company contact person for any queries or to submit any data requests relating to your rights as a data subject including the rights noted in section “6. Data Subject Rights”.