This document (the Policy) sets out the manner in which Howdy Hub Limited, Howdy Hub Pte Ltd and companies within its group (collectively, Howdy) collect, use, manage and protect Personal Data (as defined below) in compliance with the provisions of the UK’s Data Protection Bill 2017 (the DPB), the General Data Protection Regulation 2016, EU 2016/679 (the GDPR), the Personal Data Protection Act 2012 of Singapore (the PDPA) and all other applicable legislation and regulations.
This Policy applies to all Users and Hosts (as defined below) who provide Howdy with Personal Data or whose Personal Data is otherwise collected, used and/or disclosed by Howdy for the purposes of its business operations and to fulfil its contractual obligations. Hosts may be corporate entities. In this case, Howdy may hold Personal Data on the representatives of those Hosts with whom Howdy engages, and any references to the Personal Data of Hosts should be interpreted accordingly.
Changes to policy
Use of the Howdy Platforms following any such change constitutes that User or Host’s agreement that all Personal Data collected from or about that User through the Howdy Platforms after the revised Policy has been posted will be subject to the terms of the revised Policy.
Age of Majority means 18 years old, or such older age as may be required by the laws of the jurisdiction in which the User resides in order for that User to lawfully utilise the Howdy Platforms and the Services without parental consent.
App means the Howdy mobile application, as updated from time to time, available to download from:
Behavioural Data consists of all actions carried by a User on the Howdy Platforms, including with whom a User shows and does not show an interest in connecting, with whom they actually connect and the occurrence (but not content) of conversations that take place between Users as a result of those connections.
Data Intermediaries means third party service providers engaged by Howdy to manage or process its data, including any Personal Data.
DPB means the Data Protection Bill 2017, of the United Kingdom as may be amended from time to time.
GDPR means the General Data Protection Regulation 2016 of the European Union, as may be amended from time to time.
Host means the administrator of a Network on the Howdy Platforms (being the party entitled to access the Portal and legitimately amend that Network’s content and access its data) whether or not such party was the originator of that Network on the Howdy Platforms (for example where the Howdy team has created a Network on behalf of a Host).
Howdy Hub Limited means Howdy Hub Limited, a company registered in England and Wales under company registration number 09410382 and whose registered office is at 4 Coleman Street, Sixth Floor, London, EC2R 5AR.
Howdy Hub Pte Ltd means Howdy Hub Pte Ltd, a company registered in Singapore under company registration number 201613369K and whose registered office is at 80 Raffles Place #25-01 UOB Plaza, Singapore 048624.
Howdy Platforms means the Site, the Portal and the App collectively, including any content, functionality, products and/or services offered on and through the Site, the Portal and the App.
Network means any event, conference or community administered through the Howdy Platforms by a Host (whether or not such Host was the originator of that Network on the Howdy Platforms).
PDPA means the Personal Data Protection Act 2012 of Singapore, as may be amended from time to time.
Personal Data means any data relating to a User (including but not limited to Behavioural Data) that is capable of enabling that User to be identified (directly or indirectly), and whether or not such data is used to make such identification on its own or in conjunction with other data.
Portal means the portal used by Hosts located at portal.howdy.co.
Services means the products and/or services offered on and through the Howdy Platforms.
Site means the Howdy website available at www.howdy.co.
User means any user of the Howdy Platforms, including but not limited to subscribers to Networks originated by Hosts.
Who is Howdy?
Howdy is the controller of Personal Data collected from Users or Hosts. Howdy provides a service which helps organisers of Networks (i.e. Hosts) deliver an engaging way to meet the right people. Hosts will then invite Users to join those Networks through the App. Once a User has registered with the App, they will also be able to join other Networks organised by other Hosts that are accessible through the App, or become a Host and start their own network. We want to help Users achieve their goals, create opportunities, and solve problems by meeting the right people.
In order to do this Howdy needs its Users’ Personal Data so that it can provide Users with the most effective and satisfying experience. The Personal Data collected is used to populate each User’s profile on the Howdy Platforms, allowing Users to connect with each other and utilise all aspects of the Howdy Platforms. Howdy may also give the Host access to this Personal Data (including Behavioural Data – for example with whom Users may connect and chat). This helps Hosts improve their Networks and gain a greater understanding of their members.
While Howdy may provide Hosts with details of the occurrence of connections and conversations made by Users of their Networks, the contents of any conversations between Users will never be provided to Hosts. Behavioral Data will only be shared with the Host of the Network within which it was generated and, to the extent that such Behavioral Data also relates to another User (e.g. the occurrence of a conversation between two Users) to the Host of any Network which that other User has joined.
Howdy may introduce a ‘group chat’ function in a future update. Users should be aware that any messages posted to a group chat will be visible to any other existing or future members of that group chat.
Section 1 – What type of information is collected from users?
When a User registers with the Howdy Platforms and continues to use the Services through the Howdy Platforms, and when a party becomes a Host, Howdy collects certain types of information. Howdy may obtain certain information on a User from that User’s LinkedIn profile and use this information to pre-populate a registration form. The User will be asked to check and amend this information and to submit this information directly to Howdy using the form. When relevant information in a User’s LinkedIn profile is updated, Howdy may pre-populate an update form with this information and ask the User to review and submit any changes directly to Howdy.
Some of this information will constitute Personal Data. All Personal Data is stored on servers located within the European Union, or with intermediaries to which we are permitted by law to transfer such data, irrespective of the geographic location of the relevant User. The information and Personal Data collected is set out in the following categories:
- User Information - the User’s name, gender and contact particulars, including telephone number(s), residential mailing addresses and/or email addresses. This may include information obtained from the LinkedIn profile of a User following such User’s express consent to such information being obtained.
- Host Information - the name, contact particulars, including telephone number(s), business addresses and/or email addresses and, where a payment for Services has been agreed, banking details of Hosts (or, where the Host is a corporate entity the name, contact particulars, including telephone number(s), business addresses and/or email addresses of the representative of the Host setting up the Host’s account with Howdy).
- Identification Documentation - details of a User’s identification documents (such as NRIC or passport number or driver’s licence).
- Profile Information - a User’s profile, photos, activities, network and connections.
- Connections with other Users - information on Networks joined and connections made by Users, for example, people, events, conferences and communities that the User is connected to or engages with.
- Network Data - the User’s network usage data or other information gathered automatically by our systems, including computer IP address, links visited and other activities conducted online.
- Invitees - contact information obtained if a User invites other Users from a device.
- User Content - information in or about the content Users provide, such as a Linkedin blurb.
- Use of Service - information about how a User uses the Services.
- Search Information - the details of searches conducted by Users via the Howdy Platforms.
Anonymisation of Data
From time to time Howdy will anonymise Personal Data, which means that the data will not be able to be traced back to its subject. Data that has been anonymised, so that its subject cannot be directly or indirectly identified from it, will not constitute Personal Data and this policy is not intended to place any limits on what Howdy does with such data.
Cookies and Web Browser Information
Cookies are small files placed on Users’ and Hosts’ devices when visiting the Howdy Platforms.
When visiting the Howdy Platforms, we send one or more cookies to Users’ and Hosts’ computers and other devices. The information obtained from such cookies may be used by us to store preferences, improve the performance of the Howdy Platforms, create statistical data, and enable Howdy or third party advertising partners to display targeted advertisements which may be of interest to Users.
The Howdy Platforms use the following types of cookies:
- Necessary Cookies - cookies which are essential to allow Users and Hosts to use the Howdy Platforms and its features.
- Performance Cookies - cookies which collect information about how Users and Hosts use the Howdy Platforms to create aggregated, anonymous information that does not identify a User or Host.
- Functionality Cookies - cookies which allow the Howdy Platforms to remember Users and Hosts and provide a more personalised service.
- Targeting or Advertising Cookies - cookies which are used to deliver advertisements that may be relevant to a User (subject to such User specifically consenting to this Service).
Some of our cookies may remain on a device after a browsing session. Our cookies can be disabled by changing the settings in the relevant browser, but doing so might mean that Users and Hosts will be unable to use certain features of the Howdy Platforms.
The Howdy Platforms also collect information which is sent to us by a web browser. When browsing the Howdy Platforms, we automatically receive a computer’s Internet protocol (IP) address which provides us with information that helps us learn about the relevant browser and operating system, such as the name of the operating system and the name and version of the browser.
Other information Howdy may collect include the address of the web page from which the Howdy Platforms were accessed and the date and time of the visit. The type of information the Howdy Platforms collect depends on the settings in the relevant web browser.
Section 2 – What happens to user information?
Howdy collects, uses or discloses information (which will include Personal Data) from Users and Hosts for the following purposes:
- Provision of Services – to enable Users and Hosts to access the Services provided by the Howdy Platforms and to improve these Services.
- Content – to ensure that the content of the Howdy Platforms is presented in the best way for a User and Host and their computer or mobile device.
- Communication – to respond to a request for information and support when using the Services, or otherwise communicate with Users.
- Interests – to provide information about products or services that a User or a Host requests or which Howdy considers may be of interest to any party who has specifically consented to receive such information.
- Third Parties – to allow Hosts to contact (via Howdy) any User who has specifically consented to receive details of goods or services in which the User might be interested.
- Statistical Data – to create statistical and Behavioural Data to improve the effectiveness of our service to Hosts and Users.
- Host Reporting – to provide raw data and/or compiled reports to Hosts which will include information identifying Users within their Networks and the activity of those Users on the Howdy Platforms.
- Internal Use – to assist Howdy with the hiring, managing, training, evaluating or terminating the services of its employees.
- Dissemination – to collect and analyse information for marketing, product evaluation or statistical purposes. User information may be aggregated with information about other Users to create statistical data. This statistical data will be anonymised such that it is not capable of identifying any specific Users. Howdy may distribute such statistical data to third parties with which it works.
- Data Transfer – to transfer such information to Data Intermediaries to facilitate any of the purposes stated above, subject to such Data Intermediaries agreeing to appropriate contractual safeguards.
- Howdy Group – to share such information with any Howdy Group member or on any sale of the shares or assets of Howdy, merger or change of control.
- Specific Consent – to use such information for any other purposes for which Howdy has explicitly obtained the User’s or Host’s consent.
Use of Information for Marketing Purposes
Howdy will only send a User marketing communications by email or text message if that User has consented to be contacted in this way. Howdy will only allow third parties to send a User marketing communications by email or text message if that User has expressly consented to this.
Howdy will inform a User and obtain that User’s express consent before using any Personal Data for any purposes other than those set out in this Policy.
Relationship with Network Hosts
When setting up a Network, Hosts will provide limited Personal Data relating to known or potential subscribers to their Networks which are being hosted on the Howdy Platforms. This information will be limited to a subscriber’s name and email address. It will be the responsibility of each Host to ensure that it has the necessary consent from the relevant individual to the disclosure of this Personal Data to Howdy.
Howdy will only use this Personal Data to contact the potential subscriber in order to invite that subscriber to download the App and register as a User in relation to the relevant Network. Howdy will not use this Personal Data for any other purpose and will not disclose this Personal Data to any third parties. Once a subscriber has registered as a User then the subscriber will become a User and will have given Howdy permission to use that User’s Personal Data for the purposes set out in this Policy.
Hosts will be able to invite Users of one of their Networks to other Networks created by that Host. A Host will not be permitted to provide Personal Data relating to their Users to any other Host. Howdy will only provide Personal Data of Users to the Hosts of those Networks that a User has joined.
A User is free to join any Networks available to them through the Howdy Platforms (including Networks created by Hosts with whom the User has no previous connection). By joining a Network created by a Host with whom the User has no previous connection, the User is consenting to the provision of their Personal Data held by Howdy to such Host in line with this Policy.
Howdy will make available to Hosts certain information on Users, whether through the Portal or the provision of compiled reports. This information will include:
- the names of the Users of that Host’s Networks; and
- Personal Data of those Users (including swipes, connections and the occurrence of conversations between Users as a result of those connections).
Except for messages sent via any future ‘group chat’ function which will be visible to any other existing or future members of that group chat, Howdy will not reveal to Hosts the contents of any messages sent between Users, only the fact that a message was sent. Howdy will not provide a User’s email address to Hosts, unless this information may already be known to the Hosts (e.g. where the Host has provided a potential User’s email address in order for Howdy to invite that person to download and register with the App).
Hosts will be permitted to use the information made available to them to:
- learn about their Users;
- contact their Users (using contact details independently obtained by the Host); and
- market their services and products to their Users (using contact details independently obtained by the Host).
However, Hosts may not use this information for any other purpose, and may not disclose it to any third parties, without first obtaining the express consent of the relevant User.
Howdy will facilitate communications between Hosts and Users of their Networks. Such communications will be made, at the request of the relevant Host, by Howdy to such Users. These communications may take the form of in-app chat messages, push notifications, e-mails or any other form. Howdy will not provide any Personal Data of any Users to Hosts for this purpose.
The Personal Data of Hosts, or (where the Host is a legal entity) their representative with whom Howdy engages, will not be shared by Howdy with any third party for any purpose other than Data Intermediaries for the purpose of storage.
Section 3 – Consent
Users will be asked when registering with the Howdy Platforms to provide certain Personal Data directly to Howdy (which Howdy may have obtained from a User’s LinkedIn profile and used to pre-populate a form) and to give their express consent to the following matters (called Service Critical Consents):
- the gathering, storage and processing of Personal Data provided to Howdy by a User (which includes any Personal Data that a User has given Howdy permission to obtain from third parties);
- the transfer of Personal Data to Data Intermediaries;
- the disclosure of Personal Data (including Behavioural Data) to Hosts of those Networks that a User has joined, including Behavioral Data between two Users of a Network that may relate to actions between those Users outside of that Network, as part of the information made available by Howdy to those Hosts on the User activity within their Networks;
- communications from Howdy relating to the provision of the Services or to invite Users to become Hosts; and
- the installation of cookies (other than Targeting or Advertising Cookies as described above).
A User may choose not to give this consent. However, as any such refusal to give a Service Critical Consent will prevent Howdy from being able to provide the Services to a User, a User will not be able to complete their registration and utilise the Howdy Platforms if any Service Critical Consent is refused.
Users will also be asked to provide their express consent to the following matters (called Non-Critical Consents):
- the installation of Targeting or Advertising Cookies as described above; and
- such other matters as Howdy may notify to a User from time to time.
A User may choose not to give any or some Non-Critical Consents. Any such refusal to give a Non-Critical Consent will not prevent a User from being able to complete their registration and utilise the Howdy Platforms.
Hosts will be asked to provide their consent to the following matters (called Host Consents):
- the transfer of Personal Data to Data Intermediaries;
- communications from Howdy relating to the provision of the Services; and
- the installation of cookies (other than Targeting or Advertising Cookies as described above).
A Host may choose not to give this consent. However, as any such refusal to give a Host Consent will prevent Howdy from being able to provide the Services to a Host, a Host will not be able to complete their registration and utilise the Howdy Platforms if any Host Consent is refused.
Users and Hosts have the right at any time to withdraw any consent that they have previously given to Howdy to the processing and use of their Personal Data. This can be done by emailing Howdy at email@example.com.
In relation to Non-Critical Consents (as set out above), a User may provide or withdraw their consent to any or all of these actions without any impact on the ability of the User to access the Howdy Platforms and use the Services. If a User withdraws their consent to any of the Service Critical Consents then that User will be prevented from further accessing the Howdy Platforms and the Services and their account will be closed.
If a Host withdraws their consent to any of the Host Consents then that Host will be prevented from further accessing the Howdy Platforms and the Services and their account will be closed.
Section 4 – Cross Border Transfers
It is essential to the provision of the Services, which connect Users with Hosts and other Users in any jurisdiction, that data flows between the European Union (EU) and other jurisdictions. To ensure that EU Personal Data is adequately protected when transferred outside the EU, the GDPR mandates that such transfers take place using certain legal mechanisms.
When a User makes a connection with a Host or another User via the Howdy Platforms, that User is itself providing its relevant Personal Data to the recipient. That recipient may be located outside of the EU, and it is the responsibility of each User to ensure that they are comfortable making such data transfer.
Howdy will only transfer a User’s Personal Data between other Users within a Network which the User has joined or (as part of its reporting services) to the Host of a Network which that User has joined. Howdy will use European Commission-approved Standard Contractual Clauses as a legal mechanism for such data transfers to locations outside the EU. These clauses are contractual commitments between companies transferring personal data, binding them to protect the privacy and security of the data.
Data collected from Users resident in Singapore may be transferred to and stored in destinations outside Singapore and may be processed by staff operating outside Singapore. By submitting a User’s Personal Data, that User agrees to the transfer, storage and processing in accordance with the terms set out in this Policy.
Section 5 – Data Intermediaries, Service Providers and Links
Howdy will only collect, use and disclose User information to the extent necessary to enable the provision of the Services and in accordance with this Policy. Howdy will ensure that any Data Intermediaries or other third party service providers used by it will be subject to appropriate contractual obligations regarding the security and disclosure of any User information disclosed to them.
Such third parties will have their own privacy policies in place and we recommend that Users read these in order to understand the manner in which Personal Data will be handled by these providers. In particular, please note that certain providers may be located in or have facilities that are located in a different jurisdiction. Thus, if a User elects to proceed with a transaction that involves the services of a third party service provider, information may become subject
to the laws of the jurisdiction(s) in which that service provider or its facilities are located.If the GDPR applies to any Personal Data held by Howdy then all such Personal Data will be processed in accordance with the principles of the GDPR.
Howdy has taken the necessary steps to ensure that it understands the data protection systems that its Data Intermediaries have employed and that they are in line with Howdy’s policies and any relevant data protection laws.
Section 6 – Retention Periods
Howdy will retain Personal Data for the following periods:
- Personal Data on prospective Users supplied by a Host to Howdy will, in the event that such prospective User has not registered with Howdy as a Host or a User within 24 months of the date of the relevant communication from Howdy inviting that party to download and register with the Howdy Platforms, be deleted at the end of that 24 month period.
- Personal Data of Users and Hosts is kept by Howdy for so long as their account is active.
- On request of a User (or on withdrawal of consent to data processing – i.e. withdrawal of a Service Critical Consent or a Host Consent) the relevant account will be closed and information relating to that User or Host will be anonymised (i.e. to remove any Personal Data). That anonymised data will no longer be Personal Data and will be retained within the Howdy system for statistical purposes.
- On closure of a Network, information relating to the Network activity will be anonymised, but the Users who have joined that Network will remain Users of Howdy generally (and their Personal Data will be retained).
- If a User or Host has been inactive (i.e. not logged into the Howdy Platforms or otherwise undertaken any activity of any nature on the Howdy Platforms) for a period of 3 or more years from the later of 1 January 2018 and the date of the last activity by that User or Host, then the account of that User or Host (and, in the case of a Host, any Networks administered by that Host) will be closed and the information anonymized. Once an account has been closed it cannot be re-opened.
Section 7 – Users’ Rights Related to Personal Data
Users and Hosts have entered into a contractual agreement with Howdy and have rights under the relevant data laws that allow them to control and monitor the Personal Data that Howdy holds about them. These rights can be utilised by contacting Howdy at firstname.lastname@example.org. These rights include the following:
1. Right of Access
A User or Host can request access to any Personal Data that Howdy holds about them. Confirmation will be given that the request is being handled and details of all Personal Data held will be provided in no more than 30 days from the date of the request. This request will be free of charge.
2. Rights of Rectification
A User or Host can request rectification of any incorrect or out of date Personal Data relating to themselves that Howdy holds. Some Personal Data can be controlled through the Howdy Platforms. In this case Howdy will provide directions as to how to effect the change. If the data cannot be controlled in this way then confirmation will be sent that the request is being handled. The relevant field will be updated in no more than 30 days from the date of the request and a confirmation of the update will be sent. This request will be free of charge.
3. Right of Erasure or Withdrawal
A User or Host can request erasure of any Personal Data that Howdy holds about them and can withdraw consent for any Service Critical Consents or Host Consents. Confirmation will be sent that the request is being handled. A further confirmation will be sent once Howdy has completed the request, and this will be done in no more than 30 days from the date of the request. This request will be free of charge. The effect of any such request will be the closure of the User’s or Host’s account and they will no longer be able to access the Howdy Platforms without first re-registering.
4. Withdrawal of Non-Critical Consent
A User can request the withdrawal of any Non-Critical Consent. The relevant activity covered by the withdrawn consent will cease, but this will not prevent the User from being able to access the Howdy Platforms and use the Services. This request will be met in no more than 30 days from the date of the request. This request will be free of charge.
Data PortabilityPersonal Data that Howdy holds about a User or Host will be provided on request in a commonly used, machine-readable format. The Personal Data will only be given to the relevant User or Host.
When Charges Will Apply
Howdy reserves the right to charge a reasonable administration fee to cover the costs of dealing with any such requests received from Users or Hosts if such requests are deemed to be unfounded or excessive. For example, where a User or Host makes repeated right of access requests in a limited time period.
As is common Howdy retains back-ups of its data which are kept in secure storage. Due to the cost of accessing these back-ups, they will not be accessed and amended as a result of a request to rectify or erase data or as a result of any withdrawal of consent to data processing. Over time these back-ups will be erased in accordance with Howdy’s usual retention practices, and in the event that the back-ups are accessed for any reason before they are due to be erased then the data contained in such accessed back-ups will be updated or deleted (as appropriate) at the time of access.
Section 8 – Automated decision making
Section 9 – Security
To protect Personal Data, Howdy takes reasonable precautions and follows industry practices to ensure that such information is not lost, misused, accessed by unauthorised persons, disclosed, altered or destroyed. Howdy does not store data that would give access to other services and account passwords cannot be retrieved.
Howdy has taken steps to obtain confirmation from its Data Intermediaries that they are compliant with the relevant Personal Data regulations.
Access to Personal Data by employees is restricted to those who work with or oversee those who work with the Personal Data. A Host’s access is restricted to the Personal Data provided by the Host to Howdy, and the information on the Users of a Host’s Networks made available to that Host by Howdy. A User’s access is restricted to Personal Data relating to themselves.
Users and Hosts should be aware that while Howdy always tries to ensure that any data transfers made by it are made in the most secure way possible, transmission of information via the internet is not entirely secure and Howdy cannot guarantee the security of any Personal Data transmitted to the Howdy Platforms via the internet. Users and Hosts should take steps to keep their own Personal Data secure by protecting passwords and other account credentials for their Howdy account and any other account which is accessed through the Howdy Platforms.
Section 10 – Complaints
If a User or Host wishes to register a complaint about Howdy’s handling of their Personal Data please contact Howdy at email@example.com.
If a User or Host is dissatisfied with Howdy’s handling of their complaint or the processing of their Data that party can lodge a complaint with the relevant Data Protection Authority. The United Kingdom's governing authority for Data Protection is the Information Commissioner’s Office (ICO) - https://ico.org.uk/concerns/. Singapore’s governing authority for Data Protection is the Personal Data Protection Commission (PDPC) - https://www.pdpc.gov.sg/.
Section 11 – Age of Consent
Howdy does not knowingly provide its services to anyone under the Age of Majority or collect any Personal Data in relation to any such person. By using the Howdy Platforms, Users and Hosts represent that they are at least the Age of Majority in their country (or state or province, if applicable) of residence.
Users and Hosts must not use the Howdy Platforms to upload, post or transmit any information that relates to and identifies any person under the Age of Majority. If Howdy becomes aware of any Personal Data in relation to a person under the Age of Majority which has been uploaded, posted or transmitted to, on or via the Howdy Platforms, Howdy may delete any such information without liability to the party who uploaded, posted or transmitted the data. Howdy may terminate the account of any such party.
Section 12 – Governing Law and Dispute Resolution