Privacy Statement
Introduction
Herrmann International, Inc., is referred to in this Privacy Policy as "Herrmann," or by first person pronouns such as "we," "us," "our" etc.
This Privacy Statement applies to i) all users of Internet websites published by Herrmann, ii) all users of Herrmann products and services, and (ii) other individuals whose personal data (as defined below) is collected or processed by Herrmann. All such individuals are referred to in this Privacy Policy by second person pronouns such as "you," "your," etc. This Privacy Policy describes the types of personal data we may collect from you, how we collect it, how we use it, how we share or disclose it, how we store it, and your choices regarding the use and processing of your personal data.
Contact Information
Herrmann will control the use of your personal data. You may contact Herrmann at: Herrmann International, Inc. P.O. Box 389 Forest City, NC 28043 +1.828.348.6391 privacy@hbdi.com
Our representative in the European Union is Herrmann International UK.
You may contact the representative at:
Herrmann International
10 John Street London, WC1N 2EB
+44 (0) 208 123 7155
ukservice@hbdi.com
Personal Data We Collect and Purposes for which it is Used
We collect and process personal data to facilitate our legitimate business interests in accordance with Article 6(f) of the EU General Data Protection Regulation ("GDPR"). These interests include providing our products and services to you, communicating additional information to you regarding our products and services, and conducting other activities associated with managing our business.
When we process your personal data to facilitate our business interests, we balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Prior to collecting and processing special categories of personal data that are, or might reasonably be considered to be, sensitive or otherwise subject to heightened protection under applicable laws, we will ask for your explicit consent. We will also ask for your consent in each case before processing your personal data other than as described in this Privacy Statement or as previously consented to by you.
If you participate in an assessment, we will first obtain your consent to process your personal data, including contact information, assessment responses, and resulting profiles and reports. Your consent will establish a legal basis for such processing in accordance with GDPR Article 6(a). The consent document for each assessment will provide you with specific information regarding how your data will be processed, prior to your taking the assessment.
For more detailed information regarding the personal data we collect and how it is used, you may click here to view our full Privacy Policy.
Examples of personal data we may collect and use include the following:
How We Share Personal Data
Your personal data will be accessible by our employees who require access in order to further our business interests as described above.
We may share your personal data with our affiliate, Herrmann Global LLC, and with our licensees, distributors and contracted service providers to enable these organizations and individuals to provide our products and services to you, for customer support, marketing, technical operations and account management purposes, and to perform other activities described in this Privacy Policy. We do not share, sell, rent, or trade any personal data with third parties for any promotional purposes unrelated to our business or to our own products and services.
Contractors and service providers are authorized to use and disclose personal data only as necessary to perform and provide the particular services for which they were engaged and only in accordance with this Privacy Policy. Examples of services which may give contractors or service providers access to personal data include:
a. hosting our websites; b. hosting our email server; c. processing your payments; d. maintaining, enhancing, or adding to the functionality of our websites; e. processing and fulfilling orders; f. collecting web analytics data; and g. enabling us to send you email, or performing other administrative services.
Other parties we may share personal data with include:
a. governmental authorities pursuant to applicable laws or court process, or as we reasonably deem necessary to prevent harm, financial loss, fraud or illegal activity; b. the successor in interest to all or a portion of our business or assets; provided that should such a transfer occur, we will require such successor to agree in writing to use, protect, and maintain the security, integrity, and confidentiality of the transferred personal data in accordance with this Privacy Policy; and c. others pursuant to consent obtained from you.
If you participate in taking the HBDI® thinking preference assessment or other assessments offered by us, we may share your contact information, assessment responses, and assessment results with certified practitioners who have been accredited by Herrmann to administer assessments and interpret assessment results and reports. We may also share such data with persons assisting certified practitioners and with others who are involved in administering and coordinating assessments. Before receiving your data, all persons described in this paragraph must have: (i) agreed to protect the data and to use it only in accordance with the terms of the Access Agreement which you may review here. and (ii) been determined by authorized Herrmann personnel to have a legitimate need to access assessment data in order to facilitate, administer or coordinate assessments.
Transfers of Personal Data Subject to Appropriate Safeguards
We use the transfer mechanisms listed below for transfers of personal data from the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom to countries which do not ensure an adequate level of data protection within the meaning of their respective data protection laws and regulations:
Our EU-U.S. and Swiss-U.S. Privacy Shield Framework self-certifications apply to transfers made to facilities or systems owned or controlled by us or by our affiliate, Herrmann Global LLC, located in the United States. We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union and Switzerland to the United States, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/. Under the Privacy Shield Framework, we are subject to the investigatory and enforcement powers of the FTC. It is possible, under certain conditions, for you to invoke binding arbitration before a Privacy Shield panel regarding a dispute. We may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may be liable under the Privacy Shield Framework for onward transfers of personal data to third parties.
Herrmann commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
In compliance with the EU-US and Swiss-US Privacy Shield Principles, We commit to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at: Herrmann International, Inc P.O. BOX 389 Forest City NC 28043 privacy@hbdi.com
We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please contact the independent recourse mechanism listed below.
HR RECOURSE MECHANISM | NON-HR RECOURSE MECHANISM |
---|---|
Swiss Federal Data Protection and Information Commissioner (FDPIC) | BBB EU Privacy Shield Program http://www.bbb.org/EU-privacy-shield/for-eu-consumers |
EU Data Protection Authorities (DPAs) |
b. In other cases, we will seek your prior consent before transferring your personal data to countries not determined to ensure an adequate level of data protection within the meaning of the applicable data protection laws and regulations
Criteria and Time Period for Retaining Personal Data
We may retain your personal data for a period of time consistent with the original purpose of its collection. In most cases, this means that we will retain your personal data indefinitely. We also may retain your personal data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
Certain Rights Available to You
You have the right to request the following from us: a. access to, and rectification or erasure of, your personal data; b. restrictions on the processing of your data, and c. copies of your personal data held by us for the purpose of transferring it to yourself or another party specified by you.
You may direct such requests to:
Herrmann International, Inc P.O. BOX 389 Forest City NC 28043 privacy@hbdi.com
In cases where you have given us your consent to collect and use your personal data, you have the right to withdraw that consent at any time (without affecting the lawfulness of processing based on your consent before its withdrawal).
You have the right to lodge a complaint with any applicable supervisory authority.
You are not required to provide us with any personal data we may request. However, if the requested information is necessary for us to provide any product, service or information requested by you, we will be unable to fulfill your request.