hc1® Website Privacy Statement, effective as of November 1, 2023

hc1 Insights, Inc., formerly known as hc1.com Inc. (“hc1”, “us”, “our” or “we”) is committed to protecting the privacy of individuals who visit the hc1 Web sites (“Visitors”) and individuals associated with organizations who register to use the Services as defined below (“Customers”). This Privacy Policy (the “Statement”) describes hc1's privacy practices in relation to the use of hc1’s public Web site (https://www.hc1.com/) other hc1 Web sites made available from time to time, and applications and services offered by hc1 (collectively, the “Services”).

Individuals in the European Economic Area and the United Kingdom

We recognize that our Customers may use our Services to process information about individuals located in the European Economic Area (EEA) or the United Kingdom.  We are committed to helping our Customers comply with the European Union (EU) General Data Protection Regulation (GDPR), the Data Protection Act of 2018, including the UK-GDPR (United Kingdom General Data Protection Regulation), and other applicable laws and regulations in connection with any EEA or United Kingdom individuals’ personal data received through our Services.

Compliance with the EU-U.S. Data Privacy Framework Principles 

hc1 has certified its compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce.  hc1 has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit www.dataprivacyframework.gov

Recourse, Enforcement, and Liabilities

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, hc1 commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EEA and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, should first contact hc1 at:

hc1 Insights, Inc.
6100 Technology Center Drive
Indianapolis, IN 46278
Phone: 317.219.4646
privacy@hc1.com 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, hc1 commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF to ICDR/AAA, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit www.adr.org for more information or to file a complaint.  The services of ICDR/AAA are provided at no cost to you.

Scope

This Statement covers only data collected through the Services and not any other data collection or processing, including, without limitation, data collection practices of webpages to which the Services link, or data that we or our affiliates collect offline or through webpages that do not display a direct link to this Statement. By accessing the Services, you acknowledge notice of this Statement and agree with and acknowledge the terms, conditions, and responsibilities as set out below. We may make access available to third-party sites, such as social media sites, via the Services. When accessing these third-party sites, the privacy policy of the third-party applies, and this Statement does not apply.

Types of Data and Collection Methods

We receive data that you actively submit through the Services (“Data”) as described below.

When you request information or otherwise actively send us Data through the hc1 public Web site (“actively submitted data”), we collect Data such as name, e-mail address(es), telephone number(s), and company name. You can opt-out of providing information by not entering it when asked, and if such information is required in order to allow us to respond to your inquiry, you will receive a notification advising you of this. When you submit Data via the Services, you will know what Data we collect through the Services, because you actively submit it.

Additionally, when you visit the hc1 public Web site(s), we also passively track information on your computer and Internet connection, such as the IP address of your computer and/or Internet service provider, the date and time you access the Web site(s), the Internet address of Web sites from which you link to our Services, the computer technology you are using and your movements and preferences on our Web site(s).

Unless you also actively submit personal information such as your name or address, passively tracked data does not typically allow us to identify you personally (even though it can theoretically be done, we do not have the means or interest to find out who you are, unless you identify yourself voluntarily through an active submission of data). To the extent permitted by applicable law, we reserve the right to combine passively tracked Data with personal Data that you actively submit.

Data Processed

hc1 provides online tools that our Customers use to communicate and operate aspects of their businesses. These include tools for data analytics and communications. In providing these Services, hc1 processes data our Customers submit to our Services or instruct us to process on their behalf.

Purposes of Data Processing

hc1 processes data submitted by Customers for the purpose of providing Services to our Customers. To fulfill these purposes, hc1 may access the data to provide the Services, to correct and address technical or service problems, to respond to customer support matters, or to follow instructions of the hc1 Customer who submitted the data, or in response to contractual requirements.

Third Parties Who May Receive Data

hc1 uses a limited number of third-party service providers to assist us in providing our Services to Customers. These third party providers may offer customer support to our Customers, perform database monitoring and other technical operations, assist with the transmission of Data, and provide data storage services. These third parties may access, process, or store personal Data in the course of providing their services.

hc1 maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our EU-U.S. DPF Principles obligations, including the onward transfer provisions, and hc1 remains liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.

Your Rights to Access, to Limit Use, and to Limit Disclosure

EEA and/or United Kingdom individuals have rights to access personal data about them, and to limit use and disclosure of their personal data. With compliance with the EU-U.S. DPF Principles, hc1 has committed to respect those rights. If you wish to request access, to limit use, or to limit disclosure, please contact hc1:

hc1 Insights, Inc.
6100 Technology Center Drive
Indianapolis, IN 46278
Phone: 317.219.4646
privacy@hc1.com