Privacy Policy

Last Updated: April 15, 2024

Introduction

Harpe.io, operated by Harpe Limited, is committed to protecting and respecting your privacy. This Privacy Policy outlines how we process and secure your information when you use our website and services, specifically under the direction of our clients who act as data controllers.

Definitions

  • Data Controller - The entity which determines the purposes and means of the processing of personal data.
  • Data Processor (or Service Provider) - Any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. Harpe Limited is the Data Processor of your data.

Information We Process

We process the information as instructed by our clients (Data Controllers) who use our services. This typically includes but is not limited to:

  • Personal details provided by users while using the SaaS tool.
  • Compliance data and risk assessments input by users.
  • Log data from usage of our services.

How We Use Your Information

As a Data Processor, we use the information solely for the purpose of fulfilling our contractual obligations to our clients, and as instructed by them. These uses include:

  • Providing and maintaining our service as requested by our clients
  • Assisting our clients in understanding how their users interact with our services.
  • Addressing service and technical issues as they arise.

Legal Basis for Processing Personal Data

Our processing of your personal data is based on the necessity to perform the contracts we have with our clients (the Data Controllers) who have lawful grounds for processing your personal data.

Data Retention

We retain personal information only for as long as required to fulfill the purposes we were engaged for by the Data Controllers and in accordance with their instructions and applicable laws.

Data Transfer

The information we process may be transferred to, stored, and processed in, countries outside of your country of residence, where we or our subprocessors have facilities. By using our services, you consent to this transfer, storage, or processing.

Subprocessors

We use third-party services (subprocessors) to support our operations:

  • Google Cloud and Google Firebase: For cloud services and database management, hosted in the EU.
  • SendGrid: For sending multifactor authentication (MFA) codes and other notifications, based in the US.
  • Vercel: For hosting our frontend, located in the EU.

Your Data Protection Rights

As a data processor, we process data strictly as instructed by our clients. For requests related to your data protection rights, please contact the Data Controller (our client) who directs how your data is processed.

Contact Information

If you have any questions or concerns about our processing practices or you believe there has been a breach of your data protection rights, please contact us at the details provided:

support@harpe.io

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

This Privacy Policy is effective as of 15 April, 2024.

Menu
PricingBlogContactSupportPartners
Menu
DocsChange LogStatusTerms & ConditionsPrivacy Policy
Newsletter

Sign up for the latest news, company insights, and Harpe updates.

© 2022 Harpe Ltd. All Rights Reserved.