Centre For Responsible Innovation - Privacy Policy

 

Last updated: 13 September 2021.

1.     Your privacy is important to us

This Privacy Policy explains how the Centre for Responsible Innovation (“CforRI”) collects and handles your personal information, and applies to all of our Services, which includes this website. Through our product offerings, Customers and their employees have the ability to provide organisational feedback and/or individual feedback within their companies. We value your trust and take our privacy obligations seriously. This Privacy Policy sets out how we manage your personal information so you can understand how your personal information and data is collected, held and processed by CforRI. Please take a moment to review the below and contact us at team@cforri.com if you have any questions.

2.     Definitions:

  • Administrator means any person who has log in credentials to a Customer account to manage that account, create surveys, review and share survey results, or manage the account to enable individual users to provide feedback;

  • Centre for Responsible Innovation, CforRI, we, us or our means Centre for Responsible Innovation Pty Ltd (ACN 639 687 166) of 35 Market Street, South Melbourne VIC 3205, Australia, and any of its related bodies corporate;

  • Customer or Company means, in relation to you, the person or entity that has contracted with CforRI to allow you to use CforRI’s Services. The Customer or Company will generally be your employer, or an identified subgroup (i.e., division, department, etc.) within your employer;

  • Individual Feedback means the feature in our Services which allows individuals to give performance related feedback regarding their Company;

  • Individual Feedback User means any person who has log in credentials to an individual account within our Services to give Individual Feedback to, and obtain Individual Feedback from, other users within their Company;

  • Network means the in-application organizational network of Individual Feedback Users within a Company;

  • Personal Profile Page means the “my account” page within the Services which is a personal page available to Individual Feedback Users of our performance management services when they create an account (available after pilot period);

  • Services means all products (including related mobile applications), services and Websites offered by CforRI;

  • Visitor means any person who visits our Websites;

  • Websites means, collectively, www.cforri.com as well as the other websites that CforRI operates and that link to this Privacy Policy; and

  • You or your means either an Administrator, Individual Feedback User or Visitor, as applicable.

3.     Commitment to Children’s Privacy

Protecting children’s privacy is especially important to us. Therefore, unless permitted by applicable law, you must not permit any child under the age of 16 with access to our Services. We do not intentionally gather personal information from minors under the legal age range. In the event that a minor submits personal information to CforRI and we learn that the personal information is the information of a child under the legal age range, we will attempt to delete the information as soon as possible. If you believe that we may have any personal information of a child under the legal age range, please help us by contacting CforRI at: team@CforRI.com

4.     What information we collect

We collect information relating to you and your use of our Services from a variety of sources. Some of this information is collected directly from you and some of this information is collected from your interactions with our Services, your Company, or from third parties. How and what information we collect about you will depend on the way that you use our Services, for example, whether you are an Administrator, an Individual Feedback User or a Visitor.

4.1.   Information we generally collect

  • Contact information: When you provide us with your contact information, whether through use of our Services, creation of an account, a form on our website, or an interaction with our sales or customer support team, we collect your contact information. This information may include, for example, your name and email address.

  • Usage information: We collect usage data about you whenever you interact with our Services. This may include which web pages you visit, what you click on, when you performed those actions, and other activities.

  • Device and browser data: We collect data from the device you use to access our Services, such as your IP address, operating system, browser details and time of visit. This information may also tell us your location.

  • Cookies and page tags: We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect aggregated and anonymous data about Visitors to our Websites. This data includes usage details and user statistics.

  • Log data: We keep log files that record data each time a device accesses our servers. The log files contain data about the nature of each access, including the originating IP address. We may combine this automatically collected log information with other information we collect about you. We do this to maintain an audit trail of activity, to improve our Services, to improve our marketing activities, for system analytics, or to monitor or improve functionality.

  • Referral data: If as a Visitor, you navigate to our Websites from an external source (such as a link on another website or via an email), we record information about the source that referred you to us.

  • Other data you submit: We may collect your personal information or data if you submit it to us in other contexts. For example, by giving us a testimonial, attending an event we host or entering a contest. We may also collect personal information at other points throughout our Services or within our Website that states personal information is being collected. If you contact us at team@cforri.com we will also collect any information that you provide to us voluntarily, and other requested information in order for us to respond to your request.

  • Third parties: We may collect your personal information or data from third parties if you give permission to those third parties to share your personal information with us or where you have made that information publicly available online.

  • Mobile devices: If you connect to the Services using a service provider that uniquely identifies your mobile device, we may receive this identification information to provide the Services to you.

4.2.   Information specific to Administrators and Individual Feedback Users

We may collect the following information about Administrators and Feedback Users:

  • Information collected from your Company: The information that each Customer provides to us is unique. Your company may, for example, provide us with demographic data such as your name, email information, and other information related to your role within the Company, including your business unit and your position within the Company’s organization chart. Some Customers may provide us with additional demographic information so they can better analyse and understand their assessment results. In the event that you are, or you become, part of a Network, your Company may request that we create an account for you if you are not already an Individual Feedback User.

  • Assessment responses: When you answer an assessment survey, we will store your survey answers and comments.

4.3.   Information specific to Individual Feedback Users

We may collect or share the following information about Individual Feedback Users:

  • Individual Feedback User information (can update with“Profile page information” for post pilot version): When an Administrator creates an assessment survey (can update with “account” for post pilot version) for you, we may collect the following information from your Company: your name, company name, registered company number, email address, title and role within your Company, photograph, and other organisational information, such as the person you report to and your direct reports within the Company.

  • Your content: When you use the Services as an Individual Feedback User, we will store any messages or content that you submit to us when you use this part of the Services, such as when you submit a Capability Assessment, as well as when these messages or files were sent.

4.4.   Information specific to Administrators

We may collect the following information about Administrators:

  • Registration details: When you register an account or another Administrator creates an account for you, we collect your name, company name, registered company number, email address, password and other information.

  • Assessment data: When you create and launch assessment surveys using the Services, we will store those assessment questions and other information related to those assessments.

  • Billing details: If you use a credit card for billing, our credit card processor may collect information such as the cardholder’s name, billing address, email address, credit card number, expiry date and credit card security code.

5.     How do we hold the information we collect?

5.1.   Where your personal information is located 

Our servers are based in the United States and Canada. However, as CforRI’s head office is located outside of the United States, your personal information may be transferred, disclosed or processed in another country, such as Australia, from time to time. Transfers between countries will be protected by appropriate safeguards including the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission website; or the use of binding corporate rules, a copy of which you can obtain from CforRI’s Data Protection Officer.

5.2.   Security of your personal information

5.2.1. CforRI is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

5.2.2. We will take reasonable steps to protect your personal information from unauthorised disclosure. However, please note that the transmission of personal information via the internet is outside of our control and there is a risk that information transmitted in this way could be intercepted by third parties.

5.2.3. Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the GDPR and that they have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.

6.     How we use the information we collect

How we use the information we collect about you will depend on the way that you use our Services, for example, whether you are an Administrator, an Individual Feedback User or a Visitor. In each case, the information we collect and process is reasonably necessary for providing with the Services you would expect from us.

We use this information primarily to provide a customised experience as you use our Products and Services, and generally, do not share this information with third parties. However, we may disclose personal information collected if we have received your permission beforehand or in very special circumstances, such as when we believe that such disclosure is required by law, or other special cases described below.

6.1.   Administrators

When you use our Services as an Administrator, we may use your personal information to:

  • Create an account

  • Provide you with our Services

  • Manage and improve our Services

  • Contact you about the Services or your account

  • Marketing purposes

  • Respond to legal requests and prevent harm

6.2.   Individual Feedback Users 

When you use our Services as an Individual Feedback User, we may use your personal information to:

  • Create an account with us

  • Provide our Services to the Customer: please note that when and how we use your personal information is controlled and managed by the Customer (including any Administrators that act on its behalf).

  • Manage and improve our Services: such as investigate complaints made by you, send you survey reminders

  • Create de-identified aggregated data: to provide customers with a better understanding of their survey results, we use survey data in a de-identified aggregated form to compare customers’ results to the results of other surveys or other customers. We also use your survey data to continually improve our Services, including our de-identified aggregated data sets. None of your survey data will be disclosed to other unrelated customers in a non-aggregated or identifiable form.

  • Respond to legal requests and prevent harm

  • Identify you as a user: we may use your information to identify you as an Individual Feedback User in our systems and within the Network which you belong.

  • Provide information to other users in your Network or your Company

6.3.   Visitors

When you use our Services as a Visitor, we may use your personal information to:

  • Contact you for marketing purposes: We may send you news and information about our products or Services that you either request from us, or we believe may interest you (unless prevented by law). In most cases, we will contact you via email.

  • Manage and improve our Services

  • Profiling for marketing purposes

7.     General Data Protection Regulation (GDPR) for the European Union (EU)

7.1.   Where applicable CforRI will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use;

7.2.   We will process your personal information as a data processor on your behalf;

7.3.   We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it;

7.4.   We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure;

7.5.   We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation;

7.6.   We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law;

7.7.   We do not collect or process any personal information from you that is considered “Sensitive Personal Information” under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or it is being collected subject to and in accordance with the GDPR, and;

7.8.   You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

8.     Your rights under the GDPR

8.1.    If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. CforRI complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.

8.2.    Except as otherwise provided in the GDPR, you have the following rights:

(a)       to be informed how your personal information is being used;

(b)       to access your personal information (we will provide you with a free copy of it);

(c)       to correct your personal information if it is inaccurate or incomplete;

(d)       to delete your personal information (also known as “the right to be forgotten”);

(e)       to restrict processing of your personal information;

(f)       to retain and reuse your personal information for your own purposes;

(g)       to object to your personal information being used; and

(h)       to object against automated decision making and profiling.

9.     Other Important Privacy Information:

  • Blogs and public forums: please remember that any information you may disclose in our blogs, forums or other public areas of our Websites or product platforms may be read, collected and used by others who access them. You should exercise caution when deciding to disclose personal information in these public areas. To remove your personal information from our blog or community forum, please contact us at: team@cforri.com. In some cases, we may not be able to remove your personal information, and in such cases, we will notify you and explain why we are unable to fulfil your request.

10.   Changes to Privacy Policy

10.1. Please be aware that we may update this Privacy Policy from time to time and the most current version will be published on our website. If we make any material changes, we will notify you by email (to the address linked to your account) or when you next log in to your account prior to the change becoming effective. You agree to all modifications made by continuing to use our services. We encourage you to review this page periodically to stay up to date with our privacy practices. If you have any questions or concerns about our Privacy Policy, or with the handling of your personal information, please contact our Privacy Officer at team@cforri.com