E•A•S•I-Consult, LLC Privacy, Confidentiality and Disclosure Statement
This policy outlines the effort of E•A•S•I-Consult, LLC to safeguard the privacy of your personal information that is collected as part of our business (e.g., administering and scoring questionnaires and assessments, conducting interviews, providing and developmental coaching). Any personal information gathered will be used for the sole purpose of E•A•S•I-Consult’s Human Capital consulting practices.
Individuals are entitled to privacy protection in all information systems under the custody and control of E•A•S•I-Consult. While there is no completely secure method of storing data or transmitting information, specific precautions are taken, including: secure-socket layer protocols, encryption of sensitive customer data, etc. E•A•S•I-Consult will not be held responsible for any such loss, interception, or misuse of data prior to taking custody of personal information.
Information E•A•S•I-Consult collects
The following personal information may be required for E•A•S•I-Consult to conduct business with a customer:
- First and last name
- Email address
- Position within organization
- Organization/Company name
- Phone number
- Reponses to and scores of questionnaires and assessments
- Demographic information
Note: Providing this data is not mandatory, but if it is not provided, E•A•S•I-Consult cannot move forward with providing various services (e.g., creating user accounts, setting up online questionnaires and assessments, creating developmental reports).
Certain information listed above, including information on job and test applicant demographics, may be provided by our Corporate Clients or other third parties.
Purposes for which we use personal data
- To set up online assessments, assessment portals for customers, and user accounts on E•A•S•I-Consult’s assessment portal.
- To improve our products and services that we provide to clients.
- To market our services and products to clients, including through electronic mail correspondence. This is only done in instances where it is in accordance with applicable law.
- Carrying out the services agreed upon between the client and E•A•S•I-Consult, including, but not limited to, communications in relation to products or services received from us, handling customer requests, etc.
- To learn more about customer preferences. We may look at the types of products and services you have used in the past to determine products you may interested in.
- E•A•S•I-Consult uses aggregate information from the assessments administered to support validation efforts and create norm groups for use in E•A•S•I-Consult’s business for research or other scientific study. E•A•S•I-Consult does not use any personally identifiable data for such studies or research.
Parties who have access to data and how the data is used
Authorized E•A•S•I-Consult Personnel have access to data. This is to ensure that we are able to provide excellent service to our clients.
E•A•S•I-Consult complies with the EU-U.S. Privacy Shield Framework principles outlined by the U.S. Department of Commerce regarding the processing, storage and collection of Personal Data transferred from a controller or processor regulated by EU data protection laws to the United States. The Privacy Shield principles deal with Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (the “Privacy Shield Principles”). For more information on Privacy Shield and the Privacy Shield Principles, please visit http://www.privacyshield.gov/.
E•A•S•I-Consult shares personal data, including data from assessments and other information about you with our corporate clients. Data sharing with corporate clients occurs if you have applied for a job with this particular client or are a participant in an employee development program with this client. Personal data and exam information are not disclosed to unauthorized third parties or people, unless otherwise required by law.
We may disclose personal data, information from assessments, and other information to our sub- processors/suppliers for the purpose of providing the agreed upon services. In some instances, E•A•S•I-Consult may share personal data with suppliers who provide services to E•A•S•I-Consult, including IT and cloud providers, communication services, testing/assessment services and printing providers. We strive to ensure that our providers take the necessary steps to protect personal data.
Law Enforcement/Public Authorities:
If required, we disclose personal data to public authorities, regulators or governmental bodies. Personal data may be disclosed to the aforementioned parties when these parties require disclosure, when we are legally obligated to disclose personal data to such parties, or when we believe, in our discretion, that disclosure is appropriate to protect our rights and interests or the rights and interests of third parties.
What documentation and/or data will be retained?
Paper and electronic documentation relevant to all steps conducted during E•A•S•I-Consult projects will be retained. These documents can include but are not limited to: assessment calculations and scores, assessment reports, interviews, validation analyses and data, competency models, assessment and selection system design notes, notes concerning decisions made during projects, and technical report documentation. In the case of there being two or more drafts of documentation or data analyses, the final version of this documentation will be the only version retained, provided that significant information is not lost by discarding previous document drafts.
How long will the documentation and/or data be retained?
Upon completion of a project, E•A•S•I-Consult will retain all relevant client data and documentation for a minimum of 3 years from the project completion date. If the data and/or documentation are of specific legal importance (e.g., could potentially be used in a discrimination suit), then that information will be retained for at least the length of the relevant statute of limitation. In such situations, E•A•S•I-Consult will request expert legal advice for the retention of the documentation.
In what format and where will the documentation and/or data be retained?
All electronic documentation and/or data will be retained in the format (e.g., Word, Excel, SPSS) in which it was created and used during project completion. All non-electronic notes and paper documents will be stored in organized boxes or file cabinets. A continuous review will be conducted with the goal of converting all paper copies into electronic files.
All final version electronic data files, reports, and relevant programs/presentations will be password protected and placed on a web-based shared folder, organized by year and by project. A review of stored information will be conducted approximately every 5 years to determine what documentation and/or data should be retained and what should be destroyed.
Confidentiality and Security
E•A•S•I-Consult uses a number of safeguards and processes to prevent unauthorized access or disclosure, maintain data integrity, and ensure the appropriate use of personal data. E•A•S•I-Consult maintains personal data and data from assessments on secured computers and all customers, exam candidates, and employer accounts are password protected. E•A•S•I-Consult will take reasonable action to employ security measures designed to protect such information. No personal data is knowingly disclosed to third parties except as described herein. No data transmission over the Internet is guaranteed to be free of insecurities. Therefore, E•A•S•I-Consult cannot ensure the security of any information transmitted by users.
E•A•S•I-Consult will make an effort to accommodate any requests from clients to use clients’ personal data retention policies.
General Data Protection Regulation (GDPR)
E•A•S•I-Consult is committed to abiding by international regulations concerning data protection and the General Data Protection Regulation is part of that commitment. Customers in the European Union can be assured that their data is being securely used by E•A•S•I-Consult and that full compliance of the GDPR is in effect.
Legal Basis for Collecting Data
E•A•S•I-Consult’s legal basis for collecting customer data is given through consent by the customer to have their data processed for the specific purposes of assessment, employee development and human capital consulting.
Rights Guaranteed by GDPR
- Right to be informed – Customers have the right to full transparency as to how their personally identifiable information is being used.
- Right to access – Customers have the right to know what information is held about them and the way it is processed.
- Right of rectification – Customers have the right to demand data be changed if it is inaccurate or incomplete.
- Right to erasure – Customers have the right to demand personal data be deleted without a specific reason being required for deletion.
- Right to restrict processing – Customers have the right to block processing of their personal data.
- Right to data portability – Customers have the right to retain and reuse their personal data for their own purpose.
- Right to object – Customers have the right to object to their personal data being used in certain circumstances.
- Right of automated decision making and profiling – Customers have the right to demand their data not be used in an automated decision-making process (i.e., one without human intervention).
Customers may contact E•A•S•I-Consult at any time to:
- Request access to information that E•A•S•I-Consult has concerning the individual
- Correct any information that E•A•S•I-Consult has about the customer
- Delete any information that E•A•S•I-Consult has about the customer
E•A•S•I-Consult requires informed consent from customers before acquiring any personal information for the purpose of completing any assessment/questionnaire. Below is a sample of an informed consent statement.
E•A•S•I-Consult’s Informed Consent
By participating in this assessment, developmental activity or human capital consulting initiative I acknowledge that I have reviewed E•A•S•I-Consult’s Privacy, Confidentiality, and Disclosure Statement and I am willing to offer informed consent based on the following:
I have been made aware of:
- With whom my information will be shared,
- What specific information will be shared,
- The purpose of sharing the information,
- How the information will be used.
I consent to offering information to E•A•S•I-Consult for the purposes of the above-mentioned activities. I consent to allow E•A•S•I-Consult to share my information with their client organization for the purposes of making talent management decisions (e.g., hiring decisions, succession planning, individual development, etc.). I recognize that I may not be given access to all information gathered (e.g., testing content or results) as such disclosure could compromise the security of the test or assessment process or prejudice the use of results of particular tests.
Expert Advocates in Selection International, LLC – d.b.a. – E•A•S•I-Consult®