For your benefit we collect a range of information from you during your use of our websites or apps.
- Anonymous information to better understand your use of our sites and serve you better
- Contact information, when you subscribe to email lists or certain specific site services
- Financial information, when you make purchases in our store
- If you use our HeartCloud service, we store physiological practice information to analyze sessions for results like trophies, to synchronize between your devices and to back up your data.
We use great care in storing and protecting this information. You have the right to access your personal data and to delete it. You must be 16 years of age or older to use our sites and services otherwise you will need parental consent. Should you have trouble or any questions about this, please contact HeartMath Support with detailed information.
Information Collection and Usage
Right to Access and Data Portability
You have the right to access your data. In most places this mainly holds your email information. HeartCloud services store all practice session data for your personal use. This consists of the Heart Rate data of your practice sessions and derived statistics like Coherence. You may download the free emWave 2 PC software at https://www.heartmath.com/downloads/, where you can download your active sessions to inspect the data and export sessions to a spreadsheet, for example. Alternatively, login to your HeartCloud account, go to the Profile -> Data tab to request a download of your HeartCloud data.
Right to be Forgotten
You can access and control your subscription at https://www.heartmath.com/unsubscribe.
In HeartCloud you can log into your account, go to your Profile page, and delete your account. All your session data and account info will be deleted that is stored on the server. The data stored on your desktop or mobile devices will be retained on those devices and requires deletion from those devices and client software separately. The following Sections provide more Detail on the Data we retain
During registration, for our websites and events, you are required to give your contact information (such as name, e-mail address, mailing address and phone number). We also may collect demographic information (such as job title and purchasing responsibilities, company information and professional certification). For internal purposes, we use this information to communicate with you and provide requested services, and, on our websites, provide a more personalized experience. We use aggregate demographic information about our visitors including you to improve our service, for marketing purposes and industry reporting.
For our offerings that require payment (such as certain events, products and subscriptions), we also collect your credit card information (such as account name, number and expiration date), which is used by us and our credit card processors for billing purposes only and is not otherwise shared. Please see the “Security” section below.
If you wish to subscribe to our e-mail newsletters, we ask for your contact information (such as name, e-mail address and, occasionally, demographic information). We use this information in the same manner as we use contact information in the registration and ordering process described above. Recipients of our newsletters can unsubscribe using the instructions listed at the end of the e-mail newsletter or by sending an e-mail to: [email protected] with the e-mail address used to subscribe. You can also visit the subscription page mentioned above.
From time to time we may invite you to provide information via surveys or contests. Participation in these surveys or contests is completely voluntary and you therefore have a choice as to whether or not to disclose requested contact information (such as name and mailing address) and demographic information (such as zip code or job title). In addition to other uses set forth in this policy, contact information collected in connection with surveys and contests is used to notify the winners and award prizes, to monitor or improve the use of our promotions and offerings, and may be shared with sponsors of such surveys or contests.
At some of our websites, we offer interactive and community features such as “wall” postings, status updates and feeds, discussion boards, webcasts and customer profiles. Accordingly, HeartMath, Inc collects content submitted by you such as data, text, software, music, audio, photographs, graphics, video, messages, links, tags, comments, status updates and other materials. Note that all personal information sent or posted via such features becomes public information for which HeartMath, Inc is not responsible and cannot be held accountable. Some of these features automatically make certain information public (e.g., user name, avatar photograph or image, “about me” information, Licensed HeartMath Provider status). If you choose to make available any of your personally identifiable information, you do so at your own risk.
If you elect to use our referral service for informing a friend about our websites and offerings, we may ask you for the friend’s name, job title and e-mail address. HeartMath, Inc will store and use this information to send the friend an invitation to browse our website. This information may also be used to provide information about our company and related products and offerings. The friend may contact us as specified in the tell-a-friend message to request that no further communications be sent.
We have features where you can submit information to us (such as our feedback forms). Letters to the editor and similar submissions may be made public. Requests for service, support or information may be forwarded internally and to our contractors, business affiliates and advertisers as needed to best respond to a specific request. We may retain e-mails and other information sent to us for our internal administrative purposes and to help us to serve you better.
In order to best serve you, we may send updates that contain important information about our websites and offerings. For example, we send new members a welcoming message and verify password and your name for our password-protected sections. We may also communicate with you to provide requested services and for account-related issues via e-mail, phone or regular mail. Such communications are not subject to opt out while your account is active, e.g., for a current subscription.
We offer you the option to receive information about our company, related products, offerings and special deals. You can choose not to receive these communications as set forth in our Permission section below.
Our websites have features that automatically collect information from you to deliver content specific to your interests and to honor your preferences. This information assists us in creating websites that will serve your needs. One of the most common tools is the “cookie.”
We may combine anonymous demographic information supplied by you during registration with aggregate website usage data to provide general profiles, in aggregate non-personally identifiable form, about you and your preferences in the content of the website. We may share this composite information with our business affiliates to help them better understand our offerings and customer base. Neither information of a medical/diagnostic nature nor the state of your health is collected, distributed or reported upon. However, in some places you may describe or comment upon your or others’ medical or diagnostic issues or health without our control.
- Registration and Ordering
- E-mail Newsletters
- Surveys and Contests
- Interactive Features
- Messaging from Our Offerings
- At some of our websites, we offer the ability for you to send messages to one another, and even to persons not using our websites. Accordingly, HeartMath, Inc collects and transmits content submitted by you for such messaging. By posting on our interactive features or messaging features, you are consenting to receive comments or messaging from others, who may view and respond to such postings. We provide mechanisms for you to report spam or other unsolicited messaging to us.
- Communications with Us
- Communications from Us: Service Updates, Special Offers
- Automatic Data Collection
With Whom Your Information is Shared
On our websites with interactive features or messaging features, your user ID and any profile information you submit are displayed in the public and private areas of such websites. Generally, all of your activities on such websites will be identifiable to your user ID. Personal information may be publicly shared through our interactive features (see “Interactive Features” above) and our messaging features (see “Messaging from Our Offerings” above).
When we have co-branded, customized, private labeled, “powered by,” or sponsored products and offerings, or when we join with other parties to provide specific products or services, we may share (provide and receive) personal information with them. We do not share credit card information with such third parties. If you are sharing your HeartCloud with applications created by other providers, you will be specifically asked to authorize such linkage. You will be able to cancel this connection by going to your profile page. Cancelling the connection does not remove the data on the servers of other providers.
We may use outside shipping companies to ship orders and a credit card processing company to bill you for goods and services. These companies do not retain, share, store or use personally identifiable information for any secondary purposes. Aggregate information also may be shared with our contractors, business affiliates and advertisers only on an anonymous aggregate basis. Other than as set forth above, we do not share personally identifiable information with other companies, apart from those acting as our agents in providing our promotions, products and services, and which agree to use it only for that purpose and to keep the information secure and confidential. Also, our parent, subsidiary and affiliate companies, entities into which our companies may be merged, or entities to which any of our assets, products, websites or operations may be transferred, will be able to use personally identifiable and aggregate information.
We will also disclose information we maintain when required to do so by law, for example, in response to a court order or a subpoena or other legal obligation, in response to a law enforcement agency’s request, or in special cases when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property. You should also be aware that U.S. Bankruptcy Courts and other government authorities might have the authority under certain circumstances to permit personal information to be shared or transferred to third parties without permission.
Correction/Updating Personal Information
If your personally identifiable information changes (such as zip code), or if you no longer desire our offerings, we provide a way to correct or update your personal information. You should contact Customer Support for the applicable product or service
Privacy by Design
We use all reasonable precautions to protect your personal information and to see that it is stored securely by our contracted data centers. We continuously improve our security and update our systems. Should a breach happen we pledge to notify you, if you are affected.
All credit card transactions occur on a secure website that is tested daily for potential weaknesses in order to protect you from any loss, misuse or alteration of information collected, so that you can buy with confidence. ScanAlert, a third party company specializing in Internet security has “HackerSafe” certified the store websites of HeartMath, Inc. ScanAlert also ensures that the hosted websites are PCI (Payment Card Industry) compliant; (please visit http://www.pcicomplianceguide.org/step1b.html for more information on PCI compliance.)
When you place an order online at a HeartMath, Inc store website, the information you send is protected by Secure Sockets Layer (SSL) technology. SSL encrypts your order using strong 128-bit encryption to prevent the decoding of that information by anyone other than the recipient as it travels over the Internet. SSL is the industry standard in transferring credit card information to process your orders. The SSL encryption translates your order information into a highly indecipherable code.
When you’ve finished shopping and begin the checkout process, you will be in the secure area of the website. A warning window may pop up to notify you that you are entering this secure area. A key or a closed lock will appear in the lower left hand corner of your screen and/or the right side of the address bar in Internet Explorer to notify you of this change. (In Netscape, it’s in the lower left-hand corner, just above the Start button. On a Mac, the lock icon may be in the lower left-hand corner of both browsers.) You will remain in this secure area for the entire checkout process.
If your browser doesn’t support SSL, you’ll be unable to connect to our secure shopping cart server, which means you needn’t worry about mistakenly placing an order through an unsecured connection. If you can’t access the secure server, for whatever reason, we offer many other options for placing an order. You may place your order by sending it via e-mail to: [email protected] If you choose this option, please DO NOT include credit card information, as e-mail is absolutely not a secure method of sending private financial information over the Internet. Simply include your daytime phone number in the e-mail, and we will call you for the necessary information. You may also order by phone or fax during normal business hours at (800) 450-9111. We’re open from Mon - Fri 9 to 5:30 Pacific Time. Of course, you may also print your completed order and mail it to us at: HeartMath, Inc 14700 West Park Avenue Boulder Creek, CA 95006 If you have further questions, please call us toll-free at 1-800-450-9111 or e-mail us, including your name and mailing address, at: [email protected]
Our web sites are hosted and our services are provided in the United States of America and are intended for and directed to US customers. If you are accessing the web sites or services from the European Union, Asia, or any other jurisdiction with laws or regulations governing personal data collection, use, and disclosure, which differ from United States laws, please be advised that through your use of the web sites and services, you are transferring your personal information to the United States of America and you consent to that transfer. Not all European laws may apply to our websites in the US. HeartCloud follows GDPR standards. Data is stored on US servers.
Notification and Changes
For questions about this privacy statement, the practices of this website or any dealings with HeartMath Inc., contact:
Chief Financial Officer
Telephone: (800) 450-9111 (Toll-Free)
Telephone: (831) 338-8700 (International)
E-Mail: [email protected]
Effective Date of This Version: Monday, May 21, 2018