Last modified on July 7, 2020
Greetings Harp Password clients.
How often have you attempted to login to a website or other application only to realize you had forgotten your username or password? If you are anything like us, it happens all the time. Or maybe you use the same username and password combination over and over again to avoid just such a scenario, thereby jeopardizing your online security. This is precisely why we created Harp Password. Harp Password provides clients with the latest technology for protecting their various website login credentials. Harp Password securely maintains its clients’ website login credentials, using advanced encryption and protection methods, providing clients with the freedom to use highly secure and variable login credentials for different websites while only having to keep track of a single username and password combination: that for Harp Password itself.
As you might expect, Harp Password must collect and store certain client information to properly administer its services. Harp Password is strongly committed to preserving client privacy, confidentiality, and anonymity, including that of all personal and nonpublic client information it collects. Indeed, privacy is the very essence of the services Harp Password provides, and by using the Harp Password services, you entrust us to safely and securely collect and store certain limited information about you.
1. INFORMATION WE COLLECT
We collect the following types of information.
Information you provide us directly
In Short: We collect personal information that you provide to us, such as name, contact information, username, and password.
We collect personal information that you voluntarily provide to us when registering with Harp Password and using the Service. The information we collect may include the following:
Your contact information, such as email address
Your Harp Password login credentials
Your date of registration, device registration code, and subscription status
Your login credentials from other websites and applications, collected only in encrypted form
Communications between you and Harp Password. For example, we may send you Service-related emails (e.g., account verification, changes/updates to features of the Service, technical and security notices).
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information automatically collected
In Short: Some information—such as IP address and/or browser and device characteristics—is collected automatically when you use the Service.
We automatically collect certain information when you use the Harp Password Service. This information does not reveal your specific identity (like your name and contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country location, information about how and when you use the Service, and other technical information. We use this information to maintain the security and operation of the Service and for our internal analytics and reporting purposes.
Device identifiers and cookies
Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device's operating system or other software, or data sent to the device by a website or application.
Cookies are files containing information sent by a website that record a user’s browsing activities. The files are extremely small and may be stored, like a device identifier, remotely or on the user’s hard drive. Their purpose is to remember a user’s previous browsing activity so as to optimize the user’s website experience in the future. For example, a website might use a cookie to auto-fill a user’s login information the next time he or she visits that website.
Harp Password does not use device identifiers, cookies, or any similar activity tracking technologies. However, certain third parties who advertise via the Harp Password application may use such technologies when you access your Harp Password account. Likewise, many of the websites for which Harp Password stores your login information likely use these technologies. We encourage you to review the Privacy Policies of the websites and applications you access to manage your privacy rights.
You can manage website cookie use through your web browser. Web browser applications, such as internet explorer, safari, etc., permit a user to alter browser settings to reject cookies. A user may prevent all cookies or allow cookies from select websites and applications only. The process for managing cookies varies depending on the web browser used. Refer to your web browser’s help menu for further information.
2. HOW WE USE YOUR INFORMATION
In Short: We process your information with your freely given consent to fulfill our obligations to Users, to comply with legal obligations, and to advance our legitimate business interests, including the efficient and effective administration of the Service.
We use personal information about our users to the limited extent needed to advance and effectuate Harp Password’s business. We process your personal information for these purposes with your consent (“Consent”), to fulfill our obligations to users (“Contractual Reasons”), to comply with legal obligations (“Legal Reasons”), and for our legitimate business purposes (“Business Purposes”).
We use information from Users for the following:
To facilitate Harp Password account creation and login. With your Consent, we use information you have provided to create your account and ensure you secure access to the Service.
To enforce our terms, conditions, and policies. For Contractual Reasons, Legal Reasons, and/or Business Purposes, we may use your information to ensure compliance with all Harp Password terms, conditions, and policies.
To respond to legal requests and prevent harm or illegal activities. If we receive a legal request, such as a subpoena, or other information indicating a user is engaging in illegal activities using the Service, we may use user information for Legal Reasons.
For our Business Purposes. We may use your information for our Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of promotional campaigns, monitoring, testing, improving, and updating the Service, diagnosing and repairing technical problems, and developing, testing, and providing new products and features.
In Short: We share User information only to the limited extent necessary to comply with laws, protect your rights, and fulfill our business purposes and obligations.
We will only share your information in the following circumstances:
Compliance with Legal Requirements. We may disclose your information when we are legally required to do so in order to comply with applicable laws and regulations, governmental requests and requirements, and judicial proceedings, court orders, and other legal processes, including subpoenas, warrants, and other requirements of public authorities for law enforcement and national security purposes.
Vital Interests and Legal Rights. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud or other illegal activities, situations involving threats to the safety of any person, animal, or other entity, or as evidence in any litigation or other legal process in which we are involved.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, agents, or other third parties who perform services for us or on our behalf and require access to such information to do that work. Examples may include payment processing, data analysis, email delivery, hosting services, customer service, and marketing efforts. We may allow select third parties to use tracking technologies on the Harp Password Service, which would allow them to collect data about how you interact with the Service over time. This information may be used to, among other things, analyze and track data and optimize the Service.
Third-Party Advertisers. We may use third-party advertising companies to supply advertisements while you are using the Service. These companies may use information about your use of the Service and other public, online activities that are contained in device identifiers, cookies, and other similar tracking technologies in order to provide advertisements about goods and services that might be of interest to you. You may opt out of such directed internet-based advertising by following the instructions provided here for the web app or here for the Android and iOS apps.
Affiliates. We may share your information with our affiliates, including any parent or sister companies or subsidiaries, joint venture partners, or other companies that we control or are under common control with Harp Password.
Business Transfers. We may share or transfer your information in connection with, or during negotiations for, any merger, sale of company assets, financing, or acquisition of all or any portion of our business to any other entity or individual.
4. STORING AND PROTECTING YOUR INFORMATION
Storage and Processing:
Harp Password processes and stores client information using its servers and facilities, located and maintained in the United States. Whatever location you access the Service from, please be aware that your information may be transferred to, stored, and processed by us in the United States and/or by our affiliates and third-party service providers in the United States or in any other country in which they maintain servers or facilities.
We have implemented appropriate technical and organizational security measures designed to protect the security of all of our clients’ information. Our security measures include employing encryption and hash code technology to protect information you provide and firewalls and other technology to prevent attacks on our databases. Your data files are stored on your devices and on our servers using AES-256 encryption. Your Harp Password login credentials are stored only in a unique hash; the hash code includes both your username (email address) and password and also utilizes a proprietary random number generator, making retrieving login information from the hash code nearly impossible. We also use HTTPS protocol for both the login to Harp Password and all data transfers between you and Harp Password, securing the information from Wi-Fi eavesdroppers.
We also take commercially reasonably steps to ensure only you can access your account, including verifying your identity through your unique login information. We also use email verification procedures to protect your account even if your login credentials are compromised. However, Harp Password cannot guarantee all information is 100% secure at all times, and while Harp Password uses its best efforts to protect all client information, you provide all information at your own risk.
Please do what you can to help us keep your information safe, including maintaining the secrecy of your unique login information, restricting access to emails between you and Harp Password, and accessing the Service only within a secure environment. Please also note that, given Harp Password’s unique and highly secure manner of storing your Harp Password login credentials, we are unable to view or retrieve your Harp Password password, and your data may therefore become unrecoverable should you lose and/or forget it.
Following termination or deactivation of your account, we may retain your personal information for a commercially reasonable time for backup, archival, and/or audit purposes. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it; if we cannot do so (for example because your personal information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.
5. Policy Regarding Minor Children
In Short: We do not knowingly collect data from or market to children under 13 years of age.
We do not knowingly solicit data from or market to children under the age of 13. By using the Service, you represent that you are at least 13 years old or that you are the parent or guardian of a minor and consent to the minor’s use of the Service. If we learn that we have collected personal information from a user under the age of 13 without a parent or guardian’s consent, we will deactivate the account and take reasonable measures to promptly delete the minor’s data from our records. If you believe that we have collected data from a child under the age of 13 without proper consent, please contact us using the contact information below.
6. Policy Regarding Third-Party Websites
In Short: We are not responsible for the security of any information that you share with third-party providers who advertise with, but are not affiliated with, the Service.
7. YOUR RIGHTS AND CHOICES ABOUT YOUR PRIVACY AND INFORMATION
In Short: By using the Service, you confirm your consent to our data processing and storage policies; you may withdraw your consent by terminating your account at any time.
If you previously consented to our data processing and storage policies, you may withdraw that consent at any time by terminating your account. Please note that your withdrawal of consent will not affect the lawfulness of the data processing prior to the withdrawal.
Your account information and settings:
8. PRIVACY RIGHTS SPECIFIC TO RESIDENTS OF CALIFORNIA
In Short: If you are a resident of the State of California in the United States, you have specific rights regarding access to your personal information.
California Civil Code Section 1798.83 permits California residents to request and obtain, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we have shared personal information in the immediately preceding calendar year. Please submit any such request in writing using the contact information provided below.
10. HOW TO CONTACT US