- We will never sell your data to advertisers and/or marketers.
- We will never send you our newsletter or market to you without your permission.
- We will only collect and process your data when we have legitimate reason to do so (For example, when you purchase one of our tools or when you give your explicit consent to the processing of certain data).
- We only share data with third parties whose services are necessary to provide, maintain, and improve our services (For example, payment processors and fulfillment services).
- If you ever want any of your information removed from our site or corrected, you can get in touch with us at email@example.com and we’ll be happy to fulfill your request.
For the full policy, please read below.
This policy applies (i) immediately to new users who use or access the Service on or after the Effective Date and (ii) on the Effective Date to users who use or access the Service before the Effective Date.
Please contact us if you have any questions or comments about our privacy practices. You can reach us online at firstname.lastname@example.org.
TRANSFERS OF PERSONAL DATA
The Service is hosted and operated in the United States (“U.S.”). If you do not reside in the U.S., laws in the U.S. (and other countries) may differ from the laws where you reside. By using the Service, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Assessment Corps in the U.S. and will be hosted on U.S. servers, and you authorize Assessment Corps to transfer, store, host and process your information to and in the U.S., and possibly other countries. You hereby consent to transfer of your data to the United States.
EU PERSONAL DATA
If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) related to your Personal Data, as further described below. Assessment Corps will be the controller of your Personal Data processed in connection with the Service, unless you access the Service through an account that is controlled by a third party (e.g. your employer).
NOTICE OF WHAT INFORMATION WE COLLECT AND HOW WE USE IT
Types of Personal Data We Collect
Assessment Corps collects Personal Data about you when you provide it directly to us, when third parties such as your employer provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Service. We collect the following Personal Data from you in connection with the Service:
- Billing Information: information we collect to process a purchase you are making through our site. We do not store credit card or any other sensitive financial information.
- Transaction Information: information related to transactions you conduct on the Service, including purchases of both digital and physical products.
- User Account Information: information that identifies you to the Service. This can range from simply an email address and team affiliation for our Online Gap Assessment participants, to full name, billing and shipping addresses, email address, password, and ip address. We use this information to authenticate you when you log in to the Service, provide you with access to the products that you or your employer/colleague have purchased, and use the IP address to help maintain your web session security while using the Service.
- User Content: to the extent that you choose to input Personal Data as part of such content, comments, and other content, information, and materials that you post to or through the Service.
Important Note: Users of our Services should not provide us with personal information belonging to individuals who have not consented to the dissemination of such information. We are not responsible for any such disclosure made by an independent third party through the use of our service. If you believe that your information has been provided to Assessment Corps without your consent, please contact us immediately at email@example.com.
- Log Data: information automatically recorded by the Service about how a person uses our Service, such as IP addresses, device and browser type, operating system, the pages or features of our Website or Service to which a user browsed, the time spent on those pages or features, the frequency with which the Service is used by a user, search terms used by a user, the links on the Service that a user clicked on or used, and other statistics.
We also collect usage and performance information that is not Personal Data or that we aggregate or de-identify so that it no longer personally identifies an individual. We also associate some data that is not Personal Data with Personal Data.
We collect Personal Data when a user
- creates an account (a “User Account”);
- logs into the Service;
- interacts with the Service;
- uploads or generates User Content;
- communicates with us; and
- responds to a communication or interaction from us.
Some of the methods and tools we use to collect Personal Data are:
We use unique identifiers such as cookies, e-mail or your pseudonymized customer ID to track individual usage behavior on our Service, such as the length of time spent on a particular page and the pages viewed during a particular log-in period. Unique identifiers collect information about a user’s use of our Service on an individual basis.
Cookies, Web Beacons, and Other Tracking Tools:
We collect information about you, your device, and your use of the Service through cookies, clear gifs (a.k.a. web beacons/web bugs) (“Web Beacons”), and other tracking tools and technological methods (collectively, “Tracking Tools”). Tracking Tools collect information such as computer or device operating system type, IP address, browser type, browser language, mobile device ID, device hardware type, the website or application visited or used before or after accessing our Service, the parts of the Service accessed, the length of time spent on a page or using a feature, and access times for a webpage or feature. These Tracking Tools help us learn more about our users and analyze how users use the Service, such as how often users visit our Service, what features they use, what pages they visit, what emails they open, and what other sites or applications they used prior to and after visiting the Service.
Like many websites and mobile application operators, we collect certain information through the use of “cookies,” which are small text files that are saved by your browser when you access our Service. Cookies can either be “session cookies” or “persistent cookies”. Session cookies are temporary cookies that are stored on your device while you are visiting our Website or using our Service, whereas “persistent cookies” are stored on your device for a period of time after you leave our Website or Service. We use persistent cookies to store your preferences so that they are available for the next visit, and to keep a more accurate account of how often you visit our Service, and how your use of the Service varies over time. For more information on cookies, including how to control your cookie settings and preferences, visit the following:
Web Beacons help us better manage content on our Service by informing us what content is effective. Web Beacons are embedded in, or otherwise associated with, certain emails or other communications that you receive from us. Web Beacons help us track your responses and interests and deliver relevant content and services to you. For example, they may let us know when you take actions based on the emails that we send.
Use of Personal Data
Assessment Corps uses Personal Data to:
- provide, administer, and improve our Service;
- better understand your needs and interests;
- fulfill requests you make;
- personalize your experience;
- provide Service announcements;
- provide you with information and offers from Assessment Corps (with your explicit consent);
- protect, investigate, and deter against fraudulent, harmful, unauthorized, or illegal activity and
- comply with legal obligations.
For example, we use Personal Data to:
Operate and improve the Service
- Learn more about our users and their use of the Service
- Provide user support
- Administer the Service, User Accounts, and transactions with respect to User Accounts
- Enforce our contracts, administering and carrying out our obligations under contracts, and complying with the law
We will only use your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, and our “legitimate interests” or the legitimate interest of others, as further described below.
Contractual Necessity: We process the following categories of Personal Data because we need to process the data to perform under our User Agreement with you, which enables us to provide you with the Service. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Service that require such data:
- Contact Information
- User Account Information
- Financial Account Information
- Transaction Information
- User Content
Legitimate Interest: We process the following categories of Personal Data when we believe doing so furthers the legitimate interest of us or third parties:
- Contact Information
- Financial Account Information
- User Account Information
- Transaction Information
- User Content
- Log Data
Examples of these legitimate interests include:
- Operation and improvement of our business, products, and services
- Marketing of our products and services
- Provision of customer support
- Protection from fraud or security threats
- COmpliance with legal obligations
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
HOW AND WITH WHOM DOES ASSESSMENT CORPS SHARE PERSONAL DATA?
We share Personal Data with vendors, third party service providers, and agents who work on our behalf and provide us with services related to the Service. These parties include:
- Third parties who act for us or provide services for us, such as billing and credit card payment processing, maintenance, sales, marketing, administration, support, data enrichment, hosting, and database management services
- Outside professional advisors (such as lawyers and accountants) for purposes related to the operation of our business such as auditing, compliance, and corporate governance
We also share Personal Data with third party service providers and agents when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
- Other users (when you use other tools, such as Individual Assessments, or as otherwise necessary to effect a transaction initiated or authorized by you through the Service)
- Other parties authorized by you
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
- Protect us, our business or our users, or third parties, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
- Maintain the security of our products and services
- We also share information with third parties when you have given us consent to do so.
YOUR PRIVACY CHOICES
Opting Out of Tracking Tools
Service Provider Opt Out: You can opt-out directly from some providers of Tracking Tools by using their opt-out tools. Some of these service providers, and links to their opt-out tools, are:
- Hotjar (GDPR compliant) : opt out at https://www.hotjar.com/legal/compliance/opt-out
Industry Opt Out Tools: Some Advertising Service Providers or providers of Tracking Tools may participate in the Network Advertising Initiatives (NAI) Opt-Out Tool (http://www.networkadvertising.org/choices/) and/or the Digital Advertising Alliance (DAA) Consumer Choice Page (http://www.aboutads.info/choices/), and you can opt-out of certain services and learn more about your choices by visiting the links included there. Users in the EU can visit http://www.youronlinechoices.eu/ for more information about your choices and to opt out of participating service providers.
Web Browser Controls: You can prevent the use of certain Tracking Tools, such as cookies, on a device-by-device basis using the controls in your web browser. These controls can be found in the Tools > Internet Options (or similar) menu for your browser, or as otherwise directed by your browser’s support feature. Through your web browser, you may be able to:
- Delete existing Tracking Tools
- Disable future Tracking Tools
- Set your browser to provide you with a warning each time a cookie or certain other Tracking Tools are being set
Mobile Opt Out: Your mobile devices may offer settings that enable you to make choices about the collection, use, or transfer of mobile app information for Behavioral Advertising. You may also opt-out of certain Tracking Tools on mobile devices by installing the DAA’s AppChoice app on your mobile device (for iTunes, visit https://itunes.apple.com/us/app/appchoices/id894822870?mt=8, for Android, visit https://play.google.com/store/apps/details?id=com.DAA.appchoices&hl=en). For more information, please visit http://support.apple.com/kb/HT4228, https://support.google.com/ads/answer/2662922?hl=en or http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device, as applicable.
Do Not Track: Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. The Service does not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Service and after you leave our Service.
Emails: If you are currently receiving our newsletter, you may opt-out at any time by clicking the unsubscribe link at the bottom of any of the emails you have received.
We believe the security of your information is a serious issue and we are committed to protecting the information we receive from you. We use commercially reasonable security measures to protect against the loss, misuse, and alteration of your information under our control based on the type of Personal Data and applicable processing activity, such as data encryption in transit, pseudonymization, and enforcement of least privilege and need-to-know principles.
To the extent the Service requires you to provide any Financial Account Information, that information will be collected and processed by third-party PCI-compliant service providers. We do not store Financial Account Information transmitted through the Service, provided that we do store (or our payment processor on our behalf will store) just the last four digits of your credit card number, if you provide this to us, to comply with credit card processing requirements of authorizations, charges and chargebacks.
We retain Personal Data about you for as long as necessary to provide you with the Service, and thereafter as set forth in our Service agreement with you (typically 30 days after termination of the Service, or sooner upon request (except as required by law)). In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. Upon disposal, we will destroy or render unreadable any such Personal Data. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
INTERACTIONS WITH OTHERS
WHAT RIGHTS AND CHOICES DO YOU HAVE REGARDING YOUR PERSONAL DATA?
Accessing, Correcting, and Deleting Your Personal Data and Other Data Subject Rights
You have certain rights with respect to your Personal Data, and we want to help you review and update your information to ensure it is accurate and up-to-date.We may limit or reject your request in certain cases, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question. In some cases, we may also need you to provide us with additional information, which may include Personal Data, to verify your identity and the nature of your request. We will take reasonable steps to respond to all requests within 30 days (or less!).
For the following, please email us at firstname.lastname@example.org.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Service.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for marketing purposes.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
Erasure: You can request that we erase some or all of your Personal Data from our systems. Please note that if you request the deletion of information required to provide the Service to you, your User Account will be deactivated and you will lose access to the Service.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of Personal Data that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. In particular, the law provides that companies must inform consumers about the categories of Personal Data that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by Assessment Corps pursuant to Section 1798.83 of the California Civil Code, please contact as set forth above.
ENFORCEMENT AND RECOURSE
Our Service is not intended for individuals under the age of 18, and therefore, Assessment Corps does not knowingly acquire or receive Personal Data from children. If we later learn that any user of our Service is under the age of 18, we will take appropriate steps to remove that user’s information from our account database and will restrict that individual from future access to the Service.
WHAT IF YOU HAVE QUESTIONS REGARDING YOUR PERSONAL DATA?