When Insala acts as a Data Processor
As a leading global provider of talent development software and consulting, Insala’s mission is to connect organizations and people throughout their shared career journeys. Our mentoring, corporate alumni, career development, coaching and career transition solutions are designed to engage our clients’ employees around their career journey at clients’ organization, and strengthen the connection between our clients and their employees.
In providing our software and services, Insala does not own or control any of the information it processes on behalf of Insala’s clients and their employees. All this information is owned and controlled by Insala’s clients and/or their employees as applicable. We receive information within the EU or transferred from the EU to the United States as a data processor on behalf of our clients.
Any data we process will not be further disclosed to third parties except where permitted or required by the processing contract, Privacy Shield, EU General Data Protection Regulation (GDPR) or the applicable Member State Data Protection law. The processing contract will specify that the processing will be carried out with appropriate data security measures. Insala has established and maintains security measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
Insala may be required to disclose personal information in response to lawful requests by public authorities, including requests to meet national security or law enforcement requirements. Prior to the transfer of personal information from the EU to the United States, Insala requires contractual acknowledgement from the relevant EU controller that the personal data has been provided to Insala in compliance with the applicable EU Member State Data Protection law, thereby ensuring the data subjects have been provided with proper notice regarding how their personal data will be used.
When personal data is collected directly from data subjects in the EU, Insala provides the data subject with notice concerning how the personal data will be used and transferred to third parties.
This Policy tells you, among other things, what information we gather from you through our Site, how we may use or disclose that information, and our on-going commitment to protect it. Please read this Policy carefully and feel free to contact us at firstname.lastname@example.org if you have any questions regarding its contents. If you have any complaints, the dispute resolution process is described below.
Before or with your use of our Site, we may collect a variety of information from and about you in different ways. When we create your account, we store certain personal information such as your name and e-mail address. As part of our services, you may create or submit your resume to be stored on-line with us. Or alternatively our clients may enter the information about you. This is because part of our site functions as an application that provides a service to our clients. Clients may enter personal information of candidates, clients and employees (users) into our system. In some cases, those users may enter the information themselves. However, under no circumstance do we use the personal information submitted beyond the scope of providing our service. It is our commitment to preserve the confidentiality of this information as our client's assets, particularly on those sites where we have branded the site with their name and logo but, at the same time, care for the privacy of the users of our site. Read on for more information. You may also choose to store personal contact information of others and personal documents.
We use the personal information you provide to register you as a user of the Site, to administer Site usage to monitor traffic-levels, and to contact you regarding improvements we can make to our Site and our services, if necessary. We may use your e-mail address to contact you directly regarding services, products, or information that we believe may be of interest to you. We will not use your information for any purpose that you have not authorized.
From time to time, as stated above, we may also disclose personal information in response to lawful requests by public authorities including to meet national security or law enforcement requirements or if we believe, in good faith, that such disclosure is legally required or necessary to protect others' rights or to prevent harm.
If Insala is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
You may choose to restrict our use of your information. If you are a user of our websites or services, you may restrict distribution of your employment information by indicating such restrictions in your account when asked. On our websites, you have the option to remove your name and personal information from any information that will or may be disclosed to a third party (opt out).
We do not typically collect sensitive categories of information, such as your medical or health conditions, ethnic or racial origin, political or religious beliefs, trade union membership or information concerning your health or sexual orientation, and if any of this type of information is collected within our Sites, we will not disclose such information to any third party without your affirmative authorization (opt in) on the Site.
We will not use your information for any purpose other than for those purposes you have authorized and we will not use your information for a purpose that is incompatible with the purpose for which it was originally authorized by you. We will treat as sensitive any information that we receive from a third party where the third party treats and identifies it as sensitive.
When you opt in to receive our communications you may later opt out in two ways.
1. You may opt out of receiving the communications by canceling your subscription. To cancel a subscription, send an email to email@example.com along with your username and, within the email subject or body, enter the words "Cancel Subscription."
2. You may also opt out of communications by clicking on the opt-out feature found at the bottom of any communication. When you click on this opt-out feature, follow the instructions provided as they change from time to time and you will no longer receive communication.
You will be notified when your personal information is to be collected by any third party that is not our agent/service provider, so you can make an informed choice as to whether to share your information with that party.
If your personal information changes, you may correct or update it by logging into your account and clicking on your full name at the top right hand side of the page.
Surveys and Contests
From time-to-time, our sites request information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose information. The requested information typically includes contact information (such as name and shipping address), and demographic information (such as postal codes or zip codes). Contact information will be used and/or shared with the contest or survey sponsors to notify the winners and award prizes. Anonymous Survey and Contest information will be used for purposes of monitoring or improving the use and satisfaction of this site. Users' personal information is not shared with third parties unless we give you prior notice and give you a choice to opt out. Though we may use an intermediary to conduct these surveys or contests, they may not use users' personal information for any secondary purposes.
Use of Log Files, Cookies, and Web Beacons
Like most standard website servers, we use log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user's movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personal information. IP addresses are tied to personal information to enable our Web-based service. We use software that reads log files to analyze user movement.
Cookies and Other Tracking Technologies
Technologies such as: cookies, beacons, tags and scripts are used by Insala and our partners, affiliates, or analytics or service providers including server health and usage (NewRelic, Google Analytics) and customer support (Zendesk). These technologies are used in analyzing trends, administering the site, tracking users' movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use Local Storage Objects (LSOs) such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
Networking Forum and Member's Chat
Within the networking forums, groups or chat feature of the Site or our products, information such as name, screen name, email address, and country are used in public way and can be viewed by other users of the system. The purpose of these two elements is for communication between other members only and unprofessional, bullying or obscene communication is not allowed. Should you experience any type of communication that is offensive to you please report that to us immediately at firstname.lastname@example.org.
Onward Transfer (Transfers to Third Parties)
We will apply the Notice and Choice policies discussed above in the event we propose to disclose your information to a third party. If we propose to disclose your information to a third party that is acting as our agent or on our behalf, we will ensure that the third party has agreed to abide by the EU-U.S. Privacy Shield described below, or can otherwise assure adequate protection of your information. We may seek to assure adequate protection, for example, by executing written agreements with third parties requiring such parties to provide at least the same level of privacy protection as is required by the Privacy Shield. These third-party service providers are authorized to use your information only as necessary to provide these services to us
You can access your information by logging into your account on the Site. Once there, you can modify, correct, amend or delete your information by clicking on your full name at the top right hand corner of the page. Ordinarily, we will not restrict access to your information except in rare cases where we reasonably believe that the rights of persons other than yourself would be violated.
Insala has an information security and data protection policy in place to protect information from loss, misuse, unauthorized access, alteration and destruction. Insala's security officer is responsible for conducting investigations into any alleged computer or network breaches or incidents. Any security or potential security problems should be reported to us immediately at email@example.com We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. Despite our security commitment, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. Your account containing your information is password protected. Only those who log on with your password can access your account. Please remember that you play a valuable part in security as well. Your password to access your account should never be shared with anyone and should be changed at regular intervals. You are also advised to use a different password for this system than you use for other systems such as your financial institution. Standard security procedures recommend that you never use a single password more than once and never use the same password for multiple system logins. After you have finished using the Site, you should log off and exit your browser so no unauthorized persons can use our Site with your name and account information. Furthermore, if you provide any information to parties who operate websites that are linked to or from our Site, different rules may apply to their collection, use, or disclosure of your personal information. We encourage you to review the privacy policies of such other sites before revealing any sensitive or personal information. Regardless of the precautions taken by you or by us, "perfect security" does not exist on the Internet. We cannot ensure or warrant the ultimate security of any information you transmit.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your subscription or accounts with us or request that we no longer use your information to provide you services or communicate with you, please contact us at firstname.lastname@example.org. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If, however, we are going to use users' personal information in a manner different from that stated at the time of collection, we will notify users via email or by posting a notice on our website for 30 days prior to the change becoming effective.
We post client testimonials on our website which may contain personal information such as the client’s name. We do obtain the client’s written consent prior to posting the testimonial to post their name along with their testimonial. If you wish to update or delete your testimonial, you can contact us at email@example.com.
Links to Other Sites
This website contains links to other sites that are not owned or controlled by Insala. Please be aware that we, Insala, are not responsible for the privacy practices of such other sites.
You can log in to our site using sign-in services such as Linked in or an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form. Services like Connect via LinkedIn give you the option to post information about your activities on this website to your profile page to share with others within your network.
Social Media Widgets
EU-U.S. Privacy Shield Compliance.
As stated above, Insala, LLC participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework issued by the U.S. Department of Commerce. Insala is committed to protecting personal data received from the European Union (EU) member countries, in reliance on the Privacy Shield.
Insala is responsible for the processing of personal data it receives, under the Privacy Shield, and subsequently transfers to a third party acting as an agent on its behalf. Insala complies with the Privacy Shield for all onward transfers of personal data from the EU, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield, Insala is subject to U.S. Federal Trade Commission regulations and enforcement. We may remain liable for the acts of third parties who perform services on our behalf for their handling of personal data that we transfer to them.
Please contact us at firstname.lastname@example.org if you have any questions about our policy and/or a privacy or data use concern.
If you are in the U.S. and have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S. based third party dispute resolution provider JAMS using their Demand for Arbitration Form. If you are in the EU, please contact the UK Information Commissioner’s Office (ICO). For more information on the GDPR, the Data Protection Act 1998 or to view our entry on the ICO’s public register of Data Controllers, please visit http://www.ico.org.uk/. You may invoke binding arbitration when other dispute resolution procedures have been exhausted.
© Insala Copyright 2017.
Updated Policy: July 12, 2017.