MAX
 
TRUSTe

TRACOM Data and Privacy Policy

Effective Date: 1 May 2024

Introduction

TRACOM Group (collectively, "TRACOM", "We", "Us", or "Our") is committed to safeguarding the privacy and rights of all individuals who use our products and services. We strictly adhere to a policy of not selling, leasing, or renting any personal data to third parties for any reason. Our approach to data collection and use is fully transparent, ensuring our customers are well informed about how their information is handled. This privacy policy details our methods for collecting, utilizing, and securing customer information. By choosing to use our products and services, you consent to the practices described in this policy.

Personal Data

TRACOM collects personal information from our customers when they register for and use our products, services, and websites. While delivering these services, the personal data gathered includes, but is not limited to the following:

Contact Information
Examples: First name, last name, email address, street address, phone number
Purpose: To identify you, communicate with you, respond to your requests, and perform Our services.

Demographic Information (Optional)
Examples: Country, Company, Job, Job Level, Industry, Age Range, Gender, and Ethnicity (US respondents only)
Purpose: For statistical analysis, and to improve Our products and services.

Identifying Information
Examples: Username, Password, Security Questions and Responses.
Purpose: To authenticate and grant you authorized access to Our products and services.

Behavioral Information
Examples: Training assessment responses.
Purpose: To perform the training services provided by TRACOM.

Non-Personal Information
Examples: IP address, browser type, browser version, pages visited, date/time visited, referring URL, and others.
Purpose: This information is used to improve quality, reliability, and remediate any technical issues.

This information may also be used to comply with any legal obligations and to send you marketing materials, special offers, and other information we think you might find interesting. You can unsubscribe from these communications at any time by selecting the unsubscribe link at the bottom of our marketing or sales emails.

Children

Our products and services are not designed for individuals under 18. We do not intentionally gather personal data from minors. Should a child under 18 provide us with such information, guardians should immediately inform us. In addition, if we find that personal data from a child under 18 was collected without parental consent, it will promptly be deleted from our systems.

Cookies

TRACOM websites use cookies and other tracking technologies to provide a better user experience and to analyze how our customers use our services. You can control cookies by adjusting your browser settings to refuse cookies or notify you when cookies are being sent. However, some features of our websites may not function properly if you disable cookies.

Data Retention

We retain our clients personal information for as long as necessary to provide our products and services, and for the purposes described in this privacy policy. We may also retain personal information to comply with legal obligations, resolve disputes, and enforce our agreements and policies.

Data Security

Ensuring the protection of personal data is paramount at TRACOM. We strictly follow industry standards for privacy and security, utilizing encryption technologies to safeguard information both stored and in transit. Despite these measures, absolute security cannot be guaranteed. Should you have any concerns about the privacy or security of your personal information, we encourage you to contact us.

Data Transfer

TRACOM manages your personal data on systems within the United States, potentially under different data protection laws than those in your region. By agreeing to this Privacy Policy or sharing your information, you approve this transfer. We commit to handling your data securely, aligning with this policy, and will not transfer it internationally unless stringent data protection and security measures are confirmed to protect your personal information.

In the event of an asset sale, merger, consolidation, restructuring, reorganization, liquidation, or similar transaction involving TRACOM, we may transfer some or all personal data to the successor company. TRACOM will notify you via email and/or prominent notice on Our websites of any change in ownership, choices, or uses regarding your personal data.

Google Analytics

Google Analytics is a web analytics service offered by Google LLC that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. For more information on Google's privacy practices, please visit the Google Privacy and Terms page.

Legal Disclosure

TRACOM may disclose your personal data to third parties in certain circumstances, including the following:

Payments

For purchases of our products and services, we may request payment information and use a PayPal payment gateway for secure processing. We do not store or collect card details; this information is directly managed by payment processors adhering to their privacy policies and the Payment Card Industry Data Security Standards (PCI-DSS), ensuring secure transaction handling. For more information on PayPal's privacy practices, please visit the PayPal Privacy Statement page.

Service Providers

TRACOM may share personal information with third-party service providers who assist us in providing our services, such as payment processors, email service providers, and analytics providers. These service providers are required to protect the confidentiality of our customers personal information and are prohibited from using it for any other purpose.

Tracking

TRACOM does not support the Do Not Track (DNT) browser option. Do Not Track is a preference you can set in some web browsers to inform websites that you do not want to be tracked.

TRACOM gathers certain information automatically, storing it in log files. Information may include Internet Service Provider (ISP), Internet Protocol (IP) addresses, operating system, browser type, referring or exit pages, date/time stamp, and clickstream data to improve our analytics and services.

GDPR Compliance

TRACOM complies with the European Union's General Data Protection Regulation regarding your data privacy and processing requirements. As a data subject under the GDPR, you have the following rights:

To learn more please visit the European Commission or national Data Protection Authority in your country.

Should you wish to exercise your rights with respect to your personal data you have two options:

1) You can unsubscribe (opt-out) from some or all TRACOM communications at any time by selecting the unsubscribe link at the bottom of our marketing or sales emails. Upon selecting that link, a screen will display where you can choose your desired communication preferences.

2) Contact DataRep with any concerns or questions. DataRep has locations in each of the 27 EU countries, Norway, Iceland in the European Economic Area (EEA), and UK. Contact them via any of the following methods:

DPF Compliance

TRACOM is certified and complies with the principles regarding the processing of personal data received from the European Union in reliance on the EU-U.S. Data Privacy Framework (EU-U.S. DPF), United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF, and Switzerland in reliance on the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce.

TRACOM is responsible for the processing of personal data it receives, and any subsequent transfers to a third-party acting agent on its behalf, under the DPF. TRACOM complies with DPF principles for all onward transfers of personal data from the EU, United Kingdom, and Switzerland, including the onward transfer liability provisions.

TRACOM is subject to the regulatory enforcement powers of the US Federal Trade Commission with respect to personal data received or transferred. TRACOM may also be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.

To learn more or view our DPF certification please visit the Data Privacy Framework Program.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, TRACOM commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States, Canada, and the United Kingdom.

If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the TRUSTe Feedback & Resolution page for more information or to file a complaint. The services of TRUSTe are provided at no cost to you.

Under certain conditions outlined in Annex I of the DPF Principles, individuals have the right to invoke binding arbitration to resolve claims. To initiate this process, the individual must provide formal notice to our organization and comply with the procedures and conditions specified in Annex I. Our organization is committed to engaging in the arbitration process and adhering to its terms as required.

As a data subject under the DPF, you have the following rights:

Should you wish to exercise your rights with respect to your personal data you have two options:

1) You can unsubscribe (opt-out) from some or all TRACOM communications at any time by selecting the unsubscribe link at the bottom of our marketing or sales emails. Upon selecting that link, a screen will display where you can choose your desired communication preferences.

2) Contact TRACOM directly with any concerns or questions using any of the methods listed in the How to Contact Us section of this privacy policy below.

TRACOM does not share your personal information with any third-party agents. All personal data processing activities are carried out in-house by our team, ensuring direct control over the handling and security of your personal information.

TRACOM collects explicit consent before using or sharing your sensitive personal information such as health, ethnic/racial, political, or religious data. Consent is obtained through your employer?s contractual agreement with TRACOM. You may withdraw your consent at any time by notifying your client administrator, who will in turn notify us. TRACOM ensures the highest level of protection for sensitive information, regardless of its source.

SCC Compliance

TRACOM also relies upon the Standard Contractual Clauses (decision 2010/87/EU), which are in effect with many client organizations, as a mechanism for transferring of personal data outside of the EU. TRACOM processes the personal data it receives in The United States (U.S.).


TRACOM MAX SYSTEM

Your employer has contracted with TRACOM to offer personal and professional development services. These services include creating Learner Profile reports from assessment data for both personal and group training. If you choose not to share personal data, you can receive a sample report, but this may limit the training's relevance. Providing feedback about your coworkers is optional, and withholding it means your insights will not be included in their Learner Profile report. Once Learner Profile reports are delivered to the Client Administrators, Facilitators, or Learners, TRACOM no longer controls that personal information.

We perform periodic analysis, using the demographic data collected to improve and validate our assessments. Such analysis are performed using aggregated data only. No individual information is analyzed.

Your Personal Rights

TRACOM honors your control over your personal data and will confirm if we are using your information, offering details on its presence in our records. Sometimes, fulfilling your request might not be possible due to regulatory duties, legal matters, identity verification issues, or high costs, but we will still promptly inform you about any limitations. For the performance of our multi-rater assessments, you will need to provide contact details for others (Raters) to assess you online. We will send them a one-time email and follow-up reminders, solely for managing the assessment process.

TRACOM adheres to the EU General Data Protection Regulation (GDPR), the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S DPF, and other state and international privacy laws, allowing individuals to exercise their privacy rights according to specified instructions.

The Right of Access and Rectification

Individuals have the right to directly access, view, and change their personal data stored in the TRACOM system. The process for doing this varies based on the website and role in the TRACOM system.

TRACOM MAX (tracommax.com)
Administrators and Facilitators can view and edit their personal data via the My Information Edit screen. In addition, Administrators can edit the personal data of others for which they are authorized via the Individual Edit screen.

TRACOM LEARNING (tracomlearning.com)
Learners can view and edit their personal data via the My Account, My Password, and My Security Questions screens. Learners using Survey Code access must contact their Client Administrator to change their personal data.

IMPORTANT:
For the following individual rights requests, contact your Client Administrator, not TRACOM. They will inform us of any necessary actions. We will acknowledge the request within 10 days and fulfill it within 30 days, keeping the Client Administrator informed throughout.

The Right to Erasure (be Forgotten)

Individuals have the right to submit a request to their Client Administrator to have their personal data removed from the TRACOM system. Upon approval, TRACOM will remove the personal data within 30 days.

The Right to Restriction of Processing

Individuals have the right to submit a request to their Client Administrator to restrict the processing of personal data in the TRACOM system. Upon approval, TRACOM will act upon the Client Administrator's directives within 30 days.

The Right to Data Portability

Individuals have the right to receive their personal data from the TRACOM system in a common machine-readable format so it can be used for other purposes. The individual must submit a request to their Client Administrator, including the desired data format. Upon approval, TRACOM will export then securely send the personal data to your Client Administrator within 30 days. If TRACOM cannot fulfill the request for any reason, the Client Administrator will be notified in writing.

The Right to Object

Individuals have the right to approve or disapprove using their personal data in the TRACOM system. An individual is nominated by their employer to participate in TRACOM services, pursuant to the employer's legitimate interests. The individual must submit a request to their Client Administrator to remove consent.


Privacy Policy Changes

TRACOM may update its Privacy Policy for evolving information practices and service improvement. You will need to accept these updates on your next login. We advise regularly checking this page for the latest data and privacy information.

How to Contact Us

If you have any questions or concern regarding this Privacy Policy, please contact us via any of the following methods:

The TRACOM Corporation
6675 South Kenton Street, Suite 118
Centennial, Colorado, USA 80111