Effective date: [wpautoterms last_updated_date]
HEBSTREIT (“us”, “we”, or “our”) operates the [wpautoterms site_name] website (the “Website”), accessible from [wpautoterms site_url].
This page informs you of our policies regarding the collection, use, and disclosure of personal information when you use our Website and the choices you have associated with that information. We use your information to provide and improve our Website. By using our Website, you agree to the collection and use of information in accordance with this policy.
Identity and Contact Details of the Controller
See https://hebstreit.com/imprint/ for more information.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Website.
Types of Data Collected
While using our Website, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Information”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
We may also collect information how our Website is accessed and used (“Usage Information”). Usage Information is information collected automatically either generated by the use of the Website or from the Website infrastructure itself (for example, the duration of a page visit).
The Usage Information we collect may include information such as your computer’s Internet Protocol address (IP address), browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Cookies are small pieces of data stored on your device (computer or mobile device). Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device (web browser or mobile device browser).
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Website.
Examples of cookies we use:
- Session Cookies. We use Session Cookies to operate our Website.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
Use of the Information We Collect
HEBSTREIT uses the collected information for various purposes:
- To provide and maintain our Website
- To notify you about changes to our Website
- To allow you to participate in interactive features of our Website when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Website
- To monitor the usage of our Website
- To bill and process any payments that may be owed to us.
- To detect, prevent and address technical issues
- To enforce compliance with our Terms and Conditions.
Transfer of Information
Your information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside [wpautoterms country] and choose to provide information to us, please note that we transfer the data, including Personal Information, to [wpautoterms country] and process it there.
Disclosure of Information
HEBSTREIT may disclose your Personal Information in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of HEBSTREIT
- To prevent or investigate possible wrongdoing in connection with our Website
- To protect the personal safety of users of our Website or the public
- To protect against legal liability
Security of Information
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
Our Website Providers
We may employ third party companies and individuals to facilitate providing you with our Website (“Website Providers”), to provide our Website on our behalf, to perform Website-related services or to assist us in analyzing how our Website is used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We use analytics providers to monitor and analyze the use of our Website.
We use payment providers to verify and process payments for our Website. Please note that we do not collect or process your credit or debit card details. These are however collected and processed by our payment processing service provider Stripe. The collection and processing by these providers of your payment details such as credit or debit card details and other personal data are governed by their respective terms and conditions.
Information for our European Economic Area (EEA) users
Legal Basis for Processing Personal Information Under General Data Protection Regulation (GDPR)
HEBSTREIT may process your Personal Information because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing of your information is in our legitimate interests and it’s not overridden by your rights
- We need to comply with the law
Retention of Data
HEBSTREIT will also retain Usage Information for internal analysis purposes. This type of information is generally retained for a shorter period of time, except when this information is used to strengthen the security or to improve the functionality of our Website, or we are legally obligated to retain this data for longer time periods.
Your Data Protection Rights Under General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. HEBSTREIT aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.
If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us.
You have the following data protection rights:
- The right of access. You have the right to obtain from us confirmation as to whether or not
personal data concerning you are being processed, and, where that is the case, access to the
personal data and the following information: the purposes of the processing; the categories of
personal data concerned; the recipients or categories of recipient to whom the personal data
have been or will be disclosed; where possible, the envisaged period for which the personal data
will be stored, or, if not possible, the criteria used to determine that period; the existence of the
right to request from the controller rectification or erasure of personal data or restriction of
processing of personal data concerning the data subject or to object to such processing; the
right to lodge a complaint with a supervisory authority; where the personal data are not collected
from the data subject, any available information as to their source; the existence of automated
decision-making, including profiling and, at least in those cases, meaningful information about
the logic involved, as well as the significance and the envisaged consequences of such
processing for the data subject.
- The right to rectification. You have the right to have your information rectified if that information is inaccurate.
Taking into account the purposes of the processing, you have the right to have incomplete
personal data completed, including by means of providing a supplementary statement.
- The right to erasure (‘right to be forgotten’). You have the right to delete the information we have on you,
unless the processing of your personal data is necessary: for exercising the right of freedom of
expression and information; for compliance with a legal obligation; for reasons of public interest;
or for the establishment, exercise or defence of legal claims.
- The right to restriction of processing. You have the right to request that we restrict the
processing of your personal information where: the accuracy of your personal data is contested
by you; the processing is unlawful and you oppose the erasure of the personal data and request
the restriction of their use instead; we no longer need the personal data for the purposes of the
processing, but they are required by you for the establishment, exercise or defence of legal
claims; you have objected to processing pending the verification whether the legitimate grounds
of us override those of you.
- The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You have the right to withdraw your consent at any time where we relied on your consent to process your Personal Information. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.
Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to our processing of
your information. We will no longer process your personal data unless we demonstrate compelling
legitimate grounds for the processing which override your interests, rights and freedoms or for the
establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, you have the right to object at any
time to processing of your personal data for such marketing, which includes profiling to the extent that
it is related to such direct marketing. Where you object to processing for direct marketing purposes,
your personal data will no longer be processed for such purposes.
Links to Other Websites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party websites or services.
Our Website does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we become aware that we have collected information from children without verification of parental consent, we take steps to remove that information from our servers.