Hedron Privacy Policy

Last Modified: January 28, 2024
PDF Version

1. What does this Privacy Policy Cover?

We are Hedron LLC. In this document, we will refer to ourselves as “Hedron,” “we,” or “us.” We will refer to you and any other users as “you.”

In this Privacy Policy, we will cover the Hedron platform and any associated mobile applications, software, and websites. Together, we’ll refer to these as the “Platform.”

Below, you’ll find the following information and more:

  • What information we collect about you
  • How we might use that information
  • What information we might share with others
  • Your rights and choices about that information

2. What types of personal data do we collect?

Below you’ll find details about the types of personal data we collect from you and how we use it. We call this “processing” your data.

User-Provided Information – we collect certain personal data when you provide it to us, such as:

  • Contact Information. When you contact us (whether for inquiries, technical or customer support, or otherwise) or create an account with the Platform, you provide us with personal details such as your name, email address, username (which may be the information associated with a third-party account, such as your Google account, that you connect to the Platform).
  • Platform Content. The Platform provides the ability to upload content, such as your campaigns, stories, characters, maps, and other content, and to interact with other users, such as through messages, likes, chats, and comments. We collect that information and use it to operate the Platform and for the other purposes outlined in this Privacy Policy.

Automatically Collected Information – we may collect certain personal data automatically when you use the Platform, such as:

  • Device Details. We may gather data about the devices you utilize to access the Platform, which could include your device and browser type.
  • Performance Data. We may gather certain data about the Platform’s performance, such as the frequency and details of any Platform functionality errors.
  • User Behavior Data. We may collect insights about your interactions with the Platform, like your activities on the Platform, features accessed, and duration of engagement.

Third-Party Information – certain third parties share personal data with us when you use the Platform, such as:

  • Integration with Third-Party Accounts. If you opt to connect a third-party service (such as Google) to create your Platform account, or share Platform content to social media platforms, we might obtain certain details from those platforms, including Contact Information, that you choose to share with us or on the Platform.
  • Third-Party Analytics. We may integrate third-party analytics services, like Google Analytics, to collect and provide us with certain information about user behavior on the Platform.

3. Use of Collected Information

We utilize the personal data and information we collect above for different purposes, including:

  • Offer and Enhance the Platform. In order to offer, sustain, and refine the Platform, and to tailor user experiences.
  • Enabling User Interactive. In order to allow Platform users to interact with each other and their Platform Content.
  • Customer Service. To address any user queries, send service-related notifications, and deliver customer and technical assistance.
  • Outreach and Marketing. For the purposes of marketing, promotional materials, and sending you updates about the Platform.
  • Updates and Fixes. To review user interactions, usage of the Platform, and any errors or issues with the Platform, in order to refine and correct the Platform’s features and functionality.
  • Legal Requirements. To abide by any legal requirements, uphold our Terms of Use, and to safeguard against deceptive activities.
  • Anonymized Information. In addition to the purposes stated in this Privacy Policy, we may use certain information collected from you in an anonymized and aggregated form for the purpose of improving the Platform, developing new features, analyzing user behavior and Platform performance, and enhancing overall user experience. This anonymized information will not personally identify you or any other individual.

4. Sharing of Information

In order to operate the Platform, we need to share certain personal data we collect from you with third parties, including:

  • With Other Users. To offer the Platform’s functionality, we need to share your Platform Content if you’ve posted or communicated any on public-facing portions of the Platform or otherwise made that Platform Content public in any way.
  • Platform Providers. We might share your details with third-party entities that assist in the operation and enhancement of the Platform. This encompasses storage and web hosting, data analysis services, third-party account systems and platforms, and other service providers.
  • Legal Reasons. We may need to share certain personal data if required by the law, judicial orders, or in response to legal requests.
  • Protection & Security. If we decide that sharing of certain personal data is vital for the safety, rights, or assets of our users, the public, or our business, we may need to disclose that personal data to third parties.
  • Corporate Changes. Should our entity undergo a merger, acquisition, or asset transaction, your personal details might be part of the transferred assets.

5. Lawful Bases for Processing Personal Data

In accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws, we process personal data based on the following lawful grounds:

  • Consent. For certain data collection, we may ask for your permission before collecting or processing that data, and you have the right to withdraw your consent at any time (see “How to Contact Us” below or you can opt out of any email communications by clicking the unsubscribe link in each marketing-related email).
  • Contractual Obligations. We process specific sets of your data to fulfill our contractual obligations to you. This encompasses actions like account creation, Platform operations and delivery, and ensuring you can interact with other users when using the Platform.
  • Legitimate Interests. For certain data processing activities, we rely on our legitimate business interests. This includes activities like Platform improvement, marketing efforts, and ensuring a safe user environment.
  • Legal Compliance. There are instances where we’re legally mandated to process your data. This could be due to regulatory requirements, legal requests, or for the prevention of fraud and illegal activities.

How long do we keep your personal data?

We only keep your personal data as long as it’s required to provide you with the Platform. Sometimes a longer period might be required by law.

After that, we will delete your personal data within a reasonable time.

Please note that we may retain some data, if necessary to:

  • resolve disputes,
  • enforce our user agreements,
  • follow any technical and legal requirements related to the Platform.

7. Children's Privacy Rights

We don’t knowingly collect any personal data from children under the age of 13. We also don’t knowingly allow them to create accounts, sign up for newsletters, make purchases, or use the Platform.

We may also limit our personal data processing for EU users between 13 and 16.

We take children’s privacy seriously and encourage parents to play an active role in their children’s online experience. If you have any concerns about your child’s personal data, please contact us at [email protected].

Transfers of your personal data

Our headquarters is in the United States.

No matter where you live, by using the Platform you consent to the processing and transfer of your personal data in and to the United States and other countries where our service providers are located. This processing will be under the privacy policies of third parties that we share personal data with.

The laws of these countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live.

If you would like more information, please contact us (see “How to contact us” below).

9. Special terms based on where you live

Depending on where you live, you may be subject to certain laws related to our use of your personal data.

For EU Residents

We are regulated under the General Data Protection Regulation (GDPR), which applies across the European Union (including in the United Kingdom). We are responsible as a controller of personal data for GDPR purposes.

Your rights as an EU resident:

Under the GDPR, EU residents have several important rights:

  • You can request a copy of your personal data
  • You can ask us to correct that personal data, delete it, or request that we use it only for certain purposes.
  • If you’ve consented to our processing, you can change your mind and ask us to stop using your personal data. For example, you can unsubscribe from our mailing list at any time – just click the link in each marketing email.
  • In some circumstances, you can ask us not to use automated processing or profiling about you.

If you would like to exercise any of those rights, please email us at [email protected]. We may ask for additional info to verify that you’re the owner of that data.

Also, in some cases where the law requires it, we may not be able to help with the above requests.

California Residents:

We are regulated under the California Consumer Privacy Act (CCPA), which applies to California residents.

Under the CCPA, California residents have several important rights:

Right to Know: You can ask us what personal data we hold about you and request a copy. This includes:

  • The type and specific pieces of personal data we have collected
  • The types of sources we collect the data from
  • The purpose for collecting your personal data
  • The third parties we share that data with

Right to Delete: You can request that we erase your personal data. There are some exceptions to this right, if we:

  • Need to complete the transaction for which the personal data was collected or if there is an ongoing business relationship or contract with you
  • Detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity
  • Need to identify and repair errors affecting Platform functionality
  • Exercise free speech or ensure another consumer can exercise (or another lawful right)
  • Need to comply with the California Electronic Communications Privacy Act
  • Engage in research in the public interest
  • Enable solely internal uses that are in line with your expectations for using your personal data
  • Need to comply with a legal obligation
  • Otherwise use your personal data internally, in a way that’s compatible with the reason we collected it in the first place

Sale of your personal data: We don’t sell any of your personal data for any purposes.

Other Rights: California residents also have the right to request information about our disclosure of personal data to third parties for direct marketing purposes during the calendar year before your request. This request is free and may be made only once a year.

We also won’t discriminate against you for exercising any of the rights listed above.

If you would like to exercise any of those rights, please email us at [email protected]. We may ask for additional info to verify that you’re the owner of that data.

Virginia Residents:

We are regulated under the Virginia Consumer Data Protection Act (VCDPA), which applies to Virginia residents.

Under the VCDPA, Virginia residents have several important rights:

  • The right to access their personal data that we have collected or processed.
  • The right to request that we delete their personal data.
  • The right to correct inaccurate personal data.
  • The right to opt-out of processing of personal data for targeted advertising, sale of personal data and profiling.

Sale of your personal data: We do not sell personal data as the VCDPA defines the term “sale.”

Other Rights: We do not process personal data for the purpose of profiling in furtherance of decisions that produce legal or similarly significant effects concerning consumers.

If you would like to exercise any of those rights, please email us at [email protected]. We may ask for additional info to verify that you’re the owner of that data.

Colorado Residents:

We are regulated under the Colorado Privacy Act (CPA), which applies to Colorado residents.

Under the CPA, Colorado residents have several important rights:

  • The right to access their personal data that we have collected or processed.
  • The right to request a copy of their personal data that we have collected or processed.
  • The right to request that we delete their personal data.
  • The right to correct inaccurate personal data.
  • The right to opt-out of processing of personal data for targeted advertising, sale of personal data and profiling.

Sale of your personal data: We do not sell personal data as the CPA defines a “sale”.

Other Rights: We do not process personal data for the purpose of profiling in furtherance of decisions that produce legal or similarly significant effects concerning consumers.

If you would like to exercise any of those rights, please email us at [email protected]. We may ask for additional info to verify that you’re the owner of that data.

Connecticut Residents:

We are regulated under the Connecticut Data Privacy Act (CTDPA), which applies to Connecticut residents.

Under the CTDPA, Connecticut residents have several important rights:

  • The right to access their personal data that we have collected or processed.
  • The right to request a copy of their personal data that we have collected or processed.
  • The right to request that we delete their personal data.
  • The right to correct inaccurate personal data.

Right to Opt Out: The CTDPA allows Connecticut residents to “opt out” of the processing of personal data for targeted advertising, the sale of personal data and profiling. If you are under the age of 16, you have the right to “opt in” to the processing of personal data for targeted advertising, the sale of personal data and profiling.

Other Rights: We do not process personal data for the purpose of profiling in furtherance of decisions that produce legal or similarly significant effects concerning consumers.

If you would like to exercise any of those rights, please email us at [email protected]. We may ask for additional info to verify that you’re the owner of that data.

Canadian Residents:

For Canadian residents, we are committed to protecting your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA).

PIPEDA’s ten fair information principles include accountability, identifying purposes, consent, limiting collection, limiting use, disclosure and retention, accuracy, safeguards, openness, individual access, and challenging compliance.

Under PIPEDA, you have certain rights regarding your personal information. These rights include:

  1. Right to Access: You have the right to access the personal information we hold about you and request a copy of that information.
  2. Right to Rectification: If you believe that any of the personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it.
  3. Right to Withdraw Consent: If you have previously provided your consent for the collection, use, or disclosure of your personal information, you have the right to withdraw that consent at any time. Please note that withdrawing your consent may affect our ability to provide certain services to you.
  4. Right to Object: You have the right to object to the collection, use, or disclosure of your personal information for certain purposes, such as direct marketing.
  5. Right to Erasure: In certain circumstances, you have the right to request the deletion or removal of your personal information from our records.
  6. Right to Data Portability: You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format, and to transmit that information to another organization.

If you would like to exercise any of those rights, please email us at [email protected]. We will respond to your request or inquiry within a reasonable timeframe and in accordance with applicable laws. We may ask for additional info to verify that you’re the owner of that data.

Please note that there may be limitations on these rights as set out in PIPEDA or other applicable laws.

10. How do we protect personal data?

We have taken steps and put security measures in place to prevent the accidental loss or misuse of personal data.

For example, we limit access to those who have a genuine business need. Those processing your information will do so only in an authorized manner.

Additionally, all Platform data is encrypted both in transit and at rest, and we use vulnerability scanning to protect the Platform’s integrity.

We also have procedures in place to deal with any suspected data security breach. We’ll notify you and any applicable regulator of a suspected data security breach when legally required.

11. Resolving Disputes

We hope that we can resolve any questions or concerns you raise about our use of your personal data.

Please contact us at [email protected] to let us know if you have questions or concerns. We will do our best to resolve the issue.

For EU residents, the GDPR also gives you right to lodge a complaint with a supervisory authority. You may do this in the EEA state where you live, work, or where any alleged infringement occurred.

12. How will we notify you of changes?

We last updated this Privacy Policy on January 28, 2024.

We may make further updates from time to time. If we have your email address on file, we will inform you via email. Otherwise, we will post a message on the Platform about the change.

13. How to contact us

Please contact us if you have any questions about this Privacy Policy or your personal data.

You can do so using the following contact info: