Information that we collect
Customer Record – Registered SDLE users provide us with their name, email, job role within the organization, and region. Depending on the implementation, users may also identify an additional assessing party for a 180 assessment (their manager or someone they identify to assess them).
User Inquiry Information – When Users contact us, for inquiries or support, we may ask for information that allows us to contact them, validate the seriousness of their inquiry and request specific information related to the reason they have contacted us. User Inquiry Information may be associated with other information, such as Cookies.
Survey Information – Users may be offered the opportunity to respond to surveys, questionnaires and other requests for information. The types of data that Users provide to us are set out in the survey request.
Statistical Information – All of our servers collect statistical information such as Users' IP addresses, dates Users visit, computers Users are using, and operating system, among other data.
Cookies – The SDLE uses session cookies. Session cookies exist in temporary memory while the user is reading and navigating the website. They enable the SDLE to keep track of your movement from page to page so you don't get asked for the same information you've already provided, and so you don’t have to re-authenticate over and over again. Web browsers normally delete session cookies when the user closes the browser. Cookies may be used in the future to track the length of time and which pages Users view. The equipment we use to provide Services to Users may also place cookies on their computers.
How we use information that we collect
Customer Record – We use the Customer Record to identify Users personally. It is used throughout our business to provide services to Users. Information in your Customer Record will only be shared with third parties only if it is necessary to provide Third Party products to you. At this time, no Third Party products require such data.
User Inquiry Information - We use User Inquiry Information to identify Users personally. It is used throughout our business to provide services to Users. User Inquiry Information is shared with third parties in the following circumstances: to identify and fix problems with services we provide when we are not capable of doing so ourselves.
Survey Information – We use Survey Information to identify Users personally. We use it throughout our business to market new products and services to Users. Survey Information is not shared with third parties in ways that identify Users personally. To the extent we share Survey Information with third parties, it is done in aggregate.
Statistical Information – We do not use Statistical Information to identify Users personally. We use Statistical Information to operate our hardware and software, diagnose problems and administer our website. We may use aggregate Statistical Information to modify the application for better usability or enhancements.
Data retention and security
Your Rights Relating To Your Personal Data
You have the right under this Privacy and Cookies Policy, and by law if you are within the European Union (EU), to:
Request access to your Personal Data. If you are within the EU, this enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. In the SDLE, you have full control over correcting this data yourself.
Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right if you are within the EU to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
Object to processing of your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing of your Personal Data on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes. There is no direct marketing purposes for data in the SDLE.
Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your Personal Data. If you are within the EU, we will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent. This right only exists where we are relying on consent to process your Personal Data ("Consent Withdrawal"). If you withdraw your consent, we may not be able to provide you with access to the certain specific functionalities of our Site. We will advise you if this is the case at the time you withdraw your consent.
How to exercise your rights
If you want to exercise any of the rights described above, please e-mail us at: firstname.lastname@example.org.
Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We will reply to your complaint as soon as we can. If you feel that your complaint has not been adequately resolved, please note that if you are in the EU the GDPR gives you the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner's Office. You may also contact the Privacy Shield Framework at https://www.privacyshield.gov.
How long we store your Personal Data
We will retain your information for as long as your account is active or it is reasonably needed for the purposes set out in How We Use Information That We Collect unless you request that we remove your Personal Data as described in Your Rights Relating to Your Personal Data. We will only retain your Personal Data for so long as we reasonably need to use it for these purposes unless a longer retention period is required by law (for example for regulatory purposes). This may include keeping your Personal Data after you have deactivated your account for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.
Safe Harbor/Privacy Shield Framework
SkillDirector complies with both the original U.S.-EU Safe Harbor Framework and the Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, United Kingdom, and Switzerland to the United States. SkillDirector has certified that it adheres to the principles of notice, choice, onward transfer, security, data integrity and purpose limitation, access, and recourse/enforcement/liability.
This policy is effective as of Jan 1, 2014.