Privacy Policy
We respect and protect your privacy. Please do not hesitate to contact us if you have questions or concerns.
Definitions
Personal Data
“Personal data,” where used in this Privacy Policy, shall mean any information or set of information that identifies an individual, or could be used by or on behalf of Harbor Compliance to identify an individual. “Personal data” shall include any data about an identified or identifiable individual that are within the scope of Data Protection Legislation and recorded in any form. Personal data does not include information which is anonymized.
We may refer to your personal data as “your information” and may sometimes collectively refer to handling, collecting, protecting, and storing your personal data as "processing" such personal data.
Services
“Services,” where used in this Privacy Policy and consistent with our Terms of Use and Service Agreement shall mean all services provided by Harbor Compliance or offered through the “Website” (as that term is defined below), including general use of the Website, browsing our Website, creating a user account, using Software as a Service, and any and all uses of our Website.
Website
“Website,” “the Website,” “this Website,” and “our Website,” or “Site”shall refer to www.harborcompliance.com and its subdomains.
Scope of this Privacy Policy
This Privacy Policy applies to personal data submitted to, or collected by us through this website, Harbor Compliance’s various service applications and information request forms, and any and all correspondence with Harbor Compliance employees via telephone, email, facsimile, mail, written correspondence, or any other means.
Information We Collect
We collect personal information about you when you:
Register to use our services, and/or provide contact information to us via telephone, email, facsimile, mail, written correspondence, or through the Website. The information you consent to provide may include your username, name, gender, date of birth, home, and work contact details such as business title, email address, IP address, telephone number, country in which you reside, and your reviews and opinions about our products and services.
Payment Information
When you use our services, we will also collect transaction information, which may include your credit card, debit card, or Automated Clearing House (ACH) information, home, billing and mailing address, purchase history, and other payment-related information (“Payment Information”). We describe how Payment Information may be collected and processed below.
Technical, Usage, and Location Information
We automatically collect information on how you interact with the Service, such as the IP address from which you access the Service, date and time, information about your browser, operating system and computer or device, and pages viewed and items clicked. We may also collect location information, including location information automatically provided by your computer or device. We use cookies and similar technologies to collect some of this information.
Third Party Platforms
We may collect information when you interact with our advertisements and other content on third-party sites or platforms, such as social networking sites. This may include information such as “likes”, follows, mentions, comments, and messages, profile information gathered from social networking sites, or the fact that you viewed or interacted with our content.
How We Use Your Information
Any of the information we collect from you may be used in one of the following ways:
- To improve our customer service;
- To process transactions. Your information, whether public or private, will not be sold, exchanged, transferred, other than to our service providers pursuant to our Terms of Use and Service Agreement;
- To send periodic emails. The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.;
- To respond to requests for information or in delivery of our Services. Your information will be used to provide you with the specific content or Services requested;
- To contact you in connection with technical, customer, and product/service support;
- To fulfill any other purpose required to complete your engagement pursuant to our Terms of Use and Service Agreement;
- For billing and collection purposes;
- To analyze the use of our website;
- In any other way we may describe when you provide the data; and/or
- For any other purpose with your consent
Note: If at any time you would like to unsubscribe from receiving future marketing or promotional emails, we include detailed unsubscribe instructions at the bottom of each marketing or promotional email.
Our Legitimate Reasons for Collecting Information
We collect information about you to provide our services. In order for us to best provide our services to you (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. This means that the data collection is largely necessary for fulfilling the business relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below to fulfill the services that you have contracted with us to provide and/or purchased or ordered from us.
Furthermore, the law processing of your personal data is necessary for the purposes of the legitimate interests that we pursue, which are to:
- run and administer our business;
- to discharge our legal obligations to store and disclose information where necessary;
- to evaluate, to develop and improve our services;
- to market new and improved services;
- for any necessary purpose in order to comply with any legal obligation to which we are subject.
Disclosure and Transfer of your Information
We use affiliated service providers to help us fulfill services to our clients and run our business subject to strict confidentiality agreements. These companies are authorized to use your personal information only as necessary to provide these services to us.
We will disclose data if we believe in good faith such disclosure is necessary (1) to comply with relevant laws or to respond to subpoenas or warrants or legal process served on us (though we reserve the right to take action on behalf of our users to defend their right to anonymity when we believe there is a legitimate basis to do so); (2) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; (3) as we otherwise deem necessary and is permitted by applicable laws to protect and defend the rights or property of us, the users of our services, or third parties; or (4) as permitted under applicable laws to meet national security and similar requirements; (5) in order to permit us to pursue available remedies or limit the damages that we may sustain;, (6) to respond to an emergency;, (7) or in the event that we sell (or propose to sell) any property, business or assets, we may disclose your information to the prospective buyer under a confidentiality agreement.
Our Use of Cookies
We use various technologies to collect and store information, including cookies, pixel tags, local storage, such as browser web storage or application data caches, databases, and server logs.
Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.
We use cookies for many purposes. We use cookies to help us remember and process the items in your shopping cart and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still purchase our services over the telephone or by contacting us.
Disclosure of Information to Outside Parties
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information other than to those entities for which you have provided consent. This does not include trusted third parties who assist us in operating our website, conducting our business, or fulfilling our services to you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Some affiliates of Harbor Compliance have their own websites with their own unique privacy policies, tailored to the services they provide. We encourage you to read those privacy policies carefully when you visit those affiliated sites.
When using third-party vendors or agents to which Harbor Compliance intends to transfer personal data, Harbor Compliance shall perform adequate due diligence to help ensure the security of such information. However, Harbor Compliance will not be liable if it can prove that it is not responsible for the event that caused damage and instead another party is responsible for the event that caused the damage.
Third Party Links
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Steps We Take to Ensure Your Privacy and Protect Your Information
The security of your personal data is important to us. We use generally accepted, industry standard tools and techniques to protect your personal data against unauthorized disclosure. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially reasonable means to protect your personal information, we cannot guarantee its absolute security.
We implement a variety of security measures to maintain the safety of your personal information when you place an order.
We use encryption to keep your data private while in transit. We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems. We restrict access to personal information to Harbor Compliance employees, contractors, and federal state or local agents who need that information in order to process the information to fulfill the business service. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Perimeter Security
We use firewalls to secure the perimeter of our information network and monitor our systems regularly.
Data Security
An authentication and authorization mechanism based on user identification (ID) and password is used to restrict access to information on the Harbor Compliance website. Each authenticated user only has access to the information that he or she is authorized to use. We use physical, administrative, and technical procedures to limit access to personal information.
Security Awareness and Acceptable Use Training (Our Employees)
All Harbor Compliance, employees receive annual security training. Employees read, understand, and expressly accept our Security Awareness and Acceptable Use Policy. Anyone with access to PCI Training, is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Harbor Compliance maintains protocols for physical security by enacting key card door access, video surveillance, and locked file cabinets.
Your Rights in Relation to Your Personal Information
At any time, you have the right:
- To be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);
- To request access to or a copy of any personal data which we hold about you;
- To rectify your personal data, if you consider that it is inaccurate;
- To ask us to delete your personal data, if you consider that we do not have the right to hold it;
- To withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent);
- To ask us to stop or start sending you marketing or promotional messages at any time;
- To restrict processing of your personal data;
- To permit data portability (moving some of your personal data elsewhere) in certain circumstances;
- To object to your personal data being processed in certain circumstances; and Not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data;
- To lodge a complaint with a supervisory authority;
- To know the source from where your personal information originated;
- To access (or obtain from us a confirmation if your personal information is being processed by us) the purpose of processing, recipients of your personal information;
- To submit a subject access request. If a request is received, the following information will be provided:
-
- What personal information pertaining to the user is being processed
- Why it's being processed
- Who has access to it
- How it is being used to make automated decisions
- What processes are using this information
- What processes are using this information
- The request for access will be responded to within 30 days and will include a copy of your personal information
How Long Do We Retain Your Personal Information?
We will retain your personal information for as long as is needed to fulfill the purposes outlined in this Policy, unless a longer retention period is necessary, required or permitted by law for archiving purposes in the public interest, scientific/historical research or statistical purposes (depending on circumstances, compatible processing purposes may include compliance/legal consideration, tax, accounting, security & fraud prevention or other legal requirements).
We may send you direct marketing communications, and retain your contact information necessary for this purpose (provided that you have consented to receiving them), for as long as you do not unsubscribe from receiving the same from us.
Legal Basis for Processing (EEA only):
If you are an individual from the European Economic Area (EEA), our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to perform a contract with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our or a third party's legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline or opt-out of providing your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
If any information which you provide to us relates to any third party, by providing us with such personal information you confirm that you have obtained any necessary permissions from such persons to the reasonable use of their information in accordance with the above provisions, or are otherwise permitted to give us this information. You further agree to make such third parties aware of this privacy policy
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our or a third party’s legitimate interests which are not already described in this Notice, we will make clear to you at the relevant time what those legitimate interests are. We will notify you of a data breach within 72 hours of discovery of the data breach.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us.
RESIDENTS OF CALIFORNIA AND OTHER STATES
The California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), provides California residents with specific rights regarding their personal information. If you are a California resident, your rights are described below. If you have any questions about whether any of the following applies to you, please email us at legal@harborcompliance.com.
You have the right to request certain information about our collection and use of your personal information over the past 12 months, including the following:
- The categories of personal information that we have collected about you, as those categories are defined under the CCPA and CPRA.
- The categories of sources from which that personal information was collected.
- The business or commercial purpose for collecting or selling your personal information.
- The categories of third parties with whom we have shared your personal information.
- The specific pieces of personal information that we have collected about you.
- If we have disclosed your personal information for a business purpose over the past 12 months, we will identify the categories of personal information shared with each category of third-party recipient.
In addition to the rights described above, California law requires disclosure of the categories of personal information collected by us and/or shared with our Clients and service providers (for purposes of providing our Online Services) over the past 12 months. Those categories, as described by the CCPA and CPRA, consist of the following:
- Personal identifiers: name, postal address, ID numbers assigned to our data, and social security number
- Protected classifications under California or federal law: nationality
- Customer records: signature, bank information, phone number, address, and email
- Geolocation data: IP address
- Internet activity: interactions with our website and services and what led you to our website
- Personal or job-related: employment history
- Educational information: test scores
HARBOR COMPLIANCE DOES NOT SELL ANY PERSONAL INFORMATION AND HAS NOT SOLD ANY SUCH INFORMATION IN THE LAST TWELVE (12) MONTHS. We use personal information for purposes of performing geolocation services for End Users and Clients.
If you are a California resident you have the right to request correction or deletion of the personal information that we have collected from you, as well as ceasing the sharing of any personal information we have collected from you subject to limited exceptions: for example, we may retain personal information to complete a transaction with you, or we may retain information that would affect the privacy of others or interfere with legal requirements. If your deletion request is subject to an exception under the CCPA or CPRA we may deny your deletion request.
To exercise the rights described above, you should send us a written request via email to legal@harborcompliance.com or via the Harbor Compliance address listed below. Please ensure that your request (1) provides sufficient information to allow us to verify that you are the person about whom we have collected personal information; and (2) provides sufficient detail to allow us to understand, evaluate, and respond to your request. We may not be obligated or able to respond to requests that do not meet these criteria.
For your security we may require you to verify your identity before we can act on your request. There may be information we will not return in response to your access request, such as information that would affect the privacy of others or interfere with legal requirements. Similarly, there may be reasons why we cannot comply with your deletion request, such as the need to keep your personal information to fulfill a legal obligation.
Harbor Compliance will use commercially reasonable efforts to respond to any complete and valid request within 30 days of receipt. There is no cost to submit a valid request although Harbor Compliance may require a fee if your request(s) are excessive, repetitive, or unreasonable. You will not be charged a fee, and your fee-bearing request will not be processed, without Harbor Compliance providing you with prior written notice.
Should you choose to exercise any of your rights under the CCPA or CPRA, Harbor Compliance will not deny you any services, charge you different rates, or provide lesser quality services. However, in the future Harbor Compliance may elect to offer different tiers of services as allowed by applicable laws which may contain differing prices, rates, or levels of quality, which may be related to the value of personal information that we receive from you.
California Civil Code Section § 1798.83 permits users of the Website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to legal@harborcompliance.com or write us at 1830 Colonial Village Lane, Lancaster, PA 17601.
If you are a resident of Colorado, Connecticut, Nevada, Utah, Virginia, or certain other states you may, or in the future, have similar rights to know the categories of data we collect, use, and disclose, as well as potential rights to request corrections or deletions of your data. To submit a request to know, correct, or delete, please send an email to legal@harborcompliance.com We may be required to take certain steps to verify your identity before processing your request.
Children's Information
We do not knowingly collect information from children under the age of 18 and we do not target our websites to children under 18. If we determine that an individual under the age of 18 has submitted information to this site, we delete that information.
CAN-SPAM Act
In accordance with the CAN-SPAM Act, we will:
- Not use false or misleading subjects or email addresses;
- Identify the message as an advertisement in a reasonable way;
- Include the physical address of our business or site headquarters;
- Monitor third-party email marketing services for compliance, if one is used;
- Honor opt-out/unsubscribe messages quickly;
- Allow users to unsubscribe by using the link at the bottom of each email.
Terms and Conditions
Please also visit our Terms of Use and Service Agreement section establishing the use, disclaimers, and limitations of liability governing the use of our website.
Your Consent
By using our website, you consent to our Privacy Policy.
Changes to our Privacy Policy
If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.
This policy was created on 07/16/2012.
This policy was modified on 01/31/2013:
- Updated contact information
This policy was modified on 06/06/2014:
- Updated contact information
This policy was modified on 06/11/2019
Updated Policies and Procedures
This policy was reviewed on 4/1/2024
This policy was updated on 11/13/2024
Updated Policies for Residents of California and Other States
Contacting Us
You may contact us using the information below if you have any questions about this Privacy Policy.
www.HarborCompliance.com
1830 Colonial Village Lane
Lancaster, PA 17601
United States
legal@harborcompliance.com
1-888-995-5895