Last updated 5/24/2018
WebApps is committed to complete transparency as to how we use your personal data. To that end, if you have any questions regarding this policy, we encourage you to reach out to our Data Protection Officer using the details set out below:
You can contact us as follows:
FAO: Webapps, LLC
Address: 650 Poydras Street, #2800
New Orleans, LA 70130
A copy of this Policy is available upon request.
How does WebApps collect data?
WebApps collects data in two ways: by interacting directly with a client or user and by receiving data as provided by a client or third party. If you are a client or potential client that is interacting directly with WebApps, you are providing data, including personal data directly to WebApps. This occurs when you sign up for a Hitpath demo and/or for the Hitpath Affiliate Program. When you sign up for any Hitpath service, you are going to be asked to provide certain information such as your name, email address, company name and web address. This method of collection occurs through the registration form.
WebApps also receives information relating to third parties from Clients through the use of the WebApps Software. If, for example, a client utilizes WebApps software to monitor online marketing behavior for certain advertising campaigns, end user data will be forwarded to WebApps through application of the Hitpath software. While WebApps and the end user will never interact directly, that end user is generating information including things like his/her IP address, geolocation, and online behavior. That data is collected by the WebApps Client and then forwarded to WebApps through the Hitpath software so WebApps can provide the Client with a broad range of services utilizing that data. In those situations, it is the Client who determines the purpose and means of the processing of the personal data. WebApps and the Client have a written license agreement which governs the nature of that relationship and the obligations of the parties with respect to that personal data, but WebApps does not control what personal data our Clients collect nor how they use it. WebApps does take steps to protect all personal data that it receives from Clients, including the personal data of third parties, but the Client is responsible for ensuring that the personal data is properly collected and protected. WebApps encourages its clients to review their own Privacy Policies and Data Protection Management Systems before collecting any personal data from any person.
In addition to data that you provide to us through voluntary registrations, email correspondence, telephone calls, surveys
What data does WebApps collect?
The data collected by WebApps falls into two categories: Client data and end user data. Client data is provided to WebApps directly by a Client as part of the enrollment process and ongoing relationship needed to facilitate the WebApps License Agreement. End user data is data that is provided to WebApps by Clients.
WebApps collects the following types of information about Client directly from those Clients:
- Name (or Company Name)
- Physical Address
- Email Address
- IP address
- Phone Number
- Pixel Tags
- Imprecise Geographic Location Data derived from IP Address
- Contact person
- Banking account information/credit card information
WebApps receives the following types of end user information from Clients:
- IP Address
- Imprecise Geographic Location Data derived from IP Address
- Pixel Tags
- Click data
Why do we collect this data?
We collect this data for a number of reasons. The basis for collection are 1) your consent (if requested and given); 2) to provide services to you under a WebApps License Agreement in the event you are a WebApps Client; 3) where we need to comply with a legal or regulatory obligation; or 4) to further our legitimate business interests.
WebApps is primarily engaged in the business of processing end user data for the benefit of our Clients. This means that in almost all instances, the end user does not interact directly with WebApps. Instead, an end user interacts with one of WebApps’ clients, or more specifically with an advertisement linked directly to a WebApps client either because the Client placed the advertisement or did so through an Affiliate or Publisher, and WebApps then processes the data that is generated by that end user activity. Through the application of the Hitpath software, WebApps is able to provide useful information to its clients relating to the effectiveness of certain advertisements, campaigns, Client Affiliates, and Client Publishers. In this scenario, WebApps is the processor of personal data.
WebApps also collects personal data directly from Clients through Client consent. WebApps collects certain client data such as name, email address, mailing address, IP information, and payment information when a Client signs up with WebApps. WebApps uses that personal data to facilitate the services it provides Client and to act on the contractual relationship between WebApps and client including communicating directly with the Client, processing payment information, providing technical support, and in some limited instance marketing directly to the Client regarding certain available services (unless the Client has opted out of those direct marketing communications).
What does WebApps do with this personal data?
WebApps does a few different things with the personal data it receives. If the personal data is end user Data collected by a client and then provided to WebApps for processing, WebApps processes that information in a number of ways. WebApps processes the data and reports that Data via its Hitpath software showing the effectiveness of advertising campaigns, affiliates, and publishers. This includes reporting on click data for end users that shows the effectiveness of certain advertisement and campaigns as well as general end user behavior associated with those marketing efforts. WebApps makes these reports and processed data available to WebApps clients via the client’s particular instance of the Hitpath software.
If the personal data is Client data that has been voluntarily provided by the Client through its written consent, WebApps uses that information to communicate directly with the Client, to provide technical support, to assist in the Client’s use of that Client’s instance of the Hitpath software, and to directly market to that Client, in the event the Client has not elected to object to those direct marketing efforts.
With whom do we share this personal data?
WebApps relies on third party vendors at times to assist them with the logistical support needed to operate WebApps and the Hitpath software. This includes vendors that providing hosting services, database services, storage, DNS, call provider services, and geo-location services. WebApps limits the information that we provide these third parties to the greatest extent possible. Further, all of our third party vendors have entered into an agreement with WebApps to protect your personal data.
There are some very specific and limited circumstances where WebApps must share personal data with others. WebApps may disclose personal data in the event of suspected fraudulent, malicious, or unlawful activity, or invalid traffic, or if we believe that we are legally required to do so.
What rights do you have to your data?
You have certain rights to your personal data. These rights include the right to be informed, the right to access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object, and rights in relation to automated decision making and profiling. These rights are described in detail in the GDPR itself. If you wish to review the source material for these rights you can follow this link. http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf. If you have any questions regarding these rights or wish to exercise any of these rights, please contact firstname.lastname@example.org. WebApps is committed to protecting and honoring your rights to the treatment, storage, and handling of your personal data.
How do you make a complaint regarding the handling of your data?
As part of the bundle of rights set out above, you have a right to notify the appropriate supervisory authority if there is a problem with the handling of your personal data. Each country in the EU and EAA has a supervisory authority who will field these types of complaints directly.
Children’s Online Privacy Protection Act
Webapps, LLC does not market to nor seek users under the age of 13. Information discovered to contain personally identifiable information on an individual under the age of thirteen will be immediately purged and never shared with third parties.
Note to California Users
Individual customers who reside in California and have provided their personal information to us may request information about our disclosures of certain categories of personal information to third parties for their direct marketing purposes. Such requests must be submitted to us at email@example.com. Within thirty (30) days of receiving such a request, we will provide a list of the categories of personal information disclosed to third parties for third-party direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the address specified in this paragraph.
Notwithstanding any other provision, we may also engage a data provider who may collect web log data from you (including IP address and information about your browser or operating system), or place or recognize a unique cookie on your browser to enable you to receive customized ads or content. These cookies contain no personally identifiable information. The cookies may reflect de-identified demographic or other data linked to data you voluntarily have submitted to us, e.g., your email address, that we may share with a data provider solely in hashed, non-human readable form. To opt-out of these data provider cookies, please go to www.aboutads.info
With your consent, we and/or affiliate companies may sometimes contact you (by email, SMS text, letter or phone) in order to provide targeted marketing about our Services or their services (as the case may be). Such marketing communications will only be sent to you if you have given your consent when you registered for our Services and have not withdrawn such consent.
All marketing emails you receive from us or companies we work with will include specific instructions on how to unsubscribe and you may unsubscribe at any time.
Additionally, you can contact us as directed at the following link to unsubscribe from marketing from us and the companies we work with https://hitpath.com/contact-us
What are cookies and how do we use them?
A cookie is simply a tiny text file containing pieces of data, stored when you visit a website. It’s designed to help websites remember what you did in the past. This can include whether you clicked on particular links or pages or read pages on the site as long as the cookie is valid.
WebApps uses three types of cookies.
These are essential cookies that let you to use the Dashboard and use its features depending on the device you’re using (language, screen performances, OS…). Without them, the quality of your navigation could not be ensured. These cookies don’t collect any information about you that could be used for marketing or remembering where you’ve been on the internet.
These collect information about how you use a website, for instance, which pages you go to most often, and if you get error messages. They don’t collect information that identifies you; all the information is anonymous. It is used only to improve how the website works and how we can provide you with more relevant content.
A third-party cookie is set by someone else. Sometimes targeting cookies are linked to other sites, such as Facebook.
How long is personal data retained?
Different information is used for different purposes, and is subject to different standards and regulations. In general, information is retained for such period of time as is felt necessary to provide you with services you request, to comply with applicable regulations or legislation, and to ensure that you have a reasonable opportunity to access the information. If you no longer consent to us retaining your personal information, you can request that it be removed by contacting us at firstname.lastname@example.org. WebApps Document Retention Policy is available for your review here.
Is your information secure?
WebApps takes necessary precautions to preserve data security, based on the nature of your data and the risks posed by our processing, and in particular to prevent their being impaired, damaged or having unauthorized third parties get access to them (physical protection of premises, authentication procedures for our clients with personal and secure access using confidential identifiers and passwords, logging of connections, encryption of certain data, etc.).
What is GDPR and what is WebApps doing to comply with it?
The General Data Protection Regulation (GDPR) is legislation which was recently adopted by the European Union and which goes into effect on Mary 25, 2018. WebApps has undertaken an extensive audit of its systems including an extensive audit of the data it controls and process, how it obtains and protects that data, and the relationships it has with third party vendors to ensure that the data is secure.
As part of its GDPR Compliance Program, WebApps has updated many of its policies and procedures to ensure full transparency in its treatment of personal data. WebApps relies on privacy by design and privacy by default principles, minimizes the data that it collects, controls, processes, and stores, and has implemented protocol to protect that data including increased awareness of threats to that data, quick response to any security breaches, and notification systems for clients, users, and supervisory authorities as appropriate.
WebApps requires written agreements with its third party vendors ensuring that those vendors are GDPR compliant and are taking adequate steps to process and store personal data. WebApps has also implemented a system to adequately respond to data subject requests relating to any of the data subject rights memorialized in the GDPR including Right to Restrict, Right to be Forgotten, Right to Access, and so on.
Updates to this policy
WebApps will update this Policy as needed. In the event of such an update, all clients will be provided with the updated Policy via their registered email for the Hitpath software. Additionally, an updated copy of the Policy will be available at www.hitpath.com/privacy-policy.