Privacy and Data Considerations

This Privacy Policy applies to all products, services, websites and applications offered by HOO-R-U, LLC. We refer to those products, services, websites and apps collectively as the “services” in this policy. Unless otherwise noted, our services are provided by HOO-R-U, LLC operations within the United States.

References to “data” in this Privacy Policy will refer to whatever data is collected, whether it is survey responses, data collected in a form, browser data, or data provided by our partners as part of a transaction. Reference to personal information or just “information,” means information about you personally that we collect, or for which we act as custodian.

HOO-R-U, LLC’s privacy and data practices are guided by our strong belief that protecting our customers’ privacy is of utmost importance, especially with the emergence of social media where data is freely shared and often without explicit consent of the individual. Furthermore, HOO-R-U, LLC looks to limit the use of data and information necessary to effectively conduct our business and provide our services to you.

Data Collection: Information we collect*

Contact Information: If you elect to receive your HOO-R-U Score via email, or should you contact us with any service issue through the contact form on our website, we require you to provide an email address to allow responding to your inquiry and deliver the score to you.

Usage information: Information about you whenever you interact with our websites and services. This includes web pages you visit, what you click on, when you perform those actions, what language preference you have, and so on.

Device and browser data: Information from the device and application you use to access our services. Device data mainly means your IP address, operating system version, device type, system and performance information, and browser type you use. If you are on a mobile device we also collect the UUID for that specific device.

Information from page tags: Third party tracking services that use cookies and page tags to collect data about visitors to our website. This data includes site usage and user statistics. Emails sent by HOO-R-U, LLC include page tags that allow us to collect information about who opened those emails and clicked on links in them.

Log Data: Our web server keeps log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system versions, device type and timestamps.

Referral information: If you arrive at our website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

Information from third parties and integration partners: We may collect personal information or data from third parties, if you give permission to those third parties to share your information with us, or where you have made that information publicly available online.

Questionnaire data: Data collected in the HOO-R-U questionnaire is limited to your answers and selections for each question, but it does not include any personal data.

Billing information: When purchasing the HOO-R-U Score, our online payment services partner will require you to provide your billing details, including name, address, email, and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number).

*Please note: While this list is as exhaustive as possible, we reserve the right to add additional information in the future.

Data Processing: How we use the information

When we process your data for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. Our legitimate interests do not automatically override your interests. We will not use your personal data for activities where our interests are overridden by the impact on you, unless we have your consent, or those activities are otherwise required or permitted to by law. You have the right to object at any time to processing of your personal information that is based on our legitimate interests, on grounds relating to your particular situation.

In the event, if all or part of HOO-R-U, LLC is acquired or merged with a third party, personal information that we have collected would be one of the assets that is transferred to that third party. As such, it is then subject to the third party/successor’s data privacy policies. HOO-R-U’s services are not designed for and/or marketed to individuals that are under the age of fifteen. We do not knowingly collect or solicit personal information from individuals under the age of fifteen, and we do not knowingly allow such an individual to use our Services. If you are under the age of fifteen, do not attempt to use our services or submit your questionnaire. If we learn of an event where we have collected survey results from an individual that is under the age of fifteen, without verified parental consent, we will delete the information as quickly as possible. If you believe that we have collected information from such an individual, please contact us at support@hoo-r-u.com.

Our primary goal is to improve upon and make sure our services and messaging are relevant for all our users, while ensuring that all personal information is respected and protected.

Cookies: We collect information using cookies when you visit our site and when you take the survey. These cookies are used to ensure the full functionality of our survey. After completion of a survey, you will be re-directed to another part of our website where other cookies may be used to ensure the best possible user experience. For common practices in the use of cookies, see also Google’s privacy policy.

Contact Information: We will use your email address for the following purposes:

  • Provide you with your HOO-R-U profile should you request that option.
  • Solicit your help in designing and improving new products and services should you be willing to participate.
  • In case you contact us with any service issue through the contact form on our website, we require that you provide an email address, so we can correspond with you regarding your issue.

Device and Browser data: We use device data both to troubleshoot problems with our service and to make improvements to it. We also infer your geographic location based on your IP address.

Log data: We use log data for many different business purposes, including:

  • To monitor abuse and troubleshoot.
  • To create new services, features, content or make recommendations.
  • To track behavior at the aggregate/anonymous level to identify and understand trends in the various interactions with our services.
  • To fix bugs and troubleshoot product functionality.

Third party and integration of services: We will collect and use information from third parties and integration partners to facilitate the purchase of the HOO-R-U score and related services (e.g., Mozilla’s Open Badges).

Legal uses: To respond to legal requests or prevent fraud, we may need to disclose any information or data we hold about you. If we receive a subpoena or other legal requests, we may need to inspect the data we hold to determine how to respond.

Questionnaire data: Data is primarily collected for the purpose of providing our services to you. The use of personal information is limited to help identify individual surveys, match them to the appropriate peer groups, and ensure that we can deliver your personal HOO-R-U Score directly to you.

  • Aggregate response data and activity: We will aggregate responses, activity and behavior of respondents so that we can identify trends, build new product features and provide you with your HOO-R-U Score.
  • Extract and analyze usage patterns: Data is analyzed based on individual answers and aggregated to create a peer reference score. Your score is a comparison of your individual answers with those of previously established peer groups. In addition, understanding response data and respondent interaction with different parts of the survey can help us improve our services and ease of use.
  • Panel refresh: Depending on identified changes in peer groups and the overall data sample, peer reference groups may be refreshed to most accurately reflect current social media populations. The previous peer reference group data will no longer be used. However, the associated data will be retained to track changes in the social media population over time.
  • Academic Research: Anonymized data may also be used for HOO-R-U’s research program focused on better understanding social media behavior and its impact on society. Research may be administered through our academic partners. In that case, data use is then also governed by and subject to our partners’ data security and privacy policies.
  • Public Use: HOO-R-U, LLC may also share aggregate but not personally identifiable information publicly to the press, as part of our research and marketing materials., and for other similar uses.
  • Product Development: We may contact select users to help us further improve our products and services. Participation is strictly voluntary and without any further obligation.

Partners and Integration: How we share data

Online payment services are used as an eCommerce platform to collect the HOO-R-U profile fee.

  • As part of the transaction, an ID is captured and shared between HOO-R-U, LLC and online payment services to ensure payment for our services and to allow for refunds.

Open Badge is used to create a user’s digital badge which they can post on third-party sites such as Facebook, Instagram, etc.

  • An anonymous session record is shared with Open Badge to verify the completion of the survey, so that the badge can be awarded to the user who requested it.
  • Once a user shares his/her Open Badge on any third-party site, HOO-R-U, LLC no longer has control over the badge and/or any of its contained information.

Security

Hosting: Data is hosted in AWS’s virtual private cloud environment.

Physical Security: Information systems and technical infrastructure are hosted within a world-class SOC 2 accredited data center. Physical security controls at these data centers include 24×7 monitoring, cameras, visitor logs, entry requirements, etc.

Compliance: AWS Services is ISO 27001/2 certified.

Access Control: Access to HOO-R-U, LLC’s technology resources are only permitted through secure connectivity (e.g., VPN, SSH) and requires multi-factor authentication. Our production password policy requires complexity, expiration, and lockout and disallows reuse. HOO-R-U, LLC grants access to data and systems on a “need-to-know basis” and provides only the minimally required access privileges to any user.

Security Policies: HOO-R-U maintains and regularly reviews and updates its information security policies.

Vulnerability Management and Penetration Tests: HOO-R-U, LLC is using AWS native cloud security features, such as VPC and API Gateway, to ensure access to data is only available to authorized personnel and applications.

Encryption: We encrypt your data in transit using secure TLS cryptographic protocols. HOO-R-U, LLC’s data is also encrypted at rest.

Development: Our development team employs secure coding techniques and best practices.

Asset Management: HOO-R-U, LLC maintains asset management best practices which includes identification, classification, retention, and disposal of information and assets.

Breach Notification: Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if HOO-R-U, LLC learns of a security breach, we will notify affected users so that they can take appropriate protective steps. Our breach notification practices are consistent with our obligations under applicable country, state and federal level laws and regulations, as well as any industry rules or standards applicable to us. We are committed to keeping our customers fully informed of any matters relevant to the security of their account and to providing customers all information necessary for them to meet their own regulatory reporting obligations.

Information Security Aspects of Business Continuity Management: HOO-R-U, LLC’s databases are backed up on a regular schedule. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity.

Logging and Monitoring

Application and infrastructure systems log information to a centrally managed log repository for troubleshooting, security reviews, and analysis by authorized members of HOO-R-U, LLC. Logs are preserved in accordance with regulatory requirements.

Data Controller

The data controller of this website is: HOO-R-U, LLC, a limited liability company whose registered offices are at 8 The Green, Suite A Dover, DE 19901.

Data Protection Officers

Our protection officers are Helana Balkin and Alon Cohen.

Data Retention

  • HOO-R-U, LLC retains data associated with your questionnaire for an unlimited time unless you request the deletion of your data.
  • Some residual copies of deleted data may remain on backup media up to 90 days after the deletion has occurred, at which point it will be overwritten.
  • Transaction records (e.g., billing records and records of customer correspondence) are kept for seven years, or for longer periods as may be required by applicable law to settle any future disputes.

California Privacy Disclosures

  • Do Not Track: Please note that our site does not support “Do Not Track” browser settings and does not currently participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal or non-personally identifiable information.
  • Notice for Minors: HOO-R-U, LLC offers services which allow you to post content on third party sites.  At any time, you can request to have your Open Badge deleted. However, Open Badge may not perform any verification after badge was added and verified once.

GDPR (General Data Protection Regulation) Considerations

In May of 2018, European regulations were passed that aim to protect all EU citizens from privacy and data breaches. Since HOO-R-U, LLC and its services are available to EU citizens, we are making sure that our processes and our Privacy Policy comply with the current European law. The following outlines your rights as they relate to your personal data including its privacy and protection.

  • Consent: HOO-R-U, LLC’s website uses cookies to ensure full functionality of the survey and to create the best user experience possible. When you first visit our website, it displays a notification about our cookie use and it allows you to access and review our privacy policy before we collect any information. When you accept the terms of the policy, either by clicking the “Accept” button, or when you continue to other parts of our website, it means that you have provided HOO-R-U, LLC with your consent for using the collected information consistent with the use described in our privacy policy.
  • Right to Receive Breach Notification: In accordance with the GDPR regulations, we will inform our customers of any data breach that is likely to result in a risk for the rights and freedoms of these individuals within 72 hours of first having become aware of the breach.
  • Right to Access: You have the right to request access to your personal data that may be stored by HOO-R-U, LLC as part of our services. We are committed to responding to any request as soon as possible, but no later than one month after receiving your request. This service is free of charge and your data can be requested by sending an email to support@hoo-r-u.com.
  • Right to be Forgotten, or Data Erasure: You have the right to ask HOO-R-U, LLC to erase your personal data and prohibit sharing or processing of any such data. This also applies to personal data that is no longer relevant for original purposes for processing, or where an individual has withdrawn their consent for data use. You can ask us to delete your data by sending an email to support@hoo-r-u.com.
  • Right of Data Portability: You have the right to receive any of your personal data that you have previously provided to HOO-R-U, LLC in a commonly used electronic format and share them with others. You can request your personal data by sending an email to support@hoo-r-u.com.

Terms of Use

Intellectual Property: The Site and its original content, features, and functionality are owned by HOO-R-U, LLC and are protected by trademark, trade secret, and other intellectual property or proprietary rights laws.

Liability: In no event will HOO-R-U, LLC be liable for any special, incidental, indirect, or consequential damages whatsoever arising from your access or use of, or inability to access or use, the site.

In no event will HOO-R-U, LLC be liable for any damages whatsoever arising in any way from any act or omission by any other person including, without limitation, any content provided, or representation made, by any other person.

Without limiting the foregoing, in no event will HOO-R-U, LLC be liable for any damages whatsoever arising in any way from any product/service offered or sold by any marketplace seller by or any representation made by any marketplace seller.

In any event, HOO-R-U, LLC’s entire liability to you arising from the access or use of the site by you or any other user will be limited to the amount actually paid by you to HOO-R-U, LLC during the 12 months preceding the event giving rise to such liability.

Disputes: Any disputes or claim relating in any way to your use of any of HOO-R-U’s services or to any products/services sold through HOO-R-U.com will be resolved by binding arbitration, rather than in court. The Federal Arbitration Act of the United States and federal arbitration law apply this Agreement.

To begin an arbitration proceeding, you must send a letter requesting arbitration and describing your claim to our registered agent, A Registered Agent, Inc. 8 The Green, Suite A Dover, DE 19901. The arbitration will be conducted by the American Arbitration Association (AAA) under its rules. Payment of all filing, administration and arbitrator fees shall be governed by AAA’s rules.

You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated or representative action. If for any reason a claim proceeds to court rather than in arbitration you waive any right to a jury trial.

Changes to our privacy policy

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

Change Log

  • 10/01/18 – version 1.0
    • Initial version of HOO-R-U, LLC.’s privacy policy
  • 12/01/18 – version 1.1
    • Addition of GDPR language to comply with European privacy regulations