Last updated 28 July 2020
Just to be clear, when we refer to Cognician, we mean Cognician Software (Pty) Ltd (whose principal place of business is at Office 4, Kings Cross, 9 Queens Park Avenue, Salt River, 7925, South Africa), including its associated and subsidiary company, Cognician, Inc. (whose principal place of business is at Suite 1628, 535 Mission St, San Francisco, CA 94105, USA).
The Personal Data We Collect
Looking after your personal data is a huge responsibility for us. We will continue to do our best to protect your personal data as best we can and be transparent about what data we collect and why we collect it.
We do not, and will never, engage in practices such as benefiting from selling your personal information to third parties.
A Look at the Use of Your Personal Data
We need to collect your personal data when you interact with certain components of our website and platform in order for us to deliver certain services or products to you. This will only take place on the basis of your full consent.
We Collect Your Personal Data for Very Specific Purposes
- During the registration of new users through our website or platform
- To enable us to provide services or products to registered users in the form of software as a service (SaaS)
- In order for us to provide you with technical and product support
- For general statistical purposes
- In direct support of the overall user experience
- In direct support of operating the underlying platform
- For general communications with you as the user
We Collect Both Personal and Non-Personal Data
- Contact information such as name, surname, email address
- Unique identifiers such as nickname and password
- Online identifiers such as internet protocol (IP) addresses
- User data generated by you on the Cognician platform
- Content data that is offered by you as a participant in a particular program hosted on the platform
- Functional data necessary for us to ensure our products function as intended in terms of performance and functionality
- Location identifiers such as geolocation data may be collected by our third-party service providers for analysis purposes
Our Data Protection Officer
We have appointed a Data Protection Officer (DPO) in compliance with the GDPR. The DPO is formally responsible for data protection and ensuring compliance with GDPR requirements. You can reach our company DPO at email@example.com.
Keeping Your Data Secure
We do our best to secure your personal data and to protect your information from unauthorized access, alteration, disclosure, or destruction. While handling your personal data, we ensure that the appropriate security measures are in place and international standards are followed to protect the security of your personal data when transferred or when stored.
The Right of Individuals to Access Their Personal Data
It Is Important to Take Note of Your Rights
If you are a resident of the EEA or the UK, you have the following data protection rights:
- You can request access, correction, updates, or deletion of your personal data at any time.
- You can object to the processing of your personal data, ask us to restrict the processing of your personal data, or request portability of your personal data.
- If we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You can complain to a data protection authority (DPA) about our collection and use of your personal information. Contact details for data protection authorities in the EEA and the UK are available here.
To object to our processing of your personal data or to exercise any of your rights, you can simply submit a request to our Data Protection Officer at firstname.lastname@example.org.
Sharing Your Information with Third Parties
The personal data we collect might be disclosed to the following third parties:
- These are suppliers engaged by us that provide services on our behalf in support of providing products or services to you.
- Information about our sub-processors, including their functions and locations, is available here.
Subsidiaries, Affiliates, and/or Trusted Partners
- Your personal data may be shared as part of and in support of the operation of our business, such as contacting you based on your request to receive such communications.
- Your personal data may be shared with any competent law enforcement body, regulatory body, government agency, court, or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend our legal rights, or (c) to protect your vital interests or those of any other person.
- We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets.
International Transfer of Your Personal Data
We will not transfer your personal data to organizations, states, or countries that do not have adequate data protection measures in place. To facilitate our global operations, we transfer information to either Ireland or the United States and allow access to that information from countries in which the Cognician-affiliated entities have operations for the purposes described in this policy.
Certain recipients (sub-processors) (i.e., our suppliers who process your personal data on our behalf) may also transfer personal data outside the country in which you are a resident. Where such transfers occur, we will protect your personal data when it is transferred outside of the EEA, the UK, or Switzerland by processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data, or otherwise ensuring appropriate safeguards are in place to protect your personal data.
Legal Mechanism for Transfers
For transfers of your personal data to recipients (sub-processors) who are located outside of the EEA, the UK, or Switzerland, we will rely on EU-US Privacy Shield, Swiss-EU Privacy Shield, or European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer.
Requirements for Sub-Processor Engagement
When engaging any sub-processor, we will:
- Ensure via a written contract that the sub-processor only accesses and uses your personal data to the extent required to perform the obligations subcontracted to it, and does so in accordance with the Agreement and any Model Contract Clauses entered into or Alternative Transfer Solution adopted by us;
- Ensure that the data protection obligations described in Article 28(3) of the GDPR are imposed on the sub-processor if the GDPR applies to the processing of your personal data; and
- Remain fully liable for all obligations subcontracted to, and all acts and omissions of, the sub-processor.
EU-US Privacy Shield
In compliance with the Privacy Shield Principles, Cognician commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact our Data Protection Officer at email@example.com.
Cognician has further committed to cooperate with the panel established by the EU data protection authorities with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Retention of Your Personal Data
In general, we retain your personal information as needed to fulfill the purposes for which it was collected, i.e., we will process and store your personal data as necessary in order to fulfill our business requirements and contractual or legal obligations.
Cookies and Similar Technologies
Cookies are small text files that are stored in the web browser on your device by websites you visit. They enable a website to ‘remember’ information about your activity as a user and also serve a number of purposes, like storing your preferences and simplifying navigation and login functionality.
A Note on Web Analytics
We implement Google Analytics features that use Display Advertising information for Google Analytics Demographics and Interest Reporting. We collect information about how you interact with our platform and services on our website. You can opt out of Google Analytics for Display Advertising to prevent your data from being used by Google Analytics by going to the Google Analytics opt-out page.
Google reCAPTCHA v3