Version Date: 21 May 2018
Data Protection Laws
CareerEQ is committed to protecting and respecting your privacy, and to acting in compliance with current data protection legislation including the General Data Protection Regulation (EU) 2016/ 679 (GDPR) and the Privacy Act 1993 (New Zealand).
Our Approach to Privacy
- Our Data Protection Statement sets out our commitment to GDPR and gives an overview of how we approach data protection and privacy generally, including the principles we adhere to.
- You can manage your marketing preferences when you engage with us enabling you to opt-out of CareerEQ follow up communications and newsletters.
- CareerEQ Principles for Managing Client Privacy
- Confidentiality – CareerEQ Consultants are all bound by a Professional Code of Ethics through the Career Development Association of New Zealand (CDANZ). This ensures that when you are working with a career or development coach your personal details are treated with utmost respect and confidentiality. We believe that your trust in us is critical for our work together.
- Consultation – We will not collect or transfer your Personal Information without discussing any transfer or collection with you first.
- Choice – We will provide you with mechanisms that will allow you to opt out of (i) our direct marketing campaigns; (ii) the disclosure of your Personal Information to third parties who are not acting as our agents; and (iii) the use of your Personal Information for purposes that are materially different from the purpose for which we originally collected the Personal Information.
- Security – We will take reasonable measures to protect the security of your Personal Information, and our agreements with third parties with whom we share Personal Information will require similar protections.
- Data Integrity and Purpose Limitation – You will be able to (i) view the Personal Information that we have about you; (ii) correct or modify your Personal Information if it is inaccurate or incomplete; and (iii) limit the collection of data to such data that is relevant to the products and services we provide to you or on your behalf.
- Access – We will provide you with (i) the opportunity to confirm whether we are processing your Personal Information; (ii) a way to obtain a copy of your Personal Information within a reasonable time; and (iii) the ability to correct, amend, or delete information that is inaccurate.
- Recourse, Enforcement, and Liability – We have processes for handling complaints relating to use of your Personal Information (see “Complaints and Disputes”).
“Certified Practitioner” means an individual (i) who has successfully completed one or more qualifications for coaching and counselling and certification programmes to minister certain Assessments, (ii) who administers and provides feedback on an Assessment to one or more Respondents .
“Client” means an individual, business, or other entity that engages in our services and/or purchases Assessments.
“Business Partners” are the organisations who refer clients to us or who engage us to work with staff off site or on site at their places of work.
“Personal Information” means any information, recorded in any form, about an identified individual, or an individual whose identity may be inferred from the information. This includes, for example, name, email address, mailing address, telephone number, CV, billing information, account information, and other information required for the effective coaching relationship. It also could include other information, such as IP address, device information, or other Session Data that can reasonably be linked to a specific individual, computer, or other device used for assessment purposes.
“Products or Services” means the products or services promoted, sold, or available for sale on the Site, such as our career services and assessments reports.
“Assessment” means an instrument, questionnaire, or series of tests that are completed by one or more Respondents (i) for the preparation of one or more Reports; or (ii) to provide information about a Respondent to CareerEQ and our Assessment Partners.
“Reports” means an analysis of the scoring and responses provided in connection with an Assessment, which a Practitioner may use to interpret a Respondent’s responses to an Assessment. Some Reports, such as those generated on www.mbtionline.com, do not require an interpretation from a Practitioner.
“Respondent” means an individual who takes, will take, or has taken an Assessment.
“Site” means any websites that we may develop or have developed.
You have the right to:
- Request access to your personal data (commonly known as a “subject access request” or “SAR”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. We have a Subject Access Request policy which sets out in brief our process for dealing with SARs.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data. This enables you to object to processing where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent. You may withdraw consent at any time where we are relying on consent as the legal basis on which we process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdrew your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Links to External Sites
What Personal Information We Collect and How
In order to provide the utmost care and support to our clients we collect only such Personal Information as necessary to (i) provide our Coaching and Counselling services to you; (ii) inform you about our Products and Services; and (iii) improve our Site, Products or Services, and your experience interacting with us. We describe below the different ways in which we collect or obtain Personal Information.
If you visit the CareerEQ Website — If you visit the Site, we automatically collect the related Session Data. Session Data is provided to us by your browser and through our log files, which record your activities while browsing our Site, such as when you click on a link. We may record some of this data in one or several cookies that we send to your browser (see “Cookies and Other Technologies”).
If you enquire about our services or register for Coaching or Counselling services — We require that you provide certain Personal Information during these processes. We collect your name, contact information, and other information, any notes taken during sessions and may ask you for other optional information that helps us serve you better.
If you complete an Assessment — We or our provider such as CPP Asia Pacific or NZCER will collect the your name, email address, contact information, Assessment responses, Session Data, and other information you may choose to provide. In some cases, questions to which the response is optional (such as demographic questions), are identified as such. You are free not to respond to these optional questions.
If you participate in a survey — If you choose to participate in one of our surveys, we may collect Personal Information such as your name, email address, and any other Personal Information that you may provide in your survey responses.
If you sign up to receive marketing communications/newsletters — If you sign up to receive our newsletters, we may collect information on the open rate of the communications, and whether a specific individual has clicked on a link contained in a particular communication.
If you are a Referral Client or Business Contact — we may collect your name, email address, telephone number, and contact information in the regular course of our interaction with you.
If you interact with third parties regarding our Products or Services — We may receive Personal Information about you from third parties, such as from referral agents, websites where we advertise, business partners, and service providers. Some of this information pertains to a specific individual; other information can only be linked to an access point or a device.
How we use personal information
We use Personal Information in order to provide and enhance the Products or Services that we offer as explained below:
- To understand the Client we are working with…In one on one coaching and counselling work we ask a lot of personal information in private sessions in which case every effort is made to maintain absolute confidentiality and professional respect. The Practitioner who works with you is bound by a confidentiality requirement, stated in their professional membership, to store such information in a safe place that is not accessed by others.
- In connection with Assessments — We use the responses to an Assessment to score the Assessment and to generate Reports and other data related to the Respondent. We sometimes combine data from multiple Respondents (for example, in Team Reports). We may also combine Respondent data with our general research data, or compare or associate Respondent data with other Respondent data. Certain subsets of this data are made available to our Customers, but your Personal Information is only shared with our Customers if (i) you have elected to do so using the features made available on the Site; or (ii) you complete an Assessment that has been sponsored by a Customer.
- For Research purposes — We may use aggregated Session Data to better understand how our Site is navigated, how many visitors arrive at specific pages, which pages or content attract more viewers, the length and frequency of stays at our Site, the different types of searches of our Site content and databases, the types of browsers and computer operating systems that our visitors use, and the IP addresses from which visitors connect to our Site, in order to improve our Site and enhance our content. We may use IP addresses to gather broad demographic information—information that is not associated with any individual, and is therefore anonymous.
- For Site Maintenance purposes — We may use IP addresses and Session Data to diagnose problems with our server, and to administer our Site.
- For Marketing purposes — We may use email addresses or other contact information to send mailings, newsletters, and other marketing communications regarding product information and releases. We may use your telephone number to contact you for marketing purposes. We may use pixel tags to monitor the open rate of our communications. This helps us understand the effectiveness of the communications that we send.
- For survey analysis — The information that we collect through our surveys is not used other than to garner survey results and statistical analysis.
To Whom We Disclose Personal Information
From time to time, we may disclose Personal Information to someone other than the individual who provided the information as follows:
Note: Any Personal Information given during private Coaching or Counselling sessions with you are not disclosed to any person unless there are issues of personal safety or for purposes of confidential Supervision of the Practitioner.
Assessment Providers/ Partners — CareerEQ provides its Customers with the information that they need to properly complete or interpret Assessments. If you take an Assessment using the CareerEQ site we will receive from the assessment provider a Report or Reports based on the Assessment you took and the responses you provided to that Assessment so that we may properly counsel or advise you or provide you with other services.
To defend or enforce our rights — CareerEQ may use Personal Information to protect itself or to protect the Site, to respond to a breach of its Terms of Service, to prevent fraudulent activity, or where it is necessary to pursue available remedies. If a Client neglects to pay amounts due and owing to CareerEQ, CareerEQ may send that Client’s name, contact information, and account information to a third-party service provider for collection of overdue payments.
Law Enforcement; Litigation — Certain local, or government regulations may require that we disclose information that we hold. In such cases, we will use reasonable efforts to disclose only the Personal Information required under applicable law, such as in response to a facially valid court order, warrant or subpoena issued or made by a court, person or body. We may use or disclose Personal Information (a) if we believe in good faith that a law, regulation, rule or guideline requires it; or (b) to a person who needs the information because of an emergency that threatens the life, health or security of an identified group or person.
Aggregated data — Other than as stated above, if CareerEQ provides a third-party with Personal Information, it will be in the form of aggregated data and used for product development, research, or statistical analysis. Aggregated data are created from records that are stripped of all personal identifiers, such as aggregated Assessment responses, or on-site behaviour.
Cookies and other tracking technologies
How We Retain Personal Information
We retain your Personal Information for 5 years on file or the CareerEQ database. Third Party providers of Assessments may retain Assessment responses and other data in non-personally-identifiable format for as long as the information is needed for our research, statistical analysis, product development, or other commercial purposes.
How We Protect Personal Information
We follow generally-accepted industry standards to protect Personal Information, both during transmission and once we receive it. We use administrative, physical, and technical measures designed to protect Personal Information from any unauthorized access, loss, misuse, disclosure, alteration, or destruction. Our Assessment providers may need to transfer information out of their firewall, and if so use industry-standard technological means to protect Personal Information while in transit through the Internet. They use encryption and a comprehensive authentication protocol to provide reasonable security. No method of transmission over the Internet, or method of electronic storage, is fully secure, however. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
We exercise reasonable efforts to keep your Personal Information accurate. However, we need your help in making sure that your Personal Information is correct in our systems. Please notify us of changes to information that you have previously provided by contacting us as indicated in the “Contact Us” section.
Complaints and Disputes
▪ By email: firstname.lastname@example.org
▪ By phone: (+64) 0800 474765