<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=490755098261949&amp;ev=PageView&amp;noscript=1">

NEW CASE STUDY: How we built top-rated shopping apps for Crate & Barrel and CB2 :app:

Heady_Logo_Web-01 (1)

Heady.io Privacy Policy

Last Updated Oct 9, 2024

    Heady.io (“Company,” “We,” “Us,” or “Our”) is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit our website or use our services.

    Scope of this Policy

    This Privacy Policy applies to information collected through our website and any other interactions you have with Heady.io, such as emails, social media, and other online communications. It does not apply to information collected by third parties or through any other means, such as offline interactions.

    By using our website, you consent to the data practices described in this policy.

    1. 1. Information We Collect

    We collect personal information to provide you with a better experience and improve our services. The types of personal information we collect include:

    • Identifiers:
      • Specific Examples: Name, email address, phone number, postal address, job title, company name.
      • Purpose: This information helps us identify you and manage our relationship with you, such as responding to inquiries or sending updates.
    • Internet or Other Electronic Network Activity Information:
      • Specific Examples: IP address, browser type and version, device information, referring URLs, pages viewed, and date and time of access.
      • Purpose: This data helps us understand how you interact with our website, enhance its performance, and improve user experience.
    • Geolocation Data:
      • Specific Examples: General location based on IP address (city, state, country).
      • Purpose: Used for analytics and to tailor content to your location.
    • Professional or Employment-Related Information:
      • Specific Examples: Job title, company where employed.
      • Purpose: Helps us deliver relevant content based on your profession or industry.
    • Inferences Drawn from Other Personal Information:
      • Specific Examples: Your preferences, interests, or potential needs based on your website interactions.
      • Purpose: Enables us to personalize your experience and offer tailored recommendations.
    1. 2. How We Use Your Information

    We use the information we collect to:

    • Provide and Improve Our Services: Ensuring the website functions as intended, personalizing your experience, and improving our offerings.
    • Communicate with You: Sending relevant updates, marketing communications, and responding to inquiries.
    • Comply with Legal Obligations: Complying with legal and regulatory requirements.
    • Analyze and Optimize: Using data to understand how users engage with our website, track performance, and make improvements.

    We may also aggregate non-personal information to track usage trends, which helps us improve our services.

    1. 3. Sharing Your Information

    We do not sell your personal information. However, we may share your data with third parties for the following purposes:

    • Service Providers: We share data with trusted service providers who help us operate our business. These providers are contractually obligated to protect your information.
      • Use of HubSpot as a CRM Provider. We use HubSpot, a customer relationship management (CRM) platform, to manage our interactions with customers, track website analytics, and streamline communications. HubSpot acts as a data processor on our behalf, handling your personal information to facilitate communications, provide insights, and improve our services. We have a data processing agreement in place with HubSpot to ensure they handle your data in accordance with applicable privacy laws and our own policies. HubSpot is contractually required to protect your personal information.
    • Legal Requirements: We may disclose information if required by law, legal process, or government authorities.
    • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction.
    1. 4. Cookies and Tracking Technologies

    Heady.io uses cookies and similar tracking technologies to enhance your experience on our website and analyze how you use our services. Cookies are small data files placed on your device to help the website operate efficiently and provide a personalized experience.

    Types of Cookies We Use

    • Essential Cookies: These cookies are necessary for the website to function properly and cannot be switched off. They allow core functionalities such as security, network management, and accessibility. These cookies are mandatory and cannot be disabled.
    • Performance Cookies: These cookies help us measure and analyze how you use our website, enabling us to improve both its performance and your experience.
    • Functional Cookies: These cookies allow the website to remember choices you make (such as your language preferences) and provide enhanced, more personal features.
    • Advertising Cookies: These cookies track your browsing habits to show you relevant ads and personalized marketing content across the web.

    Additionally, we use a platform called RB2B (Retention.com) to identify site visitors. When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting  https://app.retention.com/optout.

    Your Cookie Preferences

    Upon your first visit to our website, you will see a cookie banner allowing you to manage your cookie preferences. This banner provides you with the ability to opt in or opt out of non-essential cookies, such as performance, functional, and advertising cookies. You will always have the option to modify your cookie preferences at any time through the settings on our website or through your browser.

    • Opting In and Out: You can choose which cookies you allow by clicking "Accept All Cookies" or selecting specific types of cookies (e.g., performance, functional) through the cookie banner. If you wish to opt out of any non-essential cookies, you can select "Reject Non-Essential Cookies."
    • Essential Cookies: Please note that essential cookies cannot be opted out of as they are necessary for the website to operate. Disabling these cookies via your browser settings may affect your ability to use key functionalities of the website, but you cannot disable them through the cookie banner.

    Managing Cookies

    You can also manage or disable cookies through your browser settings. However, blocking all cookies (including essential cookies) may result in a diminished experience and limit your ability to use certain features on our website.

    1. 5. Your Privacy Rights

    Depending on your location, you may have specific rights regarding your personal data under the General Data Protection Regulation (GDPR)India’s Digital Personal Data Protection Act (DPDP Act, 2023), the California Privacy Rights Act (CPRA), and other U.S. state privacy laws. Below is a summary of your rights based on these laws:

    1. A. GDPR (European Union/European Economic Area)

    If you are located in the European Union (EU) or the European Economic Area (EEA), the GDPR grants you the following rights:

    • Right to Access: You have the right to request access to the personal data we hold about you.
    • Right to Rectification: You can request that we correct any inaccuracies in your personal data.
    • Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data under certain conditions, such as when the data is no longer needed for the purposes it was collected.
    • Right to Restrict Processing: You can ask us to limit the processing of your personal data in certain situations.
    • Right to Data Portability: You have the right to receive your personal data in a commonly used, machine-readable format and have it transferred to another data controller, where technically feasible.
    • Right to Object: You can object to the processing of your personal data for direct marketing or when the processing is based on our legitimate interests.
    • Right to Withdraw Consent: If we are processing your personal data based on your consent, you can withdraw that consent at any time.

    To exercise these rights, please contact us at hello@heady.io

    1. B. India’s Digital Personal Data Protection Act (DPDP Act, 2023)

    If you are a resident of India, under the DPDP Act, 2023, you have the following rights:

    • Right to Access: You can request details about the personal data we hold about you.
    • Right to Correction: You may request that inaccurate or incomplete data be corrected or updated.
    • Right to Erasure: You can request that we erase your personal data when it is no longer needed for the purpose it was collected.
    • Right to Data Portability: In certain circumstances, you may request that your personal data be transferred to another service provider.
    • Right to Consent: You have the right to consent to the collection and use of your personal data and can withdraw your consent at any time.
    • Right to Grievance Redressal: If you feel your data has been mishandled, you can file a complaint with the Data Protection Board of India.

    To exercise these rights, please contact us at hello@heady.io

    1. C. California Privacy Rights (CPRA)

    If you are a resident of California, the California Privacy Rights Act (CPRA) grants you the following rights:

    • Right to Know: You can request details of the personal information we collect about you, including the categories of personal information, the sources from which we collect it, the purposes for which we use it, and with whom it is shared.
    • Right to Delete: You can request that we delete your personal information under certain conditions.
    • Right to Correct: You may request corrections to any inaccurate or outdated personal information.
    • Right to Opt-Out of Sale or Sharing: You can opt out of the sale or sharing of your personal data with third parties.
    • Right to Limit Use of Sensitive Information: You may request that we limit how we use or disclose your sensitive personal information.
    • Non-Discrimination: You have the right not to be discriminated against for exercising your privacy rights under the CPRA.

    To exercise these rights, please contact us at hello@heady.io

    1. D. Other U.S. State Privacy Rights

    Depending on your location, other U.S. states may grant similar rights. States such as ColoradoVirginiaConnecticut, and Utah have enacted comprehensive privacy laws that provide rights similar to those under the CPRA:

    • Right to Access: Request a copy of the personal data we hold about you.
    • Right to Correct: Request corrections to inaccurate data.
    • Right to Delete: Request deletion of personal data under specific conditions.
    • Right to Opt-Out: Opt-out of the sale of your personal data and targeted advertising.
    • Right to Data Portability: Request a copy of your personal data in a portable format.

    To exercise your rights, please contact us at hello@heady.io

    1. Exercising Your Rights

    To exercise any of the rights listed above, you may contact us at:

    Heady.io
    Email: hello@heady.io

    We may require you to verify your identity before processing your request. In some cases, your request may be denied if permitted by law, such as when fulfilling your request would infringe on the rights of others or when we are required to retain certain data for legal purposes.

    1. 6. Data Security

    We take reasonable steps to protect your personal information from unauthorized access, use, or disclosure. We have data security policies and procedures that help protect personal information from loss, misuse, alteration, destruction, and unauthorized access, disclosure, transfer, use, or modification, and we require our service providers and other third-party providers to similarly safeguard personal information. Despite those efforts, security cannot be guaranteed against all threats. We seek to limit access to your personal information to those who have a need to know, and we require those individuals to maintain the confidentiality of such information.

    Heady.io has a comprehensive incident response program that includes procedures for incident notification, mitigation, and prevention, as applicable.

    1. 7. Data Retention

    We retain personal information only for so long as it is needed to fulfill the purpose for which it was collected as described in this Privacy Statement, including to meet business needs and comply with legal requirements, professional standards, or an individual’s request. Accordingly, the retention period may vary and depend on Heady.io’s retention policies.

    1. 8. Children’s Privacy

    We understand the importance of protecting children's privacy. Our Activities are not intentionally designed for nor directed at children under the age of 18. It is our policy not to knowingly collect or maintain personal information about anyone under the age of 18, except as may be required by applicable law or professional standards (e.g., for auditor independence checks), and where permission has been granted by a child’s parent or legal guardian (e.g., for benefits administration).

    In compliance with the Children’s Online Privacy Protection Act (COPPA) and other relevant privacy laws, we do not knowingly collect personal information from children under the age of 13. If you are a parent or legal guardian and believe that your child under the age of 13 has provided us with personal information without your consent, please contact us at hello@heady.io. We will take steps to promptly delete such information from our systems.

    If you believe we have inadvertently collected information from a child under the age of 18 without proper consent, please contact us immediately at hello@heady.io and we will promptly take steps to delete the information.

    1. 9. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated date. Significant changes will be communicated to you through the website or via email, if applicable.

    Since the last update, the following changes have been made:

    • Enhanced cookie tracking for better user experience through HubSpot integration.
    • Expanded privacy rights section to comply with CPRA and other U.S. state privacy laws.
    • Improved data retention and security practices to align with evolving legal requirements.

    Please check this page periodically to stay informed of updates.

    1. 10. Contact Us

    If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your privacy rights, please contact us at:

    Heady.io
    Email: hello@heady.io

    Our emails are (almost) as cool as our digital products.

    Heady_Logo_Web-01 (1)

    Your phone will break before our apps do.

    Brooklyn

    55 Prospect St

    Suite 410

    Brooklyn, NY 11201

    Mumbai

    WeWork Vikhroli

    Mumbai, India

    Online
    Hit us up!

    hello@heady.io 646.480.0489

    Badges-24
    Brooklyn

    55 Prospect St

    Suite 410

    Brooklyn, NY 11201

    Mumbai

    WeWork Vikhroli

    Mumbai, India

    Online

    © 2024, Heady LLC.

    AboutCareersNewsroomMedia KitPrivacy Policy