Privacy Policy
The https://hempsy.pl is wholly owned by Natural Materials Unlimited and/or its affiliates (“Hempsy,” the “Company,” “we,” “us,” and “our,”) respect your privacy and is committed to protecting it through its compliance with its privacy policies. This policy describes:
- the types of information that Hempsy may collect from you when you access or use its websites, applications and other online services (collectively, referred as “Services”); and
- its practices for collecting, using, maintaining, protecting and disclosing that information.
This policy applies only to the information Hempsy collects through its Services, in email, text and other electronic communications sent through or in connection with its Services.
This policy DOES NOT apply to information that you provide to, or that is collected by, any third-party, such as restaurants at which you make reservations and/or pay through Hempsy’s Services and social networks that you use in connection with its Services. Hempsy encourages you to consult directly with such third-parties about their privacy practices.
Please read this policy carefully to understand Hempsy’s policies and practices regarding your information and how Hempsy will treat it. By accessing or using its Services and/or registering for an account with Hempsy, you agree to this privacy policy and you are consenting to Hempsy’s collection, use, disclosure, retention, and protection of your personal information as described here. If you do not provide the information Hempsy requires, Hempsy may not be able to provide all of its Services to you.
If you reside in a country within the European Union/European Economic Area (EAA), Social Karma Sp. z o.o. , located at ul. Elektoralna 13/103, 00-137 Warsaw, Poland will be the controller of your personal data provided to, or collected by or for, or processed in connection with our Services;
Your data controller is responsible for the collection, use, disclosure, retention, and protection of your personal information in accordance with its privacy standards as well as any applicable national laws. Your data controller may transfer data to other members of Hempsy as described in this Privacy Policy. Hempsy may process and retain your personal information on its servers in India where its data centers are located, and/or on the servers of its third parties (in or outside India), having contractual relationships with Hempsy.
This policy may change from time to time, your continued use of Hempsy’s Services after it makes any change is deemed to be acceptance of those changes, so please check the policy periodically for updates.
How we use cookies
We use your IP address to help diagnose problems with our server, to administer our Services, and to analyze traffic patterns on the Services. The Services also use cookies and similar technologies such as pixel tags, web beacons, clear GIFs, and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser and tell us how and when you visit and use our Site and Services, to analyze trends, learn about our user base and operate and improve our Services. For example, we use Cookies to deliver content specific to your interests, to save your password so you don’t have to re-enter it each time you visit, and to track whether emails we send you have been viewed. Cookies are small files – usually consisting of letters and numbers – placed on your computer, tablet, phone, or similar device when you use that device to visit our Site. We sometimes combine information collected through Cookies that is not Personal Data with Personal Data that we have about you, for example, to tell us who you are or whether you have an account with us. We may also supplement the information we collect from you with information received from third parties.
Cookies can either be “session Cookies” or “persistent Cookies”. Session Cookies are temporary Cookies that are stored on your device while you are visiting our Site or using our Services, whereas “persistent Cookies” are stored on your device for a period of time after you leave our Site or Services. The length of time a persistent Cookie stays on your device varies from Cookie to Cookie. We use persistent Cookies to store your preferences so that they are available for the next visit, and to keep a more accurate account of how often you visit our Services, how often you return, how your use of the Services may vary over time. We also use persistent Cookies to measure the effectiveness of advertising efforts. Through these Cookies, we may collect information about your online activity after you leave our Services. Your browser may offer you a “Do Not Track” or “DNT” option, which allows you to signal to operators of websites, and web applications, and services that you do not wish such operators to track certain of your online activities over time and across different websites. Because we collect browsing and persistent identifier data, the Services do not support Do Not Track requests at this time, which means that we may collect information about your online activity both while you are using the Services and after you leave our properties.
Some Cookies are placed by a third party on your device and may provide information to us and third parties about your browsing habits (such as your visits to our Site or Services, the pages you have visited and the links and advertisements you have clicked). These Cookies can be used to determine whether certain third party services are being used, to identify your interests, to retarget advertisements to you and to serve advertisements to you that we or others believe are relevant to you. We do not control third party Cookies.
We use the following types of Cookies:
- Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Site or Services. Disabling these Cookies may make certain features and services unavailable.
- Functionality Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These Cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
- Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Site and Services such as by collecting information about the daily number of visitors to the Services, the daily requests we receive for particular files on the Services, and what geographical areas those requests come from. These aggregated statistics are used internally to better provide services to the public and may also be provided to others. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising. For example, Google, Inc. (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt out of Google’s use of cookies by visiting the Google advertising opt-out page at https://www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.
- Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you. For more information about this, please see the section below titled “Third Party Advertising”.
You can decide whether or not to accept Cookies. One way you can do this is through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some Services and functionalities may not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find otr more information about Cookies, including information about how to manage and delete Cookies, please visit https://ico.org.uk/for-the-public/online/cookies/ or http://www.allaboutcookies.org/.
List of data sub-processors
Entity Name |
Data Processing Purpose |
Location |
Website |
Google, Inc. |
Analytics, Online Advertising, Cloud Drive Integration, Authentication Provider |
USA |
|
Revolut |
Payment Processor |
UK |
|
Slack by Slack Technologies, Inc. |
Authentication Provider, Service Integration |
USA |
|
Facebook, Inc. |
Online Advertising, Social Media |
USA |
|
MailChimp, Inc. |
E-mail responder |
USA |
https://mailchimp.com |
Stripe Inc. |
Payment Processor |
USA |
https://stripe.com |
Payment Card Information
To use our Services, we may require credit or debit card account information. By submitting your credit or debit card account information through our Services, you expressly consent to the sharing of your information with third-party payment processors, and other third-party service providers (including but not limited to vendors who provide fraud detection services to us and other third parties), and you further agree to the following terms:
- When you use a credit or debit card to secure a reservation through our Sites, we provide your credit or debit card account information (including card number and expiration date) to our third-party payment service providers and the applicable restaurant.
- When you initially provide your credit or debit card account information through our Services in order to use our restaurant payment services, we provide your credit or debit card account information to our third-party payment service providers. As explained in our Terms of Use, these third parties may store your credit or debit card account information so you can use our restaurant payment services through our Services in the future.
- For information about the security of your credit or debit card account information, see the “Security” section below.
Controlling your personal information – Your rights
You have a number of statutory rights with respect to us: access, corrections or additions, data deletion, limitation of processing, transfer of digital data and the right of objection. We explain these rights below.
Right of access
Upon your request, we will inform you in writing whether we are processing your personal data. When making your request, you must identify yourself by means of a copy of your driving license or identity document. In our response, we will explain which of your personal data we have processed or are still processing. We will also explain the purposes for which the data have been or are still being processed, the parties with which the data are being shared, the period for which these data are expected to be stored, and which other rights you can exercise.
Corrections or additions
If you have received details about the processing of your personal data, you can request us to correct inaccuracies or to make additions to incomplete information. We will motivate our response. If we make corrections, you will receive a supplementary statement from us. That statement will also be sent to any recipients of your incorrect or incomplete data.
Delete personal data
You can request us to delete your personal data from our systems in one or more of the following cases:
– the personal data are no longer necessary for the purposes for which we have processed them;
– you withdraw your permission for processing or further processing and no other basis for processing exists;
– you lodge a motivated objection, and there are no urgent reasons for not respecting your objection;
– the personal data have been wrongfully processed by us;
– we have to delete your personal data on the basis of a statutory obligation of which we had no knowledge before you informed us thereof.
Limitation of processing
If you have noticed an inaccuracy or incompleteness in your personal data, you can request us to limit the processing for as long as we are dealing with your request. You may also request us to limit the processing of your data if you believe that we are wrongfully processing your data or if we no longer need them, or if you have lodged an objection against the processing or the further processing of the data. After the receipt of your limitation request, we will continue to process the data only with your permission or if there are compelling reasons for doing so (such as legal proceedings).
Transfer of digital data
If you have provided us with personal data and we have processed your data with your permission or in the context of implementing an agreement with you, you will be entitled to request a copy of these data from us. In such cases, you can also request that your data be transferred directly to another service provider.
Objection
You may lodge an objection at all times against the processing of personal data relating to you. That applies particularly to profiles and accounts that we have created on the basis of your personal data. We will cease processing your data following the receipt of your objection, unless we can put forward justifiable reasons that outweigh your interests, rights and liberties.
If we process your personal data for direct marketing purposes, you may object at any time and we will cease processing immediately.
EU privacy/data protection rights
EU General Data Protection Regulation (GDPR) has provided the below rights to the EU residents:
- Right to information – including contact details to the DPO, the purposes for processing Personal Information and the rights of the individual.
- Right to access the Personal Information that are processed
- Right to erasure (”Right to be forgotten”)
- Right to rectification
- Right to restriction of processing
- Right to data portability of the Personal Information supplied to Hempsy by the EU resident
- Right to object (opt-out) to processing (unless Hempsy otherwise has compelling legitimate grounds)
EU residents can exercise these rights by raising a request directly at privacy@socialkarma.agency or contact us at the information provided in the CONTACT US section at the bottom of the page.
Exercising rights
If you wish to exercise one or more of the rights summarized above, you can contact us at contact@socialkarma.agency. Hempsy will decide on your request within four weeks, unless we inform you within that period that we need a bit more time.
If your personal data are processed on the basis of your permission, you will be entitled to withdraw that permission. Any withdrawal of your permission will not prejudice previous processing on the basis of that permission.
Security: How we protect your information
We have implemented appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access to your information and to maintain data security. These safeguards take into account the sensitivity of the information that we collect, process and store and the current state of technology. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. The third party service providers with respect to payment gateway and payment processing are all validated as compliant with the payment card industry standard (generally referred to as PCI compliant service providers).
We assume no liability or responsibility for disclosure of your information due to errors in transmission, unauthorized third-party access, or other causes beyond our control. You play an important role in keeping your personal information secure. You should not share your user name, password, or other security information for your Hempsy account with anyone. If we receive instructions using your user name and password, we will consider that you have authorized the instructions.
Changes to this privacy policy
We reserve the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and use practices, the features of our services, or advances in technology. Please check this page periodically for changes. Use of information we collect is subject to the Privacy Policy in effect at the time such information is used. If we make any material changes to this Privacy Policy, we will post the changes here. Please review the changes carefully. Your continued use of the Services following the posting of changes to this Privacy Policy will constitute your consent and acceptance of those changes.
Contact us
If you have any queries relating to the processing/ usage of information provided by you or Hempy’s Privacy Policy, you may email the Data Protection Officer (DPO) at privacy@socialkarma.agency.