Last Updated: 5/27/18
HOW HANDSHAKE COLLECTS INFORMATION AND THE TYPES OF INFORMATION COLLECTED
Any time you use Handshake’s Sites or Services, information is generated. Some of this information is considered “Personal Information,” meaning information that either directly identifies you individually (like email or billing information) or could reasonably be used to identify you in combination with other data. Other information is considered “Anonymous Information,” meaning information that does not directly identify, and cannot reasonably be linked with other data to identify you individually.
Handshake collects information from you in the following ways:
A. YOU PROVIDE THE INFORMATION TO US
When you visit or use our Sites or use our Services, you may provide us with information about yourself, your business, or your website. For example, if and when you set up a new Handshake account, you will be prompted by us to provide us with certain personal information in association with the freenode nickname, PGP key, or github account you are attempting to verify. You also understand that some of that non-personal information you provide to us may be aggregated and anonymized with other users to present nomination and voting results. If your account is verified then you will be able to submit information relating to the nomination and voting on behalf of yourself. You consent to the publication of the non-personal information or anonymous information you provide us about your choices and you understand that it may be published online and available to the public in an aggregated and anonymized format. Personal information we request from you may include:
- — Email address
- — GitHub user name
- — PGP key (public)
- — freenode nickname
If your account is verified up to a certain point, you will be required to provide certain tax information as stated in a 1099-MISC or a W8-BEN form including:
- — First and last name
- — Social security number/Foreign tax identification number/Employer Identification number/or tax identification number
- — Address
- — Telephone number
B. COLLECTED INFORMATION
“Cookies” are small files that are placed on an individual’s computer when you interact with the Sites or Services. Cookies are often used to enable you to more easily communicate and interact with the Sites and Services. “Web beacons” (also known as “single-pixel” or “clear” GIFs) include electronic images embedded in the Site or in communications sent through the Services which are invisible to users. Web beacons can collect information, such as identifiers, time and date of access, and descriptions of the pages or communications in which the web beacons are embedded.
- — Saving user preferences;
- — Authentication;
- — Fraud prevention; and
- — Otherwise facilitating and enhancing interaction with the Sites
HOW HANDSHAKE USES AND SHARES PERSONAL INFORMATION WITH THIRD PARTIES
Handshake uses your personal information for a number of reasons including provisioning, maintaining and improving the Sites and Services, as well as for development of new services. For example, Handshake uses your information to administer your account, provide technical support and to communicate with you about your account. Handshake may also, with your consent, use your information to send you updates about the Handshake community.
Other than as described above, Handshake does not use your Personal Information, nor does it share your personal information with any third-parties, unless one of the following circumstances apply:
- — Handshake has your express consent; and
- — It is for Handshake’s internal use, research and product development;
- — External processing by our affiliates or other trusted third parties we use to support our business based on our instructions or other appropriate confidentiality and security measures (for example, companies that help Handshake improve its web site’s usability, verify your account, or understand customer interests); or
- — Detection, prevention or otherwise addressing fraud, security or other legal related issues.
Note that Handshake may share anonymously collected information with third parties. Handshake may also share Personal Information with companies, organizations or individuals outside of Handshake if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to:
- — meet any applicable law, regulation, legal process or enforceable governmental request;
- — enforce applicable agreements or adherence to terms and conditions, including investigation of potential criminal law violations; and
- — protect against harm to the rights, property or safety of Handshake, our users, third parties or the public as required or permitted by law.
Handshake shall not sell nor license your Personal Information to a third party for that third party’s own direct marketing purposes.
YOUR PRIVACY CHOICES
SUBSCRIBING TO COMMUNICATIONS. If you wish to receive periodic newsletters, support Related Emails or other promotional communications from us, you may opt-in to receiving them at registration or by following the instructions included in each newsletter or by emailing [email protected]. In order to ensure the integrity, security and operation of our systems and networks, we do not allow you to unsubscribe from Service Notices unless you delete your account altogether.
YOUR RIGHT TO ACCESS AND CONTROL YOUR PERSONAL INFORMATION
You have the right to request that your personal information be corrected or deleted upon cancellation of your account. You have the right to request access to your personal information that We have collected at any time. Please contact customer support at [email protected] to request access to or deletion of your personal information or to request changes to the personal information associated with your account.
We retain all personal information and data relating to your accounts indefinitely unless a data subject requests that their information be deleted.
Handshake has implemented policies that include administrative, technical, and physical safeguards designed to help protect Personal Information against unauthorized access, use, or disclosure. While Handshake strives to protect your privacy, because of multiple uncontrollable variables, including the inherent security flaws in the internet, Handshake cannot guarantee the security of any information you disclose to us and, as such, you agree that your disclosure of such information is at your own risk.
LEGAL BASIS FOR DATA PROCESSING
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal information is necessary for the performance of a contract to which the information subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. If our company is subject to a legal obligation by which processing of personal information is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal information may be necessary to protect the vital interests of the data subject or of another natural person. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the aforementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal information. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
HOW WE TRANSFER INFORMATION COLLECTED INTERNATIONALLY
Handshake has established a global network presence and may maintain servers in many countries around the world, including the United States. You agree that we may process your personal information on a server located outside the country where you reside. You consent to the storage of personal information collected by Handshake on a server located in the United States. We will request your consent before we transfer your personal information outside of the country where the information is maintained.
COPPA DISCLOSURE - About Children’s Online Privacy
The Children’s Online Privacy Protection Act (COPPA) was passed to give parents increased control over what information is collected from their children online and how such information is used. The law applies to websites and services directed to, and which knowingly collect information from, children under the age of 13. Our online services are not directed to children under the age of 13, nor is information knowingly collected from them. For additional information on COPPA protections, please see the FTC website at: https://www.consumer.ftc.gov/articles/0031-protecting-your-childs-privacy-online. Please contact us at [email protected] if you are aware of any uses of the Service by users under the age of 13.
Handshake may register and make chat rooms, forums, message boards, and/or news groups available to its users. Please note that any information that is disclosed in these areas becomes public information and you should exercise caution when deciding to disclose your personal information.
NAME AND ADDRESS OF DATA PROTECTION OFFICER AND NAME AND ADDRESS OF CONTROLLER
Our current data protection officer can be reached at the following information below.