Last Modified: June 14, 2019
When you use the Services, you and/or your employees, independent contractors and/or candidates (collectively, the “Authorized Users”) may provide GrowthPlay with two main types of information: (i) personal information that the Authorized Users knowingly choose to disclose, which is collected on an individual basis, and (ii) general user information that does not contain personal information, which is collected on an aggregate basis as the Authorized Users use the Services. Examples of the foregoing may include, without limitation, first name, last name, e-mail address and IP address and further described herein. We collect information from you when you (a) use and/or access the Services, (b) open and/or respond to our emails, (c) contact GrowthPlay, (d) visit any page online that displays our content, (e) purchase assessments and/or services through the Services, and/or (f) provide information to any of our vendors. Please note, in the event the Authorized User is engaging in an assessment via the Services, the Authorized User acknowledges and agrees that by engaging in such assessment the Authorized User may disclose information that may make such Authorized User personally identifiable and such Authorized Users are responsible for the content such Authorized Users provide. In such case, GrowthPlay is considered a processor and does not control the personal data used or stored in the assessment and only processes it; however, GrowthPlay will not process the personal data of its Authorized Users for other purposes or by other means than instructed by the controller of the personal data. In the event you want more information regarding the protection of personal data when responding to assessments or have questions about the personal data that may have been collected during such assessment, please contact the entity that has provided the assessment to you.
We may ask for certain personal information from you for the purpose of providing to you content and/or Services that you request. We collect personal information such as your: (i) contact information (including name, telephone number, email, title, and job position); (ii) employment content (including information, text and/or other materials) submitted by you; (iii) financial information (such as credit card number, expiration date, verification number and billing address); (iv) data from assessments and responses to questions related to individual competencies (including performance); (v) contact information of employees or others you share with us; (vi) demographic information (including age, birthdate and gender); (vii) location information (such as geographic location of the device you are using) preferences, feedback and behavior (such as reports and performance rates) and (ix) information of third parties such as names and email addresses, as may be provided for example, in order to invite your team to take assessment tests. Once you register, you have opted in to receive electronic communications from GrowthPlay. GrowthPlay may also provide you with the opportunity to participate in surveys through the Services. If you participate, we will request certain personal information. Participation in surveys is completely voluntary and you therefore have a choice whether to disclose such information.
When you access or use the Services, we may automatically collect information about you, including:
Cookies are categorized by how long they are stored and their function. The Cookies GrowthPlay uses are as follows:
Services and to use its features.
You can adjust the settings on your browser and reject the setting of all or some Cookies and it will alert you when a Cookie is placed on your device. You may also delete previously stored Cookies; however this will not prevent the Services from placing future Cookies on your device unless and until you adjust your settings as described above. Please note, blocking any or all Cookies may impact your use of the Services as mentioned above.
Device Data: We use device data, which is information concerning a device you use to access, use, and/or interact with the Services, such as operating system type and/or mobile device model, browser type, domain, and other system settings, the language your system uses and the country and time zone of your device, geo-location, unique device identifier and/or other device identifier, mobile phone carrier identification, and device software platform and firmware information.
Aggregate: We may collect non-identifying and statistical information about the use of the Services, such as how many visitors visit a specific page, how long they stay on that page and which links, if any, they click on. This information represents a generic overview of our users, including their collective habits. Information collected in the aggregate is not associated with you as an individual. We may share user information in the aggregate with third parties.
Analytics: GrowthPlay uses analytic software to gather statistics and usage trends for product and service improvement purposes. Our Service may record data from your phone, tablet, or computer such as how frequently you use the Service, what actions you take and performance data.
Other Tracking Technologies: We may supplement information you provide to us with information from other sources, such as information to validate and/or update your address and/or other demographic information. This information is used to maintain the accuracy of information on the Services and for internal analysis. We may also use clear gifs, pixel tags and web beacons, which are tiny graphic images placed on website pages and/or in our emails that allow us to determine whether you have performed specific actions and are further used to track online movements of our users. In contrast to Cookies, which are stored on your computer’s hard drive, clear gifs are embedded invisibly on web pages. We do not tie the information gathered by clear gifs to your personal information.
The information collected in the aggregate enables GrowthPlay to better understand your use of the Services and to enhance your enjoyment. We may use financial information to process payment, enroll you in one of our accounts and/or other related services in which you elect to participate. If you use the Services, you agree to receive certain communications from us including but not limited to the following:
Special Offers, Newsletters and Updates. We will occasionally send you information on products, special deals, promotions and newsletters. You can sign up for these emails from us at any time. Out of respect for your privacy, you may elect not to receive these types of communications by contacting us or replying to our emails.
Blogs. Our Service may have links or access to publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.
Customer Service. Based upon the personal information you provide us, we will communicate with you in response to your inquiries, to provide the services you request and to manage your account. We will communicate with you by email or telephone, as you may elect.
Corporate Accounts: If you are an individual registered Authorized User and the domain of the primary email address associated with your account is owned by your employer and was assigned to you as an employee of that organization, and such organization wishes to establish a corporate account, then certain information concerning past use of your individual account may become accessible to that organization’s administrator including your email address and/or assessment results.
For Collaboration: We may share your information, including when you choose to use certain features in the Services that by their nature support sharing with third parties who you choose. Your name, email address, and any content you choose to share will be shared with such third parties, and such third parties may communicate with you in connection with your use of the Services.
Business Transfers: If we sell or otherwise transfer part or all of GrowthPlay or our assets to another organization (e.g., in the course of a transaction such as a merger, acquisition, bankruptcy, dissolution, liquidation, etc.), your information such as name and email address, user content and/or any other information collected through the Services may be among the items sold and/or transferred.
Your consent to our collection, use, and disclosure of your personal information, as well as your receipt of information from us, can be either express or implied. Express consent will be obtained either in writing or by some affirmative act via the Services such as clicking on an icon or button. Implied consent may be obtained through your use of our assessments and related Services, or when you approach us to obtain information, or inquire about or request Services from us. You will have an opportunity to opt out of receiving announcements of certain information. You can also limit the information you provide to GrowthPlay, as well as the communications GrowthPlay sends to you.. If you visit the Services and volunteer personal information, you can opt out of receiving notifications, although privacy rules may require or permit us to communicate with you in certain circumstances. In some cases, if you choose not to provide GrowthPlay with requested information, you may not be able to use and/or access all of the Services.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to receive: (a) information identifying any third party companies to whom GrowthPlay may have disclosed personal information to for direct marketing, within the past year; and (b) a description of the categories of personal information disclosed. To obtain such information, please email your request to firstname.lastname@example.org and we will provide a list of categories of personal information disclosed within thirty (30) days of receiving such a request. This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted in ways other than those specified above.
Children and Minors. GrowthPlay does not knowingly collect personal information from children under the age of thirteen (13). If we learn that we have collected personal information from a child under age thirteen (13), we will endeavor to delete such information promptly. If you believe that a child under the age of thirteen (13) may have provided us personal information, please contact us at email@example.com. By using the Services, you represent that you are at least eighteen (18) years old and understand that you must be at least eighteen (18) years old in order to create an account and/or purchase the goods and/or services through the Services.
We work hard to secure your personal information from unauthorized access to and/or unauthorized alteration, disclosure and/or destruction of information we hold. GrowthPlay has adopted appropriate physical, electronic and managerial procedures to safeguard and secure the personal information we process. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. We periodically review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. Since the internet is not a completely secure environment, GrowthPlay cannot warrant the security of any information you transmit to GrowthPlay or guarantee that information on the Services may not be accessed, disclosed, altered and/or destroyed by breach of any of our physical, technical and/or managerial safeguards; however, GrowthPlay implements and maintains appropriate technical, security and organizational measures to protect personal data against unauthorized or unlawful processing and use, and against accidental loss, damage, destruction, theft or disclosure. Please do your part to help GrowthPlay. You are responsible for maintaining the secrecy of your account information, and for controlling access to emails between you and GrowthPlay, at all times. Please limit your access to your computer and/or mobile device and/or browser by signing off after you have finished accessing the Services. We are not responsible for the functionality, privacy and/or security measures of any other organization.
GrowthPlay adheres to the Directive 95/46/EC (“Directive”) and, commencing on May 25, 2018, the European Union’s (“EU”) General Data Protection Regulation (“GDPR”).
Personal information may be transferred abroad (including outside the EU for the Authorized Users in the EU) in connection with GrowthPlay’s provision of hosted application services and related support services to our customers. GrowthPlay strives to collect and use personal information in a manner consistent with the laws of the countries in which we do business and is self-certified to the ‘EU-US Privacy Shield Framework’ developed by the U.S. Department of Commerce in coordination with European Commission. GrowthPlay is committed to cooperating with the European Data Protection Authorities or their authorized representatives in accordance with applicable law.
GrowthPlay may process personal data on your behalf in order to provide the Services, including uploading, reviewing, sharing content and sending emails on your behalf. GrowthPlay will only process personal information in a way that is set forth herein and relevant for the purpose for which it was collected and/or authorized by you. GrowthPlay will take reasonable steps to ensure that personal information is reliable for its intended use, accurate, complete and current. We may occasionally contact you to determine that your data is still accurate and current.
Subject to the limitations set out below, you may access, review, modify, update, and/or delete such personal information as we hold by contacting us firstname.lastname@example.org and/or by changing your preferences on the Service. Please be aware that even after your request for a change is processed, as well as following termination of Services, GrowthPlay may, for a time, retain residual personal information about you in its backup and/or archival copies of its database. We may also retain personal information for a commercially reasonable time for audit purposes and/or to comply with legal obligations, to resolve disputes, and to enforce agreements. GrowthPlay may deny or limit access and change requests where legitimate rights of persons other than you would be violated or where disclosure would interfere with national security, defense, or public security, or other grounds provided for by the Framework Principles. For security purposes, GrowthPlay may require verification of identity before providing access to personal information. If you wish to confirm whether GrowthPlay has personal data relating to you, please contact us at email@example.com. We will respond to your request within a reasonable time.
GrowthPlay is responsible for the processing of personal information it receives, under the Privacy Shield Frameworks, and subsequently transfer to a third party acting as an agent on its behalf. GrowthPlay complies with the ‘Principles’ for all onward transfers of personal information from the EU, including the onward transfer liability provisions. GrowthPlay will offer Authorized Users in the EU whose personal information has been transferred to the United States the opportunity to opt out from: (a) the disclosure of personal information to a non-agent third party (other than Service Providers); and (b) the use or disclosure of personal information for a purpose other than the purposes for which the information originally was collected or subsequently authorized by the individual or a compatible purpose. GrowthPlay does not intend to receive “sensitive personal information” (which includes, without limitation, personal information specifying medical and/or health conditions, racial and/or ethnic origin,), and neither our clients nor any individuals should provide sensitive personal information to us. In the event GrowthPlay seeks to receive such information, we will request and obtain affirmative consent before disclosing such information to a non-agent third party and before using such information for a purpose other than the purpose originally disclosed and/or a compatible purpose. GrowthPlay will provide you with reasonable mechanisms to exercise your choices should such circumstances arise. GrowthPlay will not transfer personal information originating from the EU to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your personal information as required by the principles of the ‘EU-US Privacy Shield Framework’. We will only transfer data to our agents, resellers or third party Service Providers who need the information in order to provide services to or perform activities on behalf of GrowthPlay, including in connection with the delivery of services or products, GrowthPlay management, administration, or legal responsibilities. GrowthPlay will make sure that any third party agent receiving personal information subscribes to the ‘EU- US Privacy Shield Principles’.
As it relates to personal information pertaining to EU individuals, please be aware that there are certain exceptions to the EU-US Privacy Shield Principles’. For instance our adherence to the ‘Principles’ may be limited to the extent necessary to meet national security, public interest or law enforcement requirements. Please note that where an exception applies to the ‘Privacy Shield Principles’, we may make use of such exception.
Additionally, with respect to complaints concerning human resources data that is transferred from the EU to the United States, we have agreed to participate in the dispute resolution procedures of the EU Data Protection Authorities. Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. GrowthPlay will cooperate as required with the appropriate EU Data Protection Authorities during investigation and resolution of complaints concerning human resources data that is transferred from the EU to the United States brought under the ‘EU-US Privacy Shield Framework’.
These recourse mechanisms are available at no cost to you. Damages may be awarded in accordance with applicable law. Under certain conditions, if you are not satisfied with the above recourse mechanism, you may be able to invoke binding arbitration.
If you or your organization are required to enter into a contract with your data processor under the GDPR, please review GrowthPlay’s data processing agreement (“DPA”) here and if the DPA is acceptable, follow the prompts and provide the information requested and sign where indicated. Once complete, GrowthPlay will automatically receive the countersigned version of the DPA. Please contact GrowthPlay at firstname.lastname@example.org with any questions. In addition, GrowthPlay has a data processing agreement in place with any sub-processors it uses to process EU personal data in compliance with the Directive and the GDPR.