Effective Date: October 5, 2021
Our Policy Towards Children, Children under 18 are not permitted to use the Website or our Platform without the consent of a parent or guardian.
To facilitate the use of our Platform, we use session data to enhance navigation, to avoid requesting identity information when the visitor moves from page to page, and in general to enhance the quality of our Platform. We may use aggregated session data to better understand how our Platform is navigated, as well as the types of browsers and computer operating systems that our visitors use, and the IP addresses of the visitors.
In connection with Assessments, we use the responses to an Assessment to score the Assessment and to generate Reports and other data related to the Respondent. We may combine data from multiple Respondents; combine Respondent data with our general research data; or compare or associate Respondent data with other Respondent data.
For security purposes, we may use IP addresses and session data to ensure a secure connection, to diagnose problems with our servers, and to administer our Websites and Platforms.
For marketing purposes, we may use email or other contact information to send marketing communications and will always provide an unsubscribe option.
Customers: If you take an Assessment sponsored by a Customer, that Customer (Account Owners, Administrators, Facilitators and Members) may have access to your Assessment Results, based on account settings, in order to provide you with relevant products and services. Account Owners, Administrators, and Facilitators (including Partners) will also have access to individual and team Reports based on your results.
Mergers & Acquisition; Bankruptcy, we may disclose, share or transfer some or all of our Customers’ information to or with the appropriate entity in preparation of the transaction, as part of the due diligence, or after the transaction has been finalized, so that the successor entity can continue providing our services to our Customers.
Law Enforcement; Litigation, certain federal, state, local, or other government regulations may require that we disclose information that we hold. We will use reasonable efforts to disclose only the information required under applicable law in response to a valid court order, warrant, or subpoena.
To defend or enforce our rights, PSP may use information to protect itself, to prevent fraudulent activity, or where it is otherwise necessary to pursue available remedies. If a Customer neglects to pay amounts due and owed to PSP, PSP may send that Customer’s name, contact information, and account information to a third-party service provider for collection of overdue payments.
Most websites, including ours, use a browser feature to set a small file called a “cookie” on your computer’s browser. The website placing the cookie can then recognize that browser when you revisit the site to allow automatic login and track how you are using the site. You have the right to block cookies by configuring your browser’s preferences or settings to stop accepting cookies, or prompt you before accepting a cookie from a website that you visit.
We retain your Personal Information for as long as your account remains active or for as long as you continue to do business with us. Thereafter, we may retain Assessment responses and other data for as long as the information is needed for our research, statistical analysis, product development, or other commercial purposes.
We follow generally accepted industry standards to protect Personal Information, both during transmission and once we receive it. We use administrative, physical, and technical measures to protect Personal Information from any unauthorized access, loss, misuse, disclosure, alteration, or destruction.
All data collected through our Platforms are transmitted securely over the internet using 256-bit TLS encryption protocols or better.
The GDPR is a set of regulations coming into effect on May 25, 2018 that enhances the date privacy rights of EU individuals. PSP is committed to upholding GDPR compliance among our Products and Services.
We updated our internal policies and external contracts to ensure compliance with the GDPR. PSP processes personal data on the following legal bases: (1) with your consent; (2) as necessary to provide our Products and Services; and (3) as necessary for our legitimate interests in providing the Products and Services where those interests do not override your fundamental rights and freedom related to data privacy. PSP has put in place safeguards to protect personal privacy and individual choice, including disclosures of its data processing activities and the use of consent mechanisms.
PSP also routinely enters into contracts with organizations where compliance with GDPR is also specified within the contract.
The European Commission can decide that standard contractual clauses offer sufficient safeguards on data protection for the data to be transferred internationally. It has so far issued two sets of standard contractual clauses for data transfers from data controllers in the EU to data controllers established outside the EU or European Economic Area (EEA). It has also issued one set of contractual clauses for data transfers from controllers in the EU to processors established outside the EU or EEA. More information about these EC standard clauses is available here.
If Customer has a standard contract with GDPR language, we can execute that standard contract. If not, we can offer specific contract clauses as approved by the European Commission.
Right to lodge a complaint, Customer or others that interact with PSP that reside in the EEA or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. The contact details for data protection authorities are available here.
Transfers, Personal Information we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or subcontractors maintain facilities. Upon the start of enforcement of the General Data Protection Regulation (GDPR), we will ensure that transfers of Personal Information to a third country or an international organization are subject to appropriate safeguards as described in Article 46 of the GDPR.
Individual Rights, if you are a resident of the EEA or Switzerland, you are entitled to the following rights. Please note, that in order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you.
The right to access and correction, you have the right to request access to, and a copy of, your personal data at no charge, as well as certain information about our processing activities with respect to your data. You have the right to request correction or completion of your personal data if it is inaccurate or incomplete. You have the right to restrict our processing if you contest the accuracy of the data we hold about you, for as long as it takes to verify its accuracy.
The right to request data erasure, you have the right to have your data erased from our Platform if the data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or you believe your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
The right to object to our processing, you have the right to object to profiling or other processing if your legitimate interests outweigh the legitimate interests of PSP and so long as it does not interfere with a task carried out for reasons of public interest.
Data breach notification policy, PSP will follow all applicable rules and regulations of the GDPR, along with guidance and instruction from the applicable data protection authorities, in handling, responding, and resolving a data breach.
Data governance obligations, PSP has established procedures for periodically verifying implementation of and compliance with the GDPR Principles. PSP conducts ongoing assessments of our data protection practices to verify the attestations and assertions of our privacy practices have been implemented properly.
Privacy by Design, PSP has implemented various technical and organizational measures to protect and minimize the amount and use of personal data we receive. We have designed our systems and processes to ensure the necessary safeguards of data protection are met.
Details of staff training and competence, PSP has trained all necessary staff on the privacy regulations in effect and have appointed a global Data Protection Officer to administer the data governance framework globally.
PSP is subject to the investigatory and enforcement powers of the Federal Trade Commission. If PSP shares EU or Swiss data with a third-party service provider that processes the data solely on PSP’s behalf, then PSP will be liable for that third party’s processing of EU and Swiss data in violation of the Privacy Shield, unless PSP can prove that it is not responsible for the event giving rise to the damage.
If you would like to request access to, correction, amendment, or deletion of your personal data, you can submit a request to firstname.lastname@example.org. We may request specific information from you to confirm your identity.
PSP, Inc. provides choices and means for individuals to limit the use and disclosure of their personal data. Individuals are provided with information regarding the purpose for which personal data is being collected, how it will be used, and the third parties, if any, that would receive personal data. PSP, Inc. also provides a mechanism for registered account holders to delete their account and all associated personal data upon request.
PSP, Inc. will only process personal data in a manner compatible with the purpose that it was collected for. PSP, Inc. maintains reasonable procedures to ensure that EU and Swiss personal data is reliable for its intended use, accurate, complete, and current.
Under certain circumstances, we may be required to disclose your EU or Swiss personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
For any questions or complaints regarding our compliance with the Privacy Shield Framework, please contact us at: email@example.com. If PSP, Inc. does not resolve your complaint, you may submit your complaint free of charge to https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim PSP, Inc’s designated independent dispute resolution provider. Under certain conditions specified by the principles of the EU-U.S. and Swiss-U.S. Privacy Shield Framework, you may also be able to invoke binding arbitration to resolve your complaint.
Use of the platform shall be in all cases subject to the Core Strengths General Terms of Service which are incorporated herein by this reference, with the same force and effect as if they were given in full text.
Personal Strengths Publishing, Inc. (PSP)
7668 El Camino Real Ste 104716
Carlsbad, CA 92009
United States of America
Global Data Protection Officer
Tim Scudder, PhD
Personal Strengths Publishing, Inc.
7668 El Camino Real Ste 104716
Carlsbad, CA 92009
United States of America
GDPR EEA Representative
Tim Scudder, PhD
Personal Strengths (UK) Ltd.
c/o Morrison & Foerster LLP, 1 Ropemaker St,
London EC2Y 9AW