PLEASE REVIEW THIS PRIVACY NOTICE FOR THE ASSURANT ADVANCED SALES PLATFORM WEBSITE CAREFULLY.

THIS NOTICE APPLIES TO YOUR USE OF THIS ASSURANT ADVANCED SALES PLATFORM WEBSITE

Assurant’s Advanced Sales Platform Website Privacy Notice

This Privacy Notice describes the information handling and privacy practices of Hyla Mobile, Inc. (an Assurant group company)  (hereinafter referred to as “Assurant” or “We”, “Us”, “Our” or “Company”) in connection with your use of the Assurant Advanced Sales Platform at https://buy.hylamobile.com an online sales platform that allows the users to view available inventories, submit offers, review purchase orders, and review invoices and account balances (the “Services”).  We respect your concerns about privacy. If you reside within the United States, European Economic Area, United Kingdom or elsewhere, We are the controller of your personal data within the meaning of Art.4 No. 7 General Data Protection Regulation (hereinafter “GDPR”) and in the context of the Assurant Advanced Sales Platform service (the “Service”). All references to GDPR regulations contained in the following apply only to the extent that the GDPR is applicable. This Assurant Advanced Sales Platform Privacy Notice (“Notice”) describes how We will collect, access, use, disclose, retain, transfer, otherwise process and protect personal information when you use the Service.

We protect your personal information using industry standard safeguards. We share information about you to provide the Service, with your consent or as required by law, and We will always let you know when We make significant changes to this Privacy Notice.

We adhere to the following principles to protect your privacy:

We protect your personal information and will only provide it to third parties:

(1) with your consent on basis of Article 6 para. 1 sentence 1 lit. a GDPR;

(2) where it is necessary to carry out your instructions on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(3) as reasonably necessary in order to provide the Service on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(4) to Our service providers (as described in ) in connection with providing the Service on basis of Article 6 para. 1 sentence 1 lit. b GDPR;

(5) when We reasonably believe it is required by law, subpoena or other legal process on basis of Article 6 para. 1 sentence 1 lit. c GDPR;

(6) as necessary to enforce our to protect the rights of the Company, or to prevent physical harm or financial loss on basis of Article 6 para. 1 sentence 1 lit. f GDPR; or

(7) as part of a reorganization or sale of all or part of Our business on basis of Article 6 para. 1 sentence 1 lit. f GDPR.

We have implemented safeguards designed to protect your information in accordance with industry standards.

This Notice applies to the Service only and does not necessarily reflect practices with respect to information gathered through other services We offer or websites We operate or the collection of information through off-line means. To review the privacy practices of those other services, please refer to the policies provided associated with each.

If you have any concern about providing information to Us or your information being used in any manner permitted by this Privacy Notice and the you should not use the service.

1. What information We collect

We collect your personal information in the following ways:

1.1 When you use the service

When you use the service and so that We can administer the Service, We ask users to provide Us with: (i) buyer name and (ii) email address. We may also collect your Internet Protocol (“IP”) address on basis of Article 6 para. 1 sentence 1 lit. b GDPR in order to provide you with the Service

When you communicate with Us or contact Us in regard to the service (for example – when you send us a message through Our “Contact Us” function) We may collect information that you provide to Us in your communications (such as the query or issue that you have raised).

We collect the information described above from you and the device that you use to access the Services and from third parties such as service providers, affiliates, consumer reporting agencies and public records.

We do not retain or use this information for any purpose. We process your data on basis of Article 6 para. 1 sentence 1 lit. b GDPR in order to process your query and/or answer your questions.

You may report any problems or security concerns with the service by sending an email to hylaasp@hylamobile.com .

2. How We Use & Disclose Collected Information

We collect information from you to provide the Service.

• To fulfil a contract, or take steps linked to a contract on basis of Article 6 para. 1 sentence 1 lit. b GDPR: this is relevant where you enter into a contract for the Service with Us This includes:
  • providing the Service, the Assurant Advanced Sales Platform to you;
  • verifying your identity;
  • managing your account;
  • arranging delivery of your purchase;
  • communicating with you; and
  • taking payment from you.
• As required by Us to conduct Our business and pursue Our legitimate interests on basis of Article 6 para. 1 sentence 1 lit. f GDPR, in particular:
  • recognizing you on the Service, improving your experience, increasing security of Our networks and systems, and measuring use and effectiveness of Our Service;
  • customizing Our support responses;
  • investigating complaints received from you and others about the Service, the platform or Our products and services and tracking potential issues and trends to better serve you;
  • Making decisions about, and implementing, reorganizations or sales of all or part of Our business;
  • Monitoring customer accounts to prevent, investigate and/or report fraud, misrepresentation, or crime, in accordance with applicable law;
  • In connection with legal claims, compliance, regulatory and investigative purposes (for example, theft and fraud investigations) as necessary (including disclosure of such information in connection with legal process or litigation);
  • Conducting market research and customer surveys;
  • Advertising Our products and services and sending you information about Our products and services, special offers and similar (where your consent is not required);
• Where you give Us consent on basis of Article 6 para. 1 sentence 1 lit. a GDPR:
  • We place cookies and use similar technologies in accordance with Our and the information provided to you when those technologies are used;
  • We obtain geo-location information from your wireless operator, certain third-party service providers, or directly from the device you are using;
  • We send you information about Our products and services, special offers and similar (where your consent is required);
  • On other occasions where We ask you for consent, We will use the data for the purpose which We explain at that time.
• For purposes which are required by law on basis of Article 6 para. 1 sentence 1 lit. c GDPR:
  • In response to requests by government or law enforcement authorities conducting an investigation; and
  • Responding to complaints where We are under a legal or regulatory obligation to adhere to a complaints handling procedure.

2.1 Withdrawing consent

Wherever We rely on your consent, you can always withdraw your consent at any time with effect for the future by contacting us via any means.

2.2 Automated decision making

We do not use automatic decision making or profiling.

2.3 Communications

We may contact you by mail, phone, or email to provide you with the product or service and to inform you of important changes to the services we are providing. We may also communicate with you through third-party communications platforms (such as WhatsApp), which have their own platform terms and conditions independent of Assurant and where you have given your consent as required by applicable local data protection legislation. Any information you provide to us in response to these communications will not be used or disclosed in any way other than in accordance with this privacy notice, or without your permission, unless required by law. Please be aware that you cannot opt out of receiving Service-related messages from Us.

3. How We share your personal information

3.1 Sharing personal information with affiliates

We may share your information among the Assurant family of companies.

We share your personal information with Our affiliates (meaning entities controlled by, controlling or under common control with Assurant, Inc.) for the purposes stated in this Notice. For example, your support enquiry may be handled by an Assurant contact center or technical support staff located within or outside the European Union (such as in the United States). Your personal information may be shared with Our affiliates, such as the Assurant group company through which you obtained the Service, for customer relationship management purposes (for example – when you make a complaint). In accordance with Art. 28 of the GDPR, we concluded necessary commissioned data processing agreement(s) with our affiliates.

3.2 Sharing personal information with service providers

We employ third parties to help Us with the Service.

We employ third party companies and individuals to facilitate the Service (for example, customer support, analysis, audit, application, database hosting).

These third parties have limited access to your information only to perform these tasks on Our behalf and are obligated to Us. The personnel of such third parties who use your personal information is limited to those individuals which are authorized to do so on a need-to-know basis and as necessary to provide these business services to Us. We do not authorize such third parties to disclose or use it for other purposes.

Please see Our to learn more about the service providers We use and the services that they provide to Us.

3.3 Sharing personal information with other recipients

We may disclose your personal information if mandated by law or if required for the legal protection of Our legitimate interests in compliance with applicable laws.

We may disclose your personal information to public authorities if mandated by law or if required for the legal protection of Our legitimate interests in compliance with applicable laws.

We may also disclose your personal information to parties acquiring part or all of Our assets, as well as to attorneys and consultants. Also, if any bankruptcy or reorganization proceeding is brought by or against Us, your information may be considered a company asset that may be sold or transferred to third parties.

3.4 Data processing outside of your country

In providing the Service, and the platform, personal information may be transferred to, and processed in, countries where data protection and privacy regulations do not offer the same level of protection as the European Economic Area (“EEA”) and other parts of the world:

Sharing personal information with Our affiliates as noted in Section 3.1 involves transfers outside the EEA to the US  to provide the Service (for example – to respond to your customer service enquiry).

Sharing personal information with Our service providers involves transfers to the US or Japan (for example database hosting and order processing).

Where personal information is transferred outside the EEA to a country that is not subject to an adequacy decision by the EU Commission, it is adequately protected by European Commission approved standard contractual clauses, an appropriate Privacy Shield certification or a vendor’s Processor Binding Corporate Rules. To obtain a copy of the relevant transfer mechanism or additional information on the transfers, please address these requests to Us.

4. Your Choices and Rights

If the GDPR is applicable to Our processing of your personal data, you have the following rights.

You may request access to, modify, correct, delete or limit the use and disclosure, where required by applicable law, of your account information or close your account. You can also request additional information We may have about your account.

4.1 General rights

You have the following rights with regard to the data processed by us:

• the right of access to your personal data stored by us in accordance with Art. 15 GDPR;
• If necessary, the right to rectify incorrect or complete correct personal data stored by us in accordance with Art. 16 GDPR;
• the right to erasure (“right to be forgotten”) with regard to your personal data stored by us in accordance with Art. 17 GDPR;
• the right to restrict the processing of your personal data pursuant to Art. 18 GDPR;
• the right to data portability in accordance with Art. 20 GDPR;
• the right to object to the processing of your personal data pursuant to Art. 21 GDPR (see 4.2 immediately below);
• the right to revoke any consent granted pursuant to Art. 7 para. 3 GDPR;
• the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

4.2 right of objection pursuant to Art. 21 GDPR.

You have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data by us or by a third party on the basis of a legitimate, insofar as there are reasons to do so which result from your particular situation. We no longer process the relevant personal data unless we can prove compelling grounds for processing worthy of protection which outweigh your affected interests, rights and freedoms, or if the processing serves the assertion, exercise or defense of legal claims.

If we process your personal data for the purpose of direct marketing, you have the right at any time to object to the processing of your personal data for the purpose of such marketing; this also applies to profiling, insofar as it is connected with such direct marketing. If you object to the processing for purposes of direct marketing, we will no longer process your personal data for these purposes.

4.3 Additional information

You can exercise any of your rights by contacting Us via any means. In order to safeguard your personal information from unauthorised access, We may ask that you provide sufficient information to identify yourself prior to providing access to your personal information.

In certain situations, and subject to applicable laws, including data protection laws, We may not be able or obliged to comply with all or part of your request. For example, We may not comply with an access request if doing so would reveal personal data about another person, or comply with a deletion request relating to information which We are required by law to keep or have compelling legitimate interests in keeping.

If you have unresolved concerns, you have the right to complain to an EU data protection authority (‘supervisory authority’) where you live, work or where you believe a breach may have occurred.

 

5. Data Retention

We keep your information for as long as your account is active or as needed. In addition, We may keep certain information even after you close your account if it is necessary to comply with Our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce this agreement.

We may retain your personal information for longer than the periods set out above where necessary, for example to comply with Our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce Our

6. Changes to this Privacy Notice

We may update this Notice from time to time. As We may make changes to this Notice, We suggest that you review this Notice each time you access and use this site. Please review changes carefully. If any changes are made to this Privacy Notice, We will revise the Effective Date that is indicated on the Privacy Notice.

6.1 Security Procedures

We take privacy and security seriously. Please know that the Internet is not a secure environment.

We have measures in place to restrict access to information to those employees and individuals whom We know have a valid business purpose to have access to such data. We maintain physical, electronic and procedural safeguards. We follow generally accepted standards designed to protect the personal information submitted to Us, both during transmission and once We receive it. We require those who provide services for Us and to whom We provide information collected through the Service to keep such information safeguarded and confidential. However, no method of transmission over the Internet or method of electronic storage is totally secure. Therefore, We cannot guarantee its absolute security.

7. Additional Notice for California Consumers

This section of our Privacy Notice applies to Consumers who reside in the State of California and is included to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws.  It applies to Our processing of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household subject to the CCPA (“Personal Information”).

• Information We Collect.

We describe the Personal Information we have collected from consumers and the sources from which we collect this information, in the twelve (12) months preceding the effective date of this Privacy Notice, in the section of our Privacy Notice titled “What Information Do We Collect.” The information we collect includes the following:

Identifiers such as company name, first and last name, address, e-mail address, , Internet Protocol address other similar identifiers.

Personal Records under Cal. Civil Code § 1798.80(e) such as name, address, telephone number and other information.

Commercial Information such as customer account details products or services purchased or obtained, transaction records.

Internet and other Electronic Network Activity Information such as Internet Protocol address, browser, devices and operating system types; device identifiers; and information regarding your internet service provider.

Geolocation Data such as data relating to your computer or device when you interact with the Services.

Inferences from Personal Information Collected such as Inferences drawn from any of the information described in this section about a consumer including inferences reflecting the consumer’s preferences, characteristics, behavior and abilities.

For information regarding the purposes for which we collect and use the Personal Information we collect, please see “How Do We Use Your Information?”

We have disclosed Personal Information in all or substantially all of the categories identified in this Additional Notice for California Consumers for various business purposes. For more information about the categories of Personal Information we have disclosed, the categories of entities with which we have disclosed this information, and the purposes for which we have disclosed the information, please see “How We Share Your Personal Information.”

In the last 12 months we have not sold any Personal Information.

We do not sell any Personal Information to third parties for a business or commercial purpose, and we have not sold any Personal Information to third parties for a business or commercial purpose within the past 12 months. Additionally, we do not sell the Personal Information of minors under the 16 years of age.

• Your Rights and Choices

The CCPA provides consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise your rights.

Exercising CCPA Rights

To exercise the rights afforded to you under the CCPA, please submit a verifiable consumer request to us by either:

• Visiting https://www.assurant.com/dataprotection/consumer-page; or
• Calling us at 1-800-280-9577

Only you or a registered agent may make a verifiable consumer request related to your Personal Information. If applicable, you may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access or disclosure twice within a 12-month period, and the request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information; and
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

In order to process your request safely and protect your Personal Information, it is required that you go through an identification verification process that will ask you for certain required information (including but not limited to your email address, phone number, and your address). In the instance that your identification can not be verified, you will be contacted. We cannot respond to requests if we cannot verify your identity. Making a verifiable consumer request does not require you to create an account with us.

Response Timing and Format

We will respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and the extension period in writing. Any disclosures we provide will only cover the 12-month period before the date the verifiable consumer request was received. If we cannot process your request, we will explain the reasons why we cannot comply with the request. All responses will provide your Personal Information in an easy to read format.

We will not charge a fee to process or respond to your request provided, however, in certain circumstances we may charge a fee if permitted under applicable law.

Deletion Request Rights

You have the right to request that we delete Personal Information that we collected from you, subject to certain exceptions. Please note that even if you make a request to delete your Personal Information, applicable law may permit or require us to retain Personal Information that was collected to complete transactions and services you have requested or that are reasonably anticipated, for security purposes, for legitimate internal business purposes, including maintaining business records, to comply with law, to exercise or defend legal claims, to cooperate with law enforcement and for other legally permissible reasons.

Right to Know About Personal Information Collected, Disclosed, or Sold

If we use your Personal Information for a business purpose or if we sell your Personal Information, you have the right to request the following to be disclosed:

• The categories of Personal Information that the business collected about you;
• The categories of Personal Information that the business sold about you and the categories of third parties and/or service providers to whom the Personal Information was sold;
• The categories of Personal Information that the business disclosed about you for a business purpose.

Authorized Agent

Under California law, you may designate an authorized agent to make a request on your behalf. You may make such a designation by providing the agent with written permission to act on your behalf. As permitted by law, we may require you to verify your own identity in response to a request even if you choose to use an agent. We may choose to deny a request from an agent that does not submit proof that they have been authorized by a consumer to act on their behalf.

Non-Discrimination 

We will not discriminate against you for exercising any of your CCPA rights. This means, unless permitted by the CCPA, we will not:

• Deny you goods or services;
• Charge you different prices or rates for goods or services, including granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of goods or services; or
• Suggest that you may receive a different price or rate for goods or services, or a different level or quality of goods or services.

 

8. Important Information

8.1 Contact, Data Controller and Data Protection Officer

If you have questions or comments about this Privacy Notice, please contact Us online or by postal mail.

• For users within the Asia-Pacific region:

We welcome your questions or comments regarding this Notice. Please write to Us at for Assurant Japan KK, Data Protection Officer, Marunouchi Trust Tower Main Building, 10th Floor 1-8-3 Marunouchi, Chiyoda-ku Tokyo, 100-0005, Japan, and for TWG Japan, Data Protection Officer, Marunouchi Trust North Tower Building, 19th Floor 1-8-1 Marunouchi, Chiyoda-ku Tokyo, 100-0005, Japan or send Us an email at dataprotectionofficer.apac@assurant.com.

• For users within the United States, Latin America, Middle East and Africa:

We welcome your questions or comments regarding this Notice. Please write to Us at Assurant Privacy Office, 260 Interstate North Circle SE, Atlanta, Georgia 30339, USA or send Us an email at ThePrivacyOffice@assurant.com.

• For users within the European Economic Area, UK or Switzerland

Hyla Mobile Inc is the data controller of the personal information provided to or collected by the Assurant Advanced Sales Platform site. Assurant has appointed an EU Data Protection Officer. Customers who feel that the rights afforded to them under the GDPR or applicable data protection law have been infringed, or that the data controller is processing personal information in contravention of the GDPR or applicable data protection law, may submit complaints or inquiries to:

Data Protection Officer, Lifestyle Services Group Limited, Emerald Buildings, Westmere Drive, Crewe, Cheshire, CW1 6UN, United Kingdom, or send Us an email at dataprotectionofficer@assurant.com.

You also have the right to file a complaint directly with the local Supervisory Authority, as relevant, under EU data protection law.

Effective Date

List of Service Providers

This List of Service Providers identifies the third-party service providers (who are not considered to be part of the Assurant group companies) We use in connection with the Assurant Advanced Sales Platform site:

Service Provider (Name)	PhoneX
Location (Country)	United States
Service Provider’s Processing Purposes	Software As A Service Provider
Service Provider (Name)	YS
Location (Country)	Japan
Service Provider’s Processing Purposes	Order Fulfillment

 

 

 

Effective Date: Sept 30, 2022

 

 

Cookie Notice

We use cookies and other online tracking devices (such as web beacons, action tags, Local Shared Objects (“Flash cookies”) and single-pixel gifs) all of which We refer to as “cookies” for the purposes of this cookie notice, to help Us recognize you, improve your experience, increase security and measure use and effectiveness of Our website.  Cookies are small text files that are placed on your computer by websites that you visit. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device for a set period of time or until you delete them).

Improve User Experience

We use cookies and similar technologies, to help Us recognize you, improve your experience, increase security, and measure use and effectiveness of Our Services.  Long duration cookies may be used when accessing the website. These are pieces of information or data sent and stored to your browser or mobile device for record-keeping purposes. We use this information to analyze traffic patterns and improve the Service. If you prefer not to accept cookies into your browser, the help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. However, disabling cookies may result in certain parts of the website and resources not operating correctly or prevent you from taking full advantage of some of the features of the Service.

Some browsers offer a “Do Not Track” (“DNT”) signal whereby you may indicate your preference regarding tracking and cross-site tracking. Although We do not currently employ technology that recognizes DNT signals, We will only process your Personal Information in accordance with this Notice.

Analyze Website’s Performance

We collect Personal Information, on an individual and collective basis, to track and analyze preferences and trends, improve the quality of the Service, evaluate functionality and services, and improve Our Service. We collect information when you use Our website and may use third party analytics tools to evaluate user traffic.  For example, We collect log in information about devices used to access Our Service, including IP addresses.

What types of cookies are used on this website?

We use first party cookies on this Website.  The cookies used on Our website can be categorized in the following ways:

• Strictly Necessary cookies: These cookies enable necessary functionality such as security, network management and accessibility. You may disable these cookies by changing your browser settings, but this may impact how the website works.
• Performance cookies: These cookies collect information about how users use a website, for instance which pages users go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a user. The information these cookies collect is anonymous and only used to improve how a website works.
• Analytics cookies: These cookies collect and report information on how you use our website and help us improve our Service.

Some of Our Website pages may contain electronic images known as web beacons (sometimes known as clear gifs) that allow Us to count users who have visited these pages. Web beacons collect only limited information which including a cookie number, time and date of a page view, and a description of the page on which the Web beacon resides.

By using Our website, you acknowledge that We place these types of cookies on your device as set forth in this Cookie Notice.  The table below explains the types of cookies We use and why.

Cookie Name	Cookie Type	Cookie Purpose
JSESSIONID	Session	ASP Authentication and Authorization
auctionViewCookie	Session	To record auction viewed by customer
auctionTourMobile	Session	To show the tour on auction page on mobile site
auctionTourDesktop	Session	To show the tour on auction page on full site
lotTourMobile	Session	To show the tour on lot page on mobile site
lotTourDesktop	Session	To show the tour on lot page on full site
_ga	Analytics	This Google Analytics cookie stores a Google Analytics client ID which is used to identify users across all the devices used to access the site or app. This cookie expires after 1 year.
_gat	Analytics	This Google Analytics cookie is used to manage the collection of data on the website. This cookie expires in 10 minutes.
_gat_gtag_UA_182166620_1	Analytics	This Google Analytics cookie is used to store a unique user ID. This cookie expires in 1 min.
_gid	Analytics	The Google Analytics cookie is used to store information of how visitors use a website and helps in creating an analytics website performance report
AWSALB	Performance	AWS Load Balancer Sticky Session
AWSALBCORS	Performance	AWS Load Balancer Sticky Session

How do I change my cookie settings?

If you prefer not to accept cookies into your browser, the help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. However, disabling cookies may result in certain parts of the website and resources not operating correctly or prevent you from taking full advantage of some of the features of the Service. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

The following links show how to disable cookies in different browsers:

• Setting cookie preferences in Internet Explorer
• Setting cookie preferences in Firefox
• Setting cookie preferences in Chrome
• Setting cookie preferences in Safari web and iOS.

This Cookie Notice should be read in conjunction with Our Privacy Notice If you have any questions or concerns about the Cookies Notice or its implementation you may contact Us at dataprotectionofficer@assurant.com..

Effective date: Sept 30, 2022

Additional Provisions for Individuals Located in Canada

All references in the Privacy Notice to the General Data Protection Regulation or “GDPR” shall be read, with the necessary modification as the context requires, to the Personal Information Protection and Electronic Documents Act (Canada) and all substantially similar Canadian provincial privacy legislation.

All collection, use, processing, and disclosure of your personal information is made on the basis of your express or implied consent, except where collection, use, processing or disclosure is permitted by PIPEDA without consent.

We rely on implied consent to collect, use, process and disclose your personal information in the following situations:

• To fulfil a contract, or take steps linked to a contract: this is relevant where you enter into a contract for the Service with Us. This includes:
  • providing the Service, the Assurant Advanced Sales Platform to you;
  • verifying your identity;
  • managing your account;
  • arranging delivery of your purchase;
  • communicating with you; and
  • taking payment from you.
• As required by Us to conduct Our business, in particular:
  • recognizing you on the Service, the website, improving your experience, increasing security of Our networks and systems, and measuring use and effectiveness of Our Service;
  • customizing Our support responses;
  • investigating complaints received from you and others about the Service, the website or Our products and services and tracking potential issues and trends to better serve you;
  • Making decisions about, and implementing, reorganizations or sales of all or part of Our business;
  • Monitoring customer accounts to prevent, investigate and/or report fraud, misrepresentation, or crime, in accordance with applicable law;
  • In connection with legal claims (for example, relating to denial of an insurance claim), compliance, regulatory and investigative purposes (for example, theft and fraud investigations) as necessary (including disclosure of such information in connection with legal process or litigation);
  • Conducting market research and customer surveys;
  • Advertising Our products and services and sending you information about Our products and services, special offers and similar (where your consent is not required);
  • We obtain geo-location information from your wireless operator, certain third-party service providers, or directly from the device.

We rely on express consent to collect, use, process and disclose your personal information in the following situations:

• Where:
  • We place analytics and use similar technologies in accordance with Our User Analytics Notice and the information provided to you when those technologies are used;
  • We send you information about Our products and services, special offers and similar (where your consent is required);
  • On other occasions where We ask you for consent, We will use the data for the purpose which We explain at that time.

We rely on one or more exceptions in PIPEDA to collect, use, process and disclose your personal information in the following situations:

• For purposes which are required by law, for example:
  • In response to requests by government or law enforcement authorities conducting an investigation; and
  • Responding to complaints where We are under a legal or regulatory obligation to adhere to a complaints handling procedure.

Occasionally we use service providers located outside of Canada to collect, process or store personal information on our behalf. Please note that the laws of other countries from which your personal information may be collection or in which it may be processed or stored may provide for a different level of protection than exists under Canadian laws. If you would like to receive more information about our policies and procedures concerning our use of service providers outside of Canada, please contact us at email: hylaasp@hylamobile.com.

Your Choices and Rights

Under PIPEDA, you have the following rights with regard to the data processed by us:

• the right of access to your personal data stored by us;
• If necessary, the right to rectify incorrect or complete correct personal data stored by us;
• the right to revoke any consent granted; and
• the right to lodge a complaint with the Office of the Privacy Commissioner of Canada.

Effective Date: Sept 30, 2022