Privacy Policy

Last updated on July 29, 2022

Henro.org is committed to protecting the information you share with us. This Privacy Policy describes Henro.org (“we,” “us,” or “our”)’s policies on the use, collection, and disclosure of user information in connection with the use of Henro.org’s website and communications (collectively, “Service”). When you use the Service, you consent to Henro.org’s collection, use, and disclosure of information about you as described in this Privacy Policy.

Who We Are

Henro International, LLC (operating under the name and hereby referred to as “Henro” or “Henro.org”), is based in Atlanta, Georgia in the United States of America.

Henro.org provides a digital platform (“the Site”) that collects and publishes data on pilgrimages around the world, with the goal of helping potential and current pilgrims on their journey. Data on Henro.org is curated by our internal team and enriched by photos and reviews crowdsourced from our community of registered users.

Your Information

This Privacy Policy explains how and what Personal Data we collect, what we do with your Personal Data, and who we share it with. This Privacy Policy is an integral part of our Terms of Service, which can be accessed at: https://www.henro.org/terms. Please read this Privacy Policy before using our Service or submitting any Personal Data to Henro.org. Contact us at https://www.henro.org/contact if you have any questions.

Information We Collect

We may collect, transmit, and store information about you in connection with your use of the Service, or in combination with other information that could be used to identify you (“Personal Data”). We use that information to provide the Service’s functionality, improve your experience and the Service’s quality through research and analyses, provide customer support, send communications, and comply with legal obligations.

Personal Data

We collect Personal Data when you sign up for our Service through the Site or contact us. The Personal Data collected during these digital interactions generally includes information of the following categories:

  • Account Information: When you create a profile with us by signing up, we acquire data about you such as your name, username, email address, location, and any other information you choose to provide. If you believe that someone has created an unauthorized account using your personal information, you can request its removal by contacting support directly.
  • User Generated Content: User-generated content is intended for public consumption and viewable by the public. User-generated content includes profile images, uploaded photos, videos, customized lists, comments, questions, and other content or information that you generate, transmit, or otherwise make available on the Service, as well as associated metadata. Metadata includes information on how, when, where, and by whom a piece of content was collected and how that content has been formatted or edited. Metadata also includes information that is added to the data users have provided through usage of the Service, such as keywords and geographical information.
  • Additional Profile Information: To help improve your experience or access to certain features of the Service, you may voluntarily provide us with additional information, such as your location of residence or statistics on your experiences related to pilgrimages and other related topics on the Site.

Other Information From Using the Service

We may receive or collect aggregate or individualized data related to your accesses and interactions when using the Service. For example, we may monitor the number of people that visit our Site and certain pages of our site, aggregate geographical data, the domains our visitors come from, and the browsers used to access the Site. This data enables us to aggregate information about our users in order to improve our features and provide relevant content and services. The following categories describe the types of information collected in this manner:

  • User Activity: We store information about your use of the Service and interactions on the Site, such as your search history, the content you view or engage with, and the time and frequency of your visits.
  • Geolocation Data: If you have enabled location services for the Site on your computer or mobile device, we may collect your precise location data based on your latitude and longitude, and may infer other geographical information such as city, state, zip code, and country. Henro.org may also derive your approximate location from the IP address of your computer or mobile device. You may stop sharing your location data by adjusting your mobile devices location services settings.
  • Browser Activity: Your browser automatically sends information whenever you visit the Site (“Sessions”), including your IP address (so we understand which country you are connecting from during Sessions), browser types (e.g., Chrome, Firefox, etc.), the date and time of the Sessions, and your interactions with the Site (e.g, pages you are visiting).
  • Cookies: We may use cookies and similar technologies (“Cookies”) in connection with your usage of the Service to operate and administer the Site. Cookies may contain uniquely identifiable information related to the usage of the Service retained on your device, browser session, or email communication tools. We use cookies to securely identify users for future visits and gather usage data. For more information about the technologies used and information we collect, please refer to our Cookies Policy, which forms part of this Privacy Policy.
  • Device Data: Includes the name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings. If you access the Service with multiple devices, device data collected from these devices may be combined and cross-referenced.

Information We Receive From Third Parties: In accessing our Service, you may choose to authenticate your account through another service (e.g., authenticating with your Facebook, Google, or Apple account). Under these circumstances, we may receive information about you based on your external account settings on these other services. Other information may include contact lists and profile photos. You can stop sharing the information from other services with us by removing our access to that other service.

How We Use Your Data

We use Personal Data, as defined in this Privacy Policy, to allow you to access and use our Service, including registering your account, processing payments, guiding you along pilgrimage map routes, and providing customer support. Data processing and retention is necessary to fulfill our contract with you. We use Personal Data as necessary for the following legitimate business interests:

  • To communicate with you and respond to your inquiries, comments, feedback, or questions.
  • To send administrative or transactional information to you relating to our Service and changes to our terms, conditions, and policies, and request information from you.
  • To analyze your interactions with our Service and feedback you provide through comments, reviews, and other form submissions. We use this information to create, maintain, and improve the content and functionality of the Service. The use of cookies and other similar technologies allows us to inform our marketing strategy.
  • To enable us to improve and personalize the experience of our users. For example, information such as budget can help us recommend itineraries and accommodations for your trip. Location information allows us to provide navigational assistance on pilgrimage trails.
  • To administer and conduct our business, prevent fraud, criminal activity, or misuses of the Service, and ensure the security of our digital networks and systems.
  • To protect our rights, privacy, safety, property, and users, and enforce our terms and policies.
  • To comply with legal obligations and processes.

How We Share and Disclose Personal Data

Henro.org does not, and will not, sell information about you to anyone. We only use your information as set out in this Privacy Policy, and will only share your information with third parties for commercial purposes such as marketing or promotions if we have your consent to do so, or where we’ve engaged a company outside Henro.org to provide a service for us, or where we are obliged by law to provide information to authorities. In engaging with companies outside Henro.org to enable our services, we only share your information when we have proper safeguards in place. For our legitimate business purposes, these thirds parties may access, process, or store Personal Data in the course of our relationship with them, and only for the purposes of performing their services to us, for the reasons set forth below:

  • Service Providers: To assist us in conducting business operations and to perform certain services and necessary functions, we may transmit Personal Data through, or share Personal Data with:
    • Service providers, including hosting, cloud and database management services, and other information technology services providers; Email service providers for newsletters and other communication;
    • Sales, marketing, and analytics services;
    • Customer relationship management, customer engagement, and customer feedback services;
    • Payment processors; and
    • Security services.
  • Business Transfers: In the event of a change in business ownership, such as by merger, acquisition, bankruptcy, transition of service to another provider, or other proceeding involving the transfer, sale, or divestiture of business assets, we may disclose Personal Data and other information in the course of due diligence processes with or transfer of assets to necessary parties.
  • Legal Requirements: To the extent we are required to do so by law or where we believe disclosure is necessary, we may disclose your information to courts, law enforcement, government authorities, or authorized third parties, in order to
    • Comply with legal or regulatory obligations;
    • Comply with a valid legal request, such as a court order or subpoena;
    • Protect and defend our rights or property or to respond to claims asserted against us;
    • Protect the personal safety of users of the Site or the public; and
    • Respond to valid legal requests related to suspected illegal activities (such as fraud) or criminal investigations.
  • Other users and the public: Your profile and other user-generated content (except for private messages and email communications) may be visible to other users of the Service and the public. For example, other users of the Service may access your public profile information, reviews and comments submitted by you, and photos you have uploaded. We are not responsible for the collection and dissemination of this information by affiliated and unaffiliated third parties (e.g., search engines) outside of the scope of our instructions.

Your Rights

Data Retention

We retain Personal Data and other information for as long as reasonably necessary for legitimate business needs, to fulfill the purposes outlined in this Privacy Policy, and to comply with legal or safety reasons. If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt-out of receiving these communications in your account settings. All Personal Data supplied to Henro.org is stored on secure systems that are continually and reasonably monitored and updated to protect your data.

Managing Your Information

You can access and manage some of your Personal Data in your account settings. If your pilgrim profile is connected to a third-party service, such as Facebook or Google, you can update your connection settings through those services. If you have trouble with managing your Personal Data, please contact us at [email protected].

Deletion

Whether or not you provide Personal Data to Henro.org is completely your choice. You may request that we disclose to you or erase some of your Personal Data from our systems. If you elect to not provide information that is necessary for some features of the Service, you may be unable to access or utilize those features.

California Residents: Your Privacy Rights

The California Consumer Privacy Act of 2018 (“CCPA”) provides California residents with certain rights around Henro.org’s collection, use, and disclosure of categories of personal information as defined by the CCPA (“personal information”).

Collection, Disclosure, and Use of Personal Data

The CCPA sets forth obligations for businesses that “sell” personal information. The CCPA defines “sale” broadly to include not only providing data to third parties for payment but also transferring personal information to third parties in exchange for “other valuable consideration.”

Henro.org has not sold any personal information within the last 12 months and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. We do not offer financial incentives related to our collection, use, or disclosure of your personal information.

We collect certain categories of personal information in connection with your use of the Service, including information collected by your browser. This includes device identifiers, usage and network activity data, commercial information, and geolocation data. To the extent that this and other activities may be considered a “sales” under the CCPA, California Residents can opt out of Henro.org’s sale of their personal information by submitting a contact form or send your request by email to [email protected]. Once we receive your request, we will verify your identity by sending an email to the email address you provide to us. Your authorized agent may submit these requests on your behalf in the same manner. If you have questions about your rights or our use and disclosure of personal information under the CCPA, or to request access to an alternative format of this Privacy Policy, please reach out to us at [email protected].

Privacy Rights

Pursuant to the CCPA, California Residents may have the following rights, subject to applicable exceptions and extensions of the law:

  • To be provided with the categories and sources of personal information (interchangable with Personal Data for the purposes of this Privacy Policy)
  • Henro.org has collected about you and the business and commercial purposes for collecting your personal information;
  • To access and sometimes manage personal information collected by Henro.org about you;
  • To know by what means and what personal information Henro.org has collected about you;
  • To request that your personal information be deleted to the extent available under the law; and
  • To be free from discrimination in connection with the exercise of your rights under the CCPA.

Notice of Collection to California Residents

In compliance with the CCPA and related regulations, the categories of Personal Data we have collected in the last 12 months are described above in the “Information We Collect” section. The business and commercial purposes of our collection, use, and disclosure of your personal information in the last 12 months are set forth above in the “How We Use Personal Data” section. The sharing and disclosure of your personal information, compatible with the business and commercial purposes set forth in this Privacy Policy, is identified above in the “How We Share and Disclose Personal Data” section.

Nevada Residents: Your Privacy Rights

Nevada Senate Bill 220 (“SB 220”) requires website operators (“Operators”) to provide privacy notices describing Nevada consumers’ right to opt out from the sale of personal information and to impose verification requirements on Operators. Henro.org does not sell your personal information to third parties, as defined in Nevada law, and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. If you have questions about your rights or our use and disclosure of personal information under the Nevada law, please contact us at [email protected].

European Residents: Your Privacy Rights and International Data Transfers

This section describes our practices regarding the Personal Data we collect from and the legitimate interests of individuals in the European Economic Area (“EEA”) and other countries. For the purposes of this Privacy Policy, a “European Resident” is defined as a resident of a country in the EEA (which includes Iceland, Liechtenstein, Norway, and the United Kingdom, among others), or Switzerland. “Legitimate interests” is defined as our interests in conducting our business and maintaining a relationship with you.

Data Controller

If you are a European Resident, Henro.org is the “data controller” responsible for protecting and processing your Personal Data related to the Service.

Processing Your Personal Data

The legal basis we rely on for the collection and processing of your Personal Data is described in the above “How We Use Personal Data” section.

Your Privacy Rights

Pursuant to the European Union General Data Protection Regulation (“GDPR”), if you are a European Resident, you have the following rights in relation to your Personal Data, under certain circumstances:

  • Right of access: You have a right to access your data. Upon request, we will take necessary steps to verify your identity and confirm whether we process your Personal Data. When specified in your request, we will provide you with a copy of that Personal Data. Henro.org reserves a right to charge a reasonable fee when additional copies or other mediums of delivery are requested.
  • Right to rectification: If your Personal Data is incorrect or outdated, you have the right to request that we correct or update it. If your Personal Data is shared with third party services, we will take reasonable steps to notify them of the correction where possible. Upon request and where lawful and reasonably possible to do so, we will disclose to you the third parties we have shared your Personal Data so that you may contact them directly.
  • Right to erasure: You have the right to request to delete your Personal Data. If we have shared your Personal Data with third parties, we will notify them of your request to delete Personal Data where possible. Upon request and where lawful and reasonably possible to do so, we will disclose to you the third parties we have shared your Personal Data so that you may contact them directly.
  • Right to restrict processing: You have the right to request to restrict the processing of your Personal Data in certain circumstances. If we have shared your Personal Data with third parties, we will notify them of your request to restrict processing where possible. Upon request and where lawful and reasonably possible to do so, we will disclose to you the third parties we have shared your Personal Data so that you may contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to provide to us or that was provided to us as necessary in connection with our Service. We will provide to you your Personal Data in a structured, commonly used, and machine-readable format.
  • Right to object: You may request that we stop processing your Personal Data at any time, and we will do so:
    • If we are processing your Personal Data based on a legitimate interest, unless we demonstrate compelling legitimate grounds for the processing or your Personal Data is necessary to establish, exercise, or defend legal claims; and
    • If we are processing your Personal Data for marketing purposes. We may maintain minimum and necessary information about you in order to ensure your privacy preferences are respected in the future and to comply with privacy and data protection laws.
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we receive your notice to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the appropriate data protection authority. In the UK, that is the Information Commissioner’s Office (ICO), who can be contacted at https://ico.org.uk/concerns, and in other EU countries, the data protection authority of the country in which you are located.

International Data Transfers

Henro.org is headquartered in the United States and may use service providers in other countries. Your personal data may be transferred to and stored in the United States or other locations in connection with our service providers as necessary for the purposes described in this Privacy Policy. The United States may have data protection laws that are not as protective as the state, province, or country you reside.

Inviting Other Users to Use the Service

Our Service may allow you to invite your friends to sign up for the Service by sharing an invitation link via an SNS, email, social media platforms, or other means of communication. When you share this invitation link, the link and the landing page it directs to will include your name.

Do Not Track

Henro.org and other third party providers may use cookies, pixels, and other tracking technologies to collection information about your browser activities across different websites related to your use of the Service. Some browsers can be configured to send “Do Not Track (“DNT”) signals to online services that you visit. We currently do not respond to DNT or similar signals.

Children

Our Service is not intended for use by children under 13 years of age. Henro.org does not knowingly collect Personal Data from children under 13 years of age. If we learn that we have collected personal information from a child under 13 years of age, we will delete that information from our databases. Similarly, if you have reason to believe that Personal Data of a child under 13 years of age has been provided to Henro.org through the Service, please contact us and we will delete that information.

Other Websites and Services

Parts of the Service may link to other websites, products, or services not operated or controlled by Henro.org (“Third Party Sites”), such as Google Maps/Earth and OpenWeatherMap. Links to these services are not an endorsement of or representation that we are affiliated with any Third Party Site, nor an indication that we have reviewed these sites. The information that you share with Third Party Sites are governed by the privacy policies published by them, and not by this Privacy Policy. Please read the privacy policy of these Third Party Sites and contact them directly if you have any questions or comments.

Security

You access and use the Service at your own risk. While no organization can guarantee perfect security, we continuously monitor and update administrative, technical, and physical security measures to minimize risk and protect your information against unauthorized access, loss, misuse, destruction, or alteration. Please consider these risks when providing Personal Data to Henro.org. We recommend you take reasonable precautions to protect your personal information when you are on the internet, such as using a secure browser, changing your passwords frequently, and a combination of upper and lower-case letters, numbers, and symbols when creating passwords. When using the Service over a public internet network, please log out after each session. In addition, we make no guarantees and are not responsible for unauthorized circumvention of any privacy settings or security measures on the Service or other websites.

Changes to This Privacy Policy

Henro.org reserves the right to modify this Privacy Policy at any time in accordance with and as required by law. If we do so, we will post an updated version on this page unless another type of notice is required by applicable law. By continuing to access or use our Service, you are subject to any revised Privacy Policy as indicated by the posted date. Similarly, you consent to the revised Privacy Policy by providing us with Personal Data after the posted date. If you disagree with the revised Privacy Policy, you can cancel your Account any time by contacting us at [email protected].

Contact Information

If you have any questions or comments related to this Privacy Policy, please contact us at [email protected].