Privacy Policy

As updated on, July 30, 2018

At Harbinger, A Protegga Company, (“Harbinger “, “we”, “us”, or “our”), we recognize the importance of protecting the privacy of the users of our website. The information about you collected, if any, on this website is subject to this Privacy Statement. This privacy policy covers the information we collect from or on behalf of our clients and from visitors to our websites generally. This Privacy Statement may change to reflect any new features or content.

By accessing and using our Websites you agree to the following Privacy Policy and any corresponding Terms of Use for our Websites. If you do not consent to our Terms of Use and Privacy Policy, you must not use our Websites. Please revisit this Privacy Statement from time to time to be sure that you are familiar with our current policies.

This policy governs access to the websites, regardless of hostname prefix, within the domain of eharbinger.com.

Privacy of Children

Harbinger websites are not intended for use by children under the age of 13. No one under the age of 13 will be provided access to any of our websites that involve a password, user ID, or the provision of any other information by the user. We will never knowingly collect any personal information from users under the age of 13, nor do we knowingly market to such users.

Information Collection and Use (Log Data)

We may use your device’s Internet Protocol (“IP”) address, browser types, the types of information you search for and view on our websites, and identification numbers associated with your device to analyze trends, administer this site, track user’s movement, provide support, and gather broad demographic information for aggregate use. We will only disclose information required to be released pursuant to federal, state, local or international law.

 Cookies

A cookie is a piece of data stored on a user’s hard drive containing certain pieces of information. Usage of a cookie is in no way linked to any personally identifiable information while on this site. Once a user closes his or her browser, the cookie simply terminates. Cookies can also enable us to track and target the interests of our users to enhance their experience on this site. You may configure web browser to reject certain types of cookies, or to alert you when certain types of cookies are being sent. However, if you block or otherwise reject our cookies, our websites may not function properly.

Software-as-a-Service (review.eharbinger.com)

We require certain personal information when you subscribe to our online ediscovery platform. In addition to basic details such as your name, email address, and cell phone number, we also require that you utilize one of our two-factor authentication mechanisms.

eDiscovery Data Processing, Hosting, and Digital Forensics

We collect, process, store, and host data for our clients as identified by our clients or instructed by our clients, or a court of competent jurisdiction, to collect in the process of providing our services pursuant to our standard service agreement. While our clients, or the courts, decide what data to provide, the data typically includes a wide range of data types including communications between individuals, PII, HIPPA, Confidential, and other information that may be subject to discovery in legal proceedings. While typically not 100%, a certain portion of this data will be provided to other parties and the courts as required by State, Federal, and International law.

 Corporate Website (www.eharbinger.com)

In addition to information you may provide us intentionally when visiting our corporate website, we also may collect information about the computer or devices you use to access our website. We also may combine any of the foregoing information, or link any of the foregoing information to a unique “cookie” identifier, as described above. We may use the information collected to understand how visitors interact with our website and to understand more about you. We use online technologies such as Google analytics to determine the effectiveness of our website information.

If you choose to provide us with your contact information on an online registration form, we may use it to contact you via email, telephone, direct mail or other communication formats to provide you with information about our services (such as emails about our products, or invitations to events), or to provide you other information and services that you have requested. Should you no longer wish to be contacted by us, please select the “Unsubscribe” button at the bottom of the applicable email or send an email to the address listed on the bottom of this policy.

Information Disclosure
Subject to limitations in our client agreements and confidentiality requirements, we may disclose any information we collect, in the following circumstances:

  • To Fulfill Contracted Services: We may disclose Client Data with non-affiliated third parties based on a Client’s request, as required to perform services requested or contracted by a Client, as required by State, Federal, or International law, or as otherwise described in this Privacy Policy.
  • With Service Providers: We may provide information to service providers who perform services for us or on our behalf. Depending on the data and the context of its collection, this may include, for instance, third parties who perform marketing, email delivery, billing, data enhancement, event management, or other services related to our business.
  • Protection of Us and Others: We may access, preserve and disclose information if required to do so by law or in a good faith belief that such access, preservation or disclosure is reasonably necessary to: (a) comply with legal process, (b) enforce our Terms of Service, this Privacy Policy, or other contracts, (c) respond to claims that any content violates the rights of third parties, (d) respond to your requests for customer service, or (e) protect the rights, property or personal safety of us, our agents and affiliates, our users or the public.
  • Business Transfers: We reserve the right to disclose and transfer all of your information, including your contact information, in connection with a merger, acquisition, transfer of control, or sale of all, or components, of our business, to the extent permitted by applicable law.

Security
We have implemented physical, electronic, and administrative safeguards to help prevent unauthorized access to the data that we maintain. When you access any of our websites via the Internet, we utilize TLS (Transport Layer Security) or SSL (Secure Socket Layer) protocols to secure all transmissions. Once we receive information, we store and protect it using industry-standard firewalls and other encryption technology, as well as continuous security monitoring.

Please be advised that although we have endeavored to create a highly secure and reliable site for you, the confidentiality of any communication or material transmitted to/from this site cannot be fully guaranteed. 

EU-US Privacy Shield
As a business subject to the enforcement and investigatory powers of the Federal Trade Commission, Harbinger eDiscovery LLC has certified its compliance with the EU-US Privacy Shield Framework with respect to the personal data we receive from the relevant European countries, even when collected from U.S. based companies, effective as of the date our certification is posted at privacyshield.gov/list. You can learn more about the Privacy Shield program at privacyshield.gov. We may also process personal data our clients in the EU submitted via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.

As of the date we applied for Privacy Shield certification, we did not use third-party service providers to process information subject to the Privacy Shield. However, if we receive information under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (a) the agent processes the information in a manner inconsistent with the Privacy Shield and (b) we are responsible for the event giving rise to the damage.

European residents have certain legal rights to access certain personal data and to obtain its correction, amendment, or deletion. You may contact us at the contact information below to request access, correction, amendment, or deletion. Because our personnel have a limited ability to identify and access an individual user’s personal data that our client have provided to us, and because we process it on behalf of our clients, if you wish to request access, to limit use, limit disclosure, or request corrections, we may first refer you to the client who submitted your data, and we will support them as needed in responding to your request. Please note that the rights described in this paragraph are subject to important exceptions and restrictions, including under laws designed to protect the integrity of the legal process.

In compliance with the EU-US Privacy Shield Principles, Harbinger eDiscovery LLC is committed to resolving complaints about your privacy and our collection or use of your personal information. If you have and concerns or complaints, please contact us as described at the end of this policy, and we will work with you to resolve your issue as quickly as possible.

Harbinger eDiscovery LLC has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the JAMS Privacy Shield Program, which is described on the JAMS website at jamsadr.com/eu-us-privacy-shield. JAMS is an alternative dispute resolution provider located in the United States. Assistance from JAMS will be provided at no cost to you.

If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please contact or visit the JAMS website at jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. If your complaint is not resolved through these channels, a binding arbitration option may be available before a Privacy Shield Panel in limited circumstances. To be eligible for binding arbitration under this option, a resident of a European country participating in the Privacy Shield must first contact us and afford us the opportunity to resolve the issue, then seek assistance from JAMS, our independent dispute resolution provider, and lastly contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue.

If a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.

Links
This site may have links to other sites. We are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave this site and to read the privacy policies of each website that collects personally identifiable information. This Privacy Statement applies solely to information collected by this site.

Privacy Contact
We welcome your questions and comments regarding this Privacy Statement and the use of personal information. If you have any questions about this Privacy Statement or about our information-collection practices, please contact us at e-mail: legal@eharbinger.com. Alternatively, you can contact us at: Harbinger eDiscovery LLC 730 E. Park Blvd, Suite 208 Plano, Texas 75074.

Addendum to the Privacy Policy for Data Subjects in the European Union
This addendum to our Privacy Policy is for data subjects in the European Union (“EU Addendum”) supplements the sections above and applies to any processing of personal data relating to data subjects (as defined below) in the European Union, where the processing activities are related to the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the European Union or the monitoring of their behavior, as far as their behavior takes place within the European Union.

“Personal data”, where used hence forth, shall mean any information relating to an identified or identifiable natural person, an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Within its scope of application, this EU Addendum shall take precedence over any conflicting or deviating terms in the sections above.

Controller
Controller in the meaning of Article 4 no. 7 of the Regulation (EU) 2016/679 (“GDPR”) in relation to the processing of personal data subject to this EU Addendum is:

Harbinger eDiscovery LLC
Attn: Legal Department
730 E. Park Blvd, Suite 208
Plano, Texas 75074
legal@eharbinger.com

Corporate Website (www.eharbinger.com)
When we collect information about the computer or devices you use to access our website, track your use of our website to improve the website and provide targeted advertisement as outlined above, we do so to pursue our legitimate interest in providing relevant content to you or to improve our service. We collect such information only on the basis of anonymized data. You may object to the collection of anonymized data by sending us a notice to the Controller listed above.

When we aggregate and/or de-identify any information collected through our websites to process such aggregated or de-identified data for any purpose, including without limitation for research and marketing purposes or share such data with third parties, we will do so as of 25 May 2018 on the basis of Art. 6 para. 1 lit. f) GDPR.

When we process (i) your contact information provided on an online registration form, to contact you and to provide you with information about our services or to provide you other information and services that you have requested, or (ii) your resume/CV you provided in the context of a job application, or (iii) other information through our websites for the purposes for which you provided it, we do so as of 25 May 2018 on the basis of the permission set out in Art. 6 para. 1 lit. b) GDPR.

eDiscovery Data Processing, Hosting, and Digital Forensics

Where we process personal data to comply with legal obligations or legal processes we do so on the legal basis of Art. 6 para. 1 lit. c) GDPR. Legal basis for the processing of personal data for the purposes listed in section, eDiscovery Data Processing, Hosting, and Digital Forensics, of the Privacy Policy is Art. 6 para. 1 lit. f) GDPR. In regard to this section, Harbinger is solely the “Processor” which processes personal data for its clients, the “Controller”. As the Processor, Harbinger will work closely with the Controller to ensure full compliance with all legal obligations.

Transfer to other countries
Personal data processed by us in the United States will be processed in compliance with our Privacy Shield certification. The European commission concludes that the United States ensure an adequate level of protection for personal data transferred under the EU-U.S. Privacy Shield from the Union to self-certified organizations in the United States.

Your rights as a data subject
To enforce your rights as a data subject granted in the GDPR, please contact us as described in the Controller section above. Please bear in mind that we will ask you to verify your identity as a data subject to be able to verify whether you are the data subject and to prevent misuse of your personal data by others.

Right of Access

As a data subject you have the right to access to your personal data and the following information:

  1. the purpose of the processing;
  2. the categories of personal data concerned;
  3. the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;
  4. and starting from 25 May 2018 according to Art. 15 GDPR also:
    1. the envisioned period for which the personal data will be stored, or, if not possible the criteria used to determine that period;
    2. where the data are not collected from the data subject, any available information as to their source;
    3. and the rights of the data subject, explained hereinafter.

Right of Rectification

Harbinger, as a data controller, is required to rectify inaccurate personal data. As of 25 May 2018, you as a data subject shall have the right to obtain from us the rectification of inaccurate personal data and the completion of incomplete data relating to you.

Right to Erasure or restriction of processing

As of 25 May 2018, you as a data subject have the right to obtain from us the erasure of personal data concerning you, if the conditions described Art. 17 para 1 GDPR are fulfilled and provided none of the exceptions specified in Art. 17 para 3 GDPR apply. As of 25 May 2018, according to art. 17 para 2 GDPR, you as a data subject have a right to be forgotten if; we as a data controller have made the personal data public and are obliged pursuant to Art. 17 para 1 GDPR to delete the personal data.

Right to Object

Where Harbinger processes your personal data on the basis of Art. 6 para 1 subpara (f) GDPR to pursue our legitimate interest, you have the right, starting from 25 May 2018, to object to such processing (Art. 21 GDPR). If you object to processing, we will review our balancing of interests.

Retention of Data

Personal data will be stored only as long as necessary. According to Art. 17 para 1 DS-GVO, personal data that is no longer necessary for the purpose for which they were collected or otherwise processed, must be deleted by the data controller. We will retain your personal data collected through our websites for so long as it is required to complete the purpose for which you provided us with your data. We will retain other client-based data for the period agreed in a separate agreement with the particular client.

Right to lodge a complaint with a supervisory authority

You may lodge a complaint with the competent data protection supervisory authority, if you consider that the processing of personal data relating to you is unlawful.