FACET5 – PRIVACY PROTECTION POLICY
Facet5 are committed to safeguarding the privacy of our clients, website visitors and service users; in this policy we explain how we will handle your personal data.
We incorporate privacy controls which affect how we will process your personal data. By using the privacy controls on our website (preferences), you can specify whether you would like to receive direct marketing communications and limit the publication of your information.
Throughout this document we refer to Data Protection Legislation this means the Data Protection Act 2018 (DPA2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or comprises the data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.
We are registered with the Information Commissioner’s Office (the ICO) with registration number ZA065026
You can contact us either by phone, email, or post.
Mill Yard Offices
St Neots Road
Our Data Protection contact is:
The Business Operations Manager
Our EU Representative is:
An EU Representative is the person designated, where applicable, to represent companies that are not based in the EU regarding their obligations under the GDPR. Facet5’s EU represented is:
The DPO Centre (Europe) Ltd.
Ballsbridge Business Park,
Dublin DO4 C7H2, Ireland
Phone: +353 1 631 9460
The hosting facilities for our websites are situated in the Republic of Ireland (EU).
2 ABOUT FACET5
Facet5 is a measure of personality powered by a passion for development. We support individuals,
teams, leaders and businesses to realise their full potential.
Used by organisations and consultancies worldwide, we provide a model and a language to explain
how people differ in their behaviour, motivation, attitudes, preferred ways of working – and most
importantly; what they can achieve.
3 INFORMATION WE COLLECT AND HOW WE USE IT
We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. We receive, store, and process certain types of personal information about you from your use of the Service and automatic data collection.
4 WHAT CATEGORIES AND TYPES OF INFORMATION DO WE COLLECT
We collect, transmit and store various categories of your personal information in connection with the Service. The type of personal information that we will collect on you, and you voluntarily provide to us, form or service may include some or all of the following:
|AccessID||Unique identifier||Facet5 System|
|First name||Identification||Facet5 User|
|Family name||Identification||Facet5 User|
|Preferred Display name||Identification||Facet5 User|
|Date of invitation||To enable follow-up||System|
|Date of completion||To confirm completion||System|
|User defined 1 and 2||To identify or classify records||Users|
|Item responses 1 – 106||Questionnaire responses||Respondents|
|Item latencies 1 – 106||Question response latencies||Respondents|
|Raw scores||Computed after completion||System|
|Derived scores||Sten scores Derived from raw||System|
|Location||Norm Groups||Facet5 User|
|Age Range||Norm Groups||Facet5 User|
|Gender||Norm Groups||Facet5 User|
Facet5 has not collected and does not plan to collect characteristics of protected classifications under applicable laws, biometric information, education information; and sensitive personal information other than account logins and encrypted passwords. Although neither required nor recommended, it is your choice to provide any of the foregoing information in connection with the Service and to make that information public.
We may, in further dealings with you, extend this personal information to include your address, purchases, services used, records of conversations, any agreements and payment transactions.
You are under no statutory or contractual requirement or obligation to provide us with your personal information; however, we require at least the information above in order for us to deal with you as a prospective client, client or user of Facet5 services, in an efficient and effective manner.
The legal basis for processing your data is based on your legitimate interest that we will have requested at the point the information was initially provided; therefore, we will not store, process or transfer your data unless we have an appropriate lawful reason to do so.
5 WHAT CATEGORIES AND TYPES OF INFORMATION WE COLLECT
We receive your personal information from any one or more of the following sources:
- Directly from you. When you visit the website, log-in on the portal as a registered user, or provide your information in a form on the Site, direct to the team, we will collect and store that information.
- From Social Media Networks. When you use a social network login to access the website, you will share certain personal information from your social media account with us. For example, if you connect to the Site through your LinkedIn account, we will receive and store your LinkedIn profile information and LinkedIn connections.
We may, in further dealings with you, extend this personal information to include your address, purchases, services used, and subscriptions, records of conversations and agreements and payment transactions.
- You are under no statutory or contractual requirement or obligation to provide us with your personal information; however we require at least the information above in order for us to deal with you as a prospective client, client or user of Facet5 services, in an efficient and effective manner.
- The legal basis for processing your data is based on your legitimate interest that we will have requested at the point the information was initially provided, therefore we will not store, process or transfer your data unless we have an appropriate lawful reason to do so.
6 WHY WE USE PERSONAL INFORMATION
We may use personal information as permitted by law, for the following business purposes:
- To provide the Service and various functions of the Service. When you are Accredited, we create an account on the portal/myFacet5 for you, we store and use the information you provide during the Accreditation process. This may include your first and last name, email address, the company you work for, and any other information you may provide during the account creation process. We also store and use any preferences you provide to personalise your user experience.
- To engage in analysis related to the Facet5 Norms. We store and use Raw Data information from the questionnaires to enable the group norms to be used in the services that we offer.
- To send you emails about Facet5’s products and services. We use your email address to send informational and marketing emails to you about new products and services, or updates to existing products or services. We may also contact you regarding feedback you provide us, or to learn more about your experience using Facet5. Where appropriate, Facet5 will only do this with your consent. We may review statistical analysis and to get feedback from you about our products, websites, and other services and activities. For example, occasionally we may invite you to review a product or service you’ve bought or used from us. If we do, it’s possible that we’ll use independent research and feedback providers to act on our behalf;
- To comply with legal obligations. We use and share your personal information as necessary to respond to court orders, or other legal process; we also may use and share your personal information to establish or exercise our legal rights, to defend against legal claims, or as otherwise required by law. We may use and share your personal information when we believe it is necessary to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of Facet5, our licences, and others.
- In connection with a business transaction. We may use and share your personal information in connection with a business transaction, such as a merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
- To enhance the security of the Service. We store and use information to ensure the security of the Service. For example, we use the information collected by certain cookies to determine if you are logged in and to detect unauthorised access to your account.
Please note that Facet5 does not collect sensitive information.
7 HOW WE KEEP YOU UPDATED ON OUR PRODUCTS AND SERVICES
We may share your personal data with other organisations in the following circumstances:
We will send you relevant offers and news about our products and services in a number of ways including by email, but only if you have previously consented to receive these marketing communications. When you register with Facet5 we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.
8 YOUR DATA PRIVACY RIGHTS
Depending on where you are located and/or live, you may exercise certain data privacy rights, and Facet5 will facilitate the exercise of those rights.
9 EUROPEAN PRIVACY RIGHTS
If you are a resident or are otherwise located in the European Union (“EU”) or the United Kingdom (“UK”), this section provides additional details about the personal data we collect about you, and your rights granted by the EU and UK General Data Protection Regulations, as applicable (“GDPR”).
Subject to certain limitations, the GDPR provides you the following privacy rights:
- Right of access, objection, restriction of processing, correction, erasure, and portability. You can make a request to access, object, restrict, correct, erase, or transfer any of your personal information. You also have the right to withdraw your consent when we process your personal information based on your consent.
- Right to opt-out from direct marketing. You have the right to opt-out from receiving marketing materials from us by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your preferences under your profile details on the website. Please note that we reserve the right to send you other communications, including transactional emails, service announcements and administrative messages relating to your Facet5 account, without offering you the opportunity to opt out of receiving them.
- Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal information infringes your GDPR privacy rights, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement. Contact details for the EU data protection authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. For users located in the UK, you can contact the Information Commissioner’s Office (ICO). Contact details for the ICO can be found at https://ico.org.uk/global/contact-us/.
If you would like to submit a request to Facet5 to exercise your EU or UK privacy rights under the GDPR, you may do so by submitting a request via support @facet5global.com
10 LEGAL BASIS FOR PROCESSING
(EEA, Switzerland and United Kingdom only)
Our legal basis for collecting and using your personal information will depend on the type of information and the context in which we collect it.
However, we will normally collect personal information from you only in the following circumstances:
- We have your express consent to do so;
- We need the personal data to perform a contract with you; or
- Processing is in our legitimate interests and is not overridden by your data protection interests or fundamental rights and freedoms.
If we ask you to provide personal information to comply with a legal requirement or to set up your portal to Facet5 with you, we will identify such basis for processing at the relevant time and let you know if the provision of your personal information is mandatory or not (as well as the possible consequences associated with not providing such information).
11 INTERNATIONAL TRANSFERS
Our servers are located in the Republic of Ireland Carlow is the main server with a backup server in Dublin.
Your personal information will be processed in the Republic of Ireland and may be outside your jurisdiction, including in countries and jurisdictions that are not subject to an adequacy decision by the European Commission or your local legislature or regulator. We ensure that your personal information is encrypted in transit and offers an adequate level of protection and security, and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or other applicable regulators or legislators. Where required by applicable law, we will only share, transfer or store your personal information outside of your jurisdiction with your prior consent.
12 DATA RETENTION
We retain a record your personal information in order to provide you with a high quality and consistent service. We will always retain your personal information in accordance with the Data Protection Legislation. Unless otherwise required by law, your data will be stored indefinitely to ensure your Facet5 Profile information is available to you at all times, unless your right to erasure is executed, at which point it will be deleted.
Note once data has been removed you will no longer be able to access your Facet5 information.
13 Third Party Websites and social media
Our website may include hyperlinks to, and details of, third party websites or social media links.
We have no control over, and are not responsible for, the privacy policies and practices of third parties.
14 GIVING YOUR REVIEWS AND SHARING YOUR THOUGHTS
When using our websites, you may be able to share information through social networks like Facebook and Twitter. For example, when you ‘like’, ‘share’ or review our Services. When doing this, your personal information may be visible to the providers of those social networks and/or their other users. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts, so you are comfortable with how your information is used and shared on them.
15 PERSONAL DATA OF CHILDREN
The Site is a general audience site and does not offer services directed to individuals under 18 years of age.
No one under the age of 18 may provide any information to or on the Site. We do not knowingly collect or share personal information from individuals under 18.
If you are under 18, do not use or provide any information on the Site or on or through any of its features, do not register with us, do not use any of the interactive or comment features of the Site, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. Should an individual whom we know to be under the age of 18 send personal information to us, we will delete or destroy such information as soon as reasonably possible. If you believe we might have this type of information, please contact us.
16 UPDATING INFORMATION
Please let us know if the personal information that we hold about you needs to be corrected or updated, particularly if you are Accredited and change employer as we will need to keep you updated with Accreditation News.
We have implemented appropriate administrative, technical, and physical security procedures to help protect your personal information.
For example, only authorised employees are permitted to access personal, and they only may do so for permitted business functions. Our security and privacy policies are periodically reviewed and enhanced as necessary. In addition, we use encryption when transmitting your personal information between your system and ours, and we employ firewalls and intrusion detection systems to help prevent unauthorised persons from gaining access to your non-public information.
Please bear in mind that submission of information over the Internet is never entirely secure. We cannot guarantee the security of information you submit via the website while it is in transit over the Internet, and any such submission is at your own risk.
18 WHAT HAPPENS IF OUR BUSINESS CHANGES HANDS
20 HOW TO CONTACT US
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:
Mill Yard Offices
St Neots Road
The DPO Centre (Europe) Ltd.
Ballsbridge Business Park,
Dublin DO4 C7H2, Ireland
Phone: +353 1 631 9460
This Policy was last updated on February 2023