PSI Services LLC considers privacy with the utmost of seriousness and is strongly committed to protecting the privacy of visitors and users of our site and services. This policy applies to all entities within the PSI Group (including Performance Assessment Network, Inc. and Institute for Personality and Ability Testing, Inc.) (“PSI Group”).
E.U.-U.S. Privacy Shield Notice
The PSI Group complies with the E.U.-U.S. and Swiss-U.S. Privacy Shield frameworks as agreed to between the U.S. Department of Commerce, the European Commission and the Swiss Administration regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. PSI Group has certified that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement, and liability. To learn more about the Privacy Shield program, and to view PSI Group‘s certification, please visit the Privacy Shield website at www.privacyshield.gov. PSI Group acknowledges that as a participant in the Privacy Shield Framework we are under the enforcement authority of the Federal Trade Commission.
This notice outlines our general policy and practices for implementing the Privacy Shield Principles, including the type of information to which this notice applies, how we use personal information, and the choices individuals have regarding our use of, and their ability to access and correct, that personal information. If there is any conflict between the policies in this notice and the Privacy Shield Principles, the Privacy Shield Principles will govern.
This notice applies to all personal information we handle, including on-line (except as noted below), off-line, and manually processed data. For purposes of this notice, “personal information” means data that:
- is transferred from the European Union or Switzerland to the United States;
- is recorded in any form; and
- is about, or pertains to, a specific individual who is identified in, or is identifiable from, the data.
“Sensitive information” is a subcategory of personal information. Sensitive information is defined as personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or the sex life of the individual. Sensitive information also includes personal information received from a third party where the third party treats and identifies it as sensitive.
Privacy Shield Principles Regarding Personal Information
Notice and Choice
We notify individuals about the personal information we collect from them, how we use it, and how to contact us with privacy concerns. We obtain personal information only as permitted by the Privacy Shield Principles or with the consent of the individual affected. Consent for personal information to be collected, used, and/or disclosed in certain ways may be required in order for an individual to obtain or use our services.
PSI Group is a data processor for its clients. Specifically, PSI Group is an application service provider that enables our clients to administer various assessment instruments to their current and prospective employees via our web-based platforms. The types of personal information that PSI Group may collect in order to provide its services include, but are not limited to: (1) name; (2) address; (3) email address; (4) telephone number; (5) billing information; (6) assessment scoring data; and (7) psychometric test respondent data.
We collect personal information for various purposes, which include, but are not limited to: (1) providing our services to our clients, such as hosting web-based platforms that enable them to administer online talent assessments, pre-employment testing, employee assessments, and furnishing personalized computer-generated reports from completion of our psychometric instrument questionnaires; (2) generating research and statistical data related to the information collected through the completion of our psychometric instrument questionnaires; (3) communicating with our clients regarding the administration of our service contracts with them; (4) marketing our products and services to prospective and current clients; and (5) soliciting feedback from our clients regarding our products and services.
To the extent permitted under the Privacy Shield, we reserve the right to process personal information in the course of providing professional services to our clients, in a manner consistent with the purposes for which the information is collected, without the knowledge of individuals involved.
We offer individuals the opportunity to opt out of disclosures of personal information to a third party or the use of personal information for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual.
We will comply with the Privacy Shield Principles with respect to disclosures of sensitive information, including, when applicable, obtaining the explicit consent (i.e., opt in consent) of the individual prior to disclosing sensitive information to a third party or using sensitive information for purposes other than those for which it was originally collected or subsequently authorized by the individual. Transfers of information permitted under this notice, either to third parties or within PSI Group, include the transfer of data from one jurisdiction to another, such as transfers to and from the U.S.
Accountability for Onward Transfers
We are potentially liable in cases of onward transfers of personal information to third parties, such as when third parties that act as agents on our behalf process personal information in a manner inconsistent with the Privacy Shield Principles. We will ensure that any third party to which we disclose personal information provides the same level of privacy protection as is required by the Privacy Shield principles and agrees in writing to provide an adequate level of privacy protection.
We may transfer personal information to, third-party agents, or service providers, who perform functions on our behalf, including, but not limited to: (1) suppliers and licensors that process data on our behalf; and (2) third parties who service our clients’ accounts, fulfill our clients’ orders for our products and services, and validate payment information. We also may transfer personal information to our affiliates, for purposes including, but not limited to: (1) our marketing activities; (2) fulfilling clients’ orders for our products and services; and (3) processing personal information to assist us in providing our services. Additionally, we transfer personal information to our clients, who act as data controllers, for the purpose of providing our services to them.
We do not disclose personal information to third parties, except when one or more of the following conditions is true:
- We have the individual’s permission to make the disclosure;
- The disclosure is permitted by law or mandatory professional standards;
- The disclosure is reasonably related to the sale or other disposition of all or part of our business or assets;
- The personal information to be disclosed is publicly available;
- The party to whom the disclosure is made controls, is controlled by, or is under common control with PSI Group;
- The disclosure is reasonably necessary for the establishment or maintenance of legal claims;
- The disclosure is to persons or entities for whom we are providing services, provided the disclosure is consistent with the purpose for which the personal information was obtained; or
- The disclosure is necessary to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Data Security and Integrity
We employ physical, electronic, and managerial measures, including education and training of our personnel, designed to provide the personal information in our possession with reasonable protection from accidental loss or destruction, improper use, alteration, or disclosure. Personal information collected or displayed through a Web site is protected in transit by industry standard encryption processes. However, we cannot guarantee the security of personal information accessible on or transmitted via the Internet.
We process personal information in ways compatible with the purpose for which the personal information was collected, or as otherwise authorized by the individual. To the extent necessary for such purposes, we take reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable with regard to its intended use.
An individual has the right to obtain our confirmation of whether we maintain personal information relating to him or her. Upon request, we will provide an individual access to his or her personal information within a reasonable time period. If an individual becomes aware that personal information we maintain about that individual is inaccurate, or if an individual would like to update, delete, or review his or her personal information, the individual may contact us using the contact information below. As a security precaution, we may request that the individual provide identifying information such as name, address, birth date, and/or social security number. In addition, we may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive in the circumstances, or as otherwise permitted by the Privacy Shield. If we determine that your access should be restricted in a particular instance, we will provide you with an explanation of our determination and respond to any inquiries you may have. In some circumstances, we may charge a reasonable fee, where warranted, for access to personal information.
Recourse, Enforcement, and Liability
We commit to resolving individuals’ complaints related to our privacy practices or our collection, or use, or disclosure of personal information. An individual may file a privacy complaint by contacting us at our contacting information below.
We have further committed to referring unresolved privacy complaints under the EU-US and Swiss-U.S. Privacy Shield Principles to the International Centre for Dispute Resolution/American Arbitration Association (ICDR/AAA), an independent dispute resolution mechanism. We will cooperate with the independent dispute resolution mechanism to resolve any complaint that is not resolved through our internal processes. For more information about independent dispute resolution through ICDR/AAA, please visit https://info.adr.org/safeharbor.
Please note that if an individual’s complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
We may amend this notice from time to time by posting a revised notice on this Web site, or a similar Web site that replaces this Web site. If we amend the notice, the new notice will apply to personal information previously collected only insofar as the rights of the individual affected are not reduced. So long as we profess to adhere to the Privacy Shield Principles, we will not amend this notice in a manner inconsistent with the Privacy Shield Principles.
Information Subject to Other Policies
We are committed to following the Privacy Shield Principles for all personal information, as that term is defined herein. Other types of information we receive may be subject to policies that may differ in some respects from the policies set forth in this notice. For example, certain of our Web sites have their own privacy policies that apply specifically to those Web sites. Those policies may be accessed through the Web sites in question. Information relating to present or former PSI Group personnel is subject to our policies concerning personnel data privacy, which are available to present and former PSI Group personnel upon request. Information obtained from or relating to clients or former clients is further subject to the terms of any privacy commitment made to the client, any agreements with the client, and/or any applicable laws and professional standards.