Privacy Policy

Last updated: 1 November 2020

At Hive, the privacy of your data - and it is your data, not ours! - is a big deal to us. We respect your privacy and data protection rights and recognize the importance of protecting the personal data we collect and process. This policy is designed to help you to understand what data we collect and why; how your data is handled; and your rights to your data.

Note: We do not rentsell or trade your personal information.

Purpose and scope

This Privacy Policy (“Privacy Policy”, “Policy”) describes how Hive Identity Technologies OÜ (“Hive”, “we”, “us” or “our”) collects, uses, shares, processes and protects personal information (“Personal Information”).

This Privacy Policy applies to you if you:

Hive processes End-users’ information as directed by our Customers for the provision of our services. For the purposes of the General Data Protection Regulation (or any successor or equivalent legislation in the UK) ("GDPR"), our Customers are the data controllers who determine the purpose of processing Personal Information and, accordingly, Hive is a data processor of End-users’ information with respect to those services. In other cases, Hive is a data controller of Website users’ and Customers’ information. We may also process certain information in anonymized form for the development and improvement of our services and in other forms and purposes set forth in this Privacy Policy.

In order to fully understand how personal data is processed, we encourage you to also review privacy notices and policies of our Customers who are using our identity services with you.

We may need to update this Privacy Policy from time to time, so we recommend you check back periodically. If we make any substantial changes, we may notify you via email or by posting a notice on our website.

Data collections and uses

Overview

This Policy describes how we collect and use your Personal Information, whether it is shared and/or disclosed, and how we address privacy matters, such as deletion of your Personal Information upon request, and opting-out of marketing communications. Lastly, we describe methods for contacting us if you have privacy questions, comments or feedback.

Personal Information we collect

Transparency is one of the best ways to earn your trust. The Personal Information that we collect about you broadly falls into the categories set out below. Some of this information you provide voluntarily when you interact with the Hive Services and Websites. Other types of information may be collected automatically from your device, such as device data and service data. From time to time, we may also receive personal data about you from third party sources (as further described below).

Cookies and other tracking technologies

Some device data, service data and third-party source data is collected through the use of first- or third-party cookies and similar technologies. For more information, please see Hive’s Cookie Policy.

Do Not Track. Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.

How we use Personal Information

Our Products and Services

We use Personal Information to facilitate the business relationships we have with our Customers, to comply with our financial regulatory and other legal obligations, and to pursue our legitimate interests where these are not overridden by the interests, rights or freedoms of Customers and End-users. We also use Personal Information to complete payment transactions.

How long do we keep your data?

We only process and keep any Personal Information for as long as necessary to achieve the purpose for which the information was originally collected. The exact length of time we keep Personal Information depends on our processing purposes and the statutory retention period for that type of information. After the statutory period of time passes, or if storage of Personal Information is not needed, Personal Information is deleted or anonymized. If you would like more information about specific retention periods please contact legal@hive.id.

How do we use your information?

We collect and process your Personal Information for the following purposes and, if you are from the European Economic Area (EEA), the UK or Switzerland, on the following legal bases:

In certain circumstances, we may collect your Personal Information on a different legal basis. If we do, or if we use your Personal Information for purposes that are not compatible with, or are materially different than, the purposes described in this notice or the point of collection, we will explain how and why we use your Personal Information in a supplementary notice at or before the point of collection. Where we refer to legal bases in this section, we mean the legal grounds on which organizations can rely when processing personal data.

These legal bases only apply to you if you are resident in the EEA, the UK or Switzerland.

If you have any questions about our legal bases for processing your Personal Information, please contact us at legal@hive.id.

Security

Hive takes appropriate administrative, technical, physical and organizational security measures to protect your Personal Information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once it is received, taking into account the nature of such information and the risks involved in processing, and comply with applicable laws and regulations. While we have taken reasonable steps to secure the Personal Information you provide to us, please be aware that despite our best efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide Personal Information via our Websites or Services.

If you have any questions about our security, or have reason to believe that your interaction with us is no longer secure, please contact us at security@hive.id.

Policy for children

We do not knowingly solicit information from or market to children under the age of sixteen (16). If you are under the age of 16, please do not give us any Personal Information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help us enforce our Privacy Policy by instructing them to never share Personal Information through our Websites or Services without their permission. If you suspect or become aware of any data we have collected from children under the age of 16, please contact us immediately at legal@hive.id.

Your privacy rights and choices

Depending on your location and subject to applicable laws, you may have certain data protection rights. If you are a resident of the EEA or the UK you have the following data protection rights:

You can exercise any of these rights by submitting a request to our Data Protection Officer at legal@hive.id.

If you are a California resident, you can find information about how we use your Personal Information and about your privacy rights in “Notice for California Residents” section of this Policy.

Transfers of your Personal Information

The Hive Services and Websites, and our identity domains are provided and hosted in the United States or the EEA. If you are located outside the United States or the EEA, we may transfer, and process, your Personal Information outside of the country in which you are resident including to, Ireland, the UK, Australia and other such countries as we deem appropriate from time to time. These countries may not have equivalent privacy and data protection laws (and, in some cases, may not be as protective). We will protect your Personal Information in accordance with this Privacy Policy wherever it is processed.

Certain recipients (our service providers and other companies) who process your Personal Information on our behalf may also transfer Personal Information outside the country in which you are resident. Where such transfers occur, we will make sure that an appropriate transfer agreement is put in place to protect your Personal Information.

If you are a resident of the EEA, the UK or Switzerland, we will protect your Personal Information when it is transferred outside of the EEA, the UK or Switzerland by processing it in a territory which the European Commission has determined provides an adequate level of protection for Personal Information; or otherwise ensuring appropriate safeguards are in place to protect your Personal Information. 

If you would like to find out more about international transfers, please contact our Data Protection Officer at legal@hive.id.

Notice for California Residents

This section describes how Hive collects, uses and shares Personal Information of California residents in our capacity as a "business" under the California Consumer Privacy Act of 2018 ("CCPA"), and their rights under the CCPA.

Scope

This section applies only if you are a California resident. For purposes of this section, "Personal Information" has the meaning given in the California Consumer Privacy Act ("CCPA").

This section does not apply to:

Your California privacy rights

You have the following rights:

Right to Know – Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:

Right to Know – Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.

Right to Deletion. You can ask us to delete the Personal Information that we have collected from you.

Right to Opt-Out. You have the right to opt-out of any "sale" of your Personal Information as defined in the CCPA.

Right to Nondiscrimination. You are entitled to exercise the rights described above free from discrimination prohibited by the CCPA.

How to exercise your rights

We will need to verify your identity to process your information, access, and deletion requests and reserve the right to confirm your California residency. To verify your identity, we may require you to log into a Hive online account (if applicable), provide government identification, give a declaration as to your identity under penalty of perjury, and/or provide additional information. These rights are not absolute, and in some instances, we may decline your request as permitted by law.

Candidates

We also provide the ability to submit job applications to our open job listings. To appropriately respond to your application, we need to collect and process your provided Personal Information, which may also be carried out electronically. If we begin an employment contract with you, your submitted application data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. We maintain your Personal Information for the period of time necessary to carry out our legitimate business interests and according to applicable laws. For information about specific retention periods, please contact us at legal@hive.id.

Changes to this Policy

If we make material changes to this Policy, we will revise the “Last Updated” date at the top of this Policy, and in some cases, we may provide you with more prominent notice (such as adding a statement to our homepage or sending you an email notification). Any changes or modifications will be effective immediately upon posting of the updated Privacy Policy, and you waive the right to receive specific notice of such changes or modifications.

We encourage you to review the Policy whenever you access our Services and Websites to stay informed about our information practices and the ways you can help protect your privacy. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes to the Privacy Policy by your continued use of the Services and Websites after the date such Policy is posted.