1         Definitions

1.1        Introduction

Perite GmbH is the company that developed and maintains the Hyperlane® App. The goal is to provide a fully transparent and secure communication environment for information exchange and access for all members by using state-of-the-art security technology, encryption and minimal data storage.

All data processing and protection of collected data is done according to relevant legal regulations and EU Regulation 2016/679 (GDPR).

1.2        Terminology

• User: Refers to every individual using the Hyperlane app

• Company: Refers to Perite GmbH, the developer and operator of Hyperlane

• Application: Refers to the Hyperlane App or Service

• You: The User(s) of the Hyperlane App

• Device: The devise via which the Hyperlane App is accessed

• Account: The unique account created on the Hyperlane App for the user

1.3        General Information

The Hyperlane app operates based on the principles of strict linking to purpose and data minimization. Therefore, only essential data is collected and all other information is provided only on a voluntary basis.

The app operates on central servers, located in Germany, which are hosted by Hetzner Online GmbH. No data transfer occurs to servers outside of Germany. Chat logs are recorded on the central server until the user decides to delete the chat history, in which case these logs are removed without a trace and without option for recovery for every chat participant.

Hyperlane can be used without any personal data, with the exception of a working email address. Users must confirm, when providing this information and using the app, that they confirm their acknowledgement of §8 GDPR and that they are at least 18 years of age or have obtained the consent of the respective legal guardian.

By using the app, the user agrees to the collection, processing and use of data as described below.

2         Purpose, Scope and Duration of Data Processing

Hyperlane processes data to enable the transmission of messages or media to other users of the app. This can happen in the form of chat messages between two or more users or in the form of community posts within communities of a large number of users.

All data is processed on Hyperlane’s own sever infrastructure in Germany and not transmitted to a third party.

Your information, including Personal Data, is processed at these servers and that means that this information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to this transfer.

The Company will take all steps reasonably necessary to ensure that data is treated securely and in accordance with this Privacy Policy and no transfer of Personal Data will take place to an organization or a country that is not specified in this document

2.1        Master Data and App Use Data

In the context of the use of Hyperlane, the following data is collected and stored:

• Email address

• Operating system and version of the Hyperlane app

• Date and time of the last login

• User’s IP address

This data is collected under Legitimate Interest, to allow users to access the app.

Technically necessary data is stored on the servers for a maximum of 30 days and then deleted.

The following information is optional and voluntarily provided by app users:

• First Name, Last Name, Title

• Address

• Mobile phone number

• User profile, consisting of job history, company information, job title, certifications, languages and skills

• User self-description (free text)

• User profile picture

• Joined Communities and Organizations

When exchanging direct chat messages, only the following information is stored on the servers and shared between the participants:

• User IDs of sender and recipient

• Date and time of message sending / modification

• Fully end to end encrypted message content and files

At no time can Hyperlane access or read the message content or files.

In order to deliver messages successfully and reliably, Hyper­lane uses the infrastructure of Google LLC (Android) and Apple Inc. (iOS) respectively. To do this, we have to share device-specific identifiers. At no point do we share any further information. Third parties do not receive any message content, files or information about the chat participants. Further information can be found in the privacy policies of the respective third parties.

All data is stored until deletion by the user. Once the information is deleted, it cannot be restored.

2.2        Direct Chat Messages and Communities

Header information of messages (sender, recipient etc.) is protected by an additional encryption layer for transmission to the server, and from the server to the recipient, to prevent eavesdropping by third parties (e.g. in open wireless networks).

Hyperlane uses its end-to-end encrypted infrastructure to deliver chat messages and files between two participants. At no time can Hyperlane read the message content or files.

Community logs are recorded for as long as the community persists. If a thread or log or entire community is deleted, this information is irrevocably erased for all participants. However, Hyperlane reserves the right to store data for the purpose of investigating criminal offenses or cases of abuse.

2.3        Address Book Data

At the explicit request of the user, email addresses and phone numbers from the user's address book can be synchronized, in order to identify the user’s contacts which are also using the Hyperlane platform. This data is transmitted to the servers one-way encrypted (“hashed”) and additionally protected using TLS encryption. The servers only keep these hashes in volatile memory for a short time to determine the list of matching Hyperlane Users, and then deletes the hashes immediately. At no point are the hashes or the results of the synchronization written to non-volatile storage or otherwise evaluated.

2.4        Crash Reports

In order to improve the stability and reliability of the app, Hyperlane offers the users to transmit anonymous crash reports.

Android: If the user voluntarily and explicitly consents to the general transmission of crash reports to Google when setting up his mobile phone, information (status of the app at the time of the crash, stack trace, manufacturer and operating system of the mobile phone, latest log messages) will be transmitted to Google and stored there for evaluation by Perite GmbH.  Further information can be found in the Google Privacy Policy.

iOS: If the user voluntarily and explicitly agrees to the transmission of a crash report, information about the crash (status of the app at the time of the crash) is transferred to a Hyperlane server for evaluation. On iOS, they consist of a stack trace, information about the device (e.g. model, operating system version, but no serial number), the app version, the time stamp of the start and crash, and the list of software libraries loaded in memory. Processor register contents or log messages are not being collected. Further information can be found in the Apple Privacy Policy.

3         Data Processed by Third Parties

Perite GmbH does not pass any user information or data to third parties. Analytics software is not used to monitor user behavior or statistics.

4         Right to Information, Correction, Blocking, Deletion and Objection

Users retain all rights to their personal data that is processed and stored by Perite GmbH at any time. This includes the right to access, correct, block or (apart from the legally required data storage for business purposes) delete this personal data. In particular this encompasses the following rights:

• Right to information: Users have right to be informed about the use of the information and with whom the information is shared. This is provided in this document.

• Right of Access: Users have the right to access their personal data that is processed by Hyperlane.

• Right to Rectification: Users have the right to change or modify the data they have provided to Hyperlane.

• Right to Erasure: Users have the right to have their personal information deleted irrevocably

• Right to Restriction of Processing: Users have the right to restrict data processing under certain conditions, when for example the data accuracy is disputed, a restriction instead of erasure of data is preferred or in defense of a legal claim

• Right to Data Portability: Users have the right to receive all their personal data held by Hyperlane in a commonly used format. The stored inventory of all personal data can be requested at any time by contacting datenschutz@hyperlane.org.

• Right to Object: Users have the right to object to data processing or profiling at any time, if based on relevant grounds.

• Right to Avoid Automated Decision making: Users can object to any automated profiling or data processing, unless it is required to complete the agreed contract, they have explicitly agreed to the processing in the defined scope, or authorization is granted by the EU or a member state and safeguards for user interests and freedom are implemented.

Most of these rights can be exerted directly by the users in the app. All further practice of rights may be exerted at any time by contacting datenschutz@hyperlane.org.

5         Sharing Data in Compliance with Enforcement Requests and Applicable Laws

‍In exceptional circumstances, Perite GmbH may be required to share information with a third party when it is reasonably necessary to:

• comply with any applicable law, regulation, legal process or governmental request,

• protect the security or integrity of the application,

• protect the Hyperlane App and our users from harm or illegal activities, or

• respond to an emergency which requires to disclose information to assist in preventing the serious bodily harm

• Protect against legal liability

6         Links to Other Websites

Hyperlane may contain links to other websites that are not operated by the company. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

7         Responsible Data Protection Contact

For any questions on data privacy, Perite GmbH can be contacted via the following address:

Perite GmbH
Data Protection officer
Müller-Breslau-Straße 28
45130 Essen
datenschutz@hyperlane.org

Representative in the EU according to Art. 27 para. 1 GDPR

8         Amendment of the Privacy Policy

Perite GmbH reserves the right to change this Privacy Policy from time to time in order to comply with changed legal requirements or to reflect new functionalities of the app.