HOW WE COLLECT AND USE INFORMATION
We collect the following types of information about you:
Information you provide us directly: We may ask for certain information such as your username, first and last name, birthdate, phone number and e-mail address when you register for a Hatch account, or if you correspond with us. We may also retain any messages you or your users send through the Service, and may collect information you post to or collect from users of the Service. We use this information to operate, maintain, and provide to you the features and functionality of the Service. Information we may receive from third parties: We may receive information about you from third parties. If you allow us access to your friends list, your friends’ user IDs, and your connection to those friends, that information may be used and stored to make your experience more social, and to allow you to invite your friends to use our Service as well as provide you with updates if and when your friends join Hatch. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to the Hatch Service. We use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages and push notifications. We may also send you Service-related emails or messages (e.g., account verification, order confirmations, change or updates to features of the Service, technical and security notices).
We automatically collect certain types of usage information when you visit our website or use our Service. When you visit the Service, we may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and lets us help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click, how frequently you access the Service, and other actions you take on the Service), and allow us to track your usage of the Service over time. We may collect log file information from your browser or mobile device each time you access the Service. Log file information may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information. We may employ clear gifs (also known as web beacons), which are used to anonymously track the online usage patterns of our Users. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service. We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Service. These tools collect information sent by your browser or mobile device, including the pages you visit, your use of third party applications, and other information that assists us in analyzing and improving the Service.
When you access our Service by or through a mobile device, we may receive or collect and store a unique identification number associated with your device (“Device ID”), mobile carrier, device type and manufacturer, phone number, and, depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device.
We use or may use the data collected through cookies, log file, device identifiers, location data and clear gifs information to: (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site; (b) provide custom, personalized content and information, including advertising; (c) provide and monitor the effectiveness of our Service; (d) monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website and our Service; (e) diagnose or fix technology problems; (f) otherwise to plan for and enhance our Service; and (g) automatically update your Hatch application.
Each Party agrees to abide by all applicable local, state, national, and international laws and regulations in connection with providing the Services, including, without limitation, all laws regarding the transmission of technical data exported from the United States through the Service and all Applicable Privacy Laws. Hatch Apps will employ commercially reasonable security measures. Despite the foregoing, Licensee acknowledges that the storage and process of data, and the assurances published by Amazon (including Amazon Web Services), Google Cloud Platform, and Microsoft (including Microsoft Azure) meet the requirements of this Section.
Licensee shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use the Licensee Data. Licensee grants to Hatch Apps a license store, record, transmit, maintain, and display the Licensee Data only to the extent necessary to carry out its obligations under this Agreement. Without limiting the foregoing, Hatch Apps shall have no liability to Licensee for any unauthorized access to, or use, corruption or loss of, any personal health information (“PHI”) or personally identifiable information (“PII”) which may be contained in the Licensee Data, except to the extent that such unauthorized access, use, corruption, or loss is judicially determined to be due to Hatch Apps’ neglect or misconduct or breach of the terms of this Agreement. Despite any other provision of the Agreement, in the case of loss or PII or PII due to actions or inactions of Hatch Apps, Licensee’s sole remedy shall be for Hatch Apps to restore such PHI and /or PII from the latest available backup.
If Hatch Apps becomes aware of any Security Incident, Hatch Apps will promptly (1) notify Licensee of the Security Incident; (2) take reasonable steps to mitigate the effects and to minimize damage resulting from the Security Incident; and (3) at Licensee’s request and cost, take commercially reasonable steps to assist Licensee in complying with its obligations under Applicable Privacy Laws pertaining to responding to a Security Incident.
Notification(s) of Security Incidents will be delivered in accordance with Applicable Law. Hatch Apps’ obligation to report or respond to a Security Incident under this section is not an acknowledgement by Hatch Apps of any fault or liability with respect to the Security Incident. Licensee must notify Hatch Apps promptly about any possible misuse of its accounts or authentication credentials or any security incident related to the Services.
Hatch Apps shall promptly notify Licensee if Hatch Apps receives a request from a data subject to have access to personal information or any other complaint or request relating to Licensee’s obligations under applicable data protection laws. Hatch Apps shall provide reasonable assistance to Licensee to facilitate Licensee’s ability to respond to such request or complaint (including, without limitation, by allowing data subjects to have access to their personal information if such access is required by the applicable data protection laws, and where the personal information is not already available to the Licensee).
Each Party shall retain sole responsibility for such Party’s information technology infrastructure, including computers, servers, software, databases, electronic systems (including database management systems) and networks, whether operated directly by such Party or through the use of third-Party services. Licensee shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”).
Licensee shall also be responsible for maintaining the security of the Equipment, Licensee account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Licensee’s account or the Equipment with or without Licensee’s knowledge or consent.
Licensee shall be responsible for obtaining all necessary permissions, licenses, clearances, and/or releases for Licensee’s intended use of the Services. Licensee is responsible for adhering to local laws and regulations, including those that relate to data privacy such as Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the European Union’s General Data Protection Regulation (“GDPR”).
Hatch does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register as Users. The Service and its content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us.