General Data Protection Regulation
As of May 25, 2018, a new privacy law called the General Data Protection Regulation (GDPR) is in effect in the European Union (EU). The GDPR expands the privacy rights granted to EU individuals, and it places many new obligations on organizations that market to, track, or handle EU personal data, no matter where an organization is located. We are here to help the Birkman family in the effort to comply with the GDPR.
Navigate the tabs below to see your rights as an individual under the GDPR.
Right to be Forgotten
Definition: Any individual has the right to request that Birkman delete all data on that individual in a quick and timely manner.
What this means for you
This means that Birkman’s consultants, clients, customers, and questionnaire respondents can request that Birkman delete any/all personal data of themselves, and it will be permanently deleted. To reiterate: anyone who completed a questionnaire authorized by you can request that Birkman delete any/all of their personal data. If you receive a request like this, contact firstname.lastname@example.org and we will permanently remove this person’s data from our database.
Right to Object
Definition: An individual may prohibit certain data uses.
What this means for you
Depending on the data being objected to, it may prohibit you from doing business with Birkman because of the legal standpoint from which Birkman operates. Some clients and customers may refuse to complete the Birkman Questionnaire because of the personal data collected during the process. They are within their rights to object to provide any of the data required in order to complete the Questionnaire.
Right to Rectification
Definition: Individuals have the right to request that incomplete data be completed, or that incorrect data may be corrected.
What this means for you
You may request that we complete and/or correct any personal data we have collected on you. This also applies to respondents in your database. Your respondents will need to reach out to Birkman directly to complete/correct any information on them housed within our database. If you receive any requests for rectification, have the individual email email@example.com to ensure a timely and accurate correction.
Right of Access
Definition: Individuals have the right to know what data about them is being processed and how.
What this means for you
See the sections below to learn what information Birkman collects, and how it is used. Please direct any of your respondents requesting this information to this page to see what information we collect and how it is used.
The Personally Identifying Information we collect of our customers may include: full name, referral name, company name, mailing addresses (city, state, zip, country), email addresses, phone & fax numbers, invoicing history, spoken language, education level and area of study, age, gender, ethnicity, employment status, detailed employment information (position title, dates hired, etc), Birkman Learning System training history, Birkman-account ID numbers, last four digits of credit card, and food allergy information.
The Personally Identifying Information we collect on respondents of the Birkman questionnaire is much more limited, and may include: email address, country, language, first and last name, zip/postal code, education information, gender, the purpose for taking the assessment, year born, ethnicity, employment status and employment details (job title, years worked, organization size, employer name, full- or part-time, seeking, not seeking, not able to work, retired). When someone completes a Birkman questionnaire, this constitutes agreement to provide “Personally Identifying Information” to Birkman.
When someone visits our website, various data points are logged, such as IP address (which may in some cases be Personally Identifying Information), browser type/version, domain, and operating system. If you purchase any products or training sessions through our websites (birkman.com and/or learning.birkman.com), the registration process provides us with contact information (name, mailing address, phone number), and financial information, last four digits of credit card number, expiration date). Financial information may ONLY be shared with third parties for verification, processing, and fraud detection purposes.
We may place a piece of information known as a cookie on your computer when you visit our websites, which allows us to improve user experience. Our cookies will track only your activity on our websites and will not track your other internet activity. Our cookies do not gather Personally Identifying Information or Financial Information. You may turn off the acceptance of cookies in your browser at any time.
We do not solicit or intentionally collect data from persons under 16 years old nor do we publish content that is targeted at anyone under 16 years old. If you are under 16, you may not use any of our websites.
The Birkman Questionnaire is comprised of approximately 300 questions and a series of reports derived from the responses to these questions. This information is used by Birkman Sponsoring Organizations, which includes consultants and consulting agencies that help administer The Birkman Method assessment. The only information in connection with completing the assessment that is accessible to these Sponsoring Organizations is your name, gender, email address, and any reports derived from the questionnaire data.
We aggregate all response results to develop group norms, conduct validation studies, perform statistical analyses, develop new products and services, and improve our services. In these cases, your age, gender, and other personal information may only be used to create aggregated data results which may be disseminated, but can in no way be linked back to your Personally Identifying Information.
We use the tracked information from our websites, including IP addresses, to help diagnose problems with our servers, administer our websites, and ensure the security of our networks. Any Financial Information obtained from you through our websites may only be shared with third parties for verification, processing, and fraud detection purposes.
We use cookie information to maintain continuity in user experience, or gather data for use of our Information Technology, Sales, and Marketing departments, and other corporate purposes.
All data privacy and security concerns or requests should go to firstname.lastname@example.org. Be sure to include your Birkman-related contact information so that we can accurately process your request in a timely manner.
Our customers are Birkman Certified Professionals, resellers of The Birkman Method, and companies that use BirkmanDirect for employee data. It is important that you understand how this new regulation may also impact your business as it relates to Birkman. Below are the ways in which you can ensure that your business processes comply with the GDPR.
- Be transparent – One aspect of the GDPR is clarity and transparency; a plain language, easy to understand explanation of what data is being collected and how it is being used, and it must be easy to find on your business website. Although the act of participating in the Birkman questionnaire is considered consent from your clients, and we will also be providing information on the questionnaire page before they take the assessment, it is still important that you inform them of what data the Birkman questionnaire will obtain and how it will be used.
- Provide easy access to personal data – Since Birkman holds personal data, people have the right to request the data that is being held relating to them, free of charge, without unnecessary delay. If any of your clients have a request for the information Birkman has about them, please have them email email@example.com with the request.
- Be sure to audit your data and processes for data capture and storage – The GDPR calls for greater accountability, which means Birkman and its consultants must be able to demonstrate how we comply with the GDPR. This website is part of that effort. As one of our trusted consultants, you are welcome to use any of our GDPR compliance information for your own website.
- The consequences of non-compliance – In short, non-compliance can lead to serious fines. We strongly recommend that you immediately begin the process of complying (if you haven’t already). One of the key aspects of GDPR compliance is to actually demonstrate your compliance, which could involve updating your own terms of service, privacy policies, and internal procedures.
- Have more questions? We are here to answer any questions you have regarding GDPR and your role in ensuring compliance. Please feel free to email us at firstname.lastname@example.org.