PRIVACY POLICY

(Last Updated September 2022 )

Hestya (“we”, “us” and/or “our”) is dedicated to protecting your personal information and informing you about how we use it. This privacy policy (the “Privacy Policy” or the “Policy”) is intended to provide information to you about how we collect, protect, share and use your information when you use the Hestya.

This Privacy Policy outlines how and when Hestya collects, protects, shares, and uses information that can identify you individually (“Personal Information”), such as your name, email, telephone number, or payment information. Personal Information does not include information that is anonymous, aggregated, or can no longer be used to identify you as an individual.

This Privacy Policy covers the privacy practices of Hestya for our devices, applications, software, websites, APIs, products, and services only. This Policy does not apply to the practices of third party websites, services or applications, including third parties with which we partner. These third party services are governed by each such third party’s privacy policy. Hestya is not responsible for the privacy policies and practices of technology platforms other than that of Hestya, and Hestya is not responsible for the failure of unaffiliated third parties to honor their privacy obligations.

1. INFORMATION WE COLLECT

1.1. Information We Collect Automatically

(a) Site Usage Information. Hestya may use a variety of technologies that passively or automatically collect information about how the Site is accessed and used, including your browser type, device type, operating system, application version, the pages served to you, the time you browse, preceding page views, and your use of particular features of the Site. This statistical data helps us understand what is interesting and relevant to users of the Site so that we can best tailor our content to you.

(b) Device Identifiers. Hestya also automatically collects an IP address or other unique identifier for the computer, mobile device, technology or other device (collectively “Device”) you use to access the Site. A “Device Identifier” is a number that is automatically assigned to your Device when you access a web site or its servers, and our computers identify your Device by its Device Identifier. We may use a Device Identifier to, among other things, administer the Site, help diagnose problems with our servers, analyze trends, track users’ web page movements, and gather broad demographic information for aggregate use.

(c) Session Trackers. In operating the Site, we may use cookies and similar session tracking technologies (“Session Trackers”). Session Trackers help provide additional functionality to the Site, customize users’ experiences with the Site and help us analyze Site usage more accurately for research and product development purposes. We (including third parties that we work with) may place session trackers on your Device for security purposes, to facilitate navigation of the Site, and to personalize your experience while using our Site.

If you would prefer not to accept Session Trackers when using the Site, follow the instructions provided by your website or mobile browser (usually located within the “Help”, “Tools” or “Edit” facility) to modify your Session Tracker settings. Please note that if you disable Session Trackers, you may not be able to access certain parts of our Site and other parts of our Site may not work properly.

As a result, we recommend that you leave Session Trackers turned on when accessing the Site because they allow you to take advantage of some of the Site’s features.

(d) Web Beacons. In addition to Session Trackers, we may use web beacons (also known as “clear GIFs”), which are transparent graphic images placed on a web page or in an email and indicate that a page or email has been viewed or tell your browser to get content from another server. We use web beacons to measure traffic to or from, or use of, our online forms, tools or content items and related browsing behavior and to improve your experience when using the Site. We may also use customized links or other similar technologies to track hyperlinks that you click and associate that information with your Personal Information in order to provide you with more focused communications.

(e) Sync Information. When you sync your Room through the App, we log data about the transmission, such as the Internet Protocol (IP) address used when syncing, the sync time and date, crash/diagnostic logs, information about your device, information about the network used to sync (e.g., Wi-Fi or cellular) and device battery level. We use this information to help identify and resolve syncing issues.

1.2. Information You Provide

We collect Personal Information from you when you provide such information, such as when you contact us with inquiries. For example: if you interact with customer support representatives, Hestya may collect Personal Information, such as your name, mailing address, phone number, email address and contact preferences, and/or information about your furniture.

We also may create event logs that are useful in diagnosing furniture related issues, and capture information relating to the support or service issue. We use this information to provide you with customer and product support.

1.3. Non-Personal Information

Additionally, we may modify and combine Personal Information in a manner that does not personally identify you or any other individual and thus, no longer constitutes “Personal Information”. We may use this non-Personal Information, such as aggregate user statistics, demographic information, and usage information, for any lawful purpose.

1.4. Information from Third Parties

We may receive information about you from third parties. For example, we may receive information about you from outside records of third parties, such as marketing-related or demographic information. We may supplement the information we collect about you through the Site with such information from third parties in order to enhance our ability to serve you, to tailor our content to you and/or to offer you opportunities to purchase products or services that we believe may be of interest to you.

If we combine such data with information we collect through the Site, such information is subject to this Privacy Policy unless we have disclosed otherwise.

2. HOW WE USE INFORMATION

We may use the information we collect for a variety of reasons related to our operation and your use of the Site. Examples of specific ways in which Hestya may use your Personal Information include, but are not limited to the following:

(a) Responding to your requests (including, for example, if you contact us to ask a question or report an issue with the Site, we may use the Personal Information you provide to answer your question or resolve your problem);

(b) Improving the content, appearance and utility of the Site; and

(d) Communications. We may use your Personal Information to provide you with marketing or other promotional communications via mail, email or phone number. If, at any time, you would like to stop receiving these promotional e-mails and/or sms and mms, you may follow the opt-out instructions contained in any such e-mail and sms/mms or by contacting us as set out below. Please note that by opting out, you may prohibit Hestya from informing you of offerings that may be of interest to you. It may take up to ten business days for us to process opt-out requests.

3. DISCLOSURE OF PERSONAL INFORMATION

Except as provided herein, Hestya will not sell, rent or otherwise disclose Personal Information about you to third parties.

(a) Third party providers. We may share your Personal Information with unaffiliated third parties that provide certain services to us, including, but not limited to email marketing.

These third parties may have access to Personal Information or non-Personal Information in order to perform their functions on our behalf. However, these third parties are only permitted to use your Personal Information for the purpose for which it has been provided or to administer, service or process transactions that you have authorized, and may not disclose it to any other third party except at our express direction and in accordance with this Policy.

(b) Business transfers. As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or our assets, Personal Information collected through the Site may be disclosed to such entity as one of the transferred assets. Also if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.

(c) Legal disclosures. Hestya may transfer and disclose information, including your Personal Information, information about how the Site is accessed and used, to third parties to comply with a legal obligation; when we believe in good faith that the law requires it; at the request of governmental authorities conducting an investigation; to verify or enforce our Terms of Use or other applicable policies; to respond to an emergency; or otherwise to protect the rights, property, safety or security of third parties, visitors to our Site or the public.

(d) With your permission. At your direction or request, we may share your Personal Information with specified third parties.

4. UPDATING YOUR PERSONAL INFORMATION AND INFORMATION RETENTION

If you wish to modify, verify, correct, delete, or update any of your Personal Information collected through the Site, you may contact us at concierge@hestyadesign.com. Please note that Hestya may continue to use your de-identified data after you delete any of your Personal Information.

In accordance with our routine record keeping, we may delete certain records that contain Personal Information you have submitted through the Site. We are under no obligation to store such Personal Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Personal Information.

We will retain your Personal Information as long as needed to provide you services, comply with our legal obligations, resolve disputes, or enforce our agreements.

5. SECURITY OF YOUR PERSONAL INFORMATION

Hestya takes steps intended to secure your Personal Information. We deploy administrative, technical, and physical security measures to ensure a level of security appropriate to the risk including: pseudonymization and encryption of Personal Information where appropriate based on the risk to the data; the ability to ensure ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal information in a timely manner in the event of a physical or technical incident; and regularly testing, assessing, and evaluating the effectiveness of our technical and organizational measures for ensuring the security of all processing activities.

For example, Personal Information you provide is accessible only by designated staff. All Personal Information gathered on the Site is done in a secure and encrypted manner using Secure Socket Layer (“SSL”) technology.

However, no data transmission over the Internet can be guaranteed to be totally secure. While we try to protect your Personal Information, we cannot guarantee the security of any information you transmit to us or that we retain. You use the Site, and provide us with Personal Information, at your own risk.

6. DO-NOT-TRACK SETTINGS

Hestya does not collect Personal Information about individual users’ online activities over time and across different websites or online services and therefore does not respond to Do Not Track (“DNT”) signals. Hestya does not knowingly authorize third parties to collect Personal Information about individual users’ online activities over time and across different web sites or online services.

7. CHILDREN UNDER 13

The Site is not directed to children under 13 years of age and we do not knowingly collect Personal Information from children under 13. If we become aware that a child under 13 has provided us with Personal Information, we will make reasonable efforts to delete such information from our files.

8. YOUR CALIFORNIA PRIVACY RIGHTS

California law provides California residents the right to request from Hestya: (i) a list of the categories of Personal Information that we have disclosed to third parties for direct marketing purposes; and (ii) the names and addresses of all such third parties.

If you would like to request this information, please email your request to concierge@hestyadesign.com. In your request, please specify that you want a “Your Hestya California Privacy Rights Notice”. Please allow thirty (30) days for a response.

9. CONSENT TO PROCESSING AND TRANSFER OF INFORMATION

The Site is governed by and operated in, and in accordance with the laws of, the United States, and are intended for the enjoyment of residents of the United States. If you use the Site, or otherwise provide us with data, from outside the United States, you acknowledge and agree that your Personal Information may be transmitted outside your resident jurisdiction. In particular, please note that your Personal Information may be stored and processed in the United States. The laws pertaining to the collection, use, disclosure and protection of Personal Information in the United States may be more or less stringent than the laws of other countries. By using the Site, you (a) acknowledge that the Site is subject to the laws of the United States; (b) consent to your Personal Information being stored and processed in the United States and handled as described in this Policy; and (c) waive any claims that may arise under the laws of the country where you reside, are a citizen, and/or from where you access the Site. Note that we do not engage in automated decision-making.

10. DATA SUBJECTS’ RIGHTS.

All individuals whose Personal Information is held by Hestya have the right to:

Ask what Personal Information Hestya holds about them and why;

Ask for a copy of such Personal Information or access to such information;

Be informed how to correct or keep that Personal Information up to date;

Be informed on how Hestya is meeting its data protection obligations.

Furthermore, for data collected in the European Economic Area, data subjects have the right to:

Ask for a copy of such Personal Information to be sent to a third party;

Ask for data to be erased if possible and required under the General Data Protection Regulation (“GDPR”);

Ask for processing of Personal Information to be restricted if possible and required under GDPR;

Object to processing of Personal Information if possible and required under GDPR;

Object to automated decision-making where applicable; and

Contact a supervisory authority in the EEA to lodge a complaint regarding Hestya processing of your Personal Information.

11. CHANGES TO THIS POLICY

This Policy is the sole authorized statement of Hestya practices with respect to the collection of Personal Information and the subsequent use and disclosure of such information. Any summaries of this Policy generated by third party software or otherwise shall have no legal effect, are in no way binding upon Hestya, shall not be relied upon in substitute for this Policy, and neither supersede nor modify this Policy.

Hestya may revise this Policy from time to time without prior notice to you, and any changes will be effective immediately upon the posting of the revised Privacy Policy on the Site. You should bookmark and periodically review this page to ensure that you are familiar with the most current version of this Policy. You can determine when this Policy was last revised by checking the “Last Updated” legend at the top of the Policy.

12. QUESTIONS ABOUT THIS PRIVACY POLICY

If you have any questions or concerns about this Policy, please contact us at:

Email: concierge@hestyadesign.com