Effective day 25 May 2018
- What information we collect, and why we collect it
- How we use that information
- What your data rights are
EU-U.S. Privacy Shield
In compliance with the Privacy Shield Principles, Cognician commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact our Data Protection Officer at: email@example.com
Cognician has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
It’s all about data collection
No law degree required! But if you’re not really sure about terms like ‘cookies’, ‘IP addresses’, ‘browsers’, ‘PII’ and ‘non-PII’, it’s time to turn to trusty Google. Data privacy is important to us, so whether you’re just browsing our website or enrolling for a program on our platform, take a moment to read about how we’re caring for your data on our system. And for any questions or additional support needs you might have, please contact us on firstname.lastname@example.org and we’ll be sure to get back to you.
Here at Cognician, we believe that you have the right to privacy and control over your personal information that we collect when you use our services. We strongly believe in transparency and want to be clear about what data we collect, and why we collect it. This is a big responsibility for us, and we will continue to do do our best to protect your personal information as best we can. We do not, and will never, engage in practices such as benefiting from selling your personal information to third parties. We’ve tried to summarize our policy by answering some key questions.
How do we collect and process your personal data?
Cognician collects and processes personal data when you interact with certain components of our website or platform, such as registration forms or customer support. We also collect your personal data if you identify yourself by sending us an email containing personal information. We work hard to ensure that the collection and processing of your personal data is in compliance with the General Data Protection Regulation ((EU) 2016/679) (GDPR) and that all the necessary steps have been taken to protect your personal information.
Who is responsible for data processing at Cognician, and how can you contact them?
We have appointed a Data Protection Officer (DPO) in compliance with the GDPR. The DPO has formal responsibility for data protection to ensure compliance with GDPR requirements. You can reach our company DPO at email@example.com
What type of personal data do we collect and process?
Collection and processing of personal data through our platform is in order for us to deliver certain services or products to you and will only take place on the basis of your full consent. Not providing your full consent might result in limited functionality or restricted access to certain services or products you might want to subscribe to.
No personally identifiable information (PII) will be collected and/or used in any analysis without your direct consent.
Any data of a sensitive nature including health, gender, ethnicity and religious affiliation is only collected and analyzed under the governance of the GDPR, and thereby with explicit consent.
Personal data will be collected fairly and for lawful purposes only. The data will be processed by the company within its legal and moral boundaries and will be accurate and kept up to date.
The relevant information we collect and process when you visit our website or platform includes both personal and non-personal information including:
- Contact information such as name, surname, email address
- Unique identifiers such as nickname and password
- Online identifiers such as internet protocol (IP) addresses, internet domain name, cookie strings, information regarding which website pages are accessed, browser type, and version
- User data generated by you on the Cognician platform
- Content data that is offered by you as a participant in a particular program hosted on the platform
- Functional data necessary for us to ensure our products function as intended in terms of performance and functionality
- Location identifiers such as time zone setting may be collected by our service providers
How do we use the information, and on what legal basis?
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR), and will only use your personal data for the purposes specified below based on your consent:
- For registration purposes, e.g. registration of new clients through our website and platform
- To enable us to provide services or products to registered clients in the form of software as a service (SaaS)
- For us to provide you with technical and product support
- For general statistical purposes, which might include the transformation and derivation of the data in any way that Cognician Inc. and group companies deem suitable for analysis
- In direct support of the overall user experience
- In direct support of operating the underlying platform
- For general communications with you as the user
Is your data secure? You bet!
Your personal data protection is really important to us and we are aware that this is a big responsibility. We do our best to secure your information and to protect your information from unauthorized access, alteration, disclosure, or destruction. While handling your personal data, we ensure appropriate security measures are in place and industry best practices are adhered to including the use of several different technologies and procedures to help protect the security of your personal data when transfered or when stored.
Right of individuals to access their personal data
What are your data rights?
In accordance with the GDPR, you have the:
- right to access your personal data and keep it up to date
- right to request that your data be forgotten or erased
- right to restrict or object to the processing of your personal data
- right to data portability if you move away from this platform
- right to lodge a complaint with an appropriate data privacy regulatory authority
To object to our processing of your personal information, or request any of the above actions i.e. access, rectify, erase, restrict or export your personal information, please contact our Data Protection Officer with requests or concerns at firstname.lastname@example.org
Should you not be happy with the response received you have the right to lodge a complaint with your supervisory authority.
Sharing your information with third parties
Who else has access to your personal information?
Nobody who doesn’t need to! Personal data will not be distributed to any third parties other than the ones agreed upon (exempting legitimate requests from law enforcement authorities). We also make use of third-party service providers to provide services on our behalf, for example, to manage communication and support requests with clients. In such instances we may provide personal information to such third parties only for the purpose of performing services on our behalf and for the purposes given above.
We do not sell, trade, share or transfer your personal information to third parties except in the following limited circumstances:
- We may share your personal information with our subsidiaries and affiliates;
- We may share your personal information with third-party service providers to permit such parties to provide services that help us with our business activities, which may include assisting us with our product/service offerings, or providing, maintaining and improving the features and functionality of the Offerings, among other things. For example, we may provide personal information to our service providers for managing communication and support requests with clients.. The data shared can include name, nickname, email address. All third parties are engaged under contract and obliged to meet appropriate security requirements and comply with all applicable legislation;
- We may share your personal information when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce a Customer Agreement, including investigation of potential violations thereof, or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law;
- We may share your personal information with third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud or security or technical issues;
- We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets; and
- We may share your personal information with a third party if we have your consent to do so.
What about the International transfer of personal data?
We will not transfer your personal data to organizations, states, or countries that do not have adequate data protection policies. In cases where data is transferred for the purposes of our programs outside of the EU and Switzerland to the United States, Cognician requires all data processing partners to be Privacy Shield compliant.
Okay, so how long will your data be stored?
In terms of our Data Retention Policy, your personal data will not be stored for more than the amount of time specified in a partner master services agreement or statement of work. In general, we retain your personal information as needed to fulfill the purposes for which it was collected, i.e., we will process and store your personal data as necessary in order to fulfill our business requirements and contractual or legal obligations.
Cognician uses the services of Intercom, Inc. to manage communication and support requests. Intercom uses a unique cookie that is associated with an individual which enables it to provide its services. These cookies are stored within a user’s browser, and the management of these cookies may be done through the browser.
A note on web analytics
We implement Google Analytics features that use Display Advertising information for Google Analytics Demographics and Interest Reporting. We collect information about how you interact with our platform and services on our websites. You can opt out of Google Analytics for Display Advertising to prevent your data from being used by Google Analytics by going to the Google Analytics opt-out page.
Thank you for reading this. Happy cogging!