Privacy and Security Center
We want you to feel secure knowing how and where your information in Hail is to be collected and used.
Your privacy and security are important to us.
Learn all about how Hail secures your data with industry-leading architecture, hosting and practices. Plus, discover handy features for protecting and ensuring your content is spot-on and what you can do to keep yourself and your organisation safe. Hail takes all the stress out of publishing on the web.
Privacy Policy
Below you will find our formal privacy policy, which contains all the important details. We’ve done our best to make this as clear as possible for you, and not include legal terms, unless we need to.
If you are unclear about any part of this Privacy Policy, please contact privacy@hail.to.
Our Principles
Hail.IM Limited (Hail) is committed to protecting your privacy when using our Products and Services (‘User’). We recognise the importance of protecting the privacy of information collected about Users, in particular, information that is capable of identifying a User (Personal Information). Our approach to privacy is built around key principles. They’re at the heart of everything we do relating to data. Transparency: We take an approach of being open, honest and transparent in how we use data and personal information.
Security: We champion industry-leading approaches to securing the personal data entrusted to us.
Stewardship: We accept the responsibility that comes with processing data.
1. Privacy Policy — updated 9 October 2024
1.1 Hail.IM Limited (Hail, we and us) is committed to protecting the personal information of you as a user of our website or application program (Platform).
1.2 In this privacy policy we explain: (a) how and why we collect personal information; (b) how that information is stored; (c) how you can access and correct that information; and (d) when we might disclose personal information to other people.
1.3 This privacy policy does not limit or exclude any rights that you have or may have under the Privacy Act 2020 (Privacy Act).
2. Application of this Privacy Policy
2.1 This privacy policy applies whenever we collect personal information from you.
2.2 By accessing and/or using content and/or services offered by us (Services), you consent to the collection, use, disclosure, storage, and processing of personal information in accordance with this privacy policy.
3. Collection of Personal Information
3.1 We may collect the following personal information: (a) Your name, phone number, physical address, postal address, and email address. (b) Your username, password, and profile picture. (c) Metadata obtained through your use of our Platform, including your IP address, computer and connection information, referring web page, standard web log information, language settings, and timezone. (d) Your payment information, such as your credit or debit card details. (e) Any communication with us either directly, via phone or email. (f) Information about the device you use to access our Platform, including device identifier, device type, device plugins, and hardware capabilities. (g) Information obtained by or submitted to us from you through your use (or prospective use) of our Platform and the Services, including information and documents submitted by you, pages viewed, buttons clicked, viewing time, and keyword searches.
3.2 We may receive information about you through our Platform, applications, communication systems, or other communication.
3.3 We may also receive information about you from third parties, including in the following circumstances: (a) We may collect data from your accounts on other platforms that you give us permission to connect to. These platforms include, but are not limited to, Facebook, LinkedIn, and Google. You can stop us from collecting data from those other platforms by removing our access to the platform or by contacting us at support@hail.to; (b) Your payment provider may provide us with information about the payments you make; and (c) We may collect information from public sources.
3.4 If you choose not to provide information when we ask for it, then you may not be able to use the Services.
3.5 For account registration, we only require the following information from users:
– An email address, which must be valid and accessible to allow for account verification
– A first and last name, which can be any name of the user’s choice and do not need to be accurate, as they can be pseudonyms or de-identified.
We do not require users to provide complete and accurate personal details beyond what is necessary for functionality and verification purposes.
4. Use of Personal Information
4.1 We use the personal information we collect about you: (a) To verify your identity. (b) To communicate with you in relation to the Services. (c) To market our Services to you, including contacting you electronically (for example, by text, email or an online messaging platform). (d) To collect money that is owed by you. (e) To co-operate with any government, industry, legislative or regulatory authorities. (f) To protect and/or enforce our legal rights and interests, including defending any claim. (g) For any other purpose authorised by you and/or the Privacy Act.
4.2 We reserve our right to use data (on an anonymous basis) in relation to your use of the Services for marketing and accounting purposes.
4.3 You may request that we stop sending marketing or promotional messages at any time, by contacting us at support@hail.to.
5. Cookies
5.1 We use cookies (being an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) in order to monitor your use of our Platform.
5.2 You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of our Platform.
6. Third party platforms
6.1 Our Platform provides: (a) the Hail Assist function, which utilises third party platforms; and (b) links to third-party websites.
Hail Assist
6.2 You can elect to opt-in to, or opt-out of, the availability of the Hail Assist function on our Platform at any time.
6.3 Hail Assist, utilises third-party platforms (including, OpenAI or other forms of artificial intelligence) to generate written content. The current Hail Assist services used are: (a) Content creation uses OpenAi gpt-3.5-turbo; (b) Content Translation uses OpenAI gpt-3.5-turbo-instruct; (c) Any changes to the services used will be advised in this privacy policy.
6.4 Hail Assist maintains the privacy of personal information and no information is stored or used by OpenAi beyond the generation of content.
6.5 You acknowledge and agree that: (a) when using Hail Assist, you will be bound by the terms and conditions of the third-party platform utilised by Hail to provide the Hail Assist function; (b) content available through Hail Assist is generated by that third party platform, and Hail is not responsible for content generated by Hail Assist; and (c) Hail advises against the sharing of any personal, sensitive, or confidential information with the Hail Assist function.
Analytics
Hail uses Matomo(https://matomo.org) to collect statistical information. This provides Hail customers will accurate information on who is accessing their content. Data collected is anonymised and no personal indentifical information is shared. Data is stored in Amazon Web Services storage in the USA. The privacy policy of Matomo is adhered to at this link: https://matomo.org/privacy-policy
Data upload
Hail customers can choose to import contact information into Hail Mail, Hail uses FlatFile data importer, https://flatfile.com/. The service allows CSV data files containing a list of usernames (firstname and surname) and email addresses to be imported into Hail Mail. Only the email address is required to complete a data import. The privacy policy of Flatfile https://flatfile.com/privacy will be adhered to. No data is stored in Flatfile and data is kept in Hail.
Third Parties
6.6 We have no control over the organisations operating any third party platforms and websites, or their content.
6.7 Before you disclose your personal information to a third party we recommend you check its terms and conditions, including any privacy policy.
7. How we store and protect Personal Information
7.1 Our Platform provides a payment function which utilises Windcave, a Payment Card Industry Data Security Standard-compliant payment processor, to perform credit card transactions for the purpose of subscription billing.
7.2 Windcave will store your payment information in accordance with its terms and conditions, including its privacy policy, and will charge your credit card (following our instructions) to pay subscription invoices. We will store the following information so you can identify which credit card you have used: (a) the cardholder’s name; (b) the last two digits of the credit card; and (c) the expiry date of the credit card.
7.3 We will only instruct Windcave to charge your credit card for invoices issued in relation to a subscription to our Services
8. Payment
8.1 Our Platform provides a payment function which utilises Windcave, a Payment Card Industry Data Security Standard-compliant payment processor, to perform credit card transactions for the purpose of subscription billing.
8.2 Windcave will store your payment information in accordance with its terms and conditions, including its privacy policy, and will charge your credit card (following our instructions) to pay subscription invoices. We will store the following information so you can identify which credit card you have used: (a) the cardholder’s name; (b) the last two digits of the credit card; and (c) the expiry date of the credit card.
8.3 We will only instruct Windcave to charge your credit card for invoices issued in relation to a subscription to our Services.
9. Disclosure of Personal Information
9.1 Unless expressly authorised to do so by you or under this privacy policy, we will not disclose any of your personal information to any third party except where the disclosure relates to the purposes for which the information was collected (as stated in clause 4 above) or where it may be required by law to do so.
10. Storage of Personal Information
10.1 We will take all reasonable steps to ensure the personal information collected, used or disclosed in accordance with this privacy policy is stored in a secure environment protected from unauthorised access, modification or disclosure.
10.2 When you use our Platform or the Services, your personal information may be transferred to our related companies outside New Zealand (if applicable). We may also engage service providers for the purposes outlined in this policy that are located outside New Zealand, such as service providers that host or maintain any underlying IT system or data centre that we use to provide our Platform and the Services. We take all reasonable steps to ensure that your personal information held outside New Zealand is secure and held in compliance with this privacy policy. For example, when we engage service providers located outside New Zealand, we ensure that our contractual terms require the service providers to protect the information provided to them.
10.3 We will hold personal information collected in accordance with this privacy policy both before and after the provision of Services to you, but only for so long as we are legally entitled to do so, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. To determine the appropriate period of time to hold your personal information, we consider the amount, nature and sensitivity of your personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting and other requirements.
11. Accessing Personal Information
11.1 You have the right to access and correct personal information held by us by contacting us at privacy@hail.to.
11.2 In particular, you have the following rights in relation to your personal information: (a) To request access to your personal information. (b) To request a correction to your personal information. (c) To request the deletion or removal of your personal information. (d) To object to the processing of your personal information. (e) To request a restriction on the processing of your personal information. (f) To request a transfer or your personal information to you of a third party. (g) To withdraw consent to the use of your personal information.
11.3 In many cases, you may also update the information we hold about you, such as your contact details and password, by logging in and updating the information in your account.
12. Incident Management
12.1 In the event of a major business incident, Hail is committed to promptly and effectively responding to mitigate the impact on information systems, data, and overall business operations. A major business is defined as any unauthorized access, disclosure, disruption, modification, or destruction of information systems or data. Customers are to raise any incidents via support@hail.to.
12.2 Notification and Communication. Upon detection of a cyber incident, the designated Incident Response Team (IRT) at Hail will be activated to assess and respond to the threat. This will be led by the General Manager or a nominated representative.
12.3 Containment, Eradication and Communications. The IRT will take immediate steps to contain and mitigate the impact of the incident. A communication strategy will be implemented to manage both internal and external messaging during and after the incident.
12.4Legal and Regulatory Compliance. Hail will comply with all.
13. Amendments to this Policy
13.1 We reserve the right to make changes to this privacy policy by uploading an updated privacy policy on our Platform. You will be bound by the privacy policy that is in effect at the time you access and/or use the Services. Your continued use of the Services represents your agreement to be bound by the privacy policy as amended. If you do not agree with our amended privacy policy, you must stop using our Services.
14. Severability
14.1 If any part of this privacy policy is not enforceable for any reason, whether under the Privacy Act or any other applicable law, that part will be deleted and the rest of this privacy policy will continue to apply.
Systems Security
Hail is built with modern software to strict industry standards and runs on the most extensive, reliable, and secure global cloud infrastructure. Read on for details on how we keep Hail secure and get an overview of our privacy policies.
We’ll never sell your data
Hail is a monthly subscription-based service so we don’t rely on any advertising or data revenue. This means we’re completely self-sufficient and will never sell your data, contacts or content.
You own all the content you add and publish with the platform. Plus we make it completely seamless to add your brand to all published formats along with all author and photographer details to ensure transparency of ownership.
You have full control of your account
You control what personal information you give us and can request it to be removed from our servers at any time. To sign up, we only require a bare minimum of info, being an account name and email address.
Passwords are encrypted on our server so not even our engineers can access them. And you have the option to sign in with other secure platforms like Google, Facebook and Microsoft which provide the ability to revoke sign-ins remotely.
The most secure global cloud infrastructure
Hail runs on AWS, Amazon Web Services, recognised as the global leader in cloud computing and renowned for its security and compliance. You can read their security statements here.
Hail’s compliance with third parties
Hail integrates with key third-party platforms, such as Facebook, Instagram, Twitter, LinkedIn, WordPress, Wonde, Mailchimp, Hero, Kamar and others. In all cases, they have their own strict privacy policies that we must adhere to and stay compliant with.
Whenever the access the third party provides is more than Hail requires, we only sync the bare minimum in order to accurately publish to the integration.
Content Protection
Hail has been designed to keep your content secure and put you in control over where and how it’s shared. Hail uniquely allows you to remove information that has been posted online and ensure that you maintain the highest level of privacy.
Powerful centralised control of your content
All published content can be updated on the fly, at any time and on any device. Plus, if anything inaccurate is ever posted from Hail, you can take it offline with one button. By simply unpublishing an article or image it’ll be removed immediately from everywhere it was shared on the web, including your Hail newsletters and website. And any emails or social posts linking to the article will no longer open.
Protecting your content with Hail
Hail uses SSL certificates to ensure secure, encrypted transmission of information for websites and everything published on our platform.
Have sensitive content that you don’t want accessible by the whole world? With Hail, you can publish to a select group by protecting a publication with a password.
All your content in Hail is backed up daily and we run regular recovery drills to ensure data integrity.
Block search indexing for added privacy
Hail allows you to block your publications from being indexed by Google and other search engines. This means that you’re free to share updates and newsletters the same as always with your community, but don’t need to worry about Google reading and displaying your content and images in their search results.
Content licensing and privacy policies
Hail gives you complete control over how your content is licensed. We provide licenses from Fully Copyrighted to Public Domain and a complete range of Creative Commons licenses to choose from.
Hail’s Settings also allows you to add your own Privacy Policy which will be linked in the footer of everything you publish with Hail. This ensures your organisation is always completely transparent with how it gathers, uses and publishes its content.
Any Questions?
We’re here to help! Just get in touch with our famously friendly support team or check out our Help Centre at your leisure.
What can I do to keep myself and my organisation extra safe?
There are actually many little things you can do that will have a huge impact on security and privacy…
We’ll never sell your data
Be wary of any suspicious emails trying to get you to sign into your account. All emails from us are fully-branded, consistent in appearance and we’ll never ask for your account credentials.
Also, be careful with attachments, some may lead to installing viruses.
When signing into Hail, you should always be on the hail.to domain with the lock symbol signifying that it’s a secure, encrypted connection.
Use strong and unique passwords. Passwords should be at least 12 characters long using a combination of letters, numbers, cases, and symbols. And each website you sign into should have its own so that if it’s hacked and emails/passwords stolen, they can’t be used on other sites.
Make sure all your devices, like laptops, desktops, tablets and phones, are up‑to‑date with the latest version of the operating system, security updates and antivirus software if running Windows.
