THE HANDY – PRIVACY POLICY

Last updated: October 2020

Protecting your privacy is a core part of Sweet Tech´s mission. Therefore, we have throughout the product development process of “Handy” – the ultimate hand job machine for men – built in safety and data protection by default.

In order for you to understand this privacy policy we have defined some important concepts:

“personal data”

means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly. Examples of personal data includes name, an identification number, location data, an online identifier such as IP address, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“special categories of personal data”

 means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (often called sensitive data).

“controller”

Means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“processor”

means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

IN SHORT:

Here is a summary of our commitment to secure your personal data when using the Handy device. Please read the full Privacy Policy.

1. What kind of data do we collect and why

1.1 Overview

What data we process depends on your interaction with us and your use of the Handy device. See below for various alternatives:

1.2 Purchase of the Handy device

When you purchase the Handy device from our website, we collect:

We use this information to process your purchase, fulfill your order, accounting purposes and register your Handy device for warranty purposes.

The processing is necessary for the performance of a contract to which you are a party. Legal basis is therefore GDPR art. 6 (1) b.

1.3 Using the Handy device offline

We have developed the Handy device with privacy as default. Therefore, when you use the Handy device offline, we do not process any personal data.

1.4 Connect the Handy device to the online world

Note that default WIFI setting is off. The machine will not connect before the user activity presses the WIFI button. If you choose to connect your Handy device to the internet, we will need to collect:

We need this information in order to connect the Handy device to the internet.

During the internet connection:

The legal basis for the processing is the performance of our contract with you and your consent (GDPR art. 6 (1) b) cf. art. 9 (2) b).

1.5 Using online synchronization with third parties or handyfeeling.com (operator use)

When you as the owner and operator of the Handy device use online synchronization with third party service providers, we collect the personal data in order to connect to the internet, please see sec. 1.4. In addition, we collect:

The purpose of the processing is to enable you to synchronize your Handy device with third part service providers of your choice. We may in the future also use this information to provide payment services.

In order for us to be able to connect your Handy device to the service you want to synchronize with, you will need to provide your unique connection key to the third-party supplier. The unique connection key is generated randomly but will be connected with your name if the third-party supplier you wish to synchronize with has it.

The key alone will not reveal your name. You may at any time regenerate a new unique connection key.

When you use the online synchronization with videos, our processing of your personal data will take place only during the session. When you log off, we will within one hour delete the session data. Please be aware that your Handy device will store the video script file in its persistent memory to enable video synchronization from handyfeeling.com. The data stored inside your Handy device will be deleted when its overwritten by new scripts.

In addition to the processing we perform, the provider of the service with which you synchronize, will be processing your personal data. We will be the controller of the personal data that we process as described in this Privacy Policy. However, the third-party service provider you chose to synchronize your Handy device with, will be the controller of the personal data that it process for its own purposes. Such data will typically consist of any payment details, product choices and other related data. Please consult the privacy policy of such provider.

The legal basis for the processing is the performance of our contract with you and your consent (GDPR art. 6 (1) b) cf. art. 9 (2) b).

1.6 Using the Handy remote control (remote partner use)

When you use the Handy remote control, a remote partner, such as a girlfriend or boyfriend, may control the device. If you choose to use Handy device this way, we collect the personal data in order to connect to internet, please see sec. 1.4. In addition, we collect:

of the remote partner. We need this information to connect the remote partner to your Handy device.

The purpose of the processing is thus to operate the Handy device remotely.

The legal basis for the processing is the performance of our contract with you and your consent (GDPR art. 6 (1) b) cf. art. 9 (2) b).

The processing will take place only during the remote session. This data will be stored in volatile memory and will be gone the moment the connection is finished. 

1.7 Update your Handy device

When you update your Handy device, we process:

The data is collected to make sure that your Handy device receives the correct update. 

The data is not stored in any persistent medium and is used and deleted after the update request have been fulfilled (<1second). The processing is necessary for the performance of a contract to which you are a party.

The legal basis for the processing is the performance of our contract with you and your consent (GDPR art. 6 (1) b) cf. art. 9 (2) b).

1.8 Cookies

A “cookie” is a piece of data sent from a website that is visited and stored locally on your browser. The purpose of cookies is to maintain data related to user preferences and account settings, as well as to evaluate and compile statistics about user activity. Please find our list of cookies we use by clicking this link.

Name

Provider

Expiry

TrackerTypeName

Type

Description
CookieConsent store.thehandy.com 1 year HTTP Cookie   Stores the user’s cookie consent state for the current domain
wc_cart_hash_# store.thehandy.com Persistent HTML Local Storage Necessary  
wc_fragments_# store.thehandy.com Session HTML Local Storage Necessary  
_ga store.thehandy.com 2 years HTTP Cookie Statistics Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_gat store.thehandy.com 1 day HTTP Cookie Statistics Used by Google Analytics to throttle request rate
_gid store.thehandy.com 1 day HTTP Cookie Statistics Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_hjAbsoluteSessionInProgress store.thehandy.com 1 day HTTP Cookie Statistics This cookie is used to count how many times a website has been visited by different visitors – this is done by assigning the visitor an ID, so the visitor does not get registered twice.
_hjAbsoluteSessionInProgress store.thehandy.com 1 day HTTP Cookie Statistics This cookie is used to count how many times a website has been visited by different visitors – this is done by assigning the visitor an ID, so the visitor does not get registered twice.
_hjid store.thehandy.com Persistent HTML Local Storage Statistics Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes.
_hjid store.thehandy.com 1 year HTTP Cookie Statistics Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes.
_hjIncludedInPageviewSample store.thehandy.com 1 day HTTP Cookie Statistics Determines if the user’s navigation should be registered in a certain statistical place holder.
_hjIncludedInPageviewSample store.thehandy.com Persistent HTML Local Storage Statistics Determines if the user’s navigation should be registered in a certain statistical place holder.
_hjTLDTest store.thehandy.com Session HTTP Cookie Statistics When the Hotjar script executes, it tries to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, it tries to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
IDE doubleclick.net 1 year HTTP Cookie Marketing Used by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
test_cookie doubleclick.net 1 day HTTP Cookie Marketing Used to check if the user’s browser supports cookies.
pagead/1p-user-list/# google.com Session Pixel Tracker Marketing Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites.
pagead/landing google.com Session Pixel Tracker Marketing Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement – This also allows the website to limit the number of times that they are shown the same advertisement.
_gaexp store.thehandy.com 82 days HTTP Cookie Marketing This cookie is used by Google Analytics to determine if the visitor is involved in their marketing experiments.
_gaexp_rc store.thehandy.com 1 day HTTP Cookie Marketing Determines whether the user is assigned to a specific content-experiment to optimize website content and advertisement efforts.

You can choose whether to accept cookies by editing your browser settings. However, if cookies are refused, some features on our website may not work as intended.  Information about the procedure to follow in order to enable or disable cookies can be found at:

For more information about other commonly used browsers, please refer to http://www.allaboutcookies.org/manage-cookies/.

1.9 Complaints

Any complaints must be processed in accordance with our General terms and conditions.  We will need the following personal data in order to process your complaint regarding faults and/or defects on your Handy device:

To protect your privacy, please do not include personal identifiable information including photographic or video images as relevant proof.     

The processing is necessary for of technical maintenance to ensure the performance of a contract to which you are a party. Thus, the legal basis for the processing is GDPR art. 6 (1) b.

If we require additional information in order to process your complaint, we may request performance and usage details for the unit in question. Under these circumstances we will explicitly ask for your prior consent in accordance with GDPR art. 9 (2) a.

1.10 Newsletter

We would love to stay in touch so we can tell you all about the future functions and add-ons we have in the pipeline. You can sign up for our newsletter on our website to subscribe to our news, information and marketing regarding our products.

In accordance with GDPR art. 6 (1) a) we will only send you newsletters based on your consent.

You can at any time opt out of receiving our newsletters by following the unsubscribe instructions included in each email message, or by contacting us at [email protected].

1.11 Contact us

If you contact us we may need to process information that identifies you such as your name, email address and country of residence etc. in order to answer your question or respond to your request, comment or complaint. We may retain this information to assist you in the future and to improve our customer service. We also use your personal data to establish and manage our relationship with you and provide quality service.


We are considered to have a legitimate interest to process your personal data whenever you contact us as the processing is necessary to manage our relationship with you and to improve our services in accordance to GDPR art. 6 (1) f. Since the communication is solely based on your initiative, the processing will be in your interest as well as ours.

2. Where we process your data/third parties

2.1 Service providers

We use third party services for analytics, marketing and hosting.

We will only process your personal data with third parties as described in this Privacy Policy. The third parties will be responsible for any processing of personal data for their own purposes. Please find links to their privacy policy under the description of each third party below. If a third parties use cookies and similar technologies to collect information about activity on our website you can find more information in our cookies policy in sec.1.8.

2.1.1   Google Analytics:

We use Google Analytics for the purpose of creating a website experience tailored to users’ needs and continuing optimization of our website. In this context, pseudonymized user profiles are created and cookies are used. The information generated includes:

are transmitted to and stored on a server belonging to Google in the USA. The European Standard Contractual Clauses are the legal basis for the transfer. 

Sweet Tech will be controller of the personal data that we process for our own purposes of marketing through Google Analytics. However, Google will be the controller of the personal data they process for its own purposes.

Read more:  https://policies.google.com/privacy

2.2 Business transactions

Personal data may also be provided to third parties in connection with a business transaction, including a prospective or completed merger, acquisition or stock sale (including transfers made as part of insolvency or bankruptcy proceedings). Any change of corporate control or disclosure for the purpose of determining whether to proceed or continue with such transaction or business relationship will be securely protected by non-disclosure agreements.

3. Safety measures

The protection of your personal data is a high priority for us. Our security measures include physical, technical and administrative measures. Everyone at Sweet Tech who handles personal data has received training and guidance on how to handle personal data safely. We adopt industry standard software and guidelines to protect your personal data and other confidential information.

Handy connects to our servers and communicates with third party service providers and remote-control partners through an encrypted connection (secure socket layer – SSL).

The Handy operator may at any time change the unique connection key.

All communication between users and Sweet Tech’s servers is secured with HTTPS.This is our guarantee that the processing of personal data is in line with legal requirements and with the highest level of security. Please note that HTTP access is not blocked.

Connections between our server and Handy is by encrypted HTTPS connection.

Your Handy is only identified through your changeable Connection Key.

Logs scramble sensitive data like Connection Key and IP addresses. Logs are deleted by default after 7 days.

We will launch a bounty program to hunt down security holes in 2021.

Our product design mythology is anonymity by default and only store the minimum data to get services to work or not store data at all if we do not need it.

4. Your rights as a data subject

Subject to applicable law, you may have certain rights with respect to our processing of your personal data.

We will provide you with the right to have access to a copy of, rectify, correct and update the personal data that we have about you in accordance with GDPR chapter 3. You may also have the right to restrict processing or have your data deleted. If our processing is based on your consent, you may also withdraw any consents you have given at any time. Please contact us at [email protected]

Also, please let us know if you consider that our processing of your personal data infringes applicable law.

If you believe that we process your data in violation of your rights, you have the right to complain to the Norwegian Data Inspectorate (“Datatilsynet). You should always contact us directly before sending a complaint to the Norwegian Data Inspectorate, so that we can try to resolve or clarify the issue.

5. How long we store personal data about you

We will not to store personal data for longer than needed or instructed by you. We will however retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

6. Changes in the privacy policy

We may update our Privacy Policy based on changing business practices, technology and legal requirements. Any such changes will be posted on this page. If we make a significant change in the way we use or share your personal information, you will be notified via email and/or through other prominent notice within at least 30 days prior to the changes taking effect.

7. Contact information

Sweet Tech AS,

(organisation/VAT number: NO 920 411 029 MVA)

Slemdalsveien 70A

0370 OSLO

Norway