top of page

Privacy Policy

To be updated from time to time. Last updated on 13 January 2021.

This Privacy Policy is a part of HYCD Terms of Use. Unless otherwise defined in this Privacy Policy, all terms capitalized have the meanings as given in HYCD Terms of Use.

 

You agree that by interacting with HYCD, you have read, understood, and agree to be bound by all terms of this Privacy Policy. If you do not agree, you must leave HYCD immediately.

In this Privacy Policy, "Personal Data" means information that (either in isolation or in combination with other information held by HYCD) enables you to be identified as an individual or recognized directly or indirectly. 

In general, to comply with the applicable laws, we collect, store, use, share, disclose and transfer Personal Data if we are obliged to. In details, we may collect, store, use, share, disclose and transfer Personal Data as below.

I - Collection

1. Visitor Analytics

We use Visitor Analytics as a part of our website management. 

Visitor Analytics is a simple website analytics service which measures the traffic and visitors' general details of our website. Collecting these statistics, we can make our website visitors' experience better (e.g. which pages they visit and when, where they are approximately located, where does a user land first or if they are coming from a specific referral).

Visitor Analytics does not use cookies to collect data about our visitors' device type and screen size, approximate location, browser, OS, IPs, page visits, bounce rate, conversions and popular content on the website. All this data is pseudonymized and Visitor Analytics will never use the collected data to identify individual users or to match it with additional information on an individual user.

2. Visitor Recordings

Visitor Recordings is an additional feature to Visitor Analytics (described above) in the form of a simple website replay tool that records where our website visitors scrolled to and what they clicked on our website. We can see this information in playbacks and so called heatmaps. Collecting these statistics helps us to make our website more user-friendly and to reproduce and fix technical errors.

Basically, as a website owner using Visitor Recordings, we are using a snippet of tracking code to collect data about our visitors’ journey on our websites, so which subpages they visit, what they clicked on, where they moved their mouse cursor to and where they scrolled. All this data is pseudonymized and Visitor Analytics will never use the collected data to identify individual users or to match it with additional information on an individual user.

3. Google Analytics

We use Google Analytics as a part of our website management. 

You can read more about how Google Analytics uses your Personal Data hereYou can also opt-out of Google Analytics here.

4. Wix

Our website is hosted by Wix.

 

Wix provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix data storage, databases and the general Wix.com applications, using secure servers behind a firewall. All direct payment gateways offered by Wix and used by HYCD adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For further information, please refer to Wix' privacy policies here.

5. HYCD's channels

We have various social channels, including YouTube, Vimeo, and Etsy.

For further information, please refer to each relevant privacy policies thereof. 

6. HYCD

We may collect the following categories of Personal Data from the site visitors, site members, our customers and clients:

  • Basic data: Name, gender, title, organization, job responsibilities, phone number, mailing address, email address, contact details and information about family life (excluding special categories of data) including family, children, hobbies and interests.

  • Special categories of data: in limited circumstances, where you have provided us with such information as it is necessary for a specific service we are providing to you: religious or other beliefs, racial or ethnic origin,  sexual orientation, health data and details of trade union membership.

  • Registration data:  Newsletter requests, event/seminar registrations, dietary preferences (excluding special categories of data), subscriptions, downloads, and username/passwords.

  • Client service data:  Personal Data received from HYCD's clients and customers in respect of employees, clients, customers or other individuals known to such HYCD's clients and customers, invoicing details and payment history, and client feedback.   

  • Marketing data: Data about individual participation in conferences and in-person seminars, credentials, associations, product and service interests, and preferences. 

  • Transaction data: Personal data contained in documents, correspondence or other materials provided by or relating to transactions conducted by our clients and customers. 

  • Compliance data: Government identifiers, passports or other identification documents, dates of birth, beneficial ownership data, and due diligence data.

  • Job applicant data: Data provided by job applicants or others on HYCD or offline means in connection with employment opportunities, which also may be subject to an additional relevant local recruitment privacy policy.  

  • Usage data: Data about usage of HYCD's website and channels. 

  • Special data: regarding free personal readings offer on HYCD website: we record and store all personal readings (including but not limited to the pre-recorded readings and/or the live-readings via Zoom or any other platforms used for communication between you and HYCD).

 

We collect Personal Data from a number of sources, either directly from the data subjects, from our business partners and the third-party partners, or from our clients and customers, acquaintances and publicly available sources. Where HYCD receives data from any visitors, our clients and customers about other individuals, such visitors, clients and customers are responsible for ensuring that any such data is transferred to us in compliance with applicable data protection laws.

II - Use

The purposes for which we use Personal Data, and the legal basis for such processing, are as follows:

  • To provide products and services as per our customers and clients' inquiries, we use basic data, registration data, and client service data. We need to process Personal Data in this way in order to perform our obligations under our contracts with our clients and customers.

  • To manage our business operations and administer our client and customer relationships, we use basic data, special categories of data, registration data, marketing data and client service data. This processing is necessary in order to perform our obligations under our contracts with our clients and customers (e.g. issuing and processing invoices) and our suppliers (e.g. managing the supply of goods and services to HYCD).

  • To make HYCD's site and channels more intuitive and easy to use, we use usage data.  It is necessary for our legitimate interests to monitor how our sites and channels are used to help us improve the layout and information available on our sites and channels and provide a better service to our users.

  • To protect the security and effective functioning of our sites and information technology systems, we use basic data, registration data, transaction data, and usage data. It is necessary for our legitimate interests to monitor how our sites are used to detect and prevent fraud, other crimes and the misuse of our sites. This helps us to ensure that you can safely use our sites.

  • To provide relevant marketing such as providing you with information about events, products or services that may be of interest to you, we use marketing data, basic data, special categories of data, registration data, client service data, and usage data. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant marketing, updates and invitations.

  • To address compliance and legal obligations, such as complying with any tax reporting obligations, checking the identity of new clients and customers, and to prevent money laundering and/or fraud, we use compliance data, basic data, registration data, transaction data, and usage data. This processing is necessary for the purposes of complying with legal requirements to which we are subject.

  • To consider individuals for employment and contractor opportunities and manage on-boarding procedures, we use job applicant data and compliance data. The processing is necessary for the purposes of recruitment and on-boarding and for complying with legal obligations to which we are subject and which may be subject to a relevant local recruitment privacy policy.

  • To manage our business and prove that we have already provided the services requested by you, either via our booking system, email address, and/or any other communication means, we use the special data. It is reasonable for us to keep these data for using in conflict settlement if any arises. 

III - Share

We may share Personal Data with the following categories of recipients:

  • Suppliers and service providers: We share Personal Data with suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above. These include: infrastructure and IT services providers, for example, the providers of our client intake system, our finance systems and our customer relationship management databases; third party consultants who provide us with support in respect of business analytics and marketing campaigns; and the original equipment manufacturer where we get our products made. We require such parties to provide reasonable security for Personal Data and to use and process such Personal Data on our behalf only.

  • Financial institutions: We share Personal Data with financial institutions in connection with invoicing and payments.

  • Mandatory disclosures and legal claims: We share Personal Data in order to comply with any applicable tax reporting obligations, comply with any subpoena, court order or other legal process, to comply with a request from our regulators, governmental request or any other legally enforceable demand. We also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.

 

If you have questions about the parties with which we share Personal Data, please contact us as specified below. 

IV. Storage

We retain your data and personal information only for as long as necessary to provide you with our products and services and as otherwise described in our Privacy Policy. However, We may also be required to retain this information to comply with any applicable legal and regulatory obligations, to resolve disputes, and to enforce or perform our agreements. We generally keep your data for five (05) years or longer if requested by the aforesaid reasons.

V. Transfer

We transfer Personal Data to jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. In particular, our sites are hosted on servers in the United States. If you are located in a non-US jurisdiction, the transfer of Personal Data is necessary to provide you with the requested information and/or to perform any requested transaction. When you submit personal information to us, you are transferring your data across borders.

VI - Data subject rights

If you are in the European Economic Area (EEA) you have the following rights:

  • Access. Subject to certain exceptions , you have the right to request a copy of the Personal Data we are processing about you, which we will provide to you in electronic form. At our discretion we may require you to prove your identity before providing the requested information.  If you require multiple copies of your Personal Data, we may charge a reasonable administration fee.

  • Rectification. You have the right to require that any incomplete or inaccurate Personal Data that we process about you is amended.

  • Deletion. You have the right to request that we delete Personal Data that we process about you, unless we are required to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

  • Restriction. You have the right to request that we restrict our processing of your Personal Data where:

    • you believe such data to be inaccurate;

    • our processing is unlawful; or

    • we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it. 

  • Portability. You have the right to request that we transmit the Personal Data we hold in respect of you to another data controller, where this is:

    • personal information which you have provided to us; and

    • we are processing that data on the basis of your consent or in order to perform our obligations under contract to you (such as to provide legal services).

  • Objection. Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation.  We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim.

  • Withdrawing Consent.  If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge  This includes cases where you wish to opt out from marketing messages that you receive from us. 

 

If you are in the EEA you also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. Access a list of local data protection authorities in EEA countries.

VII - Contact

We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our business, or as otherwise necessary to contact you regarding your experience with our website, goods, and/or services, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.

VIII - Your consent withdrawal

If you do not want us to process your data anymore, and/or if you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at HaYen.Trinh@hayenchidiep.com

IX - Privacy Policy update

We reserve the right to modify this Privacy Policy at any time, we encourage you to visit our sites frequently to stay informed about our updates. Changes and clarifications will take effect immediately upon their posting on the website, the date of which is noted at the beginning of this Privacy Policy. If we make material changes, we will notify you with an announcement on this website that it has been updated. 

bottom of page