Welcome to www.humandesign.ai. The protection of your personal data is very important to us. We naturally comply with applicable data protection laws and in particular with the General Data Protection Regulation (“GDPR”). Accordingly, all technical precautions are constantly reviewed and kept up to date and our data protection practices comply with the GDPR.
Responsible party and contact
The responsible party within the meaning of the GDPR is:
HumanDesign.ai Ltd, 128 City Road, London, EC1V 2NX.
If you wish to object to the collection, processing, or use of your data by us or if you would like to enforce any of your rights or have questions, please contact us at [email protected]
Use of your personal data
What data is processed and from which sources does this data originate?
We process the data that we have received from you in the course of initiating or processing a contract, on the basis of consent.
Personal data includes:
Your master/contact data, for customers this includes e.g., first and last name, address, contact data (e-mail address, telephone number), payment data, and date and time of birth, location of birth if you are purchasing a Human Design report.
In addition, we also process the following other personal data:
• Information on the type and content of contract data, order data, turnover and receipt data, customer and supplier history as well as consultation documents.
• Advertising and sales data
• Information from your electronic communication with us (e.g., IP address, log-in data)
• other data we have received from you in the course of our business relationship (e.g., in customer meetings)
• the documentation of your consent to receive e.g., newsletters.
We store and process your date and time of birth, location of birth for machine learning and improving our system and services. You may at any time object or opt out by e-mailing us.
For what purposes and on what legal basis is the data processed?
We process your data in accordance with the provisions of the GDPR:
• For the fulfilment of (pre-)contractual obligations (Art 6(1)(b) GDPR):
Your data is processed for the purpose of processing contracts online as well as for the purpose of processing contracts for your employees in our company. In particular, the data is processed when initiating business and executing contracts with you.
• For the fulfilment of legal obligations (Art 6 para. 1 lit. c GDPR):
Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g., from Commercial or Fiscal Requirements.
• For the protection of legitimate interests (Art 6 para. 1 lit. f GDPR):
Based on a balancing of interests, data processing may be carried out beyond the actual fulfilment of the contract in order to safeguard the legitimate interests of us or third parties. Data processing for the protection of legitimate interests occurs, for example, in the following cases:
• Advertising or marketing
• Measures for business management and further development of services and products
• maintaining a customer database to improve customer service
• in the context of legal prosecution
• In the context of your consent (Art 6 para. 1 lit. a GDPR):
If you have given us consent to process your data.
Purchase based processing
We collect, store, and process your data for the entire processing of your purchase, including technical administration, and our own marketing purposes.
Your personal data will only be passed on to third parties or otherwise transferred if this is necessary for the purpose of contract processing or billing or if you have given your prior consent. In the context of order processing, for example, our payment service provider (Stripe.com) or email marketing service provider (Mailchimp (Intuit Inc) receive the necessary data for processing. The data passed on in this way may only be used by our service providers to fulfil their task within the framework of a contract processing agreement in accordance with the GDPR. Any other use of the information is not permitted and does not take place with any of the service providers entrusted by us.
For general enquiries and specific requests, you can contact us in various way. If you contact us, the data you provide will be stored so that your message can be forwarded to the correct contact person. This is done in accordance with our legitimate interest, your consent, and the initiation of a contractual measure to process your request. Your data provided will not be used for any other purposes, in particular not for advertising.
Creating an account
If you have given your consent by deciding to open a customer account, we will use your data (e-mail address, chosen password) for the purpose of opening a customer account. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law.
Marketing and improving quality and service
In the event that you have given your consent to the use of data, your data may also be used for the purposes of market and opinion research and for the purpose of ensuring and continuously improving our quality and service, and selected service providers may also be commissioned for this purpose.
Your personal data will be deleted if there are no legal obligations to retain it and if you have made a claim for deletion if the data is no longer required to fulfil the purpose for which it was stored or if its storage is not permitted for other legal reasons.
Processing of personal data for advertising purposes
You can object to the use of your personal data for advertising purposes at any time, either in whole or for individual measures, without incurring any costs other than the transmission costs.
We are entitled, to use the e-mail address you provided when concluding the contract for direct advertising for our own similar goods or services. If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form is sufficient for this purpose. Of course, an unsubscribe link is always included in every e-mail.
Cookies, Hosting, Logfiles, social media and Security
Providing the Shop
We use the WooCommerce service developed and operated by Automattic Inc, WooCommerce creates a device ID based on your device data, which can be used to recognise your access device (e.g., PC, tablet or laptop) when you visit my shop again. WooCommerce may also sets a cookie for this purpose. The cookie contains the device ID, but no personal usage or transaction data about you. This means that your access device can be recognised without identifying you by name and linking it to your device ID. This represents a legitimate interest.
When visiting this website, your browser transmits the following types of data, which are stored by us:
• the browser type and language,
• the IP address of the accessing computer,
• the server requests (e.g., page requests) including time and
• the referrer URL (i.e., the address of the previously visited website if you accessed our website from there by clicking on a hyperlink).
These first three types of data are technically necessary in order to correctly display the pages you have accessed on this website. In addition, they may be used, if necessary, to maintain the secure operation of this website (e.g., to defend against hacking attempts). The IP address and browser language are also used to suggest the appropriate language setting for our website. The referrer URL is used in anonymised form for statistical purposes. This represents a legitimate interest.
We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are bound by the applicable data protection laws.
Google Tag Manager
We use Google Tag Manager, a web analytics service provided by Google LLC. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set, and no Personal Data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: http://www.google.com/tagmanager/use-policy.html. This represents a legitimate interest.
We use Google Fonts on our website to display external fonts. To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed. The connection to Google established when you call up our website enables Google to determine which website sent your request and to which IP address the display of the font is to be transmitted. This represents a legitimate interest.
We use Google Analytics to evaluate your use of our website, to compile reports on the activities and to provide other services related to the use of our website in order to improve the user experience. When Google Analytics is used, interactions of website visitors are primarily recorded and systematically evaluated with the help of cookies. This represents a legitimate interest but also requires your consent due to the data transfer in the USA and the analytical functionality.
Sharing, Transfer and Storage
Who receives my data?
If we use a service provider in the sense of order processing, we still remain responsible for the protection of your data. All commissioned processors are contractually obliged to treat your data confidentially and to process it only in the context of providing the service. The processors we commission receive your data insofar as they require the data to fulfil their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and advertising campaigns.
Your data is processed in our customer database. The customer database supports the enhancement of the data quality of the existing customer data and enables the enrichment with data from public sources.
This data is made available to other companies if necessary for the processing of contracts. Customer data is stored separately for each company, with our parent company acting as a service provider for the individual participating companies. In the event of a legal obligation and in the context of legal prosecution, authorities, and courts as well as external auditors may be recipients of your data.
Furthermore, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of initiating and fulfilling contracts.
How long will my data be stored?
We process your data until the end of the business relationship or until the expiry of the applicable statutory retention periods furthermore, until the end of any legal disputes in which the data is required as evidence.
Will personal data be transferred to a third country?
In principle, we do not transfer any data to a third country. A transfer will only take place in individual cases on the basis of an adequacy decision of the European Commission, standard contractual clauses, appropriate guarantees or your express consent.
What data protection rights do I have?
You have a right to information, correction, deletion, or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the GDPR.
• Right to information
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to data portability
• Right to object
• Right of complaint
If you wish to assert any of the aforementioned rights against us, please contact us. In case of doubt, we may request additional information to confirm your identity.
Miscellaneous and Closing
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of humandesign.ai.
Links to other providers
Our website also contains - clearly recognisable - links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.
Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after the breach was discovered.
Personal Data and children
Most of the services available on this website are aimed at people aged 18 and over. We will not knowingly collect, use or disclose Personal Data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact. The parent or guardian will be provided with (i) information about the specific type of Personal Data being collected from the minor, (ii) the purpose for which it will be used, and (iii) the opportunity to object to any further collection, use or storage of such information. We comply with youth protection laws.
Am I Obliged to Provide Data?
The processing of your data is necessary for the conclusion or fulfilment of the contract you have entered into with us. If you do not provide us with this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and consequently have to terminate it. However, you are not obliged to give your consent to data processing with regard to data that is not relevant for the fulfilment of the contract or that is not required by law.
Changes, Questions, suggestions, or comments