DATA PRIVACY OVERVIEW
The U.S. Department of Commerce and the European Commission have agreed on a set of data protection principles and associated supplemental principles to enable U.S. companies to satisfy European Union (“EU”) law requiring that Personal Data transferred from the EU to the U.S. be adequately protected (the “EU-U.S Data Privacy Framework (EU-U.S. DPF)”). The European Economic Area (the “EEA”), which as of the date of this Policy includes all member states of the EU including Iceland, Liechtenstein, and Norway, have recognized the EU-U.S. Data Privacy Framework as providing adequate protection of Personal Data.
Should there be any conflict between the EU-U.S. Data Privacy Framework Principles and this Policy, this Policy shall be interpreted to be consistent with the EU-U.S. Data Privacy Framework Principles.
This Policy applies to all Personal Data received by Hoopis Performance Network, LLC in the United States from the EEA either directly from individuals, from its affiliates or from other third party organizations, and in any format whatsoever, including electronic, paper or oral transmission.
This Policy also applies to Hoopis Performance Network’s Subcontractors (defined below) that process Personal Data received by Hoopis Performance Network, LLC or its affiliates from the EEA on behalf of Hoopis Performance Network, LLC.
For purpose of this Policy, the following definitions shall apply:
“Personal Data” and “Personal Information” means data about an identified or identifiable individual that are within the scope of the Directive 95/46/EC on Data Protection, received by an organization in the United States from the European Union and recorded in any form. Personal Data includes all Sensitive Personal Data (as defined below).
“Sensitive Personal Data” or “Sensitive Personal Information” means personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual or, where received from a third party, data that is identified and treated as sensitive by the third party. Where individuals from non-EU member states are concerned, “Sensitive Personal Data” or “Sensitive Personal Information” may also include ideological views or activities, and information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.
“Processing” of personal data means any operation or set of operations which is performed upon personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.
“Controller” means a person or organization which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Subcontractors” means any third party that collects or uses Personal Data provided by Hoopis Performance Network, to perform tasks on behalf of HPN, under the instructions of, and solely for, Hoopis Performance Network, LLC.
“Hoopis Performance Network,” “HPN,” “we,” “our,” or “us” means Hoopis Performance Network, LLC and its successors, assigns and wholly owned affiliates and subsidiaries and their respective divisions and groups, each of which are located within the U.S.
INFORMATION WE COLLECT
HPN collects and stores a limited amount of personally identifiable information from the users of this website. The first kind of information we collect and store is information you provide to us. When you express an interest in obtaining various products and services from us, you may provide us with several types of personally identifiable information, which may include your name, postal address, e-mail address, day and evening phone numbers, credit card information, employer information, user names and/or passwords. We may also collect information concerning the types of products you ordered or purchased, and the date of the order or purchase, when you register on, log on, or visit our website.
If you send us correspondence, including e-mails and faxes, we may retain such information in the records of your account. We will also retain customer service correspondence and other correspondence from HPN to you. We retain these records in order to measure and improve our customer service. We may, over time, delete these records as permitted by law.
USE AND DISCLOSURE OF INFORMATION
We use the information we collect about you in order 1) to provide our services, 2) to provide customer service, 3) to improve our services and 4) to provide you information regarding our services and those of our affiliates. We give access to individually identifiable information only to those HPN staff members who require to fulfill these functions. We also employ other companies and individuals to provide and perform certain website and e-commerce related functions on our behalf, such as fulfilling orders, analyzing data, processing credit card payments and providing customer service. These companies and individuals may have access to personal information needed to perform these functions, but may not use it for any other purposes.
Regardless of any opt-out choices that you make, HPN may disclose personal information when it believes in good faith that such disclosures (a) are required by law, including, for example, to comply with a court order or subpoena or (b) will help to enforce any terms and conditions of use on our website; protect your safety or security, including the safety and security of property that belongs to you; and/or, protect the safety and security of our website, HPN, and/or third parties, including the safety and security of property that belongs to HPN or third parties. This includes exchanging information with other companies and organizations for fraud protection and risk reduction.
Finally, in the event that all or substantially all of the assets relating to Hoopis Performance Network or www.hoopis.com are transferred or sold to another entity, personally identifiable information submitted to us may be transferred to the acquiring entity.
PRIVACY PRINCIPLES FOR PROCESSING OF PERSONAL DATA RECEIVED FROM THE EEA
The privacy principles set forth in this Policy have been developed based on the EU-U.S. Data Privacy Framework Principles.
Where Hoopis Performance Network, LLC collects Personal Data directly from individuals in the EEA or receives it from its European affiliates, it or its European affiliates will inform those individuals about the purposes for which they collect and use Personal Data about them; the transfer of Personal Data to Hoopis Performance Network, LLC in the U.S., the types or identity of third parties to which Hoopis Performance Network, LLC discloses that information and the purposes for which it does so; and the choices and means Hoopis Performance Network, LLC offers individuals for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to Hoopis Performance Network, LLC, or as soon as practicable thereafter, and in any event before Hoopis Performance Network, LLC uses the information for a purpose other than that for which it was originally collected.
Hoopis Performance Network, LLC may from time to time process certain Personal Data about customers, business partners, suppliers, vendors, service providers, employees and candidates for employment, including information recorded and stored on various types of media, including electronic media.
Hoopis Performance Network will process these types of data in conformity with the EU-U.S. Data Privacy Framework Principles and will continue to apply the Principles to personal data received under the application of the EU-U.S. DPF as long as it holds this data.
Purposes for which we may collect and use Personal Data from our customers, consumers and other non-employees include:
- Communicating to individuals about our products, services and related issues.
- Evaluating the quality of our products and services.
- Allowing individuals to register for our websites and administering and processing these registrations.
- Transferring Personal Data in connection with Hoopis Performance Network, LLC’s legal, regulatory compliance and auditing purposes.
- Facilitating Hoopis Performance Network, LLC’s internal administrative purposes and application functionality, maintaining, administering, and complying with Hoopis Performance Network, LLC’s legal, regulatory compliance and auditing obligations, policies and procedures.
- Execution of contracts and delivery of our products and services to customers.
We may share Personal Data within the U.S. family of Hoopis Performance Network, LLC’s companies. Hoopis Performance Network, LLC may also share Personal Data with its third-party subcontractors for the sole purpose of, and only to the extent needed, to support HPN’s or our customers’ business needs. We may also disclose Personal Data to our subcontractors in the U.S. and other third parties when required to do so under law or by legal process. Third Party Subcontractors are required to keep Personal Data received from Hoopis Performance Network, LLC confidential and may not use it for any purpose other than originally intended.
A SPECIAL NOTE ABOUT CHILDREN
HPN’s website is for the use of adults only. HPN does not knowingly collect personal information from or conduct business with minors (under the age of 18) and we ask that minors do not submit any personal information to us via this website.
Hoopis Performance Network, LLC will offer individuals in the EEA the opportunity to choose (by either opt-out or opt-in) if their Personal Data is (a) to be disclosed to a third party that is not an Agent, or (b) to be used for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal Data, Hoopis Performance Network, LLC will give individuals the opportunity to affirmatively and explicitly consent (opt-in) to permit HPN to (a) disclose their Sensitive Personal Data to a third party that is not an Agent or (b) use Sensitive Personal Data for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by the individual.
Hoopis Performance Network, LLC will provide individuals with reasonable, clear and conspicuous and readily available mechanisms to exercise these choices.
ACCOUNTABILTY FOR ONWARD TRANSFER
Hoopis Performance Network, LLC will transfer Personal Data to Subcontractors only for limited and specific purposes. HPN will obtain contractual assurances from its Subcontractors that they will safeguard Personal Data in a manner consistent with this Policy and that they will provide at least the same level of protection as is required by the relevant EU-U.S. Data Privacy Framework Principles. Hoopis Performance Network, LLC recognizes its responsibility and potential liability for onward transfers to Subcontractors. Where HPN has knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this Policy and/or the level of protection as required by the EU-U.S. Data Privacy Framework Principles, Hoopis Performance Network will take reasonable steps to prevent, remediate or stop such use or disclosure.
If Hoopis Performance Network, LLC transfers Personal Information to non-agent third parties acting as a Controller, HPN will apply the Notice and Choice principles and will obtain contractual assurance from these parties that they will provide the same level of protection as is required under the principles, unless derogation for specific situations under European data protection law applies.
You can review the personal information you provided us and make any desired changes to such information at any time by requesting a copy of the information maintained by HPN about you at firstname.lastname@example.org. Upon request and in accordance with the EU-U.S. Data Privacy Framework Principles, Hoopis Performance Network, LLC will grant individuals reasonable access to their Personal Data that is held by HPN. In addition, Hoopis Performance Network will take reasonable steps to permit individuals to correct, amend, or delete their Personal Data that is demonstrated to be inaccurate, incomplete or processed in violation of the EU-U.S. Data Privacy Framework Principles. In accordance with the EU-U.S. DPF Principles, Hoopis Performance Network may limit or deny access to Personal Data where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy, where the legitimate rights of persons other than the individual would be violated or if necessary to safeguard important countervailing public interests (e.g., national security) or in other limited circumstances (e.g., disclosure would breach a legal or other professional privilege).
The security and confidentiality of your information is extremely important to us. We have implemented technical, administrative, and physical security measures to protect customer’s information from unauthorized access and improper use. Currently, one of the security measures we use is Secure Sockets Layer (“SSL”) technology. When you place an order online with HPN and provide your credit card number, SSL encrypts all personal information including your card number, name and address. In addition, all credit card transactions with HPN are fully Certified to comply with Visa’s Cardholder Information Security Program (CISP) and the Payment Card Industry (PCI) Data Security Standard. You can find more information regarding CISP and PCI here https://usa.visa.com/partner-with-us/pci-dss-compliance-information.html. From time to time, we review our security procedures in order to consider appropriate new technology and methods. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable. Hoopis Performance Network, LLC will take reasonable precautions to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Data.
DATA INTEGRITY AND PURPOSE LIMITATION
Hoopis Performance Network, LLC will use Personal Data only in ways that are compatible with the purposes for which it was originally collected or as subsequently authorized by the individual. Hoopis Performance Network, LLC will also take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current. Hoopis Performance Network, LLC will adhere to the EU-U.S. Data Privacy Framework Principles for as long it retains Personal Information received under its EU-U.S. DPF certification.
RECOURSE, ENFORCEMENT AND LIABILITY
Hoopis Performance Network, LLC utilizes the self-assessment approach to verify its compliance with this Policy. Hoopis Performance Network periodically verifies that this Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and in conformity with the EU-U.S. Data Privacy Framework Principles.
Hoopis Performance Network, LLC will investigate complaints and disputes regarding use and disclosure of Personal Data in accordance with the EU-U.S. Data Privacy Framework Principles. Hoopis Performance Network will also investigate suspected infractions of this Policy.
Hoopis Performance Network, LLC’s participation in the EU-U.S. Data Privacy Framework is subject to investigation and enforcement powers of the Federal Trade Commission (FTC).
Hoopis Performance Network encourages interested persons with questions or concerns relating to this Policy to contact us using the contact information below.
In compliance with the EU-U.S. DPF, Hoopis Performance Network, LLC commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF should first contact Hoopis Performance Network at:
Hoopis Performance Network, LLC
ATTN: Paul Malave
790 Frontage Rd
Northfield, IL 60093
Phone: (847) 716-1800
In compliance with the EU-U.S. DPF, Hoopis Performance Network, LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF to EU data protection authorities (DPAs), an alternative dispute resolution provider based in the European Union. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://edpb.europa.eu/about-edpb/about-edpb/members_en for more information or to file a complaint. The services of EU data protection authorities (DPAs) are provided at no cost to you.
Under certain conditions detailed in the EU-U.S. Data Privacy Framework, Data Subjects may be able to invoke binding arbitration before the EU-U.S. DPF Panel. If your DFP complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not otherwise resolved by other redress mechanisms. For more information about binding arbitration, visit https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2 [dataprivacyframework.gov].
Hoopis Performance Network, LLC agrees to periodically review and verify its compliance with the EU-U.S. Data Privacy Framework Principles, and to remedy any issues arising out of failure to comply with the EU-U.S. DPF Principles. Hoopis Performance Network, LLC acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of EU-U.S. DPF participants.
Hoopis Performance Network, LLC may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. Hoopis Performance Network, LLC’s adherence to the EU-U.S. Data Privacy Framework Principles may be limited (a) to the extent necessary to meet applicable national security, public interest, or law enforcement requirements, e.g. in the course of lawful requests by public authorities (b) by statute, government regulation, or case law that creates conflicting obligations or explicit authorizations, provided that, in exercising any such authorization, an organization can demonstrate that its non-compliance with the principles is limited to the extent necessary to meet the overriding legitimate interests furthered by such authorization; or (c) if the effect of the Directive or Member State law is to allow exceptions or derogations, provided such exceptions or derogations are applied in comparable contexts.
Questions or comments regarding this Policy or our practices concerning Personal Data should be submitted to Hoopis Performance Network by mail or e-mail as follows:
Hoopis Performance Network, LLC
790 Frontage Rd
Northfield, IL 60093
Phone: (847) 716-1800
CHANGES TO THIS POLICY
This Policy is effective as of September 01, 2023.
Last updated: September 07, 2023.