Privacy & Security Policy

Heartbeat is safe and secure. Learn more below.


Last Revised: February 11, 2009

Heartbeat (the "Service") is a product/service of Enormego (the "Provider"). With Heartbeat, Enormego is committed to providing the utmost level of respect to our users and their data. We acheive this by implementing and practicing strict security policies and ensuring that the user is completely informed as to how their data will be utilized in Heartbeat. We aim to be as transparent as possible in our business and to ensure that our users feel completely comfortable regarding the operation of Heartbeat.

Usage of Heartbeat implies that statistical and financial data regarding your business will reside on Heartbeat's servers. We understand that our users regard this data as extremely private and that many measures must be taken to ensure that unauthorized viewing of this data does not occur. We ensure that all of these measures are taken. Our users' data is for their eyes only. This is our top priority, and it will continue to be, throughout the operation of Heartbeat.

Sections and Topics

  1. Your privacy is not for sale
  2. We don't want data that we don't need
  3. All data that we collect is held at the same standard
  4. It's your data, no one else can see it
  5. Third-party partners do not get access to your data
  6. Data security is our number one priority
  7. Physical security is always maintained
  8. Session data is only used to better your experience
  9. Disclosure of your data to protect our rights or if required by law
  10. It is your data, you can delete it
  11. Billing is safe and secure
  12. Rights of former customers
  13. Implied consent to abide by these terms
  14. We will notify you of changes to this document
  15. Contact us if you have questions

1. Your privacy is not for sale

Under no circumstances will your privacy be compromised for a price. We have no interest in doing anything more with our user's data than providing the safe and secure service for which they signed up.

2. We don't want data that we don't need

We don't collect information that we don't need. Period. If you think that we're asking you for something that we shouldn't need, be sure to contact us ASAP and we'll look into it.

3. All data that we collect is held at the same standard

Any information or data entered into Heartbeat is treated as if it is top secret. Emails, passwords, names and any other data we collect is all held to the same standard that your application statistics and financial data are held to. We apply the same security practices across the board to ensure that nothing is left to chance.

4. It's your data, no one else can see it

Each account is limited to seeing the data associated with that account only. User management is provided to each account so that they (and only they) can control who will see what within the account. There is no super admin that can freely browse through other accounts to view their data. We did not build one, nor do we ever intend to build one. We do not utilize or analyze your data for any reason other than to determine the proper pricing that your account should be charged in accordance with our predefined packages.

5. Third-party partners do not get access to your data

Heartbeat currently does not work with any third-party partners (that need access to your data) that does not directly pertain to the operation and maintenance of Heartbeat. While we currently have no plans to do so, we will not provide any access to your data for any reason unless we first request and receive explicit permission from you to do so.

6. Data security is our number one priority

We utilize a number of methods and techniques to ensure that your data is constantly kept safe. Database access is restricted to top-level employees only and we ensure that no data is ever transfered in an unsecured manner. Industry standard technologies and tools ensure that this policy is strictly followed. Basic security audits are done daily to ensure data and system integrity and more advanced security audits are done monthly.

7. Physical security is always maintained

We operate exclusively out of Tier III+ data centers where physical security is held at the highest level. Our hosting partners employ strict security protocols to ensure that phsyical access to our servers is extremely limited and that all approved and granted access is logged.

8. Session data is only used to better your experience

Heartbeat collects data about your session. Cookies are set (although, sensitive information is never stored in them) and timestamps, IP data and previously set cookies are read and stored.

[Courtesy of Wikipedia] - HTTP Cookies, more commonly referred to as Web cookies, tracking cookies or just cookies, are parcels of text sent by a server to a Web client (usually a browser) and then sent back unchanged by the client each time it accesses that server. HTTP cookies are used for authenticating, session tracking (state maintenance), and maintaining specific information about users, such as site preferences.

This information is only used to better your experience with Heartbeat and is not sold or made available to anyone outside of the Provider.

9. Disclosure of your data to protect our rights or if required by law

While we always do our best to protect our user's data, certain situations may arise requiring us to voluntarily disclose user data. Enormego reserves the right (and the user grants Enormego this right), to disclose any data maintained about a user or their account when the situation calls for it. Each situation will be evaluated and determined by enormego, in its sole discretion, as to what extent of disclosure is needed. The following scenarios provide a basis for our determination:

Enormego will ensure that each scenario is carefully evaluated and, if possible (and reasonable), that the user is fully informed prior to any action being taken.

10. It is your data, you can delete it

On request, we will remove all sensitive data maintained about your account from our production servers. This data will be permanently expunged from all active production servers. However, some portions of your data, such as user login statistics, will be retained within our systems as a matter of necessity. A request to delete data will not alter any previously created backup copies of your data maintained on other servers or on other storage media. Heartbeat retains these backups for various periods of time to ensure that a full recovery is possible given a malfunction with our production servers. Over time, your data will slowly be phased out of the backups.

11. Billing is safe and secure

When you enter your billing information into Heartbeat for the purposes of paying for your access priveledges, you will only be doing so over a secure connection. Secure Sockets Layer (SSL) connections are utilized to ensure that this transaction is 100% secure. SSL allows clients and servers to communicate in a highly secure fashion, thereby eliminating any eavesdropping, data tampering or other undesired results. To ensure that your transaction is being processed over SSL, be sure to look for the padlock icon in your browser. If you cannot find this icon, your session is no longer secure and you should stop all activities and contact us immedietly.

Heartbeat does not store any credit card data. Our merchant provider, PayPal, handles all recurring transactions and safely and securely stores all of your data. You can find more information regarding PayPal and their service by visiting their website.

12. Rights of former customers

If you cancel your account with Heartbeat for any reason, the rights set forth within this document will continue to apply indefinitely.

13. Implied consent to abide by these terms

Your continued utilization of Heartbeat implies that you have given the Provider complete consent to enforce this policy and that you will abide by all terms set forth within this policy.

14. We will notify you of changes to this document

This policy is subject to change. We know that changes to any policy can severely affect how a user will utilize that product or service. We understand this and sympathize with those users who have been caught off guard by policy changes in the past. That being said, we will do our best to notify each and every user of any privacy policy changes. Heartbeat users understand that policy changes may be required as a matter of necessity as Heartbeat continues to grow and expand it's feature set.

15. Contact us if you have questions

If you have any questions or concerns regarding anything in this document. Be sure to contact us. Our contact information is as follows:

info@enormego.com

enormego.
173 N. Main St. #114
Sayville, NY 11782
United Stats