Privacy Policy
Update Date: Oct 31, 2025
Introduction: Harmonic (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use the Harmonic website and services. It applies to our informational and marketing website, as well as our SMB SaaS property management platform, including any user login, signup, and payment features. We comply with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws to ensure your personal data is handled lawfully and transparentlygdpr.eu. By using our site or services, you acknowledge that you have read this Privacy Policy. If you have any questions or concerns about your data, please contact us at privacy@harmonic.com.
1. Data Controller and Contact Information
Harmonic (operated by [Your Company Name], registered in [Your Country]) is the “data controller” responsible for the processing of your personal data. You can contact us with privacy inquiries or data requests by emailing privacy@harmonic.com or by mail at: [Company Address]. If we appoint a Data Protection Officer or EU representative, we will provide their contact details here for EU users’ convenience.
2. Personal Data We Collect
We collect personal data that you provide to us directly, data generated through your use of our platform, and some data from third parties or integrated services. The types of personal data we collect include:
Identity and Contact Information: Such as your name, email address, phone number, and company/organization name, which you provide during account signup or inquiriescytrio.com.
Account Credentials: If you register an account, we collect login details like username and password (stored in encrypted form).
Property Details: Information about properties you manage or list on our platform, such as property addresses, descriptions, photos, and related details that you input. This may include tenant or resident names and contact info if you manage occupant data (please ensure you have authority to provide such data).
Payment Information: If you make purchases or subscribe to paid services, we (or our third-party payment processor) collect billing details. This may include billing name and address, and payment card information. Note: We use reputable third-party payment processors compliant with PCI-DSS standards to handle full credit card data securely; we do not store your full payment card numbers on our systemstermsfeed.comtermsfeed.com.
Communications: The content of any communications you send us, such as support requests, feedback, or chat messages. We keep records of our correspondence with you.
Usage Data: When you interact with our website or platform, we automatically collect certain technical data via cookies and similar technologies. This includes your IP address, browser type, device identifiers, pages or features used, the date/time of visits, and referring website. We use this data to analyze usage trends and improve our servicescytrio.com. See our Cookie Policy for more details on these technologies.
Third-Party Integration Data: If you choose to integrate or connect your Harmonic account with third-party tools (e.g., HubSpot CRM, QuickBooks accounting, or a CMMS maintenance system), we may receive personal data from those services. For example, if you link to QuickBooks, we might collect financial transaction data or invoice details; if you integrate HubSpot, we may receive contact or lead information from your CRM to sync with our platform. We only collect and use such integrated data as needed to provide the integrated functionality you request, in accordance with this Policy and the third party’s terms.
Children’s Data: Our services are not directed to children and we do not knowingly collect personal data from individuals under the age of 16 (or the applicable age of consent in your jurisdiction)termsfeed.com. If we learn that a child has provided us personal data without parental consent, we will delete it. If you are a parent or guardian and believe we have collected information about a minor, please contact us.
3. How We Use Your Personal Data (Purposes and Legal Bases)
We use your personal data for the following purposes, and rely on specific legal grounds under GDPR for each:
Provide and Maintain Our Services: To create and manage your account, authenticate you at login, host your property listings, facilitate property management features, and enable core service functionality you request. Legal Basis: Performance of a contract – we process data to fulfill our agreement with you as a user of our SaaS platformtermsfeed.com.
Processing Payments: To process subscription fees or other payments, and handle billing through our payment processor. Legal Basis: Performance of a contract (to provide the paid service) and compliance with legal obligations for financial and tax record-keepingtermsfeed.comtermsfeed.com.
Communicating with You: To send administrative or account-related messages such as confirmations, invoices, technical notices, updates, security alerts, and customer support responses. Legal Basis: Performance of a contract (we need to send these to provide our services) or legitimate interests in ensuring you are informed about your account and service updates.
Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance. Legal Basis: Performance of a contract (if support is part of services) or legitimate interests in maintaining user satisfaction.
Improvement and Analytics: To analyze usage of our website and platform, track trends, and improve our offerings and user experience. This includes using analytics tools (e.g., Google Analytics or HubSpot analytics) to understand how users interact with our site. Legal Basis: Legitimate interests – we have a legitimate interest in analyzing and improving our services to benefit our userscytrio.com. We perform such analysis in a privacy-conscious manner (e.g., using aggregated or pseudonymous data where possible). Where cookies or similar trackers are involved, we obtain your consent where required (see Cookie Policy).
Marketing and Newsletters: To send you marketing communications, such as newsletters, product updates, offers, or event invitations, only if you have opted in to receive them. Legal Basis: Consent – we will ask for your consent to send marketing emails or to use non-essential cookies for advertisingcytrio.com. You can withdraw consent at any time (e.g., via an “unsubscribe” link in emails). For existing customers, we may rely on legitimate interest to send you modest updates about similar services, but will always honor opt-out requests.
Personalized Content: To provide personalized content or recommendations on our platform, such as suggesting properties or features you might be interested in based on your usage or profile. Legal Basis: Legitimate interests in improving user experience, or consent when required by law (for example, if personalization involves profiling via tracking cookies, we will only do so with your consentcytrio.com).
Security and Fraud Prevention: To protect our website, services, and users by detecting and preventing fraud, spam, abuse, or security incidents. We may monitor accounts and usage for security risks and verify user identities. Legal Basis: Legitimate interests in safeguarding our platform and users, and legal obligation in some cases to ensure data security (GDPR’s integrity and confidentiality principle).
Legal Compliance: To comply with applicable laws, regulations, legal processes or enforceable governmental requests. For instance, to fulfill tax and accounting requirements, or to respond to subpoenas or court orders. Legal Basis: Compliance with legal obligations.
Other Purposes with Consent: If we intend to process your personal data for a purpose not listed here, we will explain it to you at the time and, if required, obtain your consent. We will only use your personal data for purposes that are compatible with those described, unless we have a legal obligation or you give consent.
Legal Bases under GDPR: For users in the EU/EEA, our lawful bases for processing your data include: (a) your consent, (b) necessity for performance of a contract with you, (c) compliance with our legal obligations, and (d) our legitimate interests, as described abovetermsfeed.comtermsfeed.com. We ensure that we balance any legitimate interests in using your data with your rights and interests. Where we rely on consent, you have the right to withdraw it at any time (this will not affect the lawfulness of processing before withdrawal).
4. Cookies and Tracking Technologies
We use cookies and similar tracking technologies (such as web beacons or pixels) on our website to provide and enhance our services. Cookies are small text files placed on your device to store data when you visit our website. They help us improve your browsing experience and analyze site usagecytrio.com. We use cookies for purposes such as keeping you logged in during your session, remembering your preferences, gathering analytics about website traffic, and providing personalized content or ads.
Some cookies are placed by third parties we integrate with, such as Google Analytics (analytics cookies) or HubSpot (which may set cookies for analytics and marketing automation). We categorize cookies we use into a few types:
Strictly Necessary Cookies: These cookies are essential for our site and services to function properly and cannot be switched off in our systemscytrio.com. For example, they include session cookies that keep you logged in, security cookies, or those that remember items in a shopping cart. Without these, certain features (like account login or transaction checkout) would not work. We use these cookies based on our legitimate interest in providing a working service, and they do not require consent.
Analytics/Performance Cookies: These cookies collect information about how visitors use our site (pages visited, time spent, errors encountered, etc.)cytrio.com. We use this data to improve the website’s performance and user experience. For instance, we may use Google Analytics or similar tools which set cookies to gather usage statistics (e.g., _ga cookie). These cookies are not strictly necessary and will only be set with your consent, per GDPR requirementscytrio.com. Data collected is typically aggregated and not personally identifying; however, IP addresses or unique IDs may be captured to distinguish unique visitors.
Functional/Preference Cookies: (If used) These cookies allow our site to remember choices you make and provide enhanced, more personal features. For example, a functional cookie might remember your language preference or customization settings so you don’t have to set them every time. We may also use them to provide certain features like a live chat support widget or to remember form data you’ve entered. These cookies may be first-party or set by third-party plugins, and are only used to provide functionality you explicitly request. Where required, we will obtain consent for these.
Advertising/Marketing Cookies: These cookies track your browsing behavior and are used to deliver targeted ads or promotional content, both on our site and potentially on other platforms. They may be set through our site by advertising partners or social media platforms to build a profile of your interests. Note: Harmonic is not an ad-supported platform, but we may use marketing cookies for our own marketing campaigns (for example, a Facebook Pixel or Google Ads cookie to measure ad campaign effectiveness or retarget visitors with our ads). Such cookies will only be set if you consent, and they help us reach people who have shown interest in Harmonic. You can opt out at any time.
For a detailed list of specific cookies we use and their purposes, please see our separate Cookie Policy or our cookie consent banner, which provides real-time information on cookies in use.
Cookie Consent: On your first visit to our site (and periodically thereafter), you will see a cookie consent banner. Except for strictly necessary cookies, we will not set cookies on your device without your affirmative consent (opt-in) via this banner or settings panel, in accordance with GDPR. You can manage your cookie preferences at any time by using the cookie settings link on our site (available in the footer or via the banner)cytrio.com. Through this tool, you can withdraw consent for non-essential cookies whenever you wish, and we will stop using them.
Browser Controls: In addition to our site controls, you can manage or delete cookies through your web browser settings. Most browsers allow you to block or delete cookies (often in the privacy or security settings area). You can usually set your browser to notify you when a cookie is being set or to remove or reject cookies altogethercytrio.com. Please note that if you disable all cookies (especially “strictly necessary” ones) via your browser, some parts of our site may not function properly (e.g., you might not be able to log in or use certain features).
For more information, please read our full Cookie Policy below, which is incorporated into this Privacy Policy by reference.
5. Disclosure of Personal Data (Who We Share It With)
We do not sell your personal information. However, we may disclose or share the personal data we collect with third parties in the following situations, for the purposes described in this Policy:
Service Providers: We use trusted third-party companies to perform services on our behalf and to assist us in operating our platform. This includes, for example, cloud hosting providers (for data storage and servers), email delivery services, customer support software, analytics providers (such as Google Analytics or HubSpot), marketing and CRM software (e.g., HubSpot for managing contacts and email campaigns), and payment processors (e.g., Stripe or QuickBooks payments for processing credit card transactions). These service providers access personal data only as needed to perform their functions and are contractually obligated to protect it and use it only for our specified purposestermsfeed.com.
Integration Partners: When you choose to integrate third-party services with Harmonic (such as syncing with QuickBooks, a CMMS, or other software), we will share the necessary data with the chosen integration to fulfill the integration at your direction. For example, if you connect a CMMS tool for maintenance requests, we might send property or tenant details needed to create work orders; if you sync with QuickBooks, we might transmit invoice or payment data. We will only do this with your consent or instruction, and such partners will process the data under their own privacy policies as well.
Business Partners (with Consent): In certain cases, we may partner with other companies to offer co-branded services, promotions, or integrations. If you choose to participate or opt-in, we may share your contact or account information with the specific partner with your consent. For instance, if we run a joint webinar with a partner and you sign up, we might share your name and email with them for event logistics. We will be transparent at the time of collection and honor your choices.
Within Our Corporate Group: If Harmonic is part of a group of related companies (parent, subsidiaries, affiliates), we may share data within that corporate family as needed to support and provide the services (e.g., if our affiliate assists with customer support or development). All affiliated entities are bound to uphold the privacy protections described here.
Legal Compliance and Protection: We may disclose personal data when required to do so by law or when we believe in good faith that such disclosure is necessary to (i) comply with a legal obligation or request (e.g., court order, subpoena, or government demand)termsfeed.com; (ii) enforce our Terms of Service or other agreements; (iii) protect the rights, property, or safety of Harmonic, our users, or the publictermsfeed.com. This includes exchanging information with law enforcement or regulators, or pursuing or defending against legal claims.
Business Transfers: If Harmonic is involved in a merger, acquisition, bankruptcy, financing due diligence, reorganization, or sale of all or part of its assets, your personal data may be transferred to a third party as part of that transactiontermsfeed.com. We will ensure any such transfer is subject to appropriate confidentiality and security measures, and we will provide notice on our website (and/or contact you) if your data becomes subject to a different privacy policy as a result.
With Your Consent: Other than the cases above, we will ask for your consent before sharing your personal data with third parties for purposes beyond the scope of this Privacy Policy. For example, if we ever want to publish a customer testimonial with personal information, we would seek your explicit permission.
All third parties with whom we share personal data are expected to handle it in accordance with applicable privacy laws and only for the purposes we specify. We do not allow our service providers to use your data for their own marketing or other purposes not related to providing their services to us.
6. Data Retention
We keep your personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by lawtermsfeed.com. This means:
For active account holders, we retain your personal data for as long as your account is open and as needed to provide you with our services.
If you delete your account or it becomes inactive, we will delete or anonymize your personal data within a reasonable period after account closure. Some data (like property listings or user content you generated) will be removed, while other data may be retained in anonymized form for analytics.
Transaction and Payment Records: We retain payment and financial transaction records for at least the duration required by tax and accounting laws (for example, 7 years in some jurisdictions) or longer if required for auditing purposestermsfeed.com.
Communications and Support Data: We may retain customer service communications or support tickets for a period of time to ensure we can follow up properly and improve our support processes.
Analytics Data: Usage data collected via cookies or other trackers may be stored for shorter periods, especially if you withdraw consent. We generally retain analytics data in aggregated form. Raw analytics logs may be kept for a limited time (e.g., 14 months) unless needed longer for security analysis.
Legal Requirements: If we are under a legal obligation to retain data (for example, under laws regarding money laundering, or to comply with a preservation request in a litigation), we will retain the data for as long as required by that obligation. Similarly, we might retain certain data as necessary to protect our rights or resolve disputes, but only as long as necessary for that purpose.
After the applicable retention period, we will either securely delete or anonymize your personal data so that it can no longer be associated with you. If deletion or anonymization is not feasible (for example, because the data is stored in secure backups), we will isolate it from further processing until deletion is possible.
7. International Data Transfers
Harmonic is a global service. Your personal data may be transferred to and processed on servers located in countries outside of your own, including countries outside the European Economic Area (EEA) or United Kingdomtermsfeed.com. In particular, if you are in the EU/EEA, be aware that we (and our service providers like HubSpot or QuickBooks) might process data in the United States or other jurisdictions where data protection laws may differ from those in your country.
Whenever we transfer personal data out of the EEA/UK, we take steps to ensure an adequate level of protection for your data in line with GDPR requirements. These safeguards may include:
EU Commission Standard Contractual Clauses: We may rely on standard data protection clauses approved by the European Commission, which contractually oblige the recipient to protect your data to EU standards.
Adequacy Decisions: If the data is transferred to a country that the European Commission has determined offers an adequate level of data protection, we rely on that decision (for example, transfers to companies in countries like Canada or Japan, or to U.S. companies certified under an EU-US Data Privacy Framework, if applicable).
Binding Corporate Rules: In the case of intra-group transfers, we might use binding corporate rules if our corporate family has them approved.
Other Measures: We also evaluate on a case-by-case basis any additional technical and organizational measures needed (such as encryption in transit and at rest, and limiting access to personal data).
Your consent to this Privacy Policy followed by your submission of personal data through our site represents your agreement to these transfers, to the extent such consent is required by lawtermsfeed.com. If you would like further information about international data transfers or copies of the relevant safeguards, please contact us.
8. Data Security
We take the security of your personal data seriously. We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, alteration, or disclosuretermsfeed.com. These measures include, for example, encryption of data in transit (TLS/SSL), encryption of sensitive data at rest, firewalls and access controls to our servers, regular security audits, and limiting employee access to personal data on a need-to-know basis. We also require our service providers to follow strong security standards.
However, please note that no method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute securitytermsfeed.com. You should also take care with how you handle and disclose your personal data and credentials. If you have reason to believe that your interaction with us is no longer secure (for example, you feel that your account has been compromised), please contact us immediately.
9. Your Rights (GDPR and Equivalent)
If you are an individual in the European Union, United Kingdom, or other regions with similar data protection laws, you have certain rights regarding your personal data. Harmonic is committed to honoring these rights and has processes in place for you to exercise them. Your key data protection rights include the right to:
Access Your Data: You can request confirmation of whether we are processing your personal data and obtain a copy of the data we hold about youtermsfeed.com. This is commonly known as a “Data Subject Access Request.” We will provide you with a copy of your data, and information about how it is used, subject to some exceptions (e.g., not releasing others’ personal data or confidential business information).
Rectification: You have the right to ask us to correct or update any inaccurate or incomplete personal data we hold about youtermsfeed.com. We encourage you to first correct/update your information through your account settings if possible, but you can also contact us for assistance.
Erasure: You can request that we delete your personal data under certain circumstancestermsfeed.com. This is also known as the “right to be forgotten.” We will honor such requests whenever we can, for example if the data is no longer needed, you withdraw consent (where applicable), or you have objected to processing (see below) and we have no overriding legitimate grounds to continue. Please note we may need to retain some information if required by law or for legitimate business purposes (we will inform you if so).
Restriction of Processing: You have the right to ask us to restrict or suspend the processing of your personal data in certain scenarios – for instance, if you contest the accuracy of the data, or if the processing is unlawful but you prefer restriction over deletion. If processing is restricted, we will still store your data but not use it until the restriction is lifted.
Data Portability: You can request to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another controller where technically feasibletermsfeed.com. This right applies when the processing is based on your consent or a contract and carried out by automated means. Where directly feasible, and upon your request, we can also transmit the data directly to another provider.
Object to Processing: You have the right to object to our processing of your personal data when our legal basis is legitimate intereststermsfeed.com. You may also object at any time if your data is processed for direct marketing purposes, and we will then cease processing your data for those purposes. If you object on grounds relating to your particular situation, we will stop that processing unless we have compelling legitimate grounds that override your interests, rights, and freedoms.
Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any timetermsfeed.com. This will not affect the lawfulness of processing prior to withdrawal, but it means we will stop the specific processing that was based on consent (for example, stopping email marketing or disabling certain cookies). Do note that if consent is required for a service feature, we may not be able to provide that feature after consent is withdrawn (but we will advise you if so).
To exercise any of these rights, please contact us at privacy@harmonic.com with your request. We may need to verify your identity before fulfilling certain requests (to protect your data from unauthorized access)termsfeed.com. We will respond to your request as soon as possible and at least within the timeframe required by law (generally within one month for GDPR, with extensions if necessary which we will communicate to you). There is no fee for most requests, but if a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on it, as permitted by law.
Right to Lodge a Complaint: If you believe we have infringed your data protection rights or violated privacy laws, you have the right to lodge a complaint with your local supervisory authority (data protection regulator)termsfeed.com. For example, if you are in the EU, this could be the Data Protection Authority in your country of residence. We kindly ask that you consider raising any concerns with us first, so we can try to resolve them, but you are entitled to contact the authority at any time.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. If we make material changes, we will notify you by (for example) posting a prominent notice on our website or sending an email notification, and updating the “Effective Date” at the top of the policy. We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Your continued use of the Harmonic site or services after any changes to this Privacy Policy constitutes acceptance of the updated terms.
