Privacy Policy
Overview
-
Opening Statement
-
Product-specific Policies​
-
General Policies
-
Information We Collect and How We Use It
-
Personal Data
-
Usage, Location and Tracking Cookies
-
-
How We Use Personal Data
-
How We Retain, Transfer, and Disclose Your Personal Data
-
Business Transaction
-
Disclosure for Law Enforcement
-
Other Legal Requirements
-
Information Security
-
Your Rights under the California Online Privacy Protection Act (CalOPPA)
-
Your Rights under the General Data Privacy Regulation (GDPR)
-
Your Rights under the California Consumer Privacy Act (CCPA)
-
Our Commitment to Children's Privacy
-
Changes to our Privacy Policy
-
Contact Us
-
Opening Statement
​
headoffice.space, Inc. (“HeadOffice”, the “Company”, “we”, or “our”) operates the website www.headoffice.space (the “Site”) and provide certain services (the “Services”) in connection with a software as a service-based platform (the “Software”) that enables you to build customized virtual spaces and host virtual events in those customized virtual spaces. For purposes of this Privacy Policy, the Software is subsumed with the definition of Services. We offer the Services with limited features for free, and we charge money for other uses of the Services (the fees vary based on factors such as event time and features). We also make subscriptions of the Services available.
When you access the Site or Services, you trust us with certain information. We are committed to keeping that trust, and that starts with helping you to understand our privacy practices. We collect several different types of information for various purposes, but mainly to provide the Services and improve our Services for the benefit of our customers.
This privacy policy (“Privacy Policy”) informs you of our policies regarding the collection, use and disclosure of Personal Data (as defined) and other relevant data and information when you access the Site or Services and the choices you have associated with that data and information.
We have organized this Privacy Policy to first highlight how we use data in connection with aspects of the Software (the HeadOffice platform), followed by how we comply with our legal obligations in relation to data privacy to the Site and Services generally. By using the Site or Services, you agree to the collection and use of data and information in accordance with this policy.
​​
-
HeadOffice does not store or view user audio or video, which are encrypted in transit (similar to Google Meet).
-
HeadOffice stores chat messages on our server by default, but the host of a space can turn off this function and store chats locally (with this option, chat messages will not persist for future sessions)
-
If you provide feedback via the feedback form on the App, we store your message, along with your name and email, if you provide them, which are used only to respond to your feedback.
-
We use Google Analytics on all of our webpages. You can learn more about how Google Analytics collects and processes your data on the following page: “How Google uses data when you use our partners' sites or apps.”
-
We use Google Analytics to count and log the number of unique visitors on each page of our websites and to understand where that traffic is coming from. Both of these help inform our writing and decision-making so we can provide this service to you.
-
We only chose to use Google Analytics after reading through their privacy policy and deciding that it met our standards. If this choice doesn’t meet your standards, you can disable this feature on our websites below. If you'd like to disable this feature across your web browser, Google provides an add-on that prevents your data from being used by Google Analytics on other websites. As always, we also welcome you to tell us about your concerns.
-
​
​
Information We Collect and How We Use It
​
Personal Data
In connection with your use of the Site and Services, we may receive various types of information related to you, as well as information you provide us about others. Sometimes you provide us with this data and sometimes data about you is collected automatically. To the extent data is associated with an identified or identifiable natural person and is protected as personal information (or substantially equivalent terms) under applicable data protection laws, it is referred to in this Privacy Policy as “Personal Data.” You acknowledge and agree we may collect, process, store, access, and disclose Personal Data disclosed by you to facilitate the provision of the Site and Services and related support for the Services in the manner described in this Privacy Policy.
​
Types of Personal Data we collect includes:
-
Email address
-
First name and last name
-
The nickname or other information you might provide in connection with an avatar
-
Usage, location and cookie data
If you use the Services to make payments of any kind, or to set up the capability to make payments, you may provide us (or our third-party payment processors) additional Personal Data including financial information (such as your credit/debit card information or other applicable payment method, billing address, billing telephone number, date of birth, or other information). We store very little, if any, customer financial information and such financial information is typically stored by our third-party payment processors, but we may use this information under certain circumstances to create and to provide support related to your account and to communicate with you relating to customer support inquiries as well as other communications related to the Services. We encourage you to review the privacy policies of any third-party payment processors used in connection with and to contact them directly if you have questions relating to your data, including Personal Data, as it relates to such payments. We currently use Stripe to process debit and credit card payments and their data policies can be found here.
Usage, Location and Tracking Cookies.
We collect information on how the Site and Services are accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address, browser type, browser version, the pages of our Site that you visit,the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
We may use and store information about your location (“Location Data”) when you visit the Site. We use this data to improve and customize our Site or Services. You can enable or disable location services when you use our Site and Services at any time by way of your device settings.
We may use Cookies (a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site’s computers and stored on your computer’s hard drive) and similar tracking technologies to track the activity on our Site, and these Cookies and similar technologies hold certain information. We may also use (and enable third-party service providers to use) other tracking technologies such as beacons, tags, hashed emails and scripts to collect and track information and to improve and analyze our Site and Services and for targeted advertising purposes related to the Site. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some portions of our Site and Services. We may use a third-party service to monitor and analyze the use of our Site and Services, such as Google Analytics.
How We Use Personal Data
While HeadOffice reserves the right to use your Personal Data for any legitimate business purpose as set forth in the California Consumer Privacy Act (the “CCPA”), we generally use Personal Data only to provide and maintain the Services and not for marketing purposes. Specifically, we use Personal Data:
-
to provide and maintain our services;
-
to notify you about changes to our services;
-
to allow you to participate in interactive features of our services when you choose to do so;
-
to provide customer support;
-
to improve our Site and Services
-
to monitor the usage of our Site and Services
-
to detect, prevent and address technical issues in connection with our Site and Services
How We Retain, Transfer, and Disclose Your Personal Data
In general, we retain your Personal Data only for as long as is necessary for the legitimate business purposes set forth in this Privacy Policy.
Typically, if you use our Services, we retain Personal Data about you for as long as you have an open user account with us and will not retain it for more than twelve (12) months after you close your user account, unless a different policy is otherwise agreed upon in an executed agreement. Thereafter, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time than Personal Data, except when this data is used to strengthen the security or to improve the functionality of our Site, or we are legally obligated to retain this data for longer periods.
Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Your consent to this Privacy Policy by using the Site or Services followed by your submission of such information represents your agreement to that transfer, although we do offer a DPA for certain enterprise customers.
We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and applicable data protection laws and that no transfer of your Personal Data take place to an organization or a country unless there are adequate controls in place for that transfer including the security of your data and other personal information.
Except as described in this Privacy Policy, will not use or disclose Personal Data for any purpose other than to the extent reasonably necessary to perform the Services and related support for the Services. As a matter of policy, we will not disclose information about you in a manner inconsistent with this Privacy Policy except as required by law or government regulation, unless we obtain your express consent.
That said, we will process and disclose your Personal Data to the extent necessary to comply with our legal obligations, complete corporation transactions, resolve disputes, and enforce our legal agreements and policies as follows:
Business Transaction
If the Company is involved in a merger, acquisition, or asset sale, we may disclose or transfer Personal Data for purposes consistent with that transaction.
Disclosure of Data
Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other Legal Requirements
The Company may disclose your Personal Data in the good faith belief that such action is necessary to:
-
(i) To comply with a legal obligation
-
(ii) To protect and defend the rights or property of the Company
-
(iii) To prevent or investigate possible wrongdoing in connection with the Site or Services
-
(iv) To protect the personal safety of users of the Site or Services or the public
-
(v) To protect against legal liability
Information Security
The security of your data is important to us, and we use industry standard methods for data encryption and key management to protect data transmitted over public networks and when stored on our systems. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, as no method of transmission over the internet or method of electronic storage is 100% secure.
Your Rights under the California Online Privacy Protection Act (CalOPPA)
We do not support Do Not Track (“DNT”). DNT is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the Preferences or Settings page of your web browser.
In accordance with CalOPPA, we agree to the following:
-
Site users can visit our site anonymously
-
Site users will be notified of any privacy policy changes on our Privacy Policy page
-
Site users are able to change their personal information (as defined by CalOPPA) by emailing us at contact@headoffice.space
Your Rights under the General Data Privacy Regulation (GDPR)
If you are a resident of the European Union (EU) and European Economic Area (EEA), GDPR affords you certain rights. These include:
-
The right to access, delete, or update the information we have on you;
-
The right to have your information rectified if that information is incomplete or incorrect;
-
The right to object to our processing of your data;
-
The right to request that we restrict the processing of your data;
-
The right to request a copy of your personal data in machine-readable and commonly-used format;
-
The right to withdraw your consent at any time where we rely on your consent to process your personal information.
To exercise any of the above rights, please send a request to contact@headoffice.space.
Please note that we may ask you to verify your identity before responding to such requests.
Additionally, you have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Your Rights under the California Consumer Privacy Act (CCPA)
If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and ask us not to sell it. You may request what personal information we have about you. If you make this request, we will return to you:
-
(i) The categories of personal information (as defined by the CCPA) we have collected about you.
-
(ii) The categories of sources from which we collect your personal information.
-
(iii) The business or commercial purpose for collecting or selling your Personal Information.
-
(iv) The categories of third parties with whom we share personal information.
-
(v) The specific pieces of personal information we have collected about you.
-
(vi) A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact.
-
(vii) A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with. Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.
Please note, if you ask us to delete your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function.
We will not discriminate against you under any circumstances for exercising your rights in connection with the CCPA. To exercise your California data protection rights described above, please send a request to contact@headoffice.space.
Our Commitment to Children’s Privacy
At HeadOffice we take children’s privacy very seriously. While the Services are designed for businesses and individuals over the age of 18, we recognize that the HeadOffice platform may be used by educational institutions to create virtual spaces with events that include students under the age of 18 (each a “Child”). In such cases, the host institution is responsible for managing the Child data and collecting consents as required by law. HeadOffice will never use Child personal data for its own purposes or to serve advertisements. Except as otherwise set forth in this section, HeadOffice does not knowingly collect Personal Information from Children under the age of 16. If you are under 16, you should not use or attempt to use the Services or send any information about yourself to HeadOffice. If we discover that we have directly collected information from a Child under the age of 16, we will take the appropriate measures to promptly remove that information from our Services.
If you believe that HeadOffice may have directly collected Personal Information about a Child under the age of 16 please contact us at contact@headoffice.space to let us know. We’ll work with you to make sure that information is removed from our Site and Services, as applicable.
Changes to our Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and by updating the “effective date” at the top of this Privacy Policy. Please review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when posted.
​
Contact Us
Questions or concerns about this Privacy Policy or your Personal Data may be addressed by email at contact@headoffice.space
