Privacy Policy
of Helix Metrics LLC

Helix Metrics LLC (together with its affiliated companies, "Helix Metrics", "we", or "us") values your privacy and is committed to protecting your personal data. This Privacy Policy describes how we collect, store, use, and disclose personal data when you interact with us, including when you visit or interact with any of our linked websites, participate in any of our events, interact with any of our online ads and content, emails, sales and marketing channels, integrations, or communications under our control (collectively, the "Services").

Please carefully review this Privacy Policy and use the information herein to make informed choices. If you have any concerns or questions about our privacy practices, please do not hesitate to contact us. By accessing the Services, registering for an account, or making a purchase from us, you agree to all of the terms set forth in this Privacy Policy.

Our Services are designed for businesses and are not intended for personal or household use. Thus, we treat all personal data covered by this Privacy Policy, including information about any visitors to our sites, as pertaining to individuals acting as business representatives rather than in their personal capacity.

You are not legally required to provide us with any personal data. If you do not wish to provide us with your personal data or have it processed by us or any of our service providers, please do not provide it to us and avoid any interaction with us or with any of our Services.

This Privacy Policy covers the following topics:

1. Data Collection & Processing
2. Data Uses & Lawful Bases for Processing
3. Data Storage and Transfer
4. How Long We Retain Your Personal Data
5. How We Share or Otherwise Disclose Your Personal Data
6. Cookies and Data Collection Technologies and Do Not Track
7. Communications
8. Data Security
9. Data Subject Rights
10. Data Controller/Processor
11. US Privacy Notices
12. Additional Notice & Contact Details

Collection and Processing of Personal Data

In this Privacy Policy, "personal data" refers to information that can be used to identify, relate to, describe, or be associated with an individual. It does not include aggregate or anonymous data that cannot be linked to an individual.

We collect personal data in the following categories for different types of individuals:

• Merchant Data: Personal data that we collect and process on behalf of our business customers, also known as "merchants," as part of our eCommerce Operating System platform. We process this data in accordance with our Data Processing Addendum with the customer and under their instruction. This Privacy Policy does not apply to this processing, so please contact the customer directly to learn about their privacy practices.
• User Data: Personal data related to our customers' internal contacts and users of the platform, such as account administrators, billing contacts, and authorized signatories. We also collect information about the customer's business needs and preferences.
• Prospect Data: Personal data about visitors to our websites, participants in our events, and potential customers, users, or partners who interact with our sites and services.

Data Uses and Lawful Bases for Processing

The following table outlines the purpose and lawful basis for processing personal data of Users, Prospects, and Customers:

Your use of the Services or residency in a territory that requires "Consent" as the only or most appropriate lawful basis for personal data processing, means that by accepting our Terms of Service or executing another service agreement with Helix Metrics and this Privacy Policy, you give your consent for the processing of your personal data for all purposes detailed in this Privacy Policy, unless applicable law requires a different form of consent. If you wish to revoke your consent, please contact us at hello@helixmetrics.com.

We confirm that we do not sell your personal data for the purposes of the California Consumer Privacy Act (CCPA) or California Consumer Rights Act (CPRA), and we have never sold your personal data in the past.

3. Storage and Transfer of Data

To provide our Services effectively, Helix Metrics and our authorized service providers (as detailed below) store, maintain, and process personal data in various locations including the United States of America, Europe, and other jurisdictions as required by law or necessary for proper performance and delivery of our Services.

Despite differing privacy laws across jurisdictions, Helix Metrics is committed to safeguarding personal data in accordance with customary industry standards and this Privacy Policy, and using appropriate lawful mechanisms and contractual terms for adequate data protection, irrespective of lesser legal requirements that may apply in the destination jurisdiction.

Our headquarters are based in the United States, and for any data transfers from the EEA, Switzerland, or UK to countries that do not offer adequate data protection, we and the relevant data exporters and importers have executed Standard Contractual Clauses approved by the European Commission, FDPIC, and UK Information Commissioner’s Office (ICO) reference 2010/87/EU prior to September 27, 2021, and 2021/914 thereafter, or any subsequent final version.

4. Personal Data Retention

In order to maintain and develop our relationship and provide you with our Services and offerings, comply with legal and contractual obligations, or protect ourselves from any potential disputes, we retain personal data for a reasonable period. Our data retention policy and applicable laws guide us in determining the appropriate retention period for personal data.

Factors such as the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements are considered to determine the appropriate retention period.

It's important to note that we're not obligated to retain your personal data for any particular period, except as required by applicable law or our specific agreements with you. We may securely delete, anonymize, or restrict access to your data at any time and for any reason, with or without notice to you.

If you have any questions regarding our data retention policy, please contact us at hello@helixmetrics.com.

5. Ways We Share or Disclose Your Personal Data

1. Service Providers: We hire selected third-party entities and individuals to offer services complementary to our own, such as hosting and server co-location services, data security services, billing and payment processing services, and others. Our service providers may have access to personal data, as specified in our agreements with them.
2. Partnerships: We collaborate with selected business and channel partners, resellers, distributors, and providers of professional services related to our Services to pursue growth opportunities by offering tailored experiences for our customers, users, and prospects. In such instances, we may share relevant contact, business, and usage details with the respective partner. If you engage with any of our partners, please note that the partner’s own terms and policies may cover any aspect of that engagement that is not related to our Services and directed by Helix Metrics. Please review their privacy notices and terms of services for more information.
3. Service Integrations: To use our Services to the fullest extent, you may need to connect or integrate with third-party services such as Facebook, Google Ads, inventory CRMs, financial CRMs, and others, to share or receive data that may include personal data. The provider of the connected or integrated third-party service may receive certain relevant data about or from your account on the Services, or share certain relevant data from your account on the third-party provider’s service with our Services, depending on the nature and purpose of such integration. We do not receive or store your passwords for any of these third-party services.
4. Event Sponsors: If you attend an event or webinar organized by us, or download or access an asset on our sites related to such an event, webinar, or other activity involving third-party sponsors or presenters, we may share your personal data with them. Depending on the applicable law, you may consent to such sharing via the registration form or by allowing your attendee badge to be scanned at a sponsor booth. In these circumstances, your personal data will be subject to the sponsors’ privacy statements.
5. Sharing your Feedback or Recommendations: If you submit a public review or feedback, we may store and present your review on our sites and in our Services.
6. Business Customers: Our customers have access to any personal data we process on their behalf in our capacity as a “processor” or a “service provider,” as well as to personal data relating to their users, as it relates to their use of our Services.
7. Legal Compliance: We may disclose or allow government and law enforcement officials access to your personal data if required by law or if we believe in good faith that such disclosure is necessary to investigate, prevent, or take action regarding illegal activity, fraud, or other wrongdoing, or to protect our legitimate business interests or the rights, property, or personal safety of Helix Metrics, our employees, prospects, users, customers, or members of the general public.
8. Protecting Rights and Safety: We may share personal data with others if we believe in good faith that this will help protect the rights, property, or personal safety of Helix Metrics and our employees, any of our prospects, users, or customers, or any members of the general public.
9. Helix Metrics Subsidiaries and Affiliated Companies: We may share personal data within our group for the purposes described in this Privacy Policy. In addition, personal data may be shared with or transferred to third parties during a corporate business transaction, such as merger, acquisition, or purchase of substantially all or part of our assets. Personal data may also be disclosed in the event of insolvency, bankruptcy, or receivership.

To clarify, Helix Metrics has the option to share personal data in other ways if you explicitly consent to it, if it is required by law, or if the data has been effectively de-identified and rendered anonymous. We may freely transfer, share, or use data that is non-personal and cannot be used to identify individuals without seeking additional approval.

6. Cookies, Data Collection Technologies, and Do Not Track

To ensure the proper functioning and personalization of our Services, we and our service providers use cookies, pixels, anonymous identifiers, container tags, and other technologies. We also use these tools for analyzing our performance and marketing activities, product development, and improvement.

Our Cookie Policy provides more information about our practices on cookies and tracking. Cookies are packets of information sent to and from your web browser each time it accesses the server that sent the cookie. There are two types of cookies: Session Cookies and Persistent Cookies. We use Persistent Cookies to remember your log-in details and make it easier for you to access the platform next time. We may also use HTML5 local storage or Flash cookies for these purposes.

Please note that we do not alter our practices in response to a "Do Not Track" signal in the HTTP header from a browser or mobile application. However, you may manage your cookies preferences through your browser settings. Please keep in mind that disabling cookies may make it difficult or impossible to use our Services.

We also use Google Analytics, a web analytics tool, to track user behavior on our Services. This helps us understand how users interact with our pages, including their clicks, touch, scrolls, and keystroke activities. Further details about our analytics service provider's privacy practices are available at www.google.com/policies/privacy/partners. You may also opt-out of this analytics service at https://tools.google.com/dlpage/gaoptout.

If you get a new computer, install a new browser, or alter your browser's cookie file, you may need to clear the opt-out cookies installed previously. Hence, an additional opt-out will be necessary to prevent additional tracking.

For more information on our cookie and data collection technologies, please use the "Cookie settings" feature available in our Services depending on your location and activity on our Services.

7. Communication

We may communicate with you through various channels, including email, phone, SMS, and notifications.

Service Communications: We may reach out to you to provide important information regarding our Services, such as notifications of changes or updates, billing issues, login attempts, or password reset notices. Please note that certain service communications, such as password resets or billing notices, are necessary for your use of some of our Services and cannot be opted out of.

Promotional Communications: We may also send you information about new features, additional offerings, events, special opportunities, or any other information we believe may be valuable to you, subject to your consent where required by applicable laws. We may send these notices through various means, including phone, email, the Services, or marketing campaigns on other sites or platforms.

If you do not want to receive promotional communications from us, you can let us know at any time by sending an email to hello@helixmetrics.com, requesting via live chat on the Helix Metrics website/app, or following the instructions provided in the promotional communications you receive.

8. Data Security

We have taken steps to secure your personal data by implementing industry-standard physical, procedural, and technical security measures. These measures are intended to minimize the risk of theft, damage, loss of information, unauthorized access or use of information. However, we cannot guarantee that our Services will be completely immune to malicious activity, malfunction, unlawful interception or access, or other types of misuse. Therefore, when using our Services, you assume the risks involved.

To help protect your information, we recommend that you choose strong and unique passwords, install the latest security updates and anti-virus software on your computer/device, not share your password with anyone, and review your account information periodically. If you notice any suspicious activity or inaccurate information, or if you believe your information is no longer secure, please contact us immediately at hello@helixmetrics.com.

9. Your Data Subject Rights

As an individual, you have certain rights when it comes to your personal data. At Helix Metrics, we take these rights seriously and are committed to respecting them in accordance with applicable privacy laws. To exercise your rights, we may ask you to provide us with certain credentials to verify your identity and avoid disclosing personal data related to others. We may also need additional information from you to better understand the nature and scope of your request.

Some of the rights you may have under applicable privacy laws include the right to access, correct, or delete your personal data, as well as the right to object to or restrict its processing. You may also have the right to data portability and the right to equal services and prices, among others. If you wish to exercise any of these rights, please contact us by email or through the live chat on our website/app.

Please note that some of these rights may be subject to exceptions or limitations under applicable laws. Additionally, we may need to redact personal data related to others from the information we provide to you.

We will not charge a fee to process or respond to your verifiable privacy request unless it is excessive, repetitive, or manifestly unfounded. If we determine that a fee is warranted, we will explain why and provide you with a cost estimate before proceeding. However, we may refuse to comply with your request in certain circumstances.

To fulfill your request, we may need to verify that you are the individual about whom we collected the personal data. If you request deletion of your personal data, we may deny your request or retain certain elements of it if necessary. In either case, we will provide you with our reasoning.

10. Data Controller/Processor

In accordance with various data protection laws, including the EU GDPR, UK GDPR, CCPA/CPRA, and VCDPA, parties processing personal data are typically classified as either a "data controller" or a "data processor". The data controller determines the purposes and means of processing, while the data processor processes the data on behalf of the data controller. Here's how these roles apply to Helix Metrics and our Services, where applicable.

Prospect Data is controlled by Helix Metrics, meaning we assume the responsibilities of data controller (as applicable under the law) for that data, as described in this Privacy Policy. Our service providers who process this data on our behalf will assume the role of "data processor".

With respect to Customer Data, Helix Metrics acts as the data processor and processes it on behalf of our customers, who are the data controllers of that data. In such instances, our service providers who process the Customer Data on our behalf are considered "sub-processors".

Helix Metrics is both a data controller and data processor of User Data. We process this data for our own purposes as an independent controller, as described in Section 2 above. However, some portions of User Data may be included in Customer Data, which we process on behalf of our customers as a data processor.

Therefore, when processing Customer Data (which may include some User Data), Helix Metrics strictly follows our customer's reasonable instructions and the terms stipulated in our Data Processing Addendum and other commercial agreements with the customer.

It's important to note that our customers are solely responsible for deciding whether and how to use our Services, and for ensuring that all individuals using the Services on their behalf, as well as those whose personal data is included in the Customer Data processed through the Services, have been provided with adequate notice and given informed consent to the processing of their personal data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, recording, use or other processing of data through our Services are fully met by the customer, including specifically in the context of an employment relationship. Additionally, our customers are responsible for handling data subject rights requests under applicable law made by their users and other individuals whose data they process through the Services.

11. US Privacy Notices

The US Privacy Notice provides information on the collection, retention, and deletion of personal data, as well as the processing of such information for business purposes under the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA). We do not sell personal data under CCPA, and we only disclose personal data to authorized service providers or business partners who have agreed to our contractual limitations on retention, use, and disclosure of such data. If you need to designate an authorized agent to exercise your privacy rights, you may do so in writing or through a power of attorney and submit a request by email.

We do not collect household data and will respond to any Right to Know or Right to Delete request individually. However, we cannot comply with requests from individuals under the age of 13, as we do not collect personal data from minors. In accordance with Virginia requirements, you may designate an authorized agent to exercise your privacy rights on your behalf.

Furthermore, we do not disclose personal data for third-party direct marketing purposes. If you have any questions or would like to exercise your rights under CCPA/CPRA, Nevada S.B.220, or VCDPA, you can contact us at hello@helixmetrics.com or via mail at Helix Metrics LLC, US 2200 NW CORPORATE BLVD, STE 407 PMB1027 BOCA RATON, FL 33431.

12. Additional Notices and Contact Information

Updates and Modifications: We may modify and update this Privacy Policy periodically by publishing an amended version on our Services. The amended version will become effective on the date of publication. If we make significant changes, we will provide prior notice through available communication channels or via the Services. After the notice period, you will be deemed to have accepted all modifications. If consent is required based on your location, you will need to give your consent before accessing our Services following a Privacy Policy update.

External Links: Our Services may contain links to other websites or services, but we are not responsible for their privacy policies. We recommend that you read the privacy policies of every website or service you visit when leaving our Services. This Privacy Policy is only applicable to our Services.

Children: Our Services are not intended for minors, and we do not knowingly collect personal data from them. If we find that a minor is using our Services, we will take steps to prevent and block such use and delete any personal data relating to such minor. If you think that we have such data, please contact us at hello@helixmetrics.com.

Data Protection Officer: Dorian Daniel is our appointed Data Protection Officer (DPO), responsible for monitoring and advising on Helix Metrics's ongoing privacy compliance and serving as a point of contact for data subjects and supervisory authorities on privacy matters. If you have any comments, concerns, or complaints regarding our Privacy Policy or the processing of your personal data by Helix Metrics, please contact us at hello@helixmetrics.com.

Contacting Us: If you have any questions or comments about our Privacy Policy or your personal data held with us, please contact Helix Metrics's privacy team at hello@helixmetrics.com.