Storyteller Energy

The Communal Currency of Humanity

[
[
[

]
]
]

Quick exit

Privacy Policy

Last Updated: January 01, 2023

Introduction

This Privacy Statement explains how the Hive Social Garden collects and uses Personal Data and describes the rights you have with respect to your Personal Data. In this Statement, “Garden,” “we” or “us” refers to the Hive Social Garden and its affiliated entities. 

The Garden processes Personal Data for a variety of purposes. We collect Personal Data directly from you, such as when you submit a form or contact information on our website asking for information or when you register for a Garden sponsored event. We also automatically collect Personal Data when you engage with our websites. Alternatively, we process your Personal Data in the context of providing professional services to our clients, such as conducting security assessments, digital footprint assessments, and data analytics on client entrusted data. Finally, we obtain your Personal Data through publicly available sources, such as government records and online resources, as well as through vendors.

This Privacy Statement covers the described methods in which the Garden collects Personal Data.

Scope

“Personal Data” is any data that can be used to identify an individual, either alone or when combined with other information that is linked or linkable to a specific individual. Personal Data can directly identify an individual, such as a name, email address, or identification number. Personal Data can also indirectly identify an individual, such as when combined data elements specify a unique individual, such as race, gender, and job role within a work environment. Another example is when data elements specify the physical, behavioral, mental, genetic, economic, cultural, or social identity or activities of a unique individual.

“Sensitive Personal Data” includes the following special categories of personal data:

  • Government identification card or number
  • Financial account numbers and access codes
  • Precise geolocation
  • Biometric or genetic data when used to identify an individual
  • Medical information
  • Criminal records
  • Racial or ethnic origin
  • Religious or philosophical beliefs
  • Union membership
  • Sex life or sexual orientation
  • Content of communications if obtained by someone who is not the intended recipient

Your Rights in Relation to the Personal Data We Collect and Process

You have the following rights related to your Personal Data that the Garden collects and processes:

  • Right to request access to your Personal Data maintained by the Garden 
  • Right to request amendment or correction of your Personal Data
  • Right to request deletion of your Personal Data 
  • Right to request data portability or the right to receive a copy of your Personal Data in a structured, commonly used and machine-readable format to transfer to another company
  • Right to opt-out of marketing communications at any time
  • Right to request restriction or to object to the processing of your Personal Data 
  • Right to withdraw consent, if you have voluntarily provided, or have consented to provide your Personal Data
  • Right to complain to a data protection authority 

If you want to assert any of the above rights, you may contact us at thecarelles@thehivesocial.garden. We will respond to your request consistent with applicable law. See Related Privacy Policies for more details on your rights and how to exercise your rights.

In your request, please include the following:

  • The nature of the request (the type of right you are asserting)
  • What Personal Data you seek to access, amend, delete, restrict, transmit to another company, or withdraw consent to process

For your protection, we may only respond to requests with respect to the Personal Data associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and within the requirements of any applicable law.

Please note that we may need to retain certain information for recordkeeping purposes, to comply with legal obligations, and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records or in backups which will not be removed until the retention period ends.

Minors

The Garden does work with minors and takes steps with extreme caution to ensure the safety and well-being of those entrusted in our care. We believe in complete transparency on the state of the world and do not censor information in any of its forms; however, we believe that the parent-child relationship is at its core a mentorship that requires trust and honesty. Every minor is required to have a parental consent form on file to participate in any Garden event and the use of any Garden services. Both the guardian and the minor will provide informed consent to collect, process, disclose, or share the Personal Data of minors from this Site. If you are a parent or guardian and believe that your minor has provided Personal Data without providing the proper documentation, please notify us, and we will delete Personal Data.

Purpose Specification and Use Limitation

The Garden limits the collection, use, retention, and disclosure of Personal Data to what is reasonably necessary and proportionate to achieve the purposes for which the Personal Data was collected or processed. The Garden also limits secondary use or disclosure to that which is compatible with the original purpose of the Personal Data collection, or we will get consent to process the Personal Data, unless the processing is permitted or required by law. We will never sell your Personal Data and take additional steps to protect the loss, theft, or improper use of your Personal Data.

Personal Data We Collect from Individuals who visit theHiveSocial.Garden

  • Information that individuals provide
  • Information that is collected automatically through interacting with the site (Every click is an interaction)

Purposes for Which the Garden Processes the Personal Data of Visitors to the Website

The Garden’s legitimate interest in:

  • Promoting Garden services and brands
  • Attracting, identifying, and sourcing talent
  • Improving website experience and optimizing services

Personal Data We Collect from Individuals who engage on social media sites, plug-ins, and tools

Social Media Sites

The Garden uses various social media platforms, such as Instagram or LinkedIn, for recruitment or marketing purposes. We use social media to provide easy access to relevant information about opportunities and events and to promote our services and brand. 

The Garden is responsible for the content it publishes using social media platforms, but does not have control over the social media platforms and the way they are administered. When using these social media platforms, you must adhere to the terms of use and privacy policies imposed by the platform providers.  If you would like to access this data or invoke your rights to the data, such as the right to correct or object to the processing of the data, you should contact the social media platform provider. 

Some social media platforms provide the Garden with data relevant to your pages that is aggregated or combined with similar data from other visitors to our social media sites, such as the number of “likes” triggered by our content or the amounts of posts, visitors to the sites, and information downloaded or links clicked.

Social Media Plug-Ins

We use some social media plug-ins on our site that allow you to share information with your social network, view content, and provide you with relevant information. When you interact with these features your internet browser will directly connect you to the relevant social network server to complete the action. The social media provider will know that the page with the plug-in on our site has been visited. 

The Garden or our service providers may also provide the social media provider with advertisements or marketing materials that they can deliver to individuals who viewed related content on our websites. The social media sites may also use the Personal Data collected in ways consistent with that provider’s notices and terms of use. 

We have no control over the data collected by the social media providers through the use of the buttons. The Garden does not know the type of data collected or how it is used. 

Purposes for Which the Garden Processes Personal Data We Collect from Individuals who engage on social media sites, plug-ins, and tools

Garden’s legitimate interest in:

  • Garden’s legitimate interest in:
  • Promoting Garden services and brands
  • Attracting, identifying, and sourcing talent
  • Improving website experience and optimizing services

Personal Data We Collect from Individuals who engage Garden through email correspondence

If you send emails to the Garden, your emails will be scanned by these tools to maintain the Garden’s IT infrastructure security, which means that the Garden personnel other than the intended recipient may read your email content and have access to any personal data disclosed.

Purposes for Which the Garden Processes Personal Data We Collect from Individuals who engage Garden through email correspondence

Garden uses tools to protect the security of our information technology (IT) assets, including our email transmissions.

Examples include:

  • Systems that scan incoming emails for suspicious attachments and universal resource locators (URLs) to prevent malware attacks
  • End-point threat detection tools to detect malicious attacks
  • Tools that block certain content or websites.

Garden’s legitimate interest in:

  • Protecting our IT infrastructure against unauthorized attacks and data leakage by analyzing email traffic
  • Maintaining telecommunications within the company

Personal Data We Collect from Individual contacts in the Garden’s Customer Relationship Management (CRM) systems

We process Personal Data about client contacts, industry partners, and Garden alumni in our CRM system. This system supports Garden business development and, to some extent, marketing efforts. In our CRM systems, we process the following categories of personal data:

  • Name, email address, phone
  • Name of employer or organization the individual is associated with
  • Marketing opt-in or opt-out information if the individual has been identified in Garden’s marketing list of contacts

Legal Basis for Processing Personal Data

  • Explicit Informed Consent of the business contact
  • Garden’s legitimate interests in
    • Managing the relationships with our business contacts 
    • Providing information about Garden and our services and events

Personal Data We Collect from Individuals for Recruitment

We collect information from and about individuals in connection with employment opportunities at Garden. In general, the data we collect includes resumes or CVs, identification documents, academic records, work history, and employment information. 

We use your information to determine qualifications based on education, experience, and skills for available positions at the Garden. The information is shared with recruiters, hiring managers, and other persons involved in the recruitment process. The Garden may collect further information if you are invited for an interview.

We also collect Sensitive Personal Data from candidates during recruitment and onboarding when employment law obligates us or when candidates consent and voluntarily provide the information, as permitted by applicable law.  This information assists the Garden in providing a diverse working environment and in providing benefits. For example, the Garden may request race or disability information for analyzing the diversity of our workforce or providing reasonable accommodations. In some cases, the Garden is required by law to provide diversity information and may need to make an assessment without the help of the candidate or employee.

In addition, we collect Sensitive Personal Data related to criminal background checks on all volunteers and prospective candidates after they receive an offer.

Depending on the country in which you apply, the Garden collects Personal Data about candidates from the following sources:

  • From you directly – for example through the application you submit
  • From third parties, such as placement firms, recruiters, or job-search websites – for example, when they contact us with your information as a potential candidate
  • From referrals – for example friends at Garden
  • From publicly available sources online – for example, your professional profile posted on LinkedIn or on another website
  • From education institutions – for example the universities listed on your resume
  • From background screening either by Garden or a Garden service provider

Legal Basis for Processing Personal Data

  • Explicit Informed Consent of the candidate
  • Garden’s legitimate interest in
    • Sourcing talent
    • Processing applications for Garden positions or roles
    • Hiring and onboarding of candidates 
    • Carrying out pre-employment background screening
    • Complying with legal or regulatory requirements 
    • Protecting the security of Garden personnel, buildings, and assets, such as by carrying out background checks

Personal Data We Collect from Individuals who attend Garden events

As described above, Garden processes event registration through Garden websites and social media applications. As part of the event management, we also process the following Personal Data:

  • Name
  • Email address
  • Title
  • Country
  • Any other information you choose to provide in a comment

We do not intend to collect Sensitive Personal Data, unless you provide it to us. We encourage you not to provide Sensitive Personal Data in free text boxes or communications, but if you do, you acknowledge that you consent to the collection and processing of the Sensitive Personal Data. 

If you submit any Personal Data relating to other people to us or to our service providers in connection with this Site, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy. 

In registering for an event, you may choose to receive marketing communications from Garden. If you elect to opt-out of receiving Garden publications or marketing communications, your basic contact details will remain on our opt-out list.

Legal Basis for Processing Personal Data

  • Explicit Informed Consent of Participant 
  • Garden’s legitimate interest in:
    • Organizing and managing events
    • Protecting Garden people, facilities, and assets
    • Providing and marketing information about Garden 

Photographs and video recordings at Garden events

The Garden may take photographs or video recordings at Garden sponsored or co-sponsored events. Participants will be asked to sign a consent for the use of their photographs during registration or at the event. Garden will only use the photographs of participants who have signed consents permitting the use of their images for commercial purposes or marketing. 

For some events, Garden may not be able to obtain explicit written consent for photographs and video recordings taken at the event. Instead, Garden will post signage providing notice of the photographs and recordings. Garden will only use these photographs and video recordings internally, unless you have provided a prior written consent to use the photographs and video recordings for marketing or commercial purposes. If you would like to withdraw your consent, you can contact the Garden by emailing thecarelles@thehivesocial.garden

Legal Basis for Processing Personal Data

  • Explicit Informed Consent of Participant 
  • Garden’s legitimate interest in taking photographs and video recordings for non-commercial purposes 

Individuals whose personal data we process in providing services to clients

In providing services to government, law enforcement, and industry clients, the Garden processes the Personal Data of individuals with whom we do not have a direct relationship (contractual or otherwise). For example, our government or commercial clients may contract with us to perform data analytics, cybersecurity assessments, or any other numerous services. In doing this work, we may have access to the Personal Data collected and maintained by our clients. In some client engagements, Garden collects Personal Data of individuals on behalf of the clients. For example, Garden may conduct a research project on behalf of the client where Garden employees interact directly with individuals and collect their Personal Data. When Garden collects Personal Data directly from the individuals, Garden will ensure that the collection is done lawfully with either the required notice and consent of the individual or with the required legal authority acting on behalf of the client.

Guest Bees

When a client engages the Garden for services or products, they receive the designation of “Guest Bee.” The Garden collects and processes Personal Data for legitimate business purposes in connection with those services. The Garden may process Personal Data voluntarily provided by our clients or third parties at the request of Guest Bees.

This Personal Data includes:

  • Name
  • Contact Information, including work address, email address, and telephone number
  • Company where you work and your role at the company
  • Financial information 
  • Any other information provided to us for purposes of providing services

Legal Basis for Processing Personal Data

  • Explicit Informed Consent
  • Garden’s legitimate interest in:
    • Providing services to clients
    • Administering the contractual and project relationship
    • Complying with accounting and tax requirements
    • Marketing and business development
    • Complying with legal and regulatory requirements
    • Establishing, exercising, or defending our legal rights
    • Protecting Garden people, facilities, and assets
    • Archiving and analyzing statistical data 

Guard Bees (Government & Law Enforcement Clients)

When a Government or Law Enforcement client engages the Garden for services or products, they receive the designation of “Guard Bee.” The Garden reserves the right to contract with government and law enforcement agencies, offices, and programs. In providing services to the government or law enforcement, the Garden must comply with various privacy and security laws, regulations, guidance, and policies that apply to the Personal Data of these agencies. Similarly, if the Garden conducts a clinical research project, the Garden may need to comply with the consent requirements under the Federal Protection of Human Subjects and the Health Insurance Portability and Accountability Act.

The Garden has several internal controls to ensure that, in collecting and processing the Personal Data of Government & Law Enforcement Clients, the Garden complies with the privacy and security requirements applicable to the Personal Data and the Garden’s services.

Queen Bees (Industry Clients)

When an industry client engages the Garden for services or products, they receive the designation of “Queen Bee.” In providing services to industry clients, the Garden gets legal assurances from our clients that as controllers of the Personal Data they have the legal authority to provide the Personal Data to us for the purpose of providing the services and that the Personal Data that they provide to us has been collected in accordance with applicable law. The Garden contractually agrees to process the Personal Data in accordance with applicable laws and to accommodate the rights of the individuals whose Personal Data we process.

Since the Garden provides a diversity of services for government, law enforcement, and industry clients, the Garden processes several types of Personal Data related to those services, including, but not limited to:

  • Name
  • Basic demographic data, such as date of birth, age, marital status, country of residence or citizenship
  • Contact data, such as phone numbers, postal addresses, and email addresses
  • Employment data, such as employer name, role or rank, experience, and performance
  • Health data, such as medical diagnosis, treatment, and insurance information
  • Financial data, such as account numbers, salary, benefits, and tax information
  • Biometric data, such as facial images and voiceprints
  • Protected class data, such as religion, race, ethnicity, sexual orientation, gender
  • Membership in union or other associations
  • The Personal Data and Sensitive Personal Data Garden collects, receives, uses, or discloses will be processed only as necessary to provide the services to our client.

Legal Basis for Processing Personal Data

  • Explicit Informed Consent, as required by applicable law, when Garden collects the Personal Data from individuals 
  • As authorized by law
  • Garden’s legitimate interest in:
    • Providing services to our clients
    • Complying with contractual legal obligations 

Individuals whose personal data we process in developing commercial products or conducting research

The Garden collects, receives, and processes Personal Data of individuals to develop and improve commercial products and services. 

The Garden also obtains data sets for the purposes of conducting research. In some cases, the Garden obtains and processes de-identified or anonymized Personal Data, which means that the data cannot be tied to an individual. In other cases, the Garden may obtain or process a limited data set, where the data set only has indirect identifiers, or a pseudonymized data set, where the data set is de-identified, but may be re-identified. 

The types of Personal Data that Garden may obtain include, but are not limited to:

  • Mobile device identifiers
  • Photographs
  • Audio recordings
  • Health data 
  • Videos

Legal Basis for Processing Personal Data

  • Explicit consent, as required by applicable law, when Garden collects the Personal Data from individuals 
  • As authorized by law
  • Garden’s legitimate interest in:
    • Conducting research
    • Growing Garden’s business
    • Enhancing Garden’s services to his client

Visitors to the Garden locations

We collect and process the Personal Data of visitors to the Garden facilities to control access to our facilities and information assets and to protect our people, facilities, and assets. We collect and process the following types of Personal Data:

  • Visitor records and access badges
  • Wi-Fi and Garden information assets

Legal Basis for Processing Personal Data

The Garden’s legitimate interests in:

  • Protecting personnel, facilities, and assets
  • Complying with laws and regulations related to individuals on a restricted list for conducting business

Individuals who pose a potential threat or risk to the Garden

The Garden collects and processes the Personal Data of individuals who present a potential security threat to the Garden people, facilities, assets, business, and reputation. The Garden only collects and processes the Personal Data as needed to assess and mitigate the threat. 

Legal Basis for Processing Personal Data

Garden’s legitimate interests in:

  • Protecting personnel, facilities, businesses, and assets
  • Preventing and detecting crimes
  • Establishing, exercising, and defending legal claim

Suppliers

The Garden collects and processes Personal Data about suppliers, including vendors, subcontractors, and individuals associated with them. We process the Personal Data to manage our contractual relationships and to enable services from our suppliers. 

The Personal Data we collect and process generally includes:

  • Name
  • Employer name
  • Contact information (phone and email address)
  • Communications related to providing the services
  • Financial information related to payment of services

Garden also collects Personal Data to check for conflict of interest and to conduct background checks required by law or regulations, such as laws related to fraud and corruption and international trade compliance regulations. Garden may also collect Personal Data in doing due diligence prior to engaging a supplier.

Legal Basis for Processing Personal Data

  • Performance of a contract
  • Garden’s legitimate interests in:
    • Complying with legal or regulatory obligations
    • Managing payments, fees, and charges related to the contract for services
    • Understanding any conflicts of interest 
    • Protecting Garden personnel, facilities, assets, and reputations
    • Preventing association with criminal or fraudulent activities

Data Retention

The Garden retains PII only as long as needed for the stated processing purpose. The Garden’s record retention schedule provides the required retention periods for the Garden records based on business and legal requirements, including the need to exercise and defend legal rights. The Garden also maintains records for archiving and historical purposes in compliance with retention periods. If Personal Data is not in a record subject to the Garden’s retention schedule, the Garden policy requires that the Personal Data be deleted when no longer necessary for the stated processing purpose.

Garden Ethics

The Garden provides employees, clients, and external third-parties various means to report unethical or illegal behaviors that violate the law, regulations, or the Garden policy. Reports can be made directly to the Ethics team at thecarelles@thehivesocial.garden 

Security of Personal Data

The Garden uses reasonable organizational, technical, and administrative measures to protect the confidentiality, integrity, and availability of the Personal Data that Garden collects, maintains, and processes. Garden limits access to information to those with a need to know to process the Personal Data. Garden also implements policies, procedures, and technical controls to safeguard the Personal Data from unauthorized access, loss, misuse, and improper disclosure.

The Garden maintains the accuracy, completeness, and timeliness of the Personal Data we store. We need your help in updating us on your contact details or other Personal Data to have the most up-to-date information.

If you have reason to believe that your Personal Data is no longer secure, please immediately notify us at thecarelles@thehivesocial.garden. Because email communications are not always secure, please do not include sensitive information in your emails to us.

Transfers of Personal Data

The Garden operates globally in several countries, but the Garden centralizes internal operations, including information technology services, human resources, and finances in the United States. Client engagements in countries or jurisdictions outside the United States often involve transfers of Personal Data outside of the client’s country or jurisdiction. These transfers occur due to: 

  • The need to access Personal data by the Garden’s internal operations in the United States
  • The location of Garden employees working on the client engagement outside the client’s jurisdiction
  • The location of Garden vendors or subcontractors who are located outside of the client’s jurisdiction  

This means that your Personal Data may be transferred and processed outside of the country where you may be located. This includes transfers of Personal Data from the European Economic Area (EEA) or United Kingdom (UK) to countries with laws that the EEA, UK, or other jurisdictions have not deemed to provide an adequate level of protection for the processing of Personal data.

The Garden has provided appropriate safeguards to protect the confidentiality, integrity, and availability of the Personal Data transferred within the Garden entities. The Garden has executed data transfer agreements with standard contractual clauses in accordance with EEA and UK privacy laws that allow for global transfers within the Garden organization where the Personal Data is collected or obtained from individuals in the EEA. The Garden provides an overview of our policies, processes, and tools which ensure the confidentiality, availability, and integrity of information processed, stored, and transmitted by Garden information system assets.  If you have more specific questions, please contact  thecarelles@thehivesocial.garden.

Service Providers

The Garden engages service providers to support our internal operations, including client contracts. We may disclose, and in some cases, transfer Personal Data we collect to our service providers and their affiliates and sub-processors. In other cases, service providers may collect and transfer Personal Data on our behalf. For example, service providers may provide:

  • Information technology functions, such as information security, data storage, data analytics, business applications, and voicemail
  • General operational support, such as enterprise management software, customer relationship management software, archiving, and event management
  • Accounting, finance, and billing support 
  • Compliance risk reviews and assessments, legal hold services, and legal case management
  • Subcontractor services when we are engaged by a client

In engaging third parties, the Garden ensures that our service providers contractually agree to comply with any applicable privacy law requirements, including those related to the collection and transfer of Personal Data outside the jurisdiction in which it was collected. Garden also ensures that they maintain appropriate security safeguards and meet confidentiality requirements related to Personal Data. If you would like to know more about the third parties Garden engages, please contact the Garden at thecarelles@thehivesocial.garden.

Additional Disclosures of Personal Data

The Garden discloses Personal Data for the following purposes:

  • As directed by you or at your consent
  • Where the disclosure is necessary and appropriate for the purposes described in this policy, including within the Garden entities 
  • If required by applicable law, including laws outside the country where the Personal Data was collected
  • In connection with a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business assets or stock (including in connection with any bankruptcy or similar proceeding)
  • To protect, exercise, and defend Garden’s legal claims, safety, or property
  • To comply with a regulatory or government inquiry, court order, or other legal obligation, including those outside the country where the Personal Data was collected
  • To cooperate with law enforcement as necessary

The Garden is obligated to report certain activities or suspected criminal activity to relevant regulatory authorities and law enforcement. The law sometimes prohibits Garden from informing the individual about the disclosure prior to the disclosure, or at all. Third-party recipients of the Personal Data may include:

  • Law firms, tax advisors, or auditors
  • Insurers
  • Audit regulators
  • Tax and customs, and excise authorities
  • Regulatory bodies
  • Credit reference agencies
  • Courts, police, and law enforcement agencies
  • Government departments and agencies
  • Service providers

Complaints

If you want to report an alleged violation or breach of a privacy law or any other regulation, you should contact us at  thecarelles@thehivesocial.garden. 

You also have the right to complain to the data protection authority in your country or refer the matter to a court of competent jurisdiction or as specified in any applicable engagement agreement with the Garden. 

If you are located in the EEA, you may lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs.

Revisions to the Privacy Statement

We may change this Privacy Statement to reflect changes in our practices and services. The “Last Updated” legend at the top of this page indicates when this Privacy Statement was last revised. Any changes will become effective when we post the revised notice on this website. We recommend checking this Statement from time to time to inform yourself of any changes based on the last updated date.

U.S. States Privacy Policy