PeopleFluent Privacy Notice
Learning Technologies Group Inc. through its division PeopleFluent (“PeopleFluent”), and its affiliates within the Learning Technologies Group are committed to protecting and respecting your privacy. The PeopleFluent companies (“PeopleFluent”, “we” or “us”) provide this privacy notice (“Privacy Notice”) to explain how we collect, use and disclose certain personal information online on www.PeopleFluent.com, www.affirmity.com, www.VectorVMS.com and shop.peoplefluent.com (collectively referred to as “Sites”), or otherwise from time to time as may be indicated by us to you. It also explains how we process certain customer data through our web-based application services.
Please read the following carefully to understand our views and practices regarding your personal information and how we will collect and use it.For information collected on the above Sites, the main data controller within the Learning Technologies Group (www.ltgplc.com), which PeopleFluent is a part of, and which may have access to any of your personal data processed by us as part of your use of our Sites, is Learning Technologies Group (UK) Limited doing business as Leo Learning (www.leolearning.com), with the following corporate details: 52 Old Steine, Brighton, Brighton BN1 1NH, United Kingdom, +44(0) 20 7832 3440.
If you have any questions or suggestions regarding our privacy practices or this Privacy Notice, please contact us at Data.Privacy@PeopleFluent.com, or at:
Learning Technologies Group Inc. through its division PeopleFluent
434 Fayetteville Street, 9th Floor
Attention: Security Team
Raleigh, North Carolina 27601
Information We Collect
We may collect certain personal information on our own behalf on the Sites as described in this Privacy Notice. Our business is to provide web-based application services, software and related support services to help our customers manage information about, and provide services to their employees, potential employees, contractors and others. In such cases we may process certain personal information as determined by our customers on behalf of our customers.
The types of personal information we may collect about you through our Sites include contact and identifying information (name, address, email address, phone and fax numbers, institution, title or job position), information about your interest in PeopleFluent products or services, information about your interest in newsletters, seminars, or other services that we provide (solely or jointly with others), and any other personal information that you may provide to us in an online form or through email. Where we collect personal information through online forms, we will notify you of which fields are mandatory for the particular service or information you are requesting and which fields are optional.
A visitor to our Sites who is not seeking employment and not expressing an interest in purchasing products or services from us, is not required to reveal any personal information such as name, address or telephone number, provided that the Cookie section below does in such case apply. A visitor to our Sites who is seeking direct employment with us will be required to include certain personal information, including CV or resume, date of birth, name and contact details. In processing such data we use our own PeopleFluent Recruitment Management System, which is managed and accessible by our human resources team and subject to stringent security measures.
Our customers may use our hosted application services to process data about their candidates, employees, contractors and agents, or to leverage learning management tools for internal business or compliance based training needs. Personal information that we may maintain on behalf of our customers may include, but is not limited to, names, contact information, CV or resume, data of birth, learning related data and national insurance numbers, social security numbers, compensation information, and race and ethnic origin. PeopleFluent does not control any of the information it processes on behalf of its customers. Such information is each time controlled by the relevant customer, and we receive such information merely as a processor on the customer’s behalf. We use such data only as authorized in our subscription agreements with such customers and in accordance with applicable law. Customers are responsible for maintaining the security of their own user logins. We may transfer personal information to companies that help us provide our service and that we believe offer a secure solution that improves our service delivery.
If you are a PeopleFluent system user of one of our customers and have questions regarding the processing of your personal information, please contact our relevant customer directly as they control the handling of your data.
We may post customer testimonials on our Sites which may contain personal information such as one of our customer’s employee’s name. We obtain the customer’s consent prior to posting the testimonial to post their name along with their testimonial. If you wish to remove your personal information that is being displayed on our Sites, please send your request to Data.Privacy@PeopleFluent.com.
Blog and Forums
Our Sites may offer publicly accessible blogs and community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at Data.Privacy@PeopleFluent.com. In some cases, we may not be able to remove your personal information from our blogs or community forums, in which case we will let you know if we are unable to do so and why.
Social Media Widgets
Our Sites may include Social Media Features, such as the Facebook Like button, and widgets, such as the Share This button or interactive mini-programs that run on our Sites. These features may collect your internet protocol (IP-) address, which page(s) you are visiting from our Sites, and may set a cookie to enable the relevant feature to function properly. Social Media Features and widgets are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are normally governed by the privacy notice of the company providing it, and it shall be your responsibility to familiarize yourself with such privacy policies.
If you wish to subscribe to our newsletter(s), we will use your name and email address to send such newsletter(s) to you. Out of respect for your privacy, we provide you an easy way to unsubscribe by providing a functional unsubscribe mechanism in each email communication we send to you.
We may offer products or services and event or class registration for you to purchase online via our Sites. To complete these online financial transactions, our Sites may request personal information including contact information and credit card billing information. Disclosure of this information is completely voluntary.
Disclosure of this information is completely voluntary and you have a choice whether or not to disclose this information. Where you wish to purchase products, services and/or event or class registrations through our Sites, your payment details will be required however, and be used by us to process the purchase transaction. We are required to retain a copy of the transaction details for up to 7 years. However this does not include card data. We do not process payments and never have any access to your card data. Any payments are processed by us using a third party shopping cart and a third party payment gateway. As such, that shopping cart provider will have access to your transaction information (including receipts and other evidence of the transaction) and shall keep its own copy of such information, receipts and evidence, per its own privacy policies. The third party payment gateway will have access to your card data and transaction data (including receipts and other evidence of the transaction) and shall keep its own copy of such information, receipts and evidence.
Surveys & Contests
From time-to-time our Sites may request personal information from you in connection with surveys or contests. Participation in these surveys or contests is completely voluntary and you have a choice whether or not to disclose this information. Personal information requested may include contact information (such as name and shipping address) and demographic information (such as zip code). Contact information will normally only be used to notify the winners and award prizes, and may also be used to provide you with additional marketing information about our products or services, or those of our selected business partners. Where you wish to opt out from receiving these, please follow the procedure included under “My Rights” below.
Cookies and Tracking Technologies
Where we store your personal data and how long for
Our Sites are hosted on servers located in the United Kingdom, and our applications are being hosted in the United Kingdom, the United States and Canada. Support for our Sites is being provided by Leo Learning and PeopleFluent staff based in the United Kingdom, the United States and Hong Kong. Support for our applications is being provided by PeopleFluent affiliates in the United Kingdom, the United States, Hong Kong and the Philippines. Any personal information that we collect from you through the Sites for our marketing purposes is input directly into our Salesforce database, which is hosted and supported in the EEA, and our Pardot and Marketo databases, which are hosted and supported in the US. For data subjects based in the European Economic Area (EEA), this means that the data that we collect from you may be transferred to, and stored outside the EEA. It may also be accessed by staff operating outside the EEA who work for us. We have put in place lawful transfer mechanisms allowing for transfers of personal data outside the EEA, in accordance with applicable EU data protection legislation.
We may keep records of any personal information obtained from you on or through our Sites, or otherwise, for as long as we believe is reasonably required, or such longer period as may be required for legal, audit and compliance purposes. This does not affect your right to opt out from receiving marketing communications, as outlined above and in the section “Your Rights” below. We also keep records of any personal information processed by us through our application services in accordance with our relevant agreement in place with our customers.
To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of personal information, we have adopted appropriate physical, electronic and managerial procedures to safeguard and secure the personal information we process. We follow generally accepted industry standards to protect the personal information collected by and/or submitted to us, both during transmission and once we receive it. Information maintained by us is protected by computer security mechanisms that may include firewalls, encryption, monitoring software, data and network segmentation, and passwords. When you enter your credit card number and your login information through our Sites, we encrypt the transmission of that information using secure socket layer technology (SSL). No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security, and any transmission and supply of personal information to us is therefore at your own risk. If you have any questions about our security practices, you can email us at Data.Privacy@PeopleFluent.com.
Disclosure of your information
We will share your personal information with third parties only in the ways that are described in this privacy notice. We may disclose your personal information as necessary or appropriate in connection with any of the purposes for which we use personal information (as outlined below), including to subcontractors or service providers that help host or support the relevant sites or application services, or otherwise provide technical assistance to us.
We may also use third party service providers to provide credit card processing on our Sites, as outlined above. Transfers to subsequent third parties as part of our application services are covered by the service agreements with our customers. We do reserve the right to disclose personal information in connection with the sale or transfer of all or part of our business. We also reserve the right to disclose your personal data as required by law and or in the good faith belief that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, bankruptcy or similar legal process. We do not share, sell, rent, or trade personal information with third parties for their promotional or other purposes. If this practice should change in the future we will update this policy to identify those third parties and indicate how individuals can opt out of non-agent data sharing.
In addition, we may disclose your personal information to any member of the Learning Technologies Group, which means our subsidiaries, our ultimate holding company and its direct and indirect subsidiaries, provided however that we shall remain responsible for the treatment of such group members of your personal information in accordance with this policy. We may also share your personal data with any of our authorized local resellers, where we in our reasonable opinion believe that our relevant local reseller will be better placed to provide you with suitable PeopleFluent offerings, as outlined above. Where we share your personal data with such local partner, such local partner may contact you directly with PeopleFluent related offerings, to which you consent by acceptance of these terms, and in such case such local partner shall act as a data controller and direct marketer in relation to you.
Where we use third party service providers as outlined above, we choose parties which we believe offer a secure service and help us enhance our services or practices, and follow any legal requirements that may apply.
GDPR FOR EU INDIVIDUALS
Legal Basis for Processing
We process your personal data for the following purposes, on the following legal bases:
|Type of processing||Lawful basis|
|Sending marketing information to you (as an individual)||Consent|
|Carrying out our contractual obligations||Performance of a contract|
|Sending marketing information existing customers and business prospects||Legitimate interests|
Data Subject rights – EU and UK residents
You have the right to ask us not to process your personal data for marketing purposes. You may also choose not to receive publications or certain other communications from us at any time by explicitly indicating so in the appropriate section of the Registration Form or by opting-out by phone, email or via direct marketing emails sent to you.
We will inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to, or may disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by (un)checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at the contact addresses listed below, emailing firstname.lastname@example.org or by unsubscribing per the method outlined in any emails sent or during any phone calls with you.
You have the right to verify whether we hold your personal data and (have) access your personal data. You can made a request to access your data by submitting a written request to the contact addresses below. We may need to verify your identity before we are able to respond. Any data access request may be subject to a reasonable fee to meet our costs in dealing with your request.
You also have the right to ask us to amend inaccurate personal data or to delete it. However you should be aware that if you request your details to be deleted, this will mean we will have no record of any opting out that you may have requested and that you therefore may receive unsolicited communications in the future. If you send us any personal information in digital format, such as photographs, you are entitled to ask for a copy of this to be sent to you.
Where you are based in the EU you have the right to contact your local data protection authority and you can request details of how to do this by contacting us at email@example.com the contact addresses listed below.
Any queries concerning your rights or the exercising of them and any complaints concerning the processing of your personal data should be sent to the contact addresses listed below.
Our site may, from time to time, contain links to and from the websites of our group companies, partner networks, clients, and/or affiliates. If you follow a link to any of these websites, please note that these websites are subject to their own privacy policies and that we do not accept any responsibility or liability for these sites and policies. Please check these policies before you submit any personal data to these websites.
Consumer Rights – California Residents
Where we collect your personal data via our website, we will provide notice at or before the point of collection so that you are aware of how your data is being used. Any data collected through our website will be used for marketing and/or sales purposes as appropriate. We will not sell your personal data to a third party ever.
You have the right to request that we provide you with a list of the categories of your personal data we hold, the categories of sources from which we have obtained this data, and the categories of third parties that we may share this data with. You may also request that we provide you with a copy of any of your data that we have collected. You can made a request to access your data at any time by submitting a written request to the contact addresses below. We may need to verify your identity before we are able to respond
You also have the right to ask us to delete your personal data. However you should be aware that if you request your details to be deleted, this will mean we will have no record of any opting out that you may have requested and that you therefore may receive unsolicited communications in the future. You can exercise this right at any time by submitting a written request to the contact addresses below.
We will never deny you goods or services, charge you a different price or rate for goods or services, provide you with a different level or quality of goods or services, or suggest any of the aforementioned actions based upon you exorcizing your rights to your data.
Our site may, from time to time, contain links to and from the websites of our group companies, partner networks, clients, and/or affiliates. If you follow a link to any of these websites, please note that these websites are subject to their own privacy policies and that we do not accept any responsibility or liability for these sites and policies. Please check these policies before you submit any personal data to these websites.Authorized Representative EEA
All PeopleFluent entities based outside of EEA have, to the extent the GDPR is applicable to them in regard to any data processing performed by them, appointed PeopleFluent Limited with an address of 15 Fetter Lane, London EC4A 1BW, United Kingdom, to act as their designated representative within the EEA for the purposes of Art. 27 of the General Data Protection Regulation. PeopleFluent Limited is mandated to be addressed in addition to, or instead of such PeopleFluent entities based outside the EEA, by supervisory authorities and data subjects with any issues related to our processing of personal data.
In accordance with the Children’s Online Privacy Protection Act (“COPPA”) and the GDPR, our Services are not intended to be used by children and we do not knowingly request, solicit, access or receive personal information (as defined in COPPA and the GDPR, as applicable) from anyone under the age of 13 and 16 respectively. Where we are aware that any personal information submitted through our sites or our Services belongs to a child, we will delete this personal information from our records.
Whilst this is not our intention, our Services could be used to collect personal information from children under the age of 16. Where you make use of our Services to collect such personal information, you become an “operator” under COPPA and it becomes your obligation as our customer to comply with the relevant requirements of the COPPA and/or the GDPR, as applicable (and any other applicable laws and regulations).
While it is your responsibility, not ours, to ensure compliance with COPPA and the GDPR where you act as our customer and are the account owner and determine the data collection and processing, in the event we have actual notice that you have collected personal information in violation of COPPA and/or the GDPR, we will require you to comply with COPPA and/or the GDPR, and we may delete any violating personal information you are processing without notice.
EU-U.S. and SWISS-U.S. Privacy Shield – For EU, UK and Swiss Individuals Whose Data Is Transferred Into The US
PeopleFluent complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries (including Iceland, Liechtenstein, and Norway) and Switzerland transferred to the United States pursuant to Privacy Shield. PeopleFluent has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy notice as applicable to PeopleFluent and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
PeopleFluent is subject to the jurisdiction and enforcement authority of the United States Federal Trade Commission (FTC).
PeopleFluent’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, PeopleFluent remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless PeopleFluent proves that it is not responsible for the event giving rise to the damage.
Pursuant to the Privacy Shield principles, PeopleFluent is obliged to inform EU, UK and Swiss individuals whose data is transferred to the United States that we may be required to release that information in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
In compliance with the Privacy Shield Principles, PeopleFluent commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom and Swiss individuals with Privacy Shield inquiries or complaints should first contact PeopleFluent by email at Data.Privacy@PeopleFluent.com or via post at:
Learning Technologies Group Inc doing business as PeopleFluent
434 Fayetteville Street, 9th Floor
Attention: Security Team
Raleigh, North Carolina 27601
Within 30 days of your request, pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain PeopleFluent’s confirmation of whether they maintain personal information relating to you in the United States. Upon request, PeopleFluent will provide you with reasonable access to the personal information that they hold about you. You may also correct, amend, or delete the personal information PeopleFluent holds about you where such information is inaccurate or has been processed in violation of the Principles. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to Data.Privacy@PeopleFluent.com. If requested to remove data, PeopleFluent will respond within a reasonable timeframe.
PeopleFluent has committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
PeopleFluent has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EEA in the context of the employment relationship. EU individuals with HR complaints should refer to https://edpb.europa.eu/about-edpb/board/members_en for the list of Data Protection Authorities.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Changes to this Privacy Notice
PeopleFluent reserves the right to modify this Privacy Notice at any time, so please review it frequently. If at any point we decide to use personal information in a manner that is substantially different from that stated at the time we collected it, we will seek to notify users by way of an email, and provide users with a choice as to whether or not we use their information in this different manner prior to the change becoming effective.
PeopleFluent’s Information Security Officer is responsible for PeopleFluent’s compliance with and enforcement of this Privacy Notice; the Information Security Officer may be reached at Data.Privacy@PeopleFluent.com. The United States Federal Trade Commission is the statutory body that has jurisdiction to hear any claims against the organization regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.
Last Updated: February 2020