Honeycomb App, Inc. provides access to Honeycomb mobile application (“Honeycomb”) and related services (“Services”) that allows Honeycomb App Customers (“Customers”) to conduct usability tests (“User Tests”) and individuals taking part in such User Tests (“Testers”) to perform and record tests. In it’s provision of the Services, Honeycomb App may collect, record and analyze information about Customers and Testers which may include individually identifiable information that would allow Honeycomb App to determine the actual identity of, and contact, a specific living person), billing information, account settings and other data (“Personal Data”).
Any information stored on Honeycomb App’s Honeycomb is treated as confidential. All information is stored securely and is accessed by authorized personnel only. Honeycomb App implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
2. COLLECTION AND USE
The following sections describe the specifics of both types of groups from which data is collected: Customers and Testers.
a. Account Information: If you create a Honeycomb account, we may store and use the information you provide during that process, such as your full name, email address, zip code, physical address, and other information you may provide with your account, such as your gender, phone number, and birth date. We may publicly display your first and last name, as well as any photo or other content you submit through the registration process, as part of your account profile.
b. Public Content: Your contributions to the Service are intended for public consumption and are therefore viewable by the public, including your account profile (e.g., first name, last initial, city, neighborhood, profile photos) is also intended for public consumption, as is some of your other activity through the Service, like how you provide on other people’s tests.
c. Contacts: You can invite others to join Honeycomb by providing us with their contact information, or by allowing us to access your contacts from your computer, mobile device, or third party sites to select which individuals you want to invite. If you allow us to access your contacts, we may transmit that information to our servers long enough to process your invitations.
d. Communications: When you sign up for an account or use certain features, you are opting to receive messages from other users, businesses, and Honeycomb. You can manage some of your messaging preferences through your account settings, but note that you cannot opt out of receiving certain administrative, transactional, or legal messages from Honeycomb. We may also track your actions in response to the messages you receive from us or through the Service, such as whether you deleted, opened, or forwarded such messages.
e. Transactions: If you initiate a transaction through the Service, such as participating in an A/B or 1 on 1 test, we may collect and store information about you, such as your name, phone number, address, email, and payment information as well as any other information you provide to us, in order to process your transaction, send communications about them to you, and populate forms for future transactions.
f. Activity: We may store information about your use of the Service,. We also may store information that your computer or mobile device may provide to us in connection with your use of the Service, such as your browser type, type of computer or mobile device, browser language, IP address, WiFi information such as SSID, mobile carrier, phone number, unique device identifier, advertising identifier, location (including geolocation, beacon based location, and GPS location), and requested and referring URLs. We may also receive and store your location whenever our mobile applications are running, including when running in the background, if you enable our mobile apps to access such information in the course of using the Service. You may be able to limit or disallow our use of certain location data through your device or browser settings, for example by adjusting the "Location Services" settings for our applications in iOS privacy settings.
Testers should be aware that in taking part in tests, they may be disclosing information that could make them personally identifiable to Honeycomb App Customers. Testers should be aware that they are responsible for the content provided during their User Tests. Honeycomb App will not process Personal Data for purposes or by other means than as instructed by Customers or as otherwise necessary to provide the Services.
In order to provide the Services to Customers, Honeycomb App collects certain types of data from its Customers. Further, Customers may collect or request information from Testers when utilizing the Services, subject to the terms of service entered into between Honeycomb App and all Customers.
If you are a representative of a business listed on Honeycomb, we may contact you, including by phone or email, using the contact information you provide us, make publicly available, or that we have on record for your business. Our calls with you may be monitored and recorded for quality purposes.
Transactions: If you initiate a transaction through the Service, such as an A/B or 1 on 1 test, we may collect and store information about you, such as your company name, phone number, address, email, and payment information (such as a credit card number and expiration date), as well as any other information you provide to us, in order to process your transaction, send communications about them to you, and populate forms for future transactions. When you submit credit card numbers, we encrypt that information using industry standard technology.
2.3.1 Collection of Customer Data
During a Customer’s utilization of the Honeycomb and Services, Customers may be requested to provide information such as name, company name, email address, address, telephone or other relevant Personal Data (collectively “Customer Data”). This Personal Data is used by Honeycomb App to identify each Customer and provide them with Services, support, billing and to meet other contractual obligations. Honeycomb App will delete Customer’s Personal Data upon request from such Customer, unless complying with such request would violate an applicable law, statute or other contractual obligation.
2.3.2 Collection of Tester Data By Customers
User Tests are created by Customers. As such, it is the Customer’s responsibility to ensure that collection and processing of information provided by Testers during User Tests (“Tester Data”) is done in accordance with applicable law. Honeycomb App will not process Tester Data for other purposes or by other means than as instructed by Customers or as necessary to provide the Services.
Tester Data includes data from all Testers uploaded, transferred or manually entered during a User Test. Tester Data may include Personal Data, including personal contact information such as name, address, telephone number, email address or other personal demographic information. For Customers in the EEA (defined below), or for Customers engaging Testers in the EEA, the Customer will be the “controller” as defined by the European Union’s General Data Protection Regulation (“GDPR”) as further explained below.
2.4 Geographical Location
For Honeycomb App Customers and Testers, all Personal Data shall be processed in data storage centers located in the United States.
2.4.1 Processing in the EEA
For Customers with accounts located in the EEA, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and Honeycomb App’s processing will take place in accordance with the GDPR.
126.96.36.199 Controller and Processor (GDPR)
Honeycomb App processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR:
Honeycomb App will be the Controller for User data, as outlined above in “Collection of Customer Data” section.
For Tester data collected during Customer’s utilization of the Honeycomb and Services, as outlined in the “Collection of Tester Data” section, the Customer will be the Controller in accordance with Directive and GDPR, and Honeycomb App will be the Processor.
All data collected by Honeycomb App will be stored in secure hosting facilities provided by Amazon Web Services. Honeycomb App maintains a data processing agreement in place with its provider, ensuring compliance with the Directive and GDPR. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.
2.4.2 Processing Outside of the EEU
For Customers with accounts not located in the EEU, Honeycomb App processes data solely in data centers located in the United States of America. Honeycomb App has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the Customer’s data in Honeycomb App’s possession. Honeycomb App will promptly notify the Customer in the event of any known unauthorized access to, or use of, the Customer’s data.
All data collected by Honeycomb App Customer’s through their use of the Honeycomb and Services will be stored exclusively in secure hosting facilities provided by Amazon Web Services. Honeycomb App’s contract with its hosting provider ensures that all hosting is performed in accordance with the highest security regulations. Honeycomb App’s policy is to protect and safeguard any personal information obtained by Honeycomb App in accordance with United States state or federal laws governing the protection of personal information and data. Accordingly, Honeycomb App adheres to practices and policies that aim to safeguard all such data.
3. RETENTION AND DELETION
Honeycomb App will keep information needed to provide the Services to Customers as long as there exists a valid business purpose, in accordance with applicable law and our Service and/or Tester Agreements, and will delete such data upon written request from a Customer or Tester, provided such deletion complies with all applicable laws or regulations. For Tester Data, Customers have control of the purpose for collecting data. Customers with an active Honeycomb App account will therefore have the responsibility to delete data if required. When a Customer’s account is terminated or expired, all Personal Data collected through the Honeycomb will be deleted upon written request from Customer as required by applicable law.
4. ADDITIONAL CONSIDERATIONS
4.1 Usage and Device Data
Honeycomb App collects usage data about Visitors to our website and App usage, including pageviews, clicks, and log files containing originating IP addresses. In addition, Honeycomb App collects data from the device and applications used to access our Services including IP address and browser and phone type.
4.2 Referral Data
Honeycomb App records if a Visitor arrives at Honeycomb App website from an external source (such as a link on another website or in an email).
4.3 Information from Third Parties
Honeycomb App collects Personal Data or other data from third parties, if Customers give permission to those third parties to share your information with us.
Visitors have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but individuals can usually modify browser settings to decline cookies. More information about disabling cookies is available at www.allaboutcookies.org. Choosing to decline cookies may result in decreased function on Honeycomb App websites.
Individuals who do not consent to the collection, use, or disclosure of their Personal Data as outlined in this policy should not provide any Personal Data to Honeycomb App. If an individual has provided Personal Data to Honeycomb App and no longer consents to its use or disclosure as outlined here, then the individual should contact Honeycomb App at firstname.lastname@example.org.
4.5 Data Integrity
Honeycomb App will use Personal Data only in ways compatible with the purposes for which it was collected or authorized by our Customers, or as requested in connection with Tester requests.
In most cases, our collection of Personal Data is related to our Customers and Testers and collected under the terms of our Service Agreement and Tester Agreement, respectively. Individuals that wish to request access to, correction, or deletion of Personal Data they submitted to the Honeycomb App corporate website should contact Honeycomb App at email@example.com.
No data transmissions over the Internet can be guaranteed to be 100% secure. Honeycomb App cannot ensure or warrant the security of any information transmitted to Honeycomb App. All transmissions of information are done at the senders own risk. Once Honeycomb App is in possession of any information, Honeycomb App will make reasonable efforts to ensure the security of its systems.
Honeycomb App has adopted physical, technological, and administrative procedures to safeguard and secure the information we process. By using this website or providing Personal Data to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website.
6. PRIVACY SHIELD
The Privacy Shield program applies to the processing of Personal Data in regards to the collection, use and retention of Personal Data from Testers located in Switzerland and the European Union and European Economic Area, as set out by the U.S. Department of Commerce. Honeycomb App has certified that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse/enforcement/liability. Honeycomb App is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
All employees of Honeycomb App who handle Personal Data from Switzerland and the European Union are required to comply with the Privacy Shield Principles.
As part of our participation in the Privacy Shield program, we will resolve disputes you have with us in connection with our policies and practices through JAMS ADR. For more information and to contact JAMS ADR directly, visit www.jamsadr.com. As a last resort and in limited situations, Swiss and EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
Honeycomb App’s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Honeycomb App remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Honeycomb App proves that it is not responsible for the event giving rise to the damage.
Honeycomb App encourages you to contact our Head of Privacy and Security at firstname.lastname@example.org should have any Privacy Shield-related (or general privacy-related) complaint. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Honeycomb App is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
9. ADDITIONAL RESOURCES
For additional information on Honeycomb App’s GDPR compliance, please visit our GDPR section below.
CONTACTING HONEYCOMB APP
Honeycomb App, Inc.
Honeycomb App and the General Data Protection Regulation (GDPR)
On May 25, 2018, the General Data Protection Regulation (GDPR), intended to strengthen data protection for all individuals in the European Union (EU), goes into effect. This regulation extends EU data protection to cover all foreign (non-EU) companies processing data of EU residents. It is intended to bolster EU residents’ privacy rights, giving citizens the right to gain access to their personal data, and information about how the data is being acquired, processed, and its intended use.
Honeycomb App’s Commitment to Data Protection and GDPR Compliance
While Honeycomb App is a champion of open communication between companies and the consumers that they service, we are equally dedicated to the preservation of privacy and protection of data of all with whom we do business. Honeycomb App will be in compliance with the GDPR by May 25, 2018. We have carefully examined the relevant stipulations of the GDPR and conducted an assessment of applicable Honeycomb App processes. These steps, as well as ongoing efforts, help us in developing tools and procedures that ensure continuing GDPR compliance for all customers and users of Honeycomb App products and services.
Passed in 2016, the GDPR (Regulation (EU) 2016/679) replaces a previous directive (Data Protection Directive 95/46/EC). In doing so, it extends jurisdiction and unifies regulations to cover all processing of personal data of EU residents, regardless of a company’s location.
GDPR updates seek to increase clarity and streamline processes and communications for both consumers and data controllers. By clarifying expectations for all parties, the GDPR makes it easier for EU residents to manage who has their personal data and how it is used. Additionally, it gives them the right to request to see the personal data that has been collected about them or request that it be erased.
With passage of the GDPR, new rules and guidelines were established and communicated. Per the EU GDPR portal, the following changes go into effect with the enforcement of the GDPR.
Summary of outcome
Increased territorial scope
More clarity on application of data privacy rules. Now, regulations apply to all companies processing personal data of EU residents, regardless of company location.
Clarity regarding consent. Companies must clearly and intelligibly communicate that they are collecting personal data and how it is meant to be used, ensuring consumer is informed that they are giving consent.
Immediacy of notification. Companies are mandated to notify impacted customers and relevant parties within 72 hours of first becoming aware of a data breach likely to “result in a risk for the rights and freedoms of individuals.”
Right to access
Availability of information. Consumers have the right to request information on whether or not their data is being processed, where and for what purpose and data controllers must comply in responding.
Right to be forgotten
Greater control over one’s data. Also known as Data Erasure, data controllers must comply when consumers ask that their personal data no longer be processed or distributed, or that it be erased completely.
Supports automated transfer of personal data between data controllers. Consumers are able to transfer the personal data that they have requested to another data controller.
Privacy by design
Data protection as an integral consideration in the design of new systems. Rather than an afterthought or addition, data controllers must implement the appropriate technical and procedural measures to ensure data protection from the start of new initiatives.
Data protection officers
Mandatory appointment of data protection officer. DPO is responsible for ensuring ongoing compliance via education and training of relevant team members, routine security audits, and service as liaison between company and Supervisory Authorities.
IMPLICATIONS FOR OUR CUSTOMERS AND PANEL PARTICIPANTS
Here at Honeycomb App, we understand that trust is the cornerstone of authentic discourse. We provide products and services that support the flow of honest feedback, under the premise that this information is vital towards innovation and providing consumers with better, more helpful and increasingly enjoyable experiences.
For this reason, the GDPR aligns directly with our goals and ideologies: that we have to respect the privacy and ensure the security of all customers, partners and associated parties who have made the choice to do business with us.
Information regarding data processing
As a Honeycomb user, Honeycomb App takes qualifying criteria from the customer and filters to a set of users that match or closely match that criteria to be invited to either an A/B test or a 1 on 1 live voice conversation.
Honeycomb App facilitates live conversations with selected participants. Honeycomb App DOES NOT record these conversations.
The Users or test participants of an A/B test follow the instructions of the A/B test while Honeycomb App records their:
· Answers to A/B tests
Support for our customers
For support on how to access, inspect, update and remove personal information, customers can email email@example.com
Support for our study participants
Participants in the Honeycomb App panel (sometimes called “study participants” or “testers”) can view and manage personal information by logging into their account. They can also manually delete their account once logged in.