Hop Online Privacy Policy

Last updated: January 28, 2026

This privacy notice for Hop Online (“Company,” “we,” “us,” or “our“), describes how and why we might collect, store, use, and/or share (“process“) your information when you use our services (“Services“), such as when you:

• Visit our website at https://hop.online, or any website of ours that links to this privacy notice
• Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at admin@hop-online.com.

SUMMARY OF KEY POINTS

• What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with Hop Online and the Services.
• Do we process any sensitive personal information? We do not process sensitive personal information.
• Do we receive any information from third parties? We do not receive any information from third parties.
• How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
• How do we keep your information safe? We have implemented organizational and technical processes, including a formal Information Security Policy and strict staff access controls.

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to usWe collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, or otherwise when you contact us. This includes:

• Names
• Email addresses
• Website URLs
• Professional/Employment-related information (if provided in a business context)

Information automatically collectedWe automatically collect certain information when you visit, use, or navigate the Services (such as IP address, browser and device characteristics, operating system, and language preferences). This information is primarily needed to maintain the security and operation of our Services.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To provide and facilitate delivery of Services.
• To respond to user inquiries/offer support.
• To send marketing and promotional communications. You can opt out of our marketing emails at any time.
• To protect our Services and individuals. We may process your information for security and fraud prevention and to prevent harm.
• To comply with legal obligations.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law.

• EU/UK Residents: We rely on Consent, Performance of a Contract, Legitimate Interests, and Legal Obligations under the GDPR and UK GDPR.
• Canadian Residents: We process information with your express or implied consent, or in specific cases permitted by law (e.g., investigations, identifying injured persons).

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We may need to share your personal information in the following situations:

• Business Transfers: We may share or transfer your information in connection with any merger, sale of company assets, or acquisition.
• Service Providers: We may share data with third-party vendors who perform services for us under strict data processing agreements.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific details are set out in our Cookie Notice.

6. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this notice (typically not exceeding 2 years), unless a longer retention period is required by law (such as tax or accounting requirements).

7. INFORMATION SECURITY POLICY (ISP)

Hop Online maintains a formal internal Information Security Policy (ISP) aligned with industry best practices. This policy is reviewed annually and governs our approach to data protection, risk management, and incident response. Our ISP ensures that security is integrated into every level of our service delivery, from infrastructure to application development.

8. STAFF DATA ACCESS MANAGEMENT

We maintain strict controls over how our staff and contractors access your data. Our staff data access management protocol includes:

• Principle of Least Privilege (PoLP): Access to client data is restricted to only those employees who require it to perform their specific job functions.
• Role-Based Access Control (RBAC): We utilize centralized identity management to assign access rights based on defined job roles. Access is audited quarterly to ensure permissions remain appropriate.
• Authentication & MFA: All staff access to internal systems containing personal or client data requires unique credentials and mandatory Multi-Factor Authentication (MFA).
• Confidentiality & Training: All employees and contractors are required to sign non-disclosure agreements (NDAs) and undergo mandatory data privacy and security awareness training upon hire and annually thereafter.
• Monitoring & Logging: We maintain logs of staff access to sensitive data environments. These logs are monitored for unauthorized or anomalous activity.
• Termination Protocols: Upon the offboarding of any staff member or contractor, all access rights to company systems and data are revoked immediately as part of our standardized exit procedure.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

We aim to protect your personal information through a system of organizational and technical security measures. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Although we do our best to protect your personal information, transmission is at your own risk.

10. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly solicit data from or market to children under 18 years of age.

11. WHAT ARE YOUR PRIVACY RIGHTS?

In some regions (like the EEA, UK, and Canada), you have certain rights under applicable data protection laws. These include the right to (i) request access and obtain a copy of your personal information, (ii) request rectification or erasure; (iii) restrict processing; and (iv) data portability.

12. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers include a Do-Not-Track (“DNT”) feature. We currently do not respond to DNT signals as no uniform technology standard has been adopted.

13. DO WE MAKE UPDATES TO THIS NOTICE?

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and will be effective as soon as it is accessible.

14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at admin@hop-online.com or by post to:

Hop Online LTD.

Serdika 20 Street

Sofia 1000

Bulgaria

15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please submit a request form or contact us at admin@hop-online.com.

‍