Privacy Policy
Privacy Policy
Last revised: June 30, 2023.
Introduction
Hyper Island wants all of its online visitors to be confident that we process information about you in accordance with applicable privacy legislation. Our Privacy Policy describes how Hyper Island handles and protects your personal data in our capacity as a data controller. It also describes your rights and how to proceed in case you wish to exercise them. Customers who subscribe to Hyper Island services, such as students to our courses, are contractually obligated to comply with the agreement, terms and conditions. Please see our general terms and conditions for more information about our data processing when you apply to a Hyper Island course.
Hyper Island is committed to respecting your privacy and protecting your personal data – any information that may identify you as an individual person (such as name, address, pictures and IP address) and which is collected via our digital channels, such as our website, mobile apps and/or other future digital contact interfaces which links to this Privacy Policy.
It is important to us at Hyper Island that you feel safe in our processing of your personal data. Hyper Island would never knowingly sell or release your personal data to another party in other ways than as follows from this Privacy Policy and you are always welcome to contact Hyper Island if you have any questions.
You will find information about how to contact Hyper Island below.
We welcome you to visit all digital channels managed by Hyper Island and you do not need to provide any personal data to visit them. However, please be aware that if you do not provide some requested information, access to certain services or parts of our digital channels and certain social media channels may be restricted.
Personal data processing
What personal data does Hyper Island process about you and for what purposes?
1. Application to one of our programs or courses
Type of processing
- Identification;
- Correspondence regarding the application procedure;
- Handling of payment such as forward invoices (this may also include control of payment history and collection of credit information) and the use of third-party PCI-compliant service providers;
- Internal record keeping and audits.
Categories of personal data
Name, e-mail address, invoice address, phone number, resident country, credit card details, correspondence.
Legal ground
The legal ground for processing is the performance of the agreement with you. Data collection is required to fulfill our rights and obligations under the agreement with you (please see our Terms & Conditions). Should the requested information not be provided, Hyper Island may not be able to fulfill its obligations according to the agreement and may, therefore, deny your application.
Retention period
The retention period is 36 months following collection of the data.
2. Application to one of our programs
Type of processing
- Identification;
- Correspondence regarding the application procedure;
- Necessary program entry requirement control legally required and stipulated by Hyper Island;
- Internal record keeping and audits;
- Surveys, research and analysis exercises undertaken by governmental or other agencies.
Categories of personal data
Name, email, phone number, address, nationality, resident country, visa requirements (including copy of passport), gender, date of birth, certificate(s) to prove program-entry requirements, grades, photo, curriculum vitae, publicly available information from social media and other online sources.
Legal ground
The legal ground for processing is the performance of the agreement with you. Data collection is required to fulfill our rights and obligations under the agreement with you (please see our Terms & Conditions). Should the requested information not be provided, Hyper Island may not be able to fulfill its obligations according to the agreement and may, therefore, deny your application.
Retention period
The retention period last until you have been accepted/declined entry to the course and as necessary to comply with any such legal obligation to which Hyper Island is subject.
3. Compliance with legal obligations
Type of processing
Necessary administration for the fulfillment of the company’s legal obligations (e.g. laws and regulations related to bookkeeping, tax payments, school regulations, Statistics Sweden, Swedish Board of Student Finance).
Categories of personal data
Name, email, personal identification number, address, phone number.
Legal ground
The legal ground for processing is compliance with legal obligations to which Hyper Island is subject. The processing is necessary to fulfill our legal obligations. In case data is not provided Hyper Island may not approve your application.
Retention period
The retention period as legally required (e.g. 7 years under the Swedish Bookkeeping Act, 10 years under the UK Companies Act, 2 years following graduation from course/program under applicable school laws,).
4. Customer and student service
Type of processing
- Questions regarding grades, courses, programs etc. via phone or digital channels (incl. social media);
- Identification;
- Claims and support (incl. technical support);
- Download of syllabus.
Categories of personal data
Name, contact info (phone number, email, address), personal identification number, your correspondence, info about your purchase and potential error/complaints.
Legal ground
The legal ground for processing this data is legitimate interest. The processing is necessary to administer yours and our need to process customer/student service matters. The secondary reason is consent where you have provided your consent to receive a requested syllabus and product related information.
Retention period
The retention period is 36 months following collection of the data or the consent is revoked.
5. Administration of invitations to events and newsletters
Type of processing
- Identification;
- Correspondence, surveys and evaluation regarding the event such as confirmation of registration, requests and evaluations.
Categories of personal data
Name, contact info (phone number, email, address), personal identification number, information from evaluations and other personal preferences.
Legal ground
The legal ground for processing this data is legitimate interest. The processing is necessary to adhere to our and our customers’ legitimate interest to evaluate, develop and improve our services and systems. The secondary reason is consent where you have provided your consent to receive our invitations and newsletters.
Retention period
The retention period is 36 months following collection of the data or consent is revoked
6. Direct marketing
Type of processing
Direct marketing by Hyper Island or through our external partners.
Categories of personal data
Name, email, phone number, address, navigational information such as information about your computer and your visits to this website including your IP address, geographical location, browser type, referral source, length of visit and pages viewed, correspondence and feedback regarding our services.
Legal ground
The legal ground for processing this data is legitimate interest. The processing is necessary to adhere to our and our customers’ legitimate interest to evaluate, develop and improve our services and systems.
Retention period
The retention period lasts for 36 months following the end of the course/program or consent is revoked
7. Evaluate, develop and improve our services and systems for our customers in general
Type of processing
- Improve visitors’ browsing experience by personalizing the website and improve our services;
- Administration of our website and our relationship with you including to provide services to you which you may request from Hyper Island and/or to provide and monitor our services to you;
- Conducting optional online surveys (e.g. to receive feedback regarding the quality of our service);
- Establish material for improvement of our services such as courses and programs;
- Provide our customers the possibility to improve our services;
- Development of material to improve our IT systems with the purpose of raising the security for the company and our visitors.
- Production of aggregate statistics and management control in joint controllership with Hyper Island’s parent company “Talent Garden S.p.A.”, Piazza Città di Lombardia no. 1, 20124 Milan (Italy), VAT no. IT03340710981, (hereinafter, also, “TAG”). TAG can be contacted at the following e-mail address: privacy@talentgarden.com. TAG’s DPO can be contacted at the following e-mail address: dpo@talentgarden.com. With sole regard to this processing activity, the present policy is jointly provided by TAG and Hyper Island pursuant to articles 13-14 GDPR. By contacting either joint data controller, you have the right to view the essence of the joint controller arrangement.
Based on the data we collect (purchase history, age, gender) Hyper Island may carry out analysis that may include you being sorted into a customer segment. The analysis is however never carried out on an individual level. The result from the analysis is used for improving out services and developing our webpage.
Categories of personal data
Age, residence, correspondence/feedback, purchase and user generating data (incl. click and visit history), technical data such as browser type, domain names, internet service provider (ISP) etc.), info about your interaction with Hyper Island (log data, how long different pages have been reviewed, answering times, download errors, how you reach and leave the service etc.)
Navigation information about your computer and your visits to this website including your IP address, geographical location, browser type, referral source, length of visit and pages viewed.
Correspondence and feedback regarding our services.
Legal ground
The legal ground for processing this data is legitimate interest. The processing is necessary to adhere to our and our customers’ legitimate interest to evaluate, develop and improve our services and systems.
Retention period
The retention period is 36 months following collection of the data.
8. Prevent misuse of a service or prevention and investigation of a criminal offence against Hyper Island
Type of processing
- Prevent spam, phishing, harassment, incorrect logins to user accounts or similar activities;
- Development and improvement of our IT systems with the purpose of raising the security for the company and our visitors.
Categories of personal data
Age, residence, correspondence/feedback, purchase and user generating data (incl. click and visit history), technical data (incl. IP number, web installments, operating system, screen resolutions, platform), info about your interaction with Hyper Island (log data, how long different pages have been reviewed, answering times, download errors, how you reach and leave the service etc.)
Navigational Information such as information about your computer and your visits to this website including your IP address, geographical location, browser type, referral source, length of visit and pages viewed.
Correspondence and feedback regarding our services.
Legal ground
The legal ground for processing is the legal obligation to which Hyper Island is subject or Legitimate Interest. Where no legal obligation exists, the processing is necessary to adhere to our legitimate interest of preventing misuse of a service or to prevent and investigate criminal offenses against Hyper Island.
Retention period
The retention period lasts for 36 months following collection of the data.
Sensitive personal data and personal identification numbers
Sensitive personal data includes any information that reveals your race or ethnicity, political views, religious or philosophical beliefs, membership in a trade union, as well as personal data regarding your health or private life.
Hyper Island may process the following sensitive personal data when carrying out our services: Personal identification number, copy of passport, emergency contact details, as stated above. Sensitive personal data may be collected from you if you purchase our services or choose to attend our courses, programs and/or events (or other sessions or events organized by Hyper Island or on our behalf). You may in such case choose to submit your sensitive personal data to Hyper Island about, for example, your special learning needs or dietary requirements.
Personal identification numbers are only processed when needed to ensure your identification or if strictly needed. Hyper Island limits the use of personal identification numbers.
Hyper Island has additional measures in place to protect sensitive personal data, personal identification numbers, and confidentiality. Hyper Island will use your sensitive personal data to deliver our services to you, meet your requirements, or deal with any requests made by you. Personal data and other sensitive information, such as credit card numbers and/or location data, collected on our website and/or transmitted to other websites is protected through the use of encryption such as the Secure Socket Layer (SSL) protocol.
Hyper Island will only disclose your sensitive personal data to the third parties as referred to in this Privacy Policy or where Hyper Island considers it absolutely necessary – such as to establish appropriate security or confidentiality obligations.
Sources of information
Generally speaking, Hyper Island only processes data you have provided or that Hyper Island registers based on your purchases and the use of our services. In certain cases, Hyper Island may supplement this data with information from third parties for the purpose of evaluating and improving our digital channels and services.
The information that Hyper Island collect from third parties is as follows:
- Address information from public registries to ensure we have the right address;
- Information from social media for marketing or anti-fraud purposes.
Information to other parties
Data processors
Other than as provided in this Privacy Policy, Hyper Island will not knowingly share personal data you provide with any third party. In cases where it is necessary for Hyper Island to carry out our services, we may retain external suppliers (processors) for services in connection to our digital channels or the services. These suppliers may process personal data and sometimes require limited access to personal data collected via our digital channels or services. Hyper Island uses the following types of suppliers:
- Payment solutions (banks, other payment service providers);
- Marketing (social media, media agencies, advertising services, CRM providers);
- IT (companies that handle necessary operations, technical support and maintenance of our IT solutions, such as Google);
- Events, statistics and surveys (companies that handle evaluations, statistics and surveys of our services).
Hyper Island endeavors to limit third-party access and only share information that is necessary to enable suppliers to carry out their work. Hyper Island always checks that our suppliers can meet our high standards and provide sufficient safeguards and require them to protect your personal data in accordance with this Privacy Policy and refrain from using or disclosing your personal data for any purpose other than providing Hyper Island with the agreed product or services.
Other data controllers
Hyper Island may also share your personal data with companies that are independent data controllers:
- Government agencies (Swedish National Agency for Higher Vocational Education, the Swedish Board of Student Finance, the Legal, Financial and Administrative Services Agency, Statistic Sweden, Teesside University, YH, tax authorities, or other authorities) if Hyper Island is required to do so by law;
- Companies offering payment solutions and student benefits (banks and other payment service providers).
When personal data is shared with an independent data controller, this Privacy Policy is no longer applicable.
Transfers to third countries
Hyper Island strives at all times to keep personal data within the European Economic Area (EEA) but engage suppliers located outside of the EEA such as Google and Hubspot.
During support and maintenance, Hyper Island may have to transfer the information outside of EEA, also when Hyper Island shares data with our group companies in order to carry out our services.
Any such data will always be kept to a minimum relevant for the purpose. No matter where your personal data is transferred Hyper Island always take appropriate technical and organizational measures to ensure that the security level is the same as in the EEA and at an adequate security level, for example by using the EU Commission’s Standard Clauses.
Amendments to the privacy policy
Hyper Island reserves the right to change this Privacy Policy. Changes to the terms of the policy will be notified on hyperisland.com, one month before the change of terms enters into force. The current terms and conditions are available at https://www.hyperisland.com/privacy-policy
You should not supply Hyper Island with any personal data if you do not accept changes which are made to this Privacy Policy.
Deletion of data
Personal data will not be stored for longer than is necessary in light of the purposes of the processing and, in general, Hyper Island will delete personal data in the manner which follows from applicable legislation and in accordance with our Retention Policy. Where information is known to be unreliable, irrelevant or excessive, it will be securely deleted or access will be removed, as soon as is reasonably possible.
Your rights
You are entitled once each year and free of charge to request information regarding the personal data, if any, about you which Hyper Island processes and to have any erroneous information corrected. Please note that Hyper Island may request additional details about you in order to ensure secure and effective handling of your request and to ensure that the information is provided to the correct person.
Should you have reason to believe that any personal data that Hyper Island holds about you is inaccurate, please let us know and we will update the information.
You may request us to delete personal data we hold about you. For example, if the information is no longer necessary to fulfill the purpose they were collected for, they are processed in an illegal way, or you opt out from direct marketing. Please note that, when legally required, Hyper Island could decline your request, for example if the data is needed for tax or bookkeeping purposes, or are necessary to defend legal claims.
You also have the right to request limitations of the processing of your personal data. In such cases, Hyper Island may need to investigate the situation further prior to reaching a decision. Please be aware that you always have a right to opt out from direct marketing activities and request limitation of processing based on legitimate interest – including potential profiling for direct marketing purposes.
When you provide Hyper Island with your consent, or the processing is based on fulfillment of an agreement with you, you have, during certain circumstances a right to have your data transferred to another data controller. This requires that the transfer is technically possible and may be carried out automatically.
If you would like to know how Hyper Island processes personal data, send a written and signed request to Hyper Island. You will find our contact information below.
Links
Our digital channels may include links to websites which are provided by other group companies or companies which do not belong to the Hyper Island group. This Privacy Policy shall not apply to such websites. You should therefore review the privacy policy of any such website before you provide personal data.
Security
Hyper Island takes all appropriate technical and organizational security measures which are necessary to the safeguard personal data against unauthorized access, modification, or destruction. However, providing personal data over digital channels always entails a risk since it is not possible to completely protect technical systems from unauthorized access.
Information about children
The Hyper Island website is not intended for, or targeted at, children under the age of 13 years old and Hyper Island never knowingly or intentionally collects information about children under this age. If you believe that Hyper Island has collected information about a child, please contact us at: privacyofficer@hyperisland.com to request deletion of the information.
Social media and external websites
The Hyper Island website includes social media features, such as a Facebook ‘Like’ button and also widgets, such as the ‘Share this’ button, or interactive mini-programs that run on our website. These features may collect your IP address, which pages you visit on our website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by third parties or directly on our website. This Privacy Policy does not apply to these features. Your interactions with these features are governed by their privacy policies and other routines of the companies providing them.
Our website may provide hyperlinks to other websites. Hyper Island does not control, and is not responsible for, the content or practices of other websites.
Contact information
If you have any questions regarding our Privacy Policy or any other question regarding our processing, please contact us:
Hyper Island Capital AB (Reg. no. 556691-6739)
Virkesvägen 2
12030 Hammarby Sjöstad
Stockholm
privacyofficer@hyperisland.com
In case your personal data is not being processed in accordance with this Privacy Policy or with the General Data Protection Regulation (EU) 2016/679, you have the right to file a complaint with Integritetsskyddsmyndigheten (former Datainspektionen) in Sweden, Information Commissioner’s Office (ICO) in the UK or any other European Supervisory Authority.
Cookies & technologies
Cookies are a small text file consisting of letters and numbers sent from our web server and stored on your browser or device.
They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The cookies Hyper Island uses usually improve the services Hyper Island offers you. Some of the Hyper Island services need cookies to work properly, while others improve the services for you. Hyper Island uses cookies for overall analytical information regarding your use of Hyper Island services. Hyper Island uses cookies to save functional settings such as language and other tasks. Hyper Island also uses cookies that allow Hyper Island to target relevant marketing to you. Cookies allow Hyper Island to understand who has seen which pages, and to determine the most popular areas of our website.
Hyper Island uses cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole.
Hyper Island uses different cookies:
- Session cookies are temporary cookies that end when you close your browser or device;
- Permanent cookies remain on your computer until you delete them or they expire;
- Prebook cookies are set by the site you visit;
- Third-party cookies are set by another site. At Hyper Island, these are primarily used for analysis (such as Google Analytics);
- Similar techniques store information in your browser or device in a manner similar to cookies.
Use of Google Analytics
As part of Hyper Island’s marketing, Hyper Island analyzes information about the use of hyperisland.com and activity on Hyper Island’s pages on social media. For example, using Google Analytics, we will analyze behavior for creating more relevant ads and offers, as well as for developing Hyper Island’s products and services. In addition, Google Analytics helps to evaluate the use of hyperisland.com for services related to website activities and internet usage.
How to control cookies
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Hyper Island subscription service or websites you visit.
Your browser or device enables you to change the settings for usage and extent of cookies. Go to the settings of your browser or device to learn more how to adjust cookies settings. For example you may block all cookies, only accept first-party cookies or delete cookies when you close your browser. Please note that some of our services may not be working if blocking or reading cookies. You can read more about cookies on the Swedish Post and Telecom Authority website, www.pts.se (https://e-tjanster.pts.se/internet/kakor/).
You can opt out of interest based advertisements by visiting www.networkadvertising.org and www.youronlinechoices.com
Clear gifs (web beacons/web bugs)
Hyper Island uses software called clear gifs (also known as web beacons or web bugs), that helps us better manage the website and subscription service by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, used to track the online movements of online users. Unlike cookies which are stored on users’ computer hard drives, clear gifs are embedded invisibly on web pages or in emails and are about the size of the period at the end of this sentence. Hyper Island uses clear gifs in our HTML-based emails to let Hyper Island know which emails have been opened by recipients. This allows Hyper Island to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. Hyper Island ties the information gathered by clear gifs in emails to our customers’ personal data. If you would like to opt-out of these emails, please see the section ‘Opting Out and Unsubscribing.’
Advertising
Hyper Island partners with a third party advertising network to either display advertising on our website or to manage our advertising on other websites. Our advertising network partner uses cookies and clear gifs to collect non-personal information about your activities on this and other websites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by clicking here: http://preferences.truste.com/ or, if located in the European Union, by clicking here: http://www.youronlinechoices.eu/. Please note this act does not opt you out of being served advertising. You will continue to receive generic ads.
The use of cookies and web beacons by any tracking utility company is not covered by our Privacy Policy. Hyper Island does not have access to or control over third-party tracking technologies.