We respect and protect your privacy. Please do not hesitate to contact us if you have questions or concerns.
We may refer to your personal data as “your information” and may sometimes collectively refer to handling, collecting, protecting, and storing your personal data as "processing" such personal data.
“Website,” “the Website,” “this Website,” and “our Website,” or “Site”shall refer to www.harborcompliance.com and its subdomains.
Information We Collect
We collect personal information about you when you:
Register to use our services, and/or provide contact information to us via telephone, email, facsimile, mail, written correspondence, or through the Website. The information you consent to provide may include your username, name, gender, date of birth, home, and work contact details such as business title, email address, IP address, telephone number, country in which you reside, and your reviews and opinions about our products and services.
When you use our services, we will also collect transaction information, which may include your credit card, debit card, or Automated Clearing House (ACH) information, home, billing and mailing address, purchase history, and other payment-related information (“Payment Information”). We describe how Payment Information may be collected and processed below.
Technical, Usage, and Location Information
Third Party Platforms
We may collect information when you interact with our advertisements and other content on third-party sites or platforms, such as social networking sites. This may include information such as “likes”, follows, mentions, comments, and messages, profile information gathered from social networking sites, or the fact that you viewed or interacted with our content.
How We Use Your Information
Any of the information we collect from you may be used in one of the following ways:
- To improve our customer service;
- To send periodic emails. The email address you provide for order processing may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.;
- To respond to requests for information or in delivery of our Services. Your information will be used to provide you with the specific content or Services requested;
- To contact you in connection with technical, customer, and product/service support;
- For billing and collection purposes;
- To analyze the use of our website;
- In any other way we may describe when you provide the data; and/or
- For any other purpose with your consent
Note: If at any time you would like to unsubscribe from receiving future marketing or promotional emails, we include detailed unsubscribe instructions at the bottom of each marketing or promotional email.
Our Legitimate Reasons for Collecting Information
We collect information about you to provide our services. In order for us to best provide our services to you (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. This means that the data collection is largely necessary for fulfilling the business relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below to fulfill the services that you have contracted with us to provide and/or purchased or ordered from us.
Furthermore, the law processing of your personal data is necessary for the purposes of the legitimate interests that we pursue, which are to:
- run and administer our business;
- to discharge our legal obligations to store and disclose information where necessary;
- to evaluate, to develop and improve our services;
- to market new and improved services;
- for any necessary purpose in order to comply with any legal obligation to which we are subject.
Disclosure and Transfer of your Information
We use affiliated service providers to help us fulfill services to our clients and run our business subject to strict confidentiality agreements. These companies are authorized to use your personal information only as necessary to provide these services to us.
We will disclose data if we believe in good faith such disclosure is necessary (1) to comply with relevant laws or to respond to subpoenas or warrants or legal process served on us (though we reserve the right to take action on behalf of our users to defend their right to anonymity when we believe there is a legitimate basis to do so); (2) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; (3) as we otherwise deem necessary and is permitted by applicable laws to protect and defend the rights or property of us, the users of our services, or third parties; or (4) as permitted under applicable laws to meet national security and similar requirements; (5) in order to permit us to pursue available remedies or limit the damages that we may sustain;, (6) to respond to an emergency;, (7) or in the event that we sell (or propose to sell) any property, business or assets, we may disclose your information to the prospective buyer under a confidentiality agreement.
We use various technologies to collect and store information, including cookies, pixel tags, local storage, such as browser web storage or application data caches, databases, and server logs.
Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still purchase our services over the telephone or by contacting us.
Disclosure of Information to Outside Parties
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information other than to those entities for which you have provided consent. This does not include trusted third parties who assist us in operating our website, conducting our business, or fulfilling our services to you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Some affiliates of Harbor Compliance have their own websites with their own unique privacy policies, tailored to the services they provide. We encourage you to read those privacy policies carefully when you visit those affiliated sites.
When using third-party vendors or agents to which Harbor Compliance intends to transfer personal data, Harbor Compliance shall perform adequate due diligence to help ensure the security of such information. However, Harbor Compliance will not be liable if it can prove that it is not responsible for the event that caused damage and instead another party is responsible for the event that caused the damage.
Third Party Links
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Steps We Take to Ensure Your Privacy and Protect Your Information
The security of your personal data is important to us. We use generally accepted, industry standard tools and techniques to protect your personal data against unauthorized disclosure. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially reasonable means to protect your personal information, we cannot guarantee its absolute security.
We implement a variety of security measures to maintain the safety of your personal information when you place an order.
We use encryption to keep your data private while in transit. We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems. We restrict access to personal information to Harbor Compliance employees, contractors, and federal state or local agents who need that information in order to process the information to fulfill the business service. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
We use firewalls to secure the perimeter of our information network and monitor our systems regularly.
An authentication and authorization mechanism based on user identification (ID) and password is used to restrict access to information on the Harbor Compliance website. Each authenticated user only has access to the information that he or she is authorized to use. We use physical, administrative, and technical procedures to limit access to personal information.
Security Awareness and Acceptable Use Training (Our Employees)
All Harbor Compliance, employees receive annual security training. Employees read, understand, and expressly accept our Security Awareness and Acceptable Use Policy. Anyone with access to PCI Training, is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Harbor Compliance maintains protocols for physical security by enacting key card door access, video surveillance, and locked file cabinets.
Your Rights in Relation to Your Personal Information
At any time, you have the right:
- To be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);
- To request access to or a copy of any personal data which we hold about you;
- To rectify your personal data, if you consider that it is inaccurate;
- To ask us to delete your personal data, if you consider that we do not have the right to hold it;
- To withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent);
- To ask us to stop or start sending you marketing or promotional messages at any time;
- To restrict processing of your personal data;
- To permit data portability (moving some of your personal data elsewhere) in certain circumstances;
- To object to your personal data being processed in certain circumstances; and Not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data;
- To lodge a complaint with a supervisory authority;
- To know the source from where your personal information originated;
- To access (or obtain from us a confirmation if your personal information is being processed by us) the purpose of processing, recipients of your personal information;
- To submit a subject access request. If a request is received, the following information will be provided:
- What personal information pertaining to the user is being processed
- Why it's being processed
- Who has access to it
- How it is being used to make automated decisions
- What processes are using this information
- What processes are using this information
- The request for access will be responded to within 30 days and will include a copy of your personal information
How Long Do We Retain Your Personal Information?
We will retain your personal information for as long as is needed to fulfill the purposes outlined in this Policy, unless a longer retention period is necessary, required or permitted by law for archiving purposes in the public interest, scientific/historical research or statistical purposes (depending on circumstances, compatible processing purposes may include compliance/legal consideration, tax, accounting, security & fraud prevention or other legal requirements).
We may send you direct marketing communications, and retain your contact information necessary for this purpose (provided that you have consented to receiving them), for as long as you do not unsubscribe from receiving the same from us.
Legal Basis for Processing (EEA only):
If you are an individual from the European Economic Area (EEA), our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to perform a contract with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our or a third party's legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline or opt-out of providing your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our or a third party’s legitimate interests which are not already described in this Notice, we will make clear to you at the relevant time what those legitimate interests are. We will notify you of a data breach within 72 hours of discovery of the data breach.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us.
California Online Privacy Protection Act Compliance
Because we value your privacy we have taken the necessary precautions to comply with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent. We will comply with your “Do Not Track” requests to the extent technically possible.
We do not knowingly collect information from children under the age of 18 and we do not target our websites to children under 18. If we determine that an individual under the age of 18 has submitted information to this site, we delete that information.
In accordance with the CAN-SPAM Act, we will:
- Not use false or misleading subjects or email addresses;
- Identify the message as an advertisement in a reasonable way;
- Include the physical address of our business or site headquarters;
- Monitor third-party email marketing services for compliance, if one is used;
- Honor opt-out/unsubscribe messages quickly;
- Allow users to unsubscribe by using the link at the bottom of each email.
Terms and Conditions
This policy was created on 07/16/2012.
This policy was modified on 01/31/2013:
- Updated contact information
This policy was modified on 06/06/2014:
- Updated contact information
This policy was modified on 06/11/2019
Updated Policies and Procedures
1830 Colonial Village Lane
Lancaster, PA 17601