High QA Privacy Policy

1. Introduction

High QA, Inc. is committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience. This Privacy Policy applies to all personal data collected through the High QA website and governs data collection, usage, and compliance with the EU-U.S. Data Privacy Framework (DPF). By using the High QA website, you consent to the data practices described in this statement.

2. Collection of Your Personal Information

High QA collects personally identifiable information (PII) ONLY if the individual specifically consents to it. PII is collected through the submission of a web form inquiry, subscribing to our newsletter, or through a BI software/service that is GDPR-compliant. Collected PII may include information such as your email address, name, work address, or telephone number.

High QA may also collect information about your computer hardware and software, including your IP address, browser type, domain names, access times, and referring website addresses. This information is used by High QA for the operation of the service, to maintain the quality of the service, and to provide general statistics regarding use of the High QA website or specific services.

3. Legal Basis for Processing

High QA processes your personal data based on the following legal grounds:

1. Contractual Necessity: To provide the services you have requested, such as accessing and using the High QA website, Software Solutions, Services.
2. Legitimate Interests: To improve our services, manage our business operations, conduct surveys, and communicate with you about products or services that may interest you.
3. Consent: Where you have provided explicit consent, for instance, for marketing communications.
4. Legal Obligations: To comply with applicable laws and regulations.

4. Use of Your Personal Information

High QA collects and uses your personal information to operate the High QA website, software and services you have requested. High QA also uses your personally identifiable information to inform you of other products or services available from High QA and its affiliates. High QA may contact you via surveys to conduct research about your opinion of current services or potential new services.

High QA does not sell, rent, or lease its customer lists to third parties. High QA may contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (email, name, work address, telephone number) is not transferred to the third party. High QA may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to High QA and are required to maintain the confidentiality of your information.

High QA does not collect any sensitive personal information, such as race, religion, or political affiliations.

5. International Data Transfers

High QA, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. High QA, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

These principles include:

1. Notice: We inform individuals about the types of personal data collected, the purposes for which the data is used, and the third parties to whom we disclose their data.
2. Choice: We provide individuals with the opportunity to opt out of data disclosures to third parties or uses incompatible with the original purpose of collection.
3. Accountability for Onward Transfer: High QA ensures that any third-party processors or partners to whom personal data is transferred comply with DPF principles and provide the same level of protection as required by the DPF.
4. Security: We take reasonable and appropriate measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.
5. Data Integrity and Purpose Limitation: We process personal data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We ensure that the data is accurate, complete, and current, and we retain it only for as long as necessary to fulfill the purposes for which it was collected.
6. Access: Individuals have the right to request access/visibility to their personal data held by High QA, Inc. and to request correction, amendment, or deletion of inaccurate or incomplete data.
7. Recourse, Enforcement, and Liability: High QA provides a mechanism for individuals to raise complaints about our data handling practices and resolves such complaints through an independent dispute resolution provider.

6. Data Retention

High QA retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. Specific retention periods depend on the data’s nature and the processing purpose, as outlined in our internal data retention policy.

7. Data Subject Rights

Under the GDPR and DPF, you have the following rights concerning your personal data:

1. Right to Access: You have the right to request access/visibility to your personal data.
2. Right to Rectification: You can request the correction of inaccurate or incomplete data.
3. Right to Erasure: You can request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected.
4. Right to Restrict Processing: You can request that we limit the processing of your data in certain circumstances.
5. Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and transfer it to another data controller.
6. Right to Object: You can object to the processing of your data based on legitimate interests or for direct marketing purposes.
7. Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise these rights, please contact us at dpo@highqa.com

8. Security of Your Personal Information

High QA secures your personal information from unauthorized access, use, or disclosure. High QA secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. When personal information (such as a credit card number) is transmitted to other websites, it is protected through encryption, such as the Secure Socket Layer (SSL) protocol.

9. Automated Decision-Making

High QA does not engage in automated decision-making, including profiling, that has legal or significant effects on individuals.

10. Children’s Privacy

High QA does not knowingly collect personal data from children under 16 without obtaining parental consent. If we become aware that we have inadvertently collected personal data from children under 16, we will delete such information promptly.

11. Data Breach Notification

In the unlikely event of a data breach, High QA will notify the relevant supervisory authority and affected individuals without undue delay if the breach is likely to result in a high risk to your rights and freedoms.

12. Use of Cookies

The High QA website uses “cookies” to help you personalize your online experience. A cookie is a text file placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

You can accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the High QA services or websites you visit.

13. Recourse, Enforcement, and Liability

High QA, Inc. provides a mechanism for individuals to raise complaints about our data handling practices. We are committed to resolving such complaints in a timely and effective manner. We provide recourse through an independent dispute resolution provider, ICDR-AAA DPF IRM Service (https://go.adr.org/dpf_irm.html), which can be contacted if you believe your data has been processed in violation of the DPF principles.

14. Verification

We conduct an annual self-assessment to verify that our data protection practices continue to comply with the DPF principles. This includes a review of our privacy policy, data handling practices, and third-party contracts.

15. Enforcement

Any employee or contractor found to have violated this policy will be subject to disciplinary action, up to and including termination of employment or contract.

16. Changes to this Statement

High QA will occasionally update this Statement of Privacy to reflect company and customer feedback and changes in legal requirements. High QA encourages you to periodically review this Statement of Privacy to stay informed about how we are protecting your information.

17. Contact Information

For any questions or concerns regarding this Privacy Policy or our data protection practices, please contact:

Data Protection Officer (DPO) High QA, Inc.
1 Bethany Rd., Suite 26, Hazlet, NJ 07730
Email: dpo@highqa.com

You also have the right to lodge a complaint with a supervisory authority if you believe your data has been processed unlawfully.

18. Policy Review and Updates

This policy will be reviewed annually or as required to ensure continued compliance with the DPF and applicable laws. Any changes to this policy will be communicated to all employees, contractors, and relevant third parties.