Hurix helps organisations from across the world achieve their business goals through its learning content, digital marketing, and technology services. We design and build our solutions on core principles of innovation, end-user experience, and customer satisfaction, such that they work across traditional and newer mobile platforms, formats and devices to deliver and manage highly compelling and engaging digital content.
It is Hurix’s policy to respect your privacy regarding any information we may collect while using our software applications and websites, collectively called the Services.
Hurix operates web-based applications such as Kitaboo, ePub3Automation, Docketzoom, Sales Genie that are part of the services that we offer. These products are offered through multiple domains www.kitaboo.com, www.docketzoom.com, http://epub3automation.com All such products, applications, websites are collectively called “Services”.
Data Controller and Data Processor
We process two main types of personal data.
- Customer Data – Personal data that forms part of data that is provided by our customers and their end-users for processing.
- Other Data – Personal data about our customers, visitors and other individuals that is collected and processed directly by us.
Our Customers are the controller of Customer Data. Hurix is the processor of Customer Data and the controller of Other Data.
Information We Collect
Customer Data that you provide
As customers, you provide data to us for processing as part of usage of our Hurix applications
Customer Data may be processed by us as a result of customer’s use of the Services when our customers, or their end-users, input or upload information into the Service. For example, customers who use our Kitaboo application may upload Customer Data about themselves or their employees, institutional partners or schools.
- We collect personal information from you when you create an account, such as your first name, last name, email address and phone number.
- We collect any personal information that you include in your user profile and public profile, public contents, and during use of our services such as annotations, file uploads and notes.
If you are a school, you should contact your publisher about their privacy practices. If you are a school student, you should contact your school or teacher to understand your school’s privacy practices.
Other Data that we collect
We also collect and store the following information about you using analytical tools
We collect information related to your use of our products and services, such as your touch gestures, highlights, bookmarks, page views, and other applications you may use with our products and services. Our products provide information to us about its status, such as uptime, available memory, and errors that may have occurred.
Website Visitor Data
We also collect data when you use our applications and websites
- Log Data – Our servers automatically collect information when you access or use our applications and services. This data is recorded in log files. Examples of such data include IP Address
- Product Demo and Subscription – You provide personal data to us as part of signing up for our newsletters or to request for product demos.
- Contact Us Data – When you enquire about our products and services, we collect and store this data to communicate with you and respond to your enquiry.
Data from Others
User registration services that you use
You may also use third-party registration services or applications to sign up with Kitaboo. We then get data from these applications.
We currently use Google Analytics to collect information anonymously and reports website trends without identifying individual visitors.
We use Google Analytics for analytics and measurement to understand how our services are used. For example, we analyse data about your visits to our sites to do things like optimise product design
We collect data through cookies.
How We Use Your Data
How we use your personal data will depend on which Services you use and how you use those Services.
Customer Data will be used by Hurix in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and as required by applicable law. Hurix is a processor of Customer Data and Customer is the controller.
Other Data is used by us to provide our services, send our newsletters, send promotional material and to communicate with you by responding to your requests, comments and questions.
Lawful bases for processing
We have lawful bases to process your personal data. We also use your consent as bases for lawfully processing your personal data.
We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and consent as the lawful basis for processing. For certain processing, we may also use legitimate interests as provided under the Data Protection Regulations. If you believe certain services are not in your interest, you have a right to object.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Where you have consented to a particular processing, you have a right to withdraw the consent at any time by sending an email to our product support team at “firstname.lastname@example.org.”
How we use Customer data
We use your data to authenticate you and authorize access to our services
We only process Customer Data on behalf of our customers and in accordance with their instructions provided in the applicable Services agreement with us. We use the data that we have about you to provide our services and provide support to you. In each case, Hurix collects such information only in so far as is necessary or appropriate to fulfil the purpose of the interaction with our services.
- To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services and our Services offerings. These communications are considered part of the Services and you may not opt out of them.
- Aggregated Analytics. We also use our Customer’s end user data to derive aggregated analytics such as duration of book reading, Book Opened / Assigned, Reading Time, Pages Read, Reading Sessions, Avg. Reading Time / Session, Avg. Pages Read / Session, Notes Shared / Created, Highlights Shared / Created, Resources Viewed / Available etc.
- Customer Support. If you send us a request (for example via a support email or via one of our feedback mechanisms), we respond to your request or to help your issues.
- For any other purpose as provided for in the Services Agreement between us and the customer, or as otherwise authorized by the customer;
- In accordance with or as may be required by law.
How we use Other data
We may set up product demos or send you marketing / promotional materials. You may choose to restrict the collection or use of your personal information
We will update you with improvements in our services, new features and from time to time also carry out direct marketing of our products and services. Direct marketing is carried out only if you consent to receiving such communications from us.
We also send invitation to our events or conferences.
Users under 16 years of age
The Sites and Services do not knowingly collect personal information from users under the age of 16
If you are under the age of 16, you are not permitted to use the Sites and Services except as an end user student.
Data Retention Policy
Customer Data – We retain your information for as long as you have an active Services account. We may also retain your personal information for extended period under applicable statutory laws.
Hurix will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement, or for two years if there are no such instruction, and as required by applicable law. When you decide to close your account, we delete all personal information about you including any user generated content.
You can request to access, update or correct your personal information. You also have the right to object to direct marketing. For all requests relating to your rights, you can contact us at “email@example.com.”
You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation (“GDPR”), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.
Customer’s Rights to Control Data
Whenever you use our services, we aim to provide you easy means to access, modify, delete, object to or restrict use of your personal information
We strive to give you ways to access, update/modify your data quickly or to delete it unless we have to keep that information for legal purposes. Some rights can be access from within the Hurix application. For visitors, these rights can be exercised by contacting us with your specific request.
- Change or Correct Data: You can edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate.
- Delete Data: You can ask us to erase or delete all or some of your personal data (e.g. if it is no longer necessary to provide Services to you).
- Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g. if we have no legal right to keep using it) or to limit our use of it (e.g. if your personal data is inaccurate or unlawfully held).
- Withdraw your consent – Any consent that you provide, including for direct marketing, can be withdrawn at any time, by contacting us or by changing your preferences in the application.
- Right to Access and/or Take Your Data: You can ask us for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form.
We keep some personal data even after account closure
Once you choose to close your account, we generally delete your personal information within 30 days of closure of your account. Some information that is necessary for statutory obligations such as records of payment processing, invoicing data will be retained as necessary.
Your information shared with others
Recipients of your data
Your data will be shared with other recipients in order to provide you with services.
While we aim to limit the sharing of your data, at times, it is necessary to share your data with certain service providers. Examples of when and for what purpose your data is shared include data center / hosting services, email marketing services, etc.
The following categories of recipients will most likely receive your data in order for us to provide services to you
- Third Party Data Center Services
- Third Party SMTP Services
- Third party temporary file upload tools
- Salesforce /Pardot CRM for direct marketing
To Comply with Laws. If we receive a request for information, we may disclose if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
Your data that is publicly accessible may be seen by others
Your username, public profile information, and public content may be seen by other users of our products and services. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be publicly available.
Cross-Border Data Transfers
Your data will be stored and processed in multiple countries including outside of the European Union (EU) Region
Since we are an international company, your data will be processed outside of the EU region. Your data will be processed within Third Party Data Centers in USA and our data centers in India. Some countries where we process data may not have as protective laws as your own country and there are risks associated with such transfer.
Hurix offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. These clauses are contractual commitments between parties transferring personal data (for example, between Hurix and its Clients, suppliers or data processors outside the EU), binding them to protect the privacy and security of the data.
Security Measures to Protect your Data
We implement security controls to prevent breaches and unauthorised access to your data.
We maintain reasonable and appropriate security measures to protect Customer Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
Examples of security measures include physical access controls, encryption, HTTPS, restricted access to data, monitoring for threats and vulnerabilities etc.
We also subject our services to internationally recognised certification and attestation standards.
Protection of personal information
Our Sites and Services uses commercial efforts to maintain safeguards for protection of your Personal Information
Hurix takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
If you have questions or complaints regarding this Policy, you may contact us through email at firstname.lastname@example.org. You may contact us at our mailing address below
Hurix System Private Limited
Unit #102, 1st Floor,
Seepz-SEZ, Andheri (East)
If you are a resident of the European Economic Area and we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you have additional rights. If you are not satisfied with the resolution, you can also lodge a complaint with the Supervisory Authority in the country of your residence.