LAST UPDATED FEBRUARY 24TH 2020
This document covers the personal data we handle in our role as data controller (we own the data because we instigated the collection) as well as in our role as data processor (we process personal data on behalf of others), but also how we ensure that data subjects and other data processors are interacted with in accordance with the General Data Protection Regulation and professional standards.
The term “Personal Data” is in the following defined as data which identifies, or may identify, an individual.
The security measures described in the following under “Humanostics as Data Controller” are valid and applicable also in the section “Humanostics as Data Processor”. The technical routines and standards described in the section “Humanostics as Data Processor” are applicable in our capacity as a data processor when processing PI assessment data on behalf of our clients via the online assessment systems provided by The Predictive Index, LLC.
HUMANOSTICS' ROLE AS A DATA SUB-PROCESSOR
Humanostics has a written agreement with the Data Processor, The Predictive Index, governing the processing of data.
The role as a sub-processor means that Humanostics will process data only to the extent requested by the Data Controller. Under no circumstances will we process data for any other purpose than those described in the Data Processing Agreement between The Predictive Index and the Data Controller/Owner. If the Data Controller grants access to Humanostics, Humanostics will gain access to the data exported by the Data Controller. The processing of personal data, which can be processed by Humanostics, will occur only through the system(s) in which the personal data is already stored, and will not add any additional sub-processors, reduce security measures, or in any way increase exposure of the personal data, than already stated in the Data Processing Agreement.
HUMANOSTICS' ROLE AS A DATA CONTROLLER
Humanostics is the Data Controller/Owner only in situations where Humanostics sends out assessments on behalf of itself, and when collecting and keeping the personal data of employees, prospects, and clients.
The personal data for non-employees and non-clients of Humanostics is kept for a period of 12 months, after which it is anonymised, unless an active discussion is still in progress, for which Humanostics assesses it helpful for both parties to keep this data. Humanostics will at all times comply with a request to have personal data anonymised, regardless of the reason of the person making this request.
The personal data related to the assessments is stored in the system(s) of The Predictive Index, acting as a Data Processor. The data is not used for any other purpose than agreed with the data subject. This may include, but is not limited to, job interviews, preparatory work related to a workshop and demonstration of the assessments to prospects.
The personal data of employees, prospects, and clients is accessible only to relevant people. Relevant people are in this context defined as individuals who need access to the data in order to enable Humanostics to perform their duties in the respective relationship. These may include an individual responsible for paying salaries to employees, an individual responsible for renewing contracts, an individual preparing a sales presentation for prospects etc. We are always ready to provide 1) information on which personal data is kept for any individual, and 2) a list of individuals who have access to this data as well as the reason these individuals are considered relevant for this purpose when requested, provided that such requests are made by an individual authorised to receive this information. The personal data for clients and employees is kept for as long as the contractual relationship exists, and anonymised immediately after the relationship is terminated, unless Humanostics is legally required to maintain data by government authorities.
Any physical documents containing personal data is safely locked in and is kept at Humanostics’ office in order to ensure no irrelevant individuals have access to this. The digital information, if not stored in the system(s) of The Predictive Index and/or any sub-processor, is secured by a password in addition to being on machines physically locked away. The digital information is backed up every week, and the external hard disc is disconnected as soon as the back-up process is completed.
In cases where the personal data of either employees or clients are processed by a sub-processor, Humanostics uses only sub-processors who comply with the same level of security and confidentiality as Humanostics does. We are always ready to provide a full list of sub-processors when requested.
The personal data of our clients is used solely for the purpose for which it is provided. This includes, but is not limited to, workshop enrolment, signing of contracts, registration for newsletters etc. The Humanostics staff is instructed to handle all personal data confidentially, and not to discuss or display this to anyone. Only the relevant individuals, as described above, will have access to personal data and will not distribute the data under any circumstance.
A cookie is a small text file that the website stores on your computer. Cookies are not dangerous. They are, among other things, necessary for you to use the technical possibilities available on our website. A cookie does not identify you personally but the computer, smartphone or tablet you use. Our first-party cookies are stored for a maximum of 30 days on your computer, smartphone or tablet but can be deleted by you at any time.
Humanostics.com uses first- and third-party cookies, including both technical and statistical cookies. First-party cookies are the cookies stored on your computer, smartphone or tablet by humanostics.com. Among other things, humanostics.com uses technical and statistical cookies to remember your personal preferences and preferences and to collect statistics on the general use of the website that we can use to optimise the content and technical features. We use Google Analytics, which stores statistical cookies to collect visitor traffic data on humanostics.com for the purpose of analysing the use of the website. The data collected through Google Analytics is anonymous and cannot be used to identify you personally.