This Policy describes:
This Policy applies to information we collect on the Platform or in emails and other electronic messages between you and the Platform, and information gathered when you interact with our advertising on third-party websites if such advertisements include links to this Policy.
This Policy does not apply to information collected by us offline or through any other means, including on any other website operated by any third party, or information collected by any third party through any application or content (including advertising) that may link to or be accessible from the Platform (for further information, see below, “Third-party Websites”).
Use of the Software and any user information associated with the Software may also be subject to the terms of separate written agreements between the Company and its contracted clients (“Clients”). When applicable, this Policy may be superseded by specific terms in the aforementioned written agreements between the Company and its Clients. If you use any materials from the Platform, you agree to be bound by the aforementioned written agreements as well as any posted guidelines and policies related to the materials you wish to use, as applicable. When applicable, if you do not agree to the terms of such applicable agreements, you will not be able to use the Software.
Please read this Policy carefully to understand our practices regarding your information and how we will treat it. If you do not agree with our policies and practices, then please do not use our Platform. By using our Platform, you agree to the terms of this Policy. This Policy may change from time to time (see below, “Changes to this Policy”). Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
What information does the Platform collect?
To ensure that we provide you with the best possible experience, we will store, use, and share information about you in accordance with this Policy.
Information You Provide to Us
Personal Information is any information that can be used to individually identify you from a larger group, such as data including, but not limited to, your:
You may provide us Personal Information when you:
The information that you provide in each case will vary. In some cases, you may be able to provide Personal Information via email, free text boxes or the Software messaging system, such as contacting the Company to request further information or messaging other users. When providing your Personal Information, please provide only relevant information and do not provide unnecessary sensitive information, such as Social Security numbers, credit card information or other sensitive personal data when it is not needed. Additionally, we may ask you to create a username and password that should only be known to you.
Moreover, as a user of the Software, you may have the opportunity to upload the documents and Personal Information of other users or individuals. When uploading such documents or Personal Information, you are solely responsible for obtaining the necessary consents and authorizations from any other users or individuals in accordance with applicable data security laws and regulations, and the Company shall not be responsible or held liable for your failure to obtain the necessary consents.
What Automated Tools Do We Use on our Website?
In addition to the information that you provide to us, we may also collect information about you during your visit to our Website. We collect this information using automated tools that are detailed below. These tools may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the Website. Some of the tools we use to automatically collect information about you may include:
(1) session cookies, which do not stay on your device after you close your browser, and
(2) persistent cookies, which remain on your device until you delete them, or they expire.
Of course, if you do not wish to have cookies on your devices, you may turn them off at any time by modifying your internet browser’s settings. However, by disabling cookies on your device, you may be prohibited from full use of the Website’s features or lose access to some functionality.
Do I have any choices in selecting preferences for privacy?
Yes. We want to provide you with relevant information that you have requested.
If we provide subscription-based services, such as email newsletters, we will allow you to make choices about what information you provide at the point of information collection or at any time after you have received a communication from us while you are subscribed. Transactional or service-oriented messages are usually excluded from such preferences, as such messages are required to respond to your requests or to provide goods and services, and are not intended for the purposes of marketing.
We will not intentionally send you email newsletters and marketing emails unless you consent to receive such marketing information. After you request to receive these emails, you may opt out of them at any time by selecting the “unsubscribe” link at the bottom of each email. Please note that by opting out or unsubscribing you may affect other services you have requested we provide to you, in which email communication is a requirement of the service provided.
Any such communications you receive from us will be administered in accordance with your preferences and this Policy.
How can I make sure my Personal Information is accurate?
We strive to maintain and process your information accurately. We have processes in place to maintain all of our information in accordance with relevant data governance frameworks and legal requirements. We employ technologies designed to help us maintain information accuracy on input and processing.
Where we can provide you access to your Personal Information in our possession, we will always ask you for a username and password to help protect your privacy and security. We recommend that you keep your password safe, that you change it periodically, and that you do not disclose it to any other person or allow any other person to use it.
To view and change the Personal Information that you have provided to us, you can log in to your account and follow the instructions on that webpage, or contact us directly for assistance.
Does the Platform collect information about minors?
We do not intentionally seek to gather information from individuals under the age of eighteen (18). We do not target the Platform to minors, and would not expect them to be engaging with our Platform or services. We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet. If we are aware of any Personal Information that we have collected about minors, we will take steps to securely remove it from our systems.
How does HubSync use my information?
The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to:
How does HubSync share my information?
We will not share Personal Information with any third parties except as described in this Policy, including the following:
There are circumstances where the Company may decide to buy, sell, or reorganize its business in selected countries. Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, the Company will ensure your information is used in accordance with this Policy.
Are any of the websites linked to the Platform owned by HubSync?
What if I am a California resident?
Pursuant to California Civil Code Section 1798.83, we will not disclose or share your Personal Information with third parties for the purposes of third-party marketing to you without your prior consent.
Other than as disclosed in this Policy, the Platform does not track users over time and across third-party websites to provide targeted advertising. Therefore, the Platform does not operate any differently when it receives Do Not Track (“DNT”) signals from your internet web browser.
What if I use the Platform outside of the United States?
To provide you with our services, we may store, process, and transmit information in the United States and other locations around the world, including countries that may not have the same privacy and security laws as yours. Regardless of the country in which such information is stored, we will process your Personal Information in accordance with this Policy.
Will this Policy change?
How does HubSync safeguard my information?
We use reasonable technical, administrative, and physical safeguards in order to protect your Personal Information against accidental loss and from unauthorized access, use, alteration, and disclosure. However, we can never promise 100% security. You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password. If you believe your credentials have been compromised, please change your password. Please also notify us of any unauthorized use.
How long will data be retained?
We retain your personal information for as long as necessary to provide you with our services and comply with our legal obligations. We also retain your personal information for a reasonable period after you cease using our services in case you need to access or recover your account information.
Your rights under the GDPR
Under the GDPR, you have the following rights:
To exercise any of these rights, please contact us at email@example.com
Additional information for GDPR compliance
In addition to the above, we have implemented the following measures to comply with the GDPR:
We are committed to protecting your privacy and complying with the GDPR. If you have any questions or concerns, please do not hesitate to contact us.
How do I contact you for more information?
We value your opinions and welcome your feedback. To contact us about this Policy or your Personal Information, please contact us at firstname.lastname@example.org
HubSync is committed to providing the highest level of security for our clients and their data. As part of this commitment, we have achieved General Data Protection Regulation (GDPR) and System and Organization Controls (SOC2) compliances, a rigorous third-party audit of our controls and processes related to Security, Availability, and Confidentiality.
To maintain our SOC2 and GDPR compliances, we have deployed HubSync with a “security first” focus along with ongoing supporting controls, including:
We use the most secure cloud computing environment available today – Amazon WebServices (AWS). AWS data centers and networks are architected to protect information, identities, applications, and devices. All data flowing across our platform is encrypted in transit and our databases housing customer data are encrypted at rest. The network is segmented to prevent unauthorized access. This allows us to achieve rigorous security and compliance requirements, such as data residency, protection, and confidentiality.
24/7 Network Operations Center
HubSync has a dedicated team monitoring systems 24/7, so we can quickly detect and resolve any issues that may arise in our production systems. This ensures the availability of our platform at all times. Our team uses the latest monitoring and performance software with automated alerts, robust logging, and real-time dashboards. Our infrastructure is constantly updated with the latest infrastructure and security releases, and auto-scales as usage increases during peak times (e.g., tax busy season).
Infrastructure Durability & Automation
AWS provides scalable hosting composed of AWS Regions and Availability Zones which allow HubSync to utilize multiple data centers across the United States with failover capabilities to ensure uptime and reliability. By using infrastructure as code (IaC) to manage and automate the provisioning and management of our AWS infrastructure, HubSync ensures that our systems are configured consistently, securely and can be scaled across the AWS cloud platform. We use version control to track changes to our infrastructure and regularly review and test our infrastructure automation and failover.
Threat Detection Management
We use the leading provider of threat intelligence and detection services to monitor cyber security threats and block any potential intrusion attempts. We protect our infrastructure perimeter using tools such as AWS Web Application Firewall, AWS Shield and Firewall Manager. Regular vulnerability scanning is performed by our NOC team along with 24/7incident response support.
In addition to regular vulnerability scanning, HubSync engages 2x per year with a trusted third party to simulate cyber-attacks and test the resilience of our systems. This helps ensure the security of our platform and the data of our clients. We use techniques such as simulating attacks from various angles and testing all publicly accessible entry points to ensure that our systems are secure. We also utilize code quality tools on a daily basis to ensure our code is secure as we enhance the platform with new features.
Security Training for Employees
We mandate regular security training for all employees to ensure awareness and education of security best practices along with our policies for reporting potential threats. Our training covers the latest threats and vulnerabilities and provides hands-on exercises to help employees and developers apply what they have learned. This helps ensure the security of our platform and client data.
Overall, these measures help us ensure the security, availability, and confidentiality of our platform and client data. A full SOC2 report is available upon request. If you have any questions about the measures we have in place, please don't hesitate to contact us at email@example.com