The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “Safe Harbor Principles”) to enable U.S. Companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EU to the United States. Consistent with its commitment to protect personal privacy, Intellum adheres to the Safe Harbor Principles.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that uses personal information provided to Intellum to perform tasks on behalf of and under the instructions of Intellum.
“Personal information” means any information or set of information that identifies or is used by or on behalf of Intellum to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.
“Sensitive” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual’s health. In addition, Intellum will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
Corporate Accounts: Intellum enters into learning management system (“LMS”) services agreements with its clients in the EU and clients with operations in the EU (“EU Clients”). Each EU Client may, at its discretion, upload personal information about its employees into the LMS or contract with Intellum to do the same. The way in which this personal information is used within the LMS is then at the discretion of the EU Client. As such, each EU Client agrees and recognizes that it is the ‘data controller’ for the purposes of data protection legislation. This means that the EU Clients are responsible for complying with the data protection legislation in the relevant Member State national law. Any data provided by an EU Client to Intellum is only disclosed to non-Agent third parties at the request and direction of the EU Client as the data controller, or when required by law. Any information that EU Clients identify as sensitive will be treated as such
Individual Accounts: Intellum, via its Course Store service, provides the ability for the creation of individual accounts. It is possible for an EU citizen to create one of these accounts. Upon registration, certain personal information is required such as first name, last name and email address. The personal information obtained during the registration process and during the individuals use of the Course Store service is only used by Intellum and its Agents to fulfill the service(s) to which the individual has subscribed. Credit card information is also obtained during registration. This information is processed at the time of the registration and saved remotely via the Braintree Vault service. No credit card information is stored on Intellum servers except for the last four digits of the card to be used as a transactional reference.
Intellum will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
Intellum has a Compliance Manager who is responsible for the internal supervision of Intellum privacy policies. Intellum also has a team of technicians to handle data security. Intellum continuously educates its employees about compliance with the Safe Harbor Principles and has self-assessment procedures in place to ensure its compliance. Intellum will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Intellum determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.
Any questions or concerns regarding the use or disclosure of personal information should be directed to the email address given below. Intellum will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Intellum and the complainant, Intellum has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.
This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. All amendments will be added to the Intellum webpage dedicated to this Policy.