Last updated: 2022-01-01
The following Privacy Principles guide our decisions and approach to handling customer data:
Our commitment to all Haekka customers is to abide by our Principles. Should you ever have questions about our Principles, please contact us.
In order to better manage, secure, and enable your data rights, we classify all of our user data into categories. There are three basic categories of data we collect:
Identifiable data (name, email address, etc): We get this data from your Slack or Teams workspace when an admin installs the Haekka application.
Public website data (browsing data, cookies, etc): We use this data to optimize our public web experience. We do not store this data and at times will use approved third parties, such as marketing platforms, that will store certain identifiable information such as an IP address.
Training data (content, curriculum, learning paths, etc.): Training data is not identifiable to you. In some cases, if you create content, there will be a unique user identifier linked to the content. This is not identifiable and only used by Haekka products to match content to users that created it.
Application usage data (how customers interact and experience our product): We collect this data to understand how you use the Haekka application (what you click on, the way you navigate the app, etc). This data also has a unique identifier used by Haekka software.
As our first Privacy Principle states — we only collect data we need to deliver our products and services. This mandates a minimum necessary approach to data collection. We do not make money on user data and, in fact, view user data as a liability. We only want data that we can use to deliver value to you, our users; and only value that we deem to be greater than the liability of having the data in the first place.
This minimum necessary approach is contrary to the approach taken by most of the services on the internet. For too long, online services on both your computer and on your phone have collected as much data as they can get away with, including egregious examples like contact lists and location data. We take a different approach to your data and your privacy.
Identifiable Data: Our primary use for your identifiable data is user account management. This includes contact information and basic information about your position and role, including, but not limited to, name, email, display name, and user IDs of applications to which we integrate. We will also use this data to recommend and deliver training that is catered to certain types of information about you.
Website Data: We use this information to optimize the experience of using our public website.
Training Data: Training is the educational content in the Haekka application. Training content is created by Haekka, Haekka customers, and Haekka partners.
Application Usage Data: App usage data is used to improve the app experience for you. We use this data to understand how you use the app, where there may be bottlenecks or roadblocks to certain actions. We also use this data to track the outcome of the changes we make to the design and experience of the application.
How to request information and take action on your data: All Haekka users are eligible to request a complete export of the data we've collected on them. You can request this export by sending us an email at email@example.com with a note indicating you'd like an export of your information.
There are times when we are required to disclose personal information by law enforcement.
We retain data for as long as needed in order to provide our services and products. Meaning, so long as you and your company are Haekka customers, we retain your data. When you cease to be a Haekka customer, we retain data only for the amount of time required by law. This is specific to geographical regions. See CCPA and GDPR. Of course, we do not retain data if a user has requested for it to be deleted. In those cases, we process deletion requests within 30 days.
We do work with third parties to help deliver our products. As a part of our vetting process for new partners, we examine the services we are using to understand how these partners will treat our data. We work hard to ensure alignment between our Privacy Policies and the services we use. (note: the following list of services may not be comprehensive).
Webflow: Our static websites are hosted and served by Webflow. You can read more about privacy at Webflow here.
Heroku: Our core application is hosted on Heroku. More on Heroku’s privacy, security and compliance practices can be found here.
Google Cloud Platform: Certain aspects of our technology are hosted on Google Cloud Platform. Read more about how GCP handles security and privacy here.
Hubspot: We use Hubspot to store customer and account information. Read more about Hubspot's security posture here.
Stripe: For subscriptions and payment processing we use Stripe. You can read more about Stripe’s privacy and compliance practice here.
© 2022 DayZero Inc., dba Haekka All rights reserved.
Maximize your organization's security training budget with our program that saves you 75% on annual costs while boosting employee comprehension and satisfaction.