1. Introduction:
We strive to collect as little of your data as possible. However, this is sometimes necessary—for instance, to deliver your order or to gather feedback on a new product page. Heart.work handles your data carefully, requesting only what is necessary to serve you well while ensuring your privacy is protected.
Here are our four privacy promises:
We protect your personal data as if it were our own.
We use your personal data solely for the purposes outlined in this privacy statement.
We do not retain your data longer than necessary to fulfill the purposes stated in this privacy policy.
We do not share your personal data with third parties unless absolutely necessary for fulfilling an agreement or if required by law.
2. What Personal Data Does Heart.work Process?
To fulfill an agreement you, or the company you represent, enter into with us, we need the following personal information:
Name and Address
We store your name because we prefer not to address you by your customer number. Your address and city are needed for purposes such as invoicing, contacting you, or visiting if invited.
Company Information
To keep personal and business matters separate, we ask for your (company) name and business address if you are purchasing our products on behalf of a company.
Email Address
Your email is primarily used for communication. It is often the main channel for sending you information regarding our products and services. Additionally, your email may serve as your username for our services. We may also use it to keep you updated via newsletters about developments at Heart.work. You can always unsubscribe from these updates.
Phone Number
Your phone number is used to contact you in emergencies or to seek your input. We also use it to send SMS messages for two-step verification purposes.
Login Credentials
We store your login credentials to secure access to your account, ensuring only you (or those with whom you share your credentials—though we discourage this) can log in.
IP Address
In certain restricted applications, we store your IP address—for example, when you log in to our products or services. This is used to troubleshoot problems, identify which IP address accessed your account or made changes, and to protect your account from unauthorized access.
3. Other Data Heart.work Processes?
We also collect certain personal data unrelated to fulfilling agreements, based on legitimate interests or with your consent:
Job-Related Data
If you apply for a position, we assess your qualifications through your CV, cover letter, portfolio, or submitted application task. If you are not hired, your data will be deleted within four weeks.
Cookies
We use some of your personal data in combination with cookies to understand how you use our website and services and to identify your preferences. This helps us improve our website, services, and ads. However, we do not personalize this data to you as an individual or share it with third parties, so no cookie notification is required.
Server Logs
When you use our services, we automatically store certain data about your server connection in application logs. This includes your IP address, browser version, and visit timestamp. These logs are used to resolve system issues and address security threats to our network.
Other Personal Data
Occasionally, you may send us additional personal data via support tickets, social media, or emails. If we don’t need this data to assist you, we will delete it wherever technically feasible.
4. Purposes of Data Processing
We process your personal data for the following reasons:
To grant access to our website, applications, and services (e.g., to log in).
To enable convenient features, such as saving your shopping cart for future visits.
To establish and fulfill agreements with you (e.g., knowing which services you’re entitled to).
To contact you (e.g., for assistance with an issue).
To address complaints and foster a positive, ongoing relationship.
To secure our services and combat fraud (e.g., preventing someone else from impersonating you).
To evaluate job applications and determine if you’re a good fit.
With your consent, we also use your data for:
Gaining insight into how our website, applications, and services are used (e.g., identifying areas for improvement or bugs).
Improving and evaluating our website, applications, and services (e.g., deciding which new features to implement).
We will not use your personal data for any purposes other than those listed above, unless you give prior consent or if legally required.
5. Security
We take strict security measures to prevent misuse and unauthorized access to your personal data. This includes limiting access to necessary personnel only, restricting access to your data, and regularly reviewing our security measures. We adhere to OWASP guidelines and maintain high standards of digital security for our products and services.
6. Your Privacy and Third Parties
We never share or sell your personal data to third parties except in the following cases:
For Delivering or Executing Services
If you are the point of contact (on behalf of yourself or your company) for third-party services or products, we may need to provide your name and limited contact details.
For Legal Obligations
A judicial order may require us to share your data with the government.
For Registering Products and Services
If you register a domain name, your data will be entered into the Whois database managed by the relevant domain authority. Without this, domain registration is not possible. We always ensure your data is well-protected and secure, even when shared with third parties.