Effective Date: November 2023
Hyland Software, Inc. and its affiliate entities are responsible for processing your Personal Information as described in this Policy. Contact information for each Hyland company is available here.
The term Personal Information used in this Policy means any information related to or about an identified or identifiable natural person.
This Policy contains the following sections:
- Information We Collect
- How We Use Your Information
- How We Disclose Your Information
- How We Secure Your Information
- Your Choices Regarding Your Personal Information
- Users Who Reside Outside the United States
- Social Features
- Children’s Privacy
- English Language Controls
- Changes to this Policy
- Contact Us
Information We Collect
Information You Provide to Us. We collect information you provide directly to us. For example, when you complete an online contact form, create a Hyland ID, or register for a Hyland Event. The Personal Information you might choose to provide to us includes, for example, the following:
- Name, physical address, e-mail address, phone numbers
- Job Title
- Login credentials for our Sites
- Account profile, including your interests and a photograph
- Applications for Hyland educational opportunities, including your references, programming experience, academic transcripts, and application essays
- Commercial information, including records of services purchased, purchasing or consumer histories, and order information for training courses
- Training records, including courses you have taken, certifications you have completed, your scores, and grades
- Dietary preferences and restrictions when you attend Hyland Events
- Other information you choose to provide, including content you submit when you provide feedback on our Sites or services, contact customer support, or otherwise contact Hyland
- Communications data, including during our communications with you, where permitted by applicable law, we collect the content of these communications as well as metadata about the communications, i.e., date and time of the call or text (SMS or MMS) message and phone numbers.
- For equity owners and option holders only, your social security number, date of birth, driver's license or other identification number, passport number, and voting records, as applicable.
Hyland is not responsible for information you upload via the Sites to evaluate or demo Hyland’s propriety software products. When evaluating Hyland’s propriety software products via the Sites, you should not upload Personal Information or other confidential corporate information.
Information We Collect from Third Parties. We may receive information about you from third parties, including event sponsors, third-party websites, marketing/advertising companies, consumer research companies and other public sources, including, for example, your name, e-mail address, phone number, title/role within your company, internet activity and other company data. We may combine this information with information we received from other sources.
Do Not Track Setting. We track your online activities over time and across third party websites or online services. We also track your activities on the Sites. Additionally, we use web beacons to track your visits so that third party service providers can display Hyland advertisements to you on other websites based on your activities while visiting the Sites. We may allow third party service providers to use tracking devices to collect the same types of information for the same purposes as we collect your information. You may implement restrictions on tracking, such as plug-ins or browser settings. In that case, some features of the Sites, for example, personalization or authentication, may not work as designed.
Your web browser may have settings that allows you to transmit a “Do Not Track” signal when you visit various websites or use online services. Like many websites, the Sites are not designed to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, click here.
How We Use Your Information
We may use the information, including Personal Information, we obtain through the Sites or Hyland Events, as applicable, for a number of purposes, including:
- To improve and customize the online user experience;
- To respond to e-mails or other requests, comments or questions;
- To provide customer support;
- To provide you with information that we believe may be useful to you, such as information about products or services we offer;
- To maintain records of our transactions and communications;
- To provide registration and other confirmation communications or other information for courses, webinars, or other events you sign up for;
- To monitor and analyze trends, usage, and activities of the Sites users;
- To improve our products and services;
- To report suspected criminal acts;
- To comply with applicable laws, regulations, or legal process as well as industry standards and our company policies;
- To prevent fraud or other misuse, including by protecting our rights and the rights of related third parties;
- To administer the equity owner relationship, including scheduling meetings and other company events and recordkeeping.
In addition, we may use the Personal Information we obtain about you in other ways for which we provide notice at the time of collection.
How We Disclose Your Information
We may disclose your Personal Information to:
- Affiliated Companies. As an international organization, Personal Information about you may be disclosed globally throughout Hyland’s international organization. A list of Hyland entities and their contact information is available here. Personal Information may be disclosed with affiliated companies for any of the purposes set forth in the section above titled “How We Use Your Information.”
- Third Party Service Providers under Contract with Hyland. For example, data analytics providers, event management companies, credit card processors, website management, law firms, auditors, marketing and advertisement companies, and other similar providers. We disclose your Personal Information with these Service Providers so that they can perform certain business functions on behalf of Hyland.
- Other Unaffiliated Third Parties. We may disclose your Personal Information with other unaffiliated third parties for the following purposes:
- Event Sponsors and Exhibitors: When you register for a Hyland Event and intentionally direct us to disclose your Personal Information to third-party event sponsors and exhibitors, we will disclose only the Personal Information you direct us to disclose.
- Required Disclosures. To comply with a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
- Government Agency Requests. To respond to a request by a government agency.
- Legal Compliance and Protection. To comply with the law or to protect the rights, property, or safety of Hyland, our users, or others. This may include sharing information, including Personal Information, with other companies and organizations for fraud protection and credit risk reduction.
- Corporate Transactions: In the event of a corporate merger, consolidation, sale, assignment, bankruptcy (or similar proceeding), or other disposition of a portion or of all our business, assets, or stock.
We may use and disclose Aggregated or Deidentified Information about our users and information that does not identify any individual user without restriction. Neither Aggregated Information nor Deidentified Information (defined below) is Personal Information.
- Aggregated Information: Refers to information about a group of individuals from which the individually identifiable information has been removed. An example of Aggregated Information would be the statistic that 20 people used our website’s contact form on a given day.
- Deidentified: Means information subjected to reasonable measures to ensure that the deidentified information cannot be associated with the individual. An example of Deidentified Information would be the data point that an unidentified visitor first entered the Site through our main web page. We maintain Deidentified Information in a deidentified form and do not attempt to reidentify it, except that we may attempt to reidentify the information just to determine whether our deidentification processes function correctly.
How We Secure Your Information
We maintain appropriate physical, electronic, and administrative safeguards designed to protect the Personal Information that we obtain in accordance with this Policy. Although we use reasonable efforts to secure such information, transmission via the internet is not completely secure, and we cannot guarantee the confidentiality of information transmitted to us over the internet.
We retain the Personal Information that we obtain subject to this Policy for the duration of the customer or business relationship, if any. We may also retain this Personal Information for at least 12 months after our last interaction with you. We may retain this Personal Information for a longer period, as necessary to comply with legal or regulatory requirements, for example, a litigation hold.
Your Choices Regarding Your Personal Information
You may request that we update, correct, or delete your Personal Information which is subject to this Policy by contacting us at the information provided below. We will respond to these requests in accordance with applicable law. To help protect your privacy and security, we may take reasonable steps to verify your identity prior to honoring any such requests.
Your Choices Regarding Promotional Emails. You may unsubscribe from receiving promotional emails from us by following the instructions provided in those email communications. Please note that even if you opt out of receiving promotional communications from us, we may continue to send you non-promotional emails, such as emails concerning our ongoing business relationship with you.
Users Who Reside Outside the United States
If you reside outside the United States, please be aware that information we collect about you will be transferred to, and processed in, the United States and other countries. By using the Sites, attending a Hyland Event, or otherwise providing your information to us, you acknowledge and consent to the transfer and processing of your Personal Information in the United States as described in this Policy.
Users Located in the European Economic Areas, United Kingdom, or Switzerland (Collectively the “EEA”)
Obligation to Provide Personal Information and Automated Decision-Making. Individuals in the EEA (“EEA Individuals”) are not required by statute or by contract to provide any Personal Information. We will not use an EEA Individual’s Personal Information which is subject to this Policy for automated decision-making, including for profiling, that produces legal effects or similarly significantly affects an EEA Individual.
Data Retention. We retain the Personal Information collected through the Sites or a Hyland Event for as long as we have a business purpose or longer if required by applicable law. You may request that we delete your Personal Information as described below.
Cross-Border Data Transfers: The Personal Information collected pursuant to this Policy will be transferred to a database in the United States controlled by Hyland Software, Inc., located at 28105 Clemens Road, Westlake, Ohio 44145 in the United States. Hyland Software, Inc. will use the Personal Information for the purposes described above and to forward any requests you submit through the Sites to Hyland (the Hyland affiliated company applicable to you) and, as needed to respond to your requests, to other Hyland affiliated companies. Hyland affiliated companies are located as described here. Hyland Software, Inc. and all Hyland affiliated companies have agreed to process your Personal Information in accordance with the Standard Contractual Clauses for data controllers approved by the European Commission. You can obtain a copy of the Standard Contractual Clauses by submitting a request to [email protected].
Before transferring your Personal Information to a third party recipient located outside the EEA, Hyland, or Hyland Software, Inc. on Hyland’s behalf, will: (a) execute Standard Contractual Clauses, approved by the European Commission, to ensure an adequate level of protection for the transfer of your Personal Information to those entities outside the EU; (b) confirm that the third party has certified to the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework; or (c) otherwise ensure adequate protection for your Personal Information. You can obtain a copy of the relevant Standard Contractual Clauses by contacting [email protected].
Legal Bases For Processing: Hyland processes your Personal Information with your consent and as required by law. Hyland also processes Personal Information as necessary for its legitimate interests as follows:
Business Operations: We use your Personal Information for our legitimate business purposes, including to fulfill our contractual obligations, develop new products and services, to improve existing products and services, and to personalize communications.
Marketing and Advertising: We use your Personal Information to provide you information about the products and services, as well as Hyland sponsored events, that we think might interest you in accordance with applicable law. We also use this data to conduct market research and to improve our marketing strategies.
Investigations: In the event of fraud, a security incident, or a suspected criminal act, we would examine Personal Information that appeared to be linked to the incident as necessary to investigate and remediate the incident as well as to report the incident to authorities, and prevent a recurrence.
Right to Object to Processing for Legitimate Interests: EEA Individuals have the right to object to the processing of their Personal Information for purposes of Hyland’s direct marketing or other legitimate interests by completing this Information Request Form.
EEA Individuals have the right to access their Personal Information. EEA Individuals’ right to access their Personal Information includes their right to receive a copy of all, or a portion, of their Personal Information as long as Hyland’s providing the Personal Information would not adversely affect the rights and freedoms of others. EEA Individuals also have the right to request that Hyland update, correct or delete their Personal Information and to restrict Hyland’s processing of their Personal Information, as provided by applicable law.
EEA Individuals also have the right to data portability concerning their Personal Information. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Hyland, or to ask Hyland to send to a third party, a digital copy of their Personal Information they provide to Hyland.
EEA Individuals can exercise these rights by completing this Information Request Form. We may request identifying information from you to confirm your identity and ensure your right to exercise any of these rights. Hyland will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their Personal Information has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.
EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their Personal Information where Hyland requires their consent as a legal basis for processing their Personal Information. Any withdrawal will apply only prospectively, and Hyland will continue to retain the Personal Information that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.
The Hyland Data Protection Officer for Europe can be reached at [email protected].
Links to Third-Party Sites and Social Features
The Sites also include features that are designed to permit interactions that you initiate between the Sites and third-party websites or services, including third party social networks (“Social Features”). Examples of Social Features include enabling you to “like” or “share” our content on other websites or services or to transmit content to our Platform from your account on a third-party website or service.
The information we collect in connection with Social Features is subject to this Policy. The information collected and stored by the third parties remains subject to those third parties’ privacy practices, including whether the third parties continue to disclose information to us, the types of information disclosed, and your choices regarding what is visible to others on those third-party websites or services.
Our Sites and Hyland Events are not intended for children, nor are they targeted to children under the age of 13. We do not knowingly collect Personal Information from children under the age of 13 through the Site or at Hyland Events, and if we learn that we have received information from a visitor under the age of 13, we will delete such information in accordance with applicable law.
Hyland will only accept applications for children under the age of 13 to attend Hyland’s educational programs, e.g., the Hy-Tech Camps, when those applications are submitted by the child’s parents or legal guardian.
English Language Controls
This Policy is executed in English and may be translated into other languages. In the event of any conflict or discrepancy between the English language and a translated version, the English language version shall control to the fullest extent permitted by applicable law.
Changes to this Policy
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Policy. We encourage you to review this Policy whenever you visit our Sites, attend a Hyland Event, or otherwise provide your Personal Information to Hyland to stay informed about our information practices. This Policy was last modified in November 2023. If we materially change this Policy in a way that affects how we use or disclose your Personal Information, we will provide a prominent notice and the effective date of the changes before making them.
To contact us regarding this Policy or with questions about our privacy practices, please complete this Information Request Form.