top of page

Handhold EEA+ Supplemental Data Protection Disclosures

EEA+ Supplemental Data Protection Law Disclosures Handhold, Inc. and its corporate business affiliates (“Handhold”) provides to residents of the European Economic Area, Switzerland, and the United Kingdom (“EEA+”) the following disclosures (“Supplemental Notice”) to supplement the Handhold Privacy Policy (“Privacy Policy”) and Cookie Policy.

1. DATA CONTROLLER AND EU REPRESENTATIVE The data controller is Handhold, Inc. located at 9878 W Belleview Ave Ste 2344 Denver, CO 80123. You can contact our representative in the EU, by email: privacy@handhold.us.


2. PURPOSES AND LEGAL BASES FOR PROCESSING UNDER EUROPEAN UNION AND UNITED KINGDOM LAW We process your personal data for different purposes and on several different legal bases, as follows: i. Necessity to perform a contract with you (Art. 6 (1) lit. b GDPR/UK GDPR). We process your personal data to: ● enter into an agreement with you or a legal entity you represent ● provide our services and perform contractual obligations to you ● respond to questions and requests from you ● provide customer or technical support ii. Our legitimate interests. (Art. 6 (1) lit. f GDPR/UK GDPR). We process your personal data based on our legitimate interests to: ● transfer your personal data within the group of companies for internal administrative and support purposes (access is limited to colleagues with a need to know) ● transfer your personal data in connection with a transfer of all or part of our organization or assets for the orderly transition of all or part of our business ● protect the security, safety, and integrity of our services and our system ● engage in research and development efforts ● create de-identified and/or aggregated information ● assess and pursue potential business opportunities ● protect and defend the rights, safety, or property of us or third parties, including to enforce agreements, policies, and terms of use, and in an emergency to protect the safety of our employees or any person ● detect and prevent fraud ● exercise our legal rights or defend legal claims iii. Compliance with a legal obligation to which Handhold is subject (Art. 6 (1) lit. c GDPR/UK GDPR). We process your personal data: ● for the transmission to law enforcement agencies, governmental authorities, legal counsel, and external consultants to comply with relevant laws and regulatory requirements, or to respond to lawful requests, court orders, and legal processes iv. Based on your prior consent (Art. 6 (1) lit. a GDPR/UK GDPR) for: 1 ● sending marketing communications to you ● placing non-essential cookies on your device You may withdraw your consent to participate in the survey or assessment or to receive our marketing communications at any time with future effect by contacting us at privacy@handhold.us or clicking on the opt-out link provided in each marketing communication.


3. RECIPIENTS OF DATA IN THIRD COUNTRIES We may share personal data with affiliates, vendors, agents, or other third parties as required or permitted by applicable law. For example, we may hire companies to protect and secure our systems. The personal data that we collect or receive about you may be transferred to and processed by recipients that are located inside or outside the EEA+ and which are not recognized from an EEA+ law perspective as providing for an adequate level of data protection. When interacting with our site or contacting Handhold, you transfer personal data to the United States. Handhold may also transfer your personal data to Australia. To the extent your personal data are transferred to countries that do not provide for an adequate level of data protection from an EU, Swiss, or UK law perspective, we will base the respective transfer on appropriate safeguards (Art. 46 GDPR/UK GDPR), such as standard data protection clauses adopted by the European Commission. You can ask for a copy of such appropriate safeguards by contacting us as set out in the “Contact Us” section in our Privacy Policy.


4. PERIOD OF DATA STORAGE Your personal data will be retained for as long as necessary for the purposes for which it was collected, which in most cases do not exceed 5 years. When Handhold no longer needs to use your personal data to comply with contractual or statutory obligations, we will remove it from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it, unless we need to keep your information, including personal data, to comply with statutory retention periods, such as for tax, audit, or legal compliance purposes, for a legally prescribed time period thereafter, or if we need it to preserve evidence within statutes of limitation.


5. DATA SUBJECT RIGHTS Under applicable law, you may have the following rights in relation to your personal data. These may be limited under applicable data protection law. i. Right to request from us access to personal data. You have the right to confirm with us whether your personal information is processed, and if it is, to request access to that personal information including the categories of personal information processed, the purpose of the processing, and the recipients or categories of recipients. You have the right to obtain a copy of the personal data undergoing processing. However, this is not an absolute right and the interests of other individuals may restrict your right of access. ii. Right to rectification. You have the right to obtain from us the rectification of inaccurate or incomplete personal information concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement. iii. Right to erasure of your personal data (right to be forgotten). You have the right to ask us to erase personal data concerning you. 2 iv. Right to restriction of processing. In limited circumstances, you have the right to request that we restrict the processing of your personal data. v. Right to data portability. You may have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit that personal data to another entity without hindrance from us. vi. Right to object. Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, including profiling, by us and we can be required to stop processing your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case, your personal data will no longer be processed for such purposes by us. vii. Right to withdraw consent. If you have declared your consent for any personal data processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. You can exercise your rights by contacting us as set out in the “Contact Us” section in our Privacy Policy. You may also have the right to lodge a complaint with a supervisory authority.


6. FAILURE TO PROVIDE PERSONAL DATA Where we are required by law to collect your personal data, or we need to collect your personal data under the terms of a contract we have with you, and you fail to provide that personal data when we request it, we may not be able to perform the contract we have or are trying to enter into with you. This may apply where you do not provide the personal data we need in order to provide the services you have requested from us. In this case, we may have to cancel the provision of the relevant services to you, in which case we will notify you.

bottom of page