Last Updated: May 20, 2018
Employee Insights believes that privacy is a fundamental right and we are committed to handling personal data responsibly and in accordance with applicable laws. The General Data Protection Regulation (GDPR) is a crucial step forward in protecting that right and we are committed to adhering to its guidelines and are eager to work with our clients to ensure compliance.
Employee Insights is engaged in the development and administration of organizational surveys. In these surveys, respondents typically answer a series of questions that is linked to a personal identifier (typically email or employee number; we do not use social security numbers). This personal identifier is used to link a person's responses to additional personal data that is either provided by users within the survey itself or to personal demographic data that is provided to us by the clients we work with. The personal demographic data provided by our clients that is linked to a personal identifier may include, but is not limited to, information such as name, email, employee number, geography, tenure, job level, age, race, profession, department, etc. We also collect usage data (e.g., which pages are accessed, device used, browser type) at the individual user level.
We will retain your information for as long as necessary and agreed to with our clients to provide services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
The survey responses and personal data we collect are for the purpose of enabling and improving our services. The end products of this data are typically reports that summarize how employees respond to our surveys, providing insights to our clients about their workforce. These reports are intended to support workforce decisions, help understand group differences in our client organizations, and encourage actions that improve the workplace. For example, we may analyze the response data by any of the associated demographics we collect to help, for example, understand employee attitudes in different parts of the organization, why people are leaving the organization, and what people value about working at a particular organization. We do not sell your data to advertisers or other third parties. The data we collect and store are available to Employee Insights, its affiliates with whom we subcontract, and its clients. The usage information we collect helps us understand and improve our system performance.
Upon request, Employee Insights will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at email@example.com. If you desire your personal information removed, please note that it may have already been used in reporting and we will do our best to remove the personal information from future processing. Note that the response data provided in the surveys to survey items will be maintained so as not to change the report calculations, but personal demographics and identifiers would be removed so that future reporting would not include that information. Before we process any request, we may request personal information to verify your identity where allowed by law. Where permitted by local law, we may reject requests that are unreasonable or impractical. We will respond to your request within a reasonable timeframe.
Employee Insights collects information under the direction of Employee Insights Clients and has no direct relationship with the individuals whose personal data it processes. If you are either a Survey Respondent or an Administrator and would no longer like to be contacted by the applicable Employee Insights Client, please contact the Employee Insights Client directly. In addition, if you want to correct, amend, or delete inaccurate personal information you have provided in connection with a survey or in the data we are provided by our Clients, you should direct your query to your organization directly, rather than Employee Insights. If we are requested to remove data, we will respond within a reasonable timeframe.
Data security is implemented through physical, administrative, and technical safeguards we put in place and operational procedures we follow to protect personal data. We utilize Microsoft's Azure platform to host our services and rely on their enterprise protections to complement and enhance our safeguards. We protect our users' personal data transmitted over the Internet using Secure Sockets Layer (SSL) technology and stored in encrypted databases. We restrict access to our users' personal data in our Services or Sites to our authorized employees, our agents, and certain of our authorized partners. Employee Insights and its affiliates may transmit such personal data across international boundaries when it becomes necessary.
Please be aware that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. You should also be aware that Employee Insights clients may be able to track and review your Internet use and/or emails when you use certain client resources (e.g., from your office, or using a laptop or device furnished or provisioned by your organization). We cannot control these activities and are not responsible for any such activities by our clients. Additionally, we do not have any control over or responsibility for information a user shares through any websites outside of our sites or services; including any third-party websites accessed or linked through our sites. All such sharing of information and content is done at the user's own risk; and Employee Insights makes no representations or warranties that these security measures will prevent a security incident or breach.
We also use web beacons to help deliver cookies and gather usage and performance data. Our websites may include web beacons and cookies from third-party service providers.
You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons. Your browser and other choices may impact your experiences with our websites and systems.
The Services and Sites are not intended for use by children under the age of 13. We will not knowingly collect any personal data from users under the age of 13 online through our Sites and Services. If you think that we have collected personal data from a visitor under the age of 13, please contact us.
Individuals have the right to access their personal data or request limiting the use of their personal data by submitting a request to us.
In compliance with the Privacy Shield Principles, Employee Insights commits to resolve complaints about our collection or use of your personal information. Individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Employee Insights at firstname.lastname@example.org.
For any complaints related to the Privacy Shield frameworks that cannot be resolved with us directly, we have chosen to cooperate with the relevant data protection authority for resolving disputes as specified in our self-certification form. Please contact us to be directed to the relevant contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. We are also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).