Privacy Policy

 

Human eSources Privacy Policy Notice

Dated: 03/11/2021

PLEASE READ THIS POLICY CAREFULLY

Your privacy is most important to us. At Human eSources, Ltd. (“Human eSources”, “our”, “us” or “we”), Human eSources shall ensure that it complies with the following privacy notice when processing personal information on behalf of our partners and or your academic institution, government agency, independent counsellor, company or any other organization (hereinafter collectively “Organization(s)”). This privacy notice applies only to your use of any Human eSources products (“Products”) or services (“services”).  We are adamant about protecting the privacy of our users and subscribers. Our policy is simple: except as noted below we do not sell, share, or provide in any way your personally identifiable information to any person, company or organization without your prior permission.

Any person accessing, browsing, or otherwise using the Human eSources, products or services shall be considered a (“user”). All users are bound by the terms of this Privacy Policy. Users consent to the collection, use, and disclosure of personally identifiable user information (“information”) pursuant to the terms of this Privacy Policy.  You acknowledge that the organization through which you have been given access to Human eSources products and services is the data controller in respect of your personal information. The Data Controller controls your personal information.  Human eSources is the data processor and processes your personal information in accordance with the instructions given to us by the Data Controller. By visiting or using the Human eSources, websites, products or services, you are accepting the practices described in this Privacy Policy.

Information Collection and Use

Human eSources collects registration, authentication, and assessment information from users who use our products and services including; your name, gender and email address.  We are the sole owners of the information collected on our sites. By providing any such information, the user consents to our GDPR Platform Privacy Policy.

Information Collected Through Account Creation and Registration, Login, and Obtaining and using Programs and Services may be used to:

  • Generate statistical studies and conduct research related to our professional work.
  • Identify, develop, and offer existing and new products and services.

The personal information we process will be processed by staff operating outside of the EEA. Please contact the Data Controller for further details on the specific safeguards applied to the export of your personal information outside the EEA.

Use of Cookies

For all its products and services, Human eSources uses session cookies for session management to distinguish you from other users. This helps us provide you with a good experience when you use our Website and Products. The cookie is a text string stored by a user’s web browser. It consists of one or more name-value pairs containing bits of information, which may be encrypted for information privacy and data security purposes. The cookie is used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing textual data. For example, our session cookies allow users to log in to our products and services. The web server will first send a cookie containing a unique session identifier. Users then submit their credentials and the web application authenticates the session and allows the user access to services.

As text, cookies are not executable files. Because they are not executable, they cannot replicate themselves and are not viruses. Most modern browsers allow users to decide whether to accept cookies, and the time frame to keep them, but rejecting cookies makes our products and services unusable. Session cookies used by Human eSources are deleted by the user’s computer when the browser is closed, when the computer is turned off, or when the session automatically times out.

Human eSources does not place cookies permanently on the user’s hard drives to track user activity in any way.  Service providers to Human eSources may use cookies; we have no control over those cookies, and this Privacy Policy does not cover them

Service Providers

Human eSources uses Google Analytics to anonymously monitor traffic in our products and services to identify trends, administer the product, track users’ movements within the product and gather broad demographic information for aggregated use. This information is not linked to and does not contain personally identifiable information. We will not share this information with any other third party.

In addition, Human eSources uses DataDog for application performance monitoring to anonymously monitor traffic in our products for the purpose of optimization of service performance. We will not share this information with any other third party.

Human eSources also uses Amazon Web Services to anonymously host our services and products. All data stored in the cloud is both encrypted at rest and in transit.

Linked Internet Websites

The Human eSources websites, products and services may provide hyperlinks, which are highlighted words or pictures within a hypertext document that, when clicked, take you to another place within the document, to another document altogether, or may take you to a third party website not controlled by Human eSources. These hyperlinked third party websites may collect and disclose Information differently than Human eSources websites, products and services, and if you visit these third party websites we recommend that you read their privacy policy statements. Human eSources is not responsible for the collection, use, or disclosure of information collected through these websites, and Human eSources expressly disclaims any and all liability related to such collection, use, or disclosure. We are not the controller of your personal information

Communication Options from Human eSources products

We communicate electronically with our users through mandatory system-generated emails. System-generated emails are a direct response to a user’s action on the site(s). Examples include: adding a staff person or program administrator to an institutional account, and username and password reminders.

Exceptions to the Privacy Policy & Disclosure of your information

There are limited exceptions to the Human eSources Privacy Policy, when we may disclose what personal information we have to third parties based on justified circumstances.

Purpose of disclosure and third party(s) to which disclosure might be made Use Justification
If you request we do so. You have provided your consent.
The portfolios associated with Human eSources products are intended for storage of results, artifacts and access to authorized products and are protected by users’ passwords. The contents of each portfolio can be viewed by the portfolio creator and, in the case of an Organization subscription, site practitioner(s) or Professional(s), manager or supervisor. Processing is necessary for compliance with a legal obligation.
If we sell any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets. Legitimate interests (i.e. to buy or sell business assets).
If Human eSources or substantially all of its assets are acquired by a third party or enters into a merger, personal information about our users will be one of the transferred assets. Legitimate interests (i.e. to dispose of our business).
If we are under a duty to disclose or share your personal information in order to comply with any legal obligation or to protect the rights, property, or safety of Human eSources, our users, or others. Processing is necessary for compliance with a legal obligation, or processing is necessary in order to protect the vital interests of a natural person
We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so based on the advice of counsel. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime. Legitimate interests (i.e. to cooperate with law enforcement and regulatory authorities)
Human eSources will share user information with authorized personnel at Organizations who have purchased access to Human eSources on the users behalf and who we consider site practitioners (example: teachers, counselors, faculty, professors, supervisors, etc.). Since those Organizations are responsible for assigning access to user information, they are the Data Controller, it becomes the responsibility of the user to determine whom in the said Organizations has access to their information. Human eSources is not responsible for the actions, practices, or policies of those Organizations and their use of user information. Legitimate interests

Security

The security of your information is important to us.  Human eSources has security measures to protect against the loss, misuse, and alteration of the information under our control.  Our website, products and services use Secure Sockets Layer technology (SSL), which encrypts all sensitive information users input before it is sent to us. Thus, we have taken steps to protect the information we collect from you from unauthorized access, use, and disclosure. Human eSources makes no representations or warranties with regard to the sufficiency of these security measures. Human eSources shall not be responsible for any actual or consequential damages that result from a lapse in compliance with this Privacy Policy because of a security breach or technical malfunction.

International Data Transfers

If you are a direct customer of ours the transfer of your personal data to the U.S. is necessary to perform the contract with you and we transfer the data on the basis of Art. 49 (1) no. 2 GDPR.

If you are not a direct customer of ours, we are bound to the obligations for data importers under the standard contractual clauses adopted by the European Commission with COMMISSION IMPLEMENTING DECISION (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council („SCC“) and transfer your personal data on the basis of the SCC in connection with Art. 46 (2) c GDPR. We may have entered into SCC with the company you are a customer with. You may request a copy of these SCC by contacting us through our Customer Care Portal.

Applicable Law/International Issues

Information that is submitted to Human eSources websites, products and services will be collected, processed, stored, disclosed and disposed of in accordance with applicable U.S. law. If you are a non-U.S. user, you acknowledge and agree that we may collect and use your information, as discussed above, outside your resident jurisdiction. In addition, such information may be stored on servers located outside your resident jurisdiction. U.S. law may not provide the degree of protection for information that is available in other countries. By providing us with your information, you acknowledge that you have read this Privacy Policy, understand it, agree to its terms and consent to the transfer of such Information outside your resident jurisdiction. If you do not consent to the terms of this Policy, please do not use Human eSources websites, products and services.

Changes to this Policy

Human eSources reserves the right to modify our Privacy Policy from time to time. You should review our Privacy Policy statement periodically. If we make significant modifications to the policy, we will post on the home page of the Human eSources website, for 7 days prior to the effective date of the new policy, a notice that we have a new privacy policy.

How long we retain your personal data

The Data Controller determines how long we retain your personal data. As a general rule, we will hold the personal information provided to us for as long as is necessary in order to accommodate your use of the Human eSources products and services made available, to deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. Once your account is terminated or deactivated, we shall delete the personal information relating to your account, or otherwise as directed by the Data Controller.

Your rights & control

Under the General Data Protection Regulation (EU) 2017/676 you have the following rights in relation to your personal information.  All of these rights can be exercised by contacting the Data Controller.  If for some reason you are unable to work with your Data controller to exercise your rights you may contact Human eSources through our Customer Care Portal.

Rights Details
Right to Rectification We will use reasonable endeavors to ensure that your personal information is accurate. To update your personal information you can:

  • Sign in to your account and change your personal information through the program software
  • In the case of organizational account access, contact the authorized person at your Data Controller that has authorized access to our products.
  • If neither of these options work, contact Human eSources through our Customer Care Portal.
Right to erasure / ‘Right to be forgotten’ Asking us to delete all of your personal data will result in Human eSources deleting your personal data without undue delay (unless there is a legitimate and legal reason why Human eSources is unable to delete your personal data, in which case we will inform you of this in writing).
Right to restriction of processing You have the right to ask us to stop processing your personal data at any time.
Right to data portability You have the right to request that Human eSources provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so.
Right of access You have the right to obtain confirmation as to whether your personal data are being processed, and, where that is the case, access to such personal data.
Right to complain You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK (see www.ico.org.uk). Although we encourage our users first to engage with the Data Controller in the event they have any concerns or complaints.

Human eSources does not charge in respect of any requests we receive to exercise any of the rights detailed above; however, if excessive, repetitive or unfounded requests are made, we may charge an administration fee to process such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.

Where Human eSources is requested to rectify or erase personal data or restrict any processing of such personal data, Human eSources may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right, for example, to comply with its legal obligations. 

Contacting Us

If you have any questions about this Privacy Policy, the practices of this site or your dealings with Human eSources products, please contact us through our Customer Care Portal.

Processing of Personal Data

Entity: Human eSources  Ltd. (“HeS”)

Personal data we process:

  • First name
  • Last name
  • Email address
  • Gender
  • Address (for retail purchases only)
  • Date of birth (for retail purchases only)
  • Your learning management User ID
  • HeS User role (Student/Instructor)

Purpose of processing:
For customer support purposes.

Legal basis for processing:
You have provided your consent.

How long the data will be stored:
Indefinitely, until we are asked to remove it. Data will be expunged upon request unless otherwise contractually obligated.

Will the data be shared with third parties?
No.

Is the data transferred outside the European Economic Area?
Yes, with consent.

Entity: Human eSources Canada Ltd. (Affiliate)

Personal data we process:

  • First name
  • Last name
  • Email address
  • Gender
  • Address (for retail purchases only)
  • Date of birth (for retail purchases only)
  • Your learning management User ID
  • HeS User role (Student/Instructor)

Purpose of processing:
For technical support and statistical analysis: To ensure validity and reliability of our assessments.

Legal basis for processing:
You have provided your consent.

How long the data will be stored:
Indefinitely, until we are asked to remove it. Data will be expunged upon request unless otherwise contractually obligated.

Will the data be shared with third parties?
No.

Is the data transferred outside the European Economic Area?
Yes.

Entity: Amazon Web Services, Inc. (“AWS”)

Personal data we process:
Hosted personal data is encrypted in transit and at rest.

Purpose of processing:
To supply required services to support our applications.

Legal basis for processing:
Processing is necessary for our legitimate interests.

How long the data will be stored:
Indefinitely, until we are asked to remove it. Data will be expunged upon request unless otherwise contractually obligated.

Will the data be shared with third parties?
No.

Is the data transferred outside the European Economic Area?
Region-dependent. AWS has implemented and will maintain technical and organisational security measures to protect customer data, including personal data, in accordance with the Standard Contractual Clauses.

Data processed for Kaplan International Pathways is hosted in the European Union and is not subject to transfers outside of the EEA.

Entity: Zoho Corporation Pvt. Ltd.

Personal data we process:
Email address.

Purpose of processing:
To supply required services to support our applications.

Legal basis for processing:
Processing is necessary for our legitimate interests.

How long the data will be stored:
Indefinitely, until we are asked to remove it. Data will be expunged upon request unless otherwise contractually obligated.

Will the data be shared with third parties?
No.

Is the data transferred outside the European Economic Area?
Yes.

 

Human eSources Corporate Website Privacy Policy Notice

Dated: 27/03/2019

PLEASE READ THIS POLICY CAREFULLY

Privacy Statement

Your privacy is most important to us. At Human eSources, Ltd. (“Human eSources”, “our”, “us” or “we”), Human eSources shall ensure that it complies with the following privacy notice when processing personal information on behalf of our partners and or your academic institution or organization. This privacy notice applies only to your use of any Human eSources products (“Products”) or services (“services”) and activities on or in connection with our public website, https://www.humanesources.com (“Website”).  we are adamant about protecting the privacy of our users and subscribers. Our policy is simple: except as noted below we do not sell, share, or provide in any way your personally identifiable information to any person, company or organization without your prior permission.

User Consent to Privacy Policy

Any person accessing, browsing, or otherwise using the Human eSources, websites, products or services shall be considered a “user.” All users are bound by the terms of this Privacy Policy. Users consent to the collection, use, and disclosure of personally identifiable user information (“information”) pursuant to the terms of this Privacy Policy.  By visiting or using the Human eSources, websites, products or services, you are accepting the practices described in this Privacy Policy.

Information Collection and Use

Human eSources collects registration, authentication, and assessment information from users who use our products and services from our websites and we are the sole owners of the information collected on our sites. We will not sell, share or provide this information to others in ways different from what is disclosed in this Privacy Policy.

Information Collected Through Account Creation and Registration, Login, and Obtaining and using Programs and Services:

May be used to.

  • Generate statistical studies and conduct research related to our professional work.
  • Identify, develop, and offer existing and new products and services.

Following are examples of the types of accounts and services offered by Human eSources and the type of information that is collected from the user. By providing any such information, the user consents to our Privacy Policy:

  • Retail Accounts: Retail account holders provide us with their full names, address, telephone number, gender, email address, password, and credit card information. All underage minor users of our products provide us with their email address or user name, gender, grade level, in some cases, birth month and year, and password.
  • Institution subscriptions: Subscriptions to Human eSources Products directly from schools, government agencies, independent counselors, companies, Human eSources partners, or any other organization (hereinafter collectively “Organization(s)”), Human eSources processes your personal information in accordance with the instructions given to us by the Organization.

Personally identifiable information collected during the account registration process, use of our programs and services, users choosing to receive certain email communications, and participation in electronic events, may be used to:

  • Generate statistical studies and conduct research related to our professional work.
  • Identify, develop, and offer existing and new products and services.

Log Files

We use IP addresses to identify trends, administer the site, track users’ movements within our sites and gather broad demographic information for aggregated use. We will not share this information with any other third party. IP addresses are not linked to personally identifying information.

Portfolios

The portfolios on our websites are intended for storage of results, artifacts and access to authorized products and are protected by users’ passwords. The contents of each portfolio can be viewed by the portfolio creator and, in the case of an Organization subscription, site practitioner(s) or Professional(s), manager or supervisor, Parents or Guardians in the case of retail consumer customers.

Newsletters and other Communication Tools

If you wish to subscribe to any newsletter or other electronic communication tools we produce, we ask for contact information, such as your name and e-mail address. Your e-mail address will be used to deliver these communications and information from the Human eSources websites. The personal communication information users provide us with will NOT be distributed to any other third party for any reason whatsoever.

Exceptions to the Privacy Policy

There are limited exceptions to the Human eSources Privacy Policy.

  • When required by law to comply with any valid legal process such as a search warrant, subpoena, statute, regulation or court order, Human eSources will supply such information as, based on the advice of counsel, Human eSources reasonably determines it is legally required to supply.
  • Human eSources may release specific information relevant to special cases, such as a physical threat to you or others or an attempted breach of security on our websites.
  • For users who access Human eSources products and services provided to them by schools, government agencies, independent counselors, companies, or any other organization (hereinafter collectively “Organizations”) that purchases services from Human eSources, Ltd, whether or not the user pays for the Human eSources services directly, Human eSources will share user information with authorized personnel at those Organizations who we consider site practitioners (example: teachers, counselors, supervisors, etc.). Since those Organizations are responsible for assigning access to user information it becomes the responsibility of the user to determine whom in the said Organizations has access to their information. Human eSources is not responsible for the actions, practices, or policies of those Organizations and their use of user information.
  • Many users of Human eSources products are underage minors. Human eSources will provide access to these users information as described in the above paragraph. Human eSources will also share underage minor user’s information with parents or guardians.
  • Human eSources Ltd. may disclose or transfer user information to a third party in the event that Human eSources Ltd. enters into a merger or enters into bankruptcy, or a third party acquires Human eSources Ltd. or its assets.

Use of Cookies

For all its products and services, Human eSources uses session cookies for session management to distinguish you from other users. This helps us provide you with a good experience when you use our Website and Products. The cookie is a text string stored by a user’s web browser. It consists of one or more name-value pairs containing bits of information, which may be encrypted for information privacy and data security purposes. The cookie is used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing textual data. For example, our session cookies allow users to log in to our products and services. The web server will first send a cookie containing a unique session identifier. Users then submit their credentials and the web application authenticates the session and allows the user access to services.

As text, cookies are not executable files. Because they are not executable, they cannot replicate themselves and are not viruses. Most modern browsers allow users to decide whether to accept cookies, and the time frame to keep them, but rejecting cookies makes our products and services unusable. Session cookies used by Human eSources are deleted by the user’s computer when the browser is closed, when the computer is turned off, or when the session automatically times out.

Human eSources does not place cookies permanently on the user’s hard drives to track user activity in any way.

Service Providers

Human eSources uses third parties to process credit card transactions.  Human eSources does not store credit card numbers except the last four digits required for refunds should they occur.

Human eSources uses third parties to anonymously monitor traffic on our websites, Products and services to identify trends, administer the site, track users’ movements within our sites and gather broad demographic information for aggregated use. We will not share this information with any other third party. These programs record visitors’ host, domain names, pages visited, length of user sessions, browser type and/or IP addresses. The programs track the number of times the site(s) are visited, how many visitors come to the site(s), which parts of the site(s) are frequented, and the length of time of each visit. This information is not linked to and does not contain personally identifiable information.

Some of our third party service providers use cookies on our websites; we have no control over those cookies, and this Privacy Policy does not cover them. Human eSources will not be held responsible for data breaches by these credit card processing companies.

Communication Options from Human eSources, Ltd websites

We communicate electronically with our users through three types of emails: mandatory system-generated emails, optional emails, and promotion emails. System-generated emails are a direct response to a user’s action on the site(s). Examples include: confirmation of a purchase, adding a staff person or program administrator to an institutional account, and username and password reminders. Optional emails are selected by the user based on specific services chosen. Examples include email newsletters and user product updates. Promotion emails are determined by Human eSources to promote other useful products to our users and to get user opinions about our products and services. Examples include product promotions, alerts, and surveys.

Linked Internet Web Sites

The Human eSources websites, products and services may provide hyperlinks, which are highlighted words or pictures within a hypertext document that, when clicked, take you to another place within the document, to another document altogether, or may take you to a third party website not controlled by Human eSources These hyperlinked third party websites may collect and disclose Information differently than Human eSources websites, products and services, and if you visit these third party websites we recommend that you read their privacy policy statements. Human eSources is not responsible for the collection, use, or disclosure of information collected through these websites, and Human eSources expressly disclaims any and all liability related to such collection, use, or disclosure.

Security

The security of your information is important to us.  Human eSources has security measures to protect against the loss, misuse, and alteration of the information under our control.  Our website, products and services uses Secure Sockets Layer technology (SSL), which encrypts all sensitive information users’ input before it is sent to us. Thus, we have taken steps to protect the information we collect from you from unauthorized access, use, and disclosure. Human eSources makes no representations or warranties with regard to the sufficiency of these security measures. Human eSources shall not be responsible for any actual or consequential damages that result from a lapse in compliance with this Privacy Policy because of a security breach or technical malfunction.

Applicable Law/International Issues

Information that is submitted to Human eSources websites, products and services will be collected, processed, stored, disclosed and disposed of in accordance with applicable U.S. law. If you are a non-U.S. user, you acknowledge and agree that we may collect and use your information, as discussed above, outside your resident jurisdiction. In addition, such information may be stored on servers located outside your resident jurisdiction. U.S. law may not provide the degree of protection for information that is available in other countries. By providing us with your information, you acknowledge that your have read this Privacy Policy, understand it, agree to its terms and consent to the transfer of such Information outside your resident jurisdiction. If you do not consent to the terms of this Policy, please do not use Human eSources websites, products and services.

Compliance with Privacy Laws

Human eSources complies fully with the requirements of the federal Family Educational Rights and Privacy Act of 1974, as amended, 20 U.S.C. Sec. 1232g (“FERPA”), the Student Online Personal Information Protection Act, Assembly Bill No. 1584 codified in Education Code Section 49073.1, and all other federal and state guidelines applicable and adopted in accordance therewith. Personally identifiable information received by Human eSources will be used solely for legitimate interests.

Pursuant to AB 1584, student records entered into accounts on the Website by students of the Local Educational Agency (“LEA”) shall continue to be the property of, and under the control of, the LEA. Students may retain possession and control of or transfer such accounts to personal accounts upon by following instructions from within their account. In the event of an unauthorized disclosure of records, we will promptly notify the affected parent, legal guardian, or eligible pupil and LEA and take appropriate mitigation efforts. Pupil records shall not be retained upon completion of the terms of the contract.

Further, in compliance with the Children’s Online Privacy Protection Act of 1998, 15 U.S.C. Sec. 6501-6506 (“COPPA”) and consistent with the Privacy Policy of the Website, students under thirteen should not create accounts on Human eSources Products. The only exception is when Human eSources™ has agreements in place with schools, districts and or partners who have consent to usage on behalf of the student.

Amendments to Privacy Policy

Human eSources reserves the right to modify our Privacy Policy from time to time. You should review our Privacy Policy statement periodically. If we make significant modifications to the policy we will post, on the home page of the Human eSources website, for 7 days prior to the effective date of the new policy, a notice that we have a new privacy policy.

Access to Personally Identifiable Information

You can change your personally identifiable information in any of these ways:

  • Sign in to your account and change your personal information through the program software
  • In the case of institutional account access, contact a faculty member, counselor, or other staff person that has authorized access to our products
  • Contact Human eSources, Ltd at privacy@humanesources.com

To close or deactivate your account, you must:

Contact Customer Service through our Customer Care Portal, or write to:

Human eSources, Ltd

Attention: Customer Service

PO Box 232

Marlborough, CT 06447

Contacting Us

If you have any questions about this Privacy Policy, the practices of this site or your dealings with Human eSources websites, please contact privacy@humanesources.com