Introduction
This Privacy Policy explains how Hi Rasmus processes personal data when you use our website and platform.
We are committed to protecting personal data and handling it in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), UK GDPR, the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA), the Personal Information Protection and Electronic Documents Act (PIPEDA), the Australian Privacy Act, Brazil’s Lei Geral de Proteção de Dados (LGPD), and, where applicable, the Health Insurance Portability and Accountability Act (HIPAA).
If you have any questions, you can contact us at: [email protected]
Who we are
Depending on your location, your agreement is with:
- Hi Rasmus ApS, Denmark
- Hi Rasmus Inc., United States
Together referred to as “Hi Rasmus”, “we”, “us”, or “our”.
Our role in processing data
Hi Rasmus acts in different roles depending on the type of data:
For customer account data We act as a data controller.
For client data entered into the platform by our customers We act as a data processor on behalf of the customer.
For customers subject to HIPAA, Hi Rasmus acts as a Business Associate where a Business Associate Agreement has been executed.
The customer is responsible for ensuring that they have a valid legal basis for collecting and using their clients’ personal data.
Types of data we process
We may process the following types of personal data:
Customer account data Name, email address, company information, billing details, and account activity.
Client data Data entered into the platform by customers about their clients. This may include sensitive personal data. We process this data only on behalf of the customer.
Usage data Information about how the platform is accessed and used, including log data, device information, and interactions.
Website data Information collected when visiting our website, such as IP address, browser type, and analytics data.
How we use personal data
We use personal data to:
- provide and operate the platform
- manage customer accounts and subscriptions
- process payments
- provide support and communicate with customers
- improve and develop our services
- ensure security and prevent misuse
- comply with legal obligations
We do not use client data for our own purposes.
Communications and marketing
We may send service-related communications, including updates about the platform, product changes, and important account information.
From time to time, we may also send newsletters or product updates. Where required by law, such communications are sent based on consent or our legitimate interests.
You can opt out of non-essential communications at any time by using the unsubscribe link included in the email or by contacting us at [email protected].
Legal basis for processing
Where applicable, we rely on the following legal bases:
- Performance of a contract
- Legitimate interests
- Legal obligations
Customers are responsible for determining the legal basis for processing their clients’ data.
Sharing of data
We may share personal data with:
Service providers Including payment processors, hosting providers, and infrastructure providers.
Subprocessors We use trusted subprocessors to operate our platform.
Authorities When required by law or to protect rights and safety.
We do not sell personal data.
Subprocessors
We use third-party providers to deliver our services, including:
- Payment processing (e.g. Stripe)
- Hosting and infrastructure providers (e.g. Google Cloud Platform)
- Analytics and operational tools
These providers only process data on our behalf and under appropriate safeguards.
Data locations
Hi Rasmus supports regional data residency. Customer data is stored in the region selected by the customer when setting up or using the platform.
|
Data type |
Storage location |
|
Customer account data |
Selected region (e.g. EU, United States, Canada, Australia) |
|
Client data |
Selected region (e.g. EU, United States, Canada, Australia) |
|
Application data |
Selected region (e.g. EU, United States, Canada, Australia) |
We use infrastructure providers, including Google Cloud Platform, to host and process data in the selected region.
In limited cases, data may be accessed or processed outside the selected region where necessary to provide the service, maintain security, perform support, comply with legal obligations, or work with trusted service providers acting on our behalf.
International data transfers
Depending on the region selected by the customer, data may be processed in the European Union, the United States, Canada, Australia, Brazil, or other supported regions.
If personal data is transferred outside the country or region where it is stored, Hi Rasmus applies appropriate legal, technical, and organizational safeguards where required under applicable law.
Data retention
We retain personal data only as long as necessary:
- while a customer account is active
- as required to provide services
- to comply with legal obligations
After termination, customers may export their data for a limited period. Data is deleted or anonymized thereafter, unless retention is required by law.
Data security
We implement appropriate technical and organizational measures to protect personal data, including:
- access controls
- encryption
- secure infrastructure
No system is completely secure, but we take reasonable steps to protect data.
Your rights
Depending on your location, you may have rights including:
- access to your data
- correction of inaccurate data
- deletion of data
- restriction of processing
- data portability
- objection to processing
If you are a resident of California, you may also have rights under CCPA/CPRA, including the right to know what personal data is collected, the right to request deletion, and the right to opt out of the sale or sharing of personal data.
Requests should be sent to: [email protected]
If you are a client of one of our customers, you should contact the customer directly.
Cookies and website tracking
We use cookies and similar technologies to:
- operate the website
- analyze usage
- improve user experience
You can control cookies through clicking “Cookies” in the footer.
Third-party links
Our website may contain links to third-party websites. We are not responsible for their privacy practices.
Updates to this policy
We may update this Privacy Policy from time to time.
The latest version will always be available on our website.
Contact
If you have questions about this Privacy Policy or how we process data, contact:
