Last updated on November 25, 2018.
1. Important information and who we are
This website is not intended for children 18 years of age or younger and we do not knowingly collect data relating to children.
POINTE is the controller and responsible for your personal data.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
2. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). Personal and contact data including first and last name, job title, and email address will only be obtained with your consent, either through your email with POINTE or through submission of the form to become a registered expert in POINTE’s Training and Experts database. To the extent possible, POINTE seeks to anonymize personal data such as through using the anonymizing features of Google Analytics.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
• Identity Data includes first name, last name, job title, and location.
• Contact Data includes email address.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
• Usage Data includes information about how you use our website and services.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Purpose of collection
The personal information we collect from you is used to enable us to provide you with any of the POINTE services and activities (as described in section 3).
3. How is your personal data collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your identity and contact data by filling in forms or by corresponding with us by email or otherwise.
Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. We may also work with third parties, such as Google Analytics, from which POINTE may receive information about you.
4. How we use your personal data
POINTE may use your personal information to comply with legal obligations, or where POINTE has a legitimate interest in using your information to enhance the services we provide. Legitimate purposes include but are not limited to one or all of the following: modifying, improving or personalizing our services and communications; detecting fraud; investigating suspicious activity and otherwise keeping our site safe and secure; and conducting data analytics.
In addition, we may use your information in the following ways:
• For internal research purposes to help enhance, evaluate, develop, and create POINTE websites (including usage statistics, such as “page views” on POINTE’s websites);
• To notify you about changes or updates to our websites or services;
• To administer our services and for internal operations, including troubleshooting, data analysis, testing, statistical, and survey purposes;
• To allow you to participate in interactive features of our service; and
• For any other purpose that we may notify you of from time to time.
Personal information will not be kept longer than is necessary for the purpose for which it was collected. This means that, unless information must be retained for legal or archival purposes, personal information will be securely destroyed, put beyond use or erased from systems when it is no longer required or, where applicable, following a request from you to destroy or erase your personal information.
By filling out and sending the Expert Consult Database registration form, you consent to POINTE adding the information you provide to the Expert Consult Database. The Expert Consult Database is accessible and downloadable globally.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. Disclosures of your personal data
POINTE will not disclose to or share your personal information with any unaffiliated third party except as follows:
• Where POINTE is required to disclose personal information in response to lawful requests by public authorities and government agencies, including to meet national security or law enforcement requirements; to comply with a subpoena or other legal process; when we believe in good faith that disclosure is necessary to protect our rights or to protect the rights, property or safety of our services, users or others; and to investigate fraud.
6. International transfers
We share your personal data within POINTE. This will involve transferring your data outside the European Economic Area (EEA).
International transfer of personal data, outside of email communication with POINTE, is limited to data viewed within Google Analytics in the United States. Google is certified under both the EU-US and Swiss-US Privacy Shield Framework as a data processor.
7. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. Access to your personal data will be restricted to only those who need to know that information and required to perform their job function.
8. Data retention
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
9. Your legal rights
If you live in a nation governed by the EU General Data Protection Regulation, you have the right to make a written request to be informed whether or not we hold or process any of your personal information (by emailing firstname.lastname@example.org). In your written request, you may:
• Request that we provide you with details of your personal information that we process, the purpose for which it is processed, the recipients of such information, the existence of any automated decision making involving your personal information, and what transfer safeguards we have in place;
• Request that we rectify any errors in your personal information;
• Request that we delete your personal information if our continued processing of such information is not justified;
• Request that we transfer your personal information to a third party;
• Object to automated decision-making and profiling based on legitimate interests or the performance of a task in the public interest (in which event the processing will cease except where there are compelling legitimate grounds, such as when the processing is necessary for the performance of a contract between us);
• Object to direct marketing from us; and
• Object to processing for purposes of scientific, historical research and statistics.
Where applicable under your local laws, we will not use your personal information for marketing purposes, nor disclose your information to any third parties, unless we have your prior consent, which we will seek before collecting your personal information.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights).
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.