Privacy Policy

Core Human Factors, Inc.

Updated: December 21, 2018


Table of Contents

Table of Contents        2

Privacy Policy        3

Introduction        3

What types of personal data does Core collect?        3

How does Core obtain personal data?        3

How does Core use the personal data It collects?        4

When does Core share personal data?        5

Does Core transfer personal data internationally?        6

How does Core protect the personal data it collects?        6

Data protection rights        7

Contact details        7

Policy updates        7


Privacy Policy

Introduction

The purpose of this policy is to explain how the Core and our affiliates (which we will collectively refer to in this policy as “Core”, “we”, “our”, or “us”) collect and use your personal data. Privacy laws around the globe require Core to provide you with certain information applicable to our collection of your personal data. In addition to this general policy, you may receive additional information as to how we use your personal data based upon how you interact with us.

This policy applies only to Core’s websites and does not apply to any third party websites that may be accessible through our website. Additionally, the policy applies to information directly collected by Core (and provided by you). This policy is, among other things, intended to make you aware of how Core handles your information.

This information may change from time to time.

What types of personal data does Core collect?

Core collects personal data from customers, participants, prospective participants, employees, suppliers, website visitors, application users, and job candidates. The personal data collected may include: name, address, telephone number (wireline and/or mobile), email address, the name of your company or employer, individual contact names and job titles, fax numbers, IP addresses, device identification and location information, service and site usage information, billing and transaction information, and other financial information.  The nature of the information we collect will depend upon, for example, whether we are providing services to you; you are a vendor; or a study participant. In certain cases, we may collect demographic information, but only to the extent that you have provided it to us.

Data collected by Core is used for Core’s business purposes. Your information is not sold.  The information that you provide to us is not knowingly shared with third parties without your consent.

How does Core obtain personal data?

Core may obtain personal data in a number of ways, including from services requested by  customers and their affiliates, (whether by telephone, fax or email, Internet or by application form, order form or a contract), from services, websites, apps, enquiries made by existing customers, potential customers, vendors, contractors, prospective participants, and participants.  Primarily personal data is collected when provided by you in your business association with us; although additional data may be collected from visits to our website or via third parties through use of their platforms (e.g. Google docs).

This site may also collect anonymous information from your computer through cookies and Internet tags. Most Internet browsers enable you to erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. However, certain features of this site might not work without cookies.

Google Analytics cookies to help analyze how users use our sites. On behalf of Core, Google will use this information for the purpose of compiling reports on website activity. The IP address transmitted from your browser as part of Google Analytics will not be associated with any other data held by Google. You may prevent web usage data being transmitted to Google if you download and install a browser plug-in. You can opt-in and withdraw your consent to these cookies.  

Emails we send you may include web beacons we use to determine the number of people who open or click on links in our emails.  If you do not wish to allow web beacons on email you receive, you may disable HTML images or refuse HTML (select Text only) within your email software.

We may obtain information about you that we collect at conferences, meetings, and seminars.  We also may collect information through chat rooms, blog posts, newsgroups, and social networking sites.  The information you allow us to access on social networking sites varies by site, and it is affected by the privacy settings you establish at each site.

Core also obtains data from third parties. For example, Core may obtain financial information about customers and end users from third parties to enable it to assess its risks in granting credit terms, and we may also purchase contact information related to organizations that might be interested in our products and services or individuals that may be interested in participating in our studies.

How does Core use the personal data It collects?

Core uses your personal data for various purposes, including providing our services, billing, technical support, product development, requesting participation in studies, payment application, and as may be required by applicable law. In addition, Core uses personal data to improve services that Core offers to its customers.

We may also use your personal data to contact you regarding services, including survey requests. We will use your personal data for marketing or other purposes unrelated to your specific service when this is in accordance with applicable data protection or privacy law and any preferences you express.

When you use Core websites and apps, information is collected about your device and your visit including dates, times and duration of visits to our sites (including whether you are a first-time or repeat visitor); browsing, searching and buying activity as you interact with our sites and apps; IP address; mobile telephone number; web addresses of the sites you come from and go to next, including whether you visited the website directly or were referred from another website or link; location information consistent with your browser settings and app choice; and information about your connection, including your device's browser, operating system, and platform type. We use this information for operational, performance measurement and other business purposes, and to help us deliver more relevant Core marketing messages on our websites, on non-Core websites.  The marketing messages may be delivered by our representatives, via email, or via other Core services or devices. This information is also used to tailor the content you see and may also be used to assess the effectiveness of our sites and to help you should you request help with navigation problems on our sites.

If you choose to refer someone to us, please do so only if you have the permission of the person you are referring.  To the extent permitted by applicable law, we may monitor or record your telephone conversations with us for quality control, training, and security purposes.

We will provide specific information as required by applicable law about how we use your personal data based upon the particular service that Core provides to you or to your company.

Under the local laws in some countries, we must be able to describe the legal basis on which we rely to process your personal data. In most cases, we will process your personal data for our legitimate business interests (for example, to enable us to understand how our services are used and to derive knowledge that enables us to develop new services), when it is necessary for purposes of a contract, or when it is necessary for us to do so to meet our legal obligations.  When we process your personal data for our legitimate business interests, we put in place safeguards to make sure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.

In certain circumstances (for example, in relation to some of our marketing activities) and where required by law, we may ask for your consent to process your personal data, and you may withdraw your consent at any time by contacting us using the details at the end of this notice.

When does Core share personal data?

Core shares personal data outside the Core family of companies as described in this Privacy Policy and in the privacy notices for specific services, as set forth in agreements with our customers, with your consent, and otherwise where we have a legal basis to do so under applicable law.

We work closely with other businesses and companies in the Core family of companies, and we may share your personal data with them for purposes such as internal reporting, marketing, customer insights and service optimization.

Core uses vendors and partners for a variety of business purposes such as to help us offer, provide, repair, restore and bill for services we provide. We share personal data with those vendors and partners when it is necessary for them to perform work on our behalf. We require that these vendors and partners protect the personal data we provide to them and limit their use of personal data to the purposes for which it was provided. We do not permit these types of vendors and partners to use this information for their own marketing purposes.

Core may also share personal data when it is (i) required or permitted to do so by law or regulatory obligation; (ii) necessary to identify, contact or bring legal action against individuals who may be endangering public safety or interfering with Core property or services—including as part of any procedure necessary to collect a customer debt—or our customers’ or others’ use of them; or (iii) in connection with any proposed or actual sale or other transfer of some or all of our assets. Such disclosures occur only in accordance with applicable laws.

Some of our websites or services may be offered jointly by Core and one of our partners. If you register for or use such websites or services, Core and the other company may receive personal data. For these jointly offered services, you should also review the partner company's privacy policy, which may include practices that are different from the practices described here.

Core websites and services may include social network or other third-party plug-ins and widgets that may provide information to their associated social networks or third-parties about your interactions with Core pages you visit or services you use, even if you do not click on or otherwise interact with the plugin or widget.

Core does not sell your information to any third party.  Your information is used by Core for Core’s business and business practices. Information regarding our business is available on our website.

Does Core transfer personal data internationally?

As a member of the Core family of companies worldwide, the Core company providing service to you may in accordance with law transfer your personal data to other members of the Core family of companies or to third party customers, partners and suppliers. Entities that receive your personal data may use it only for the purpose(s) for which it was originally shared, and they must protect it from any further use. These companies may be located outside the country where you are located. Although these countries do not always have the same data protection or privacy laws in place as your country or may not be deemed to provide protections that are "adequate" or "equivalent" to the privacy requirements of your service country, the Core entity providing your service binds its global employees,third party providers, and customers to the same high standard of personal information protection that it commits to you. In addition, transfers may be based on your consent, which we will obtain at the appropriate time.

How does Core protect the personal data it collects?

Core takes confidentiality and security seriously. Core has technical, administrative and physical safeguards in place to help protect against unauthorized access to, use or disclosure of personal information we collect or store, including social security numbers. Employees are trained on the importance of protecting privacy and on the proper access to, use and disclosure of personal information. Under our practices and policies, access to sensitive personally identifiable information is authorized only for those who have a business need for such access. Personal data and other sensitive records are retained only as long as reasonably necessary for business, accounting, tax or legal purposes, and we abide by applicable laws such as United States tax laws that require us to retain personal data for tax reporting purposes.

Although we work hard to protect personal information that we collect and store, no program is 100% secure, and we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal information.

Data of Minors

Core’s website is only intended to be used by users 18 years of age or older. Core does not knowingly collect or process personal data of minors without consent of their parents or legal guardians.

Personal information pertaining to minors may be located in our secure, encrypted database, but that information has been specifically provided by a legal guardian of a minor. We have no intention of collecting personal information directly from children under the age of 18. When we become aware that personal information from a child under 18 has been collected without such child's parent or guardian's consent, we will use all reasonable efforts to delete such information from our database.

Data protection rights

Subject to applicable law, you may ask to access, update, correct, port, rectify and, where reasonably practical, delete your personal data, or withdraw your consent to our use of your personal data. You may exercise your rights by emailing us  or contacting us through the Contact Details below. Please note, however, that withdrawing consent or choosing to delete some types of personal information may prevent us from supplying certain services to you as a customer, vendor or partner, or responding to your queries as a participant or prospective participant, job applicant, or contractor. In order to better protect you and safeguard your information, we take steps to verify your identity before granting access or making changes to your information.

If you are in the European Union, you have the right to lodge a complaint with your local authority responsible for privacy protection, and you may also have this right in other countries.

Contact details

For queries regarding this policy or your data protection rights, please send your question directly to us via our Privacy Form (http://go.corehf.com/privacy_form).

Policy updates

We reserve the right to make changes to this privacy policy, so please check back periodically for changes. You will be able to see that changes have been made by checking to see the effective date posted at the end of the policy. If Core elects to use or disclose your personal data in a manner that is materially different from that stated in our policy at the time we collected that information from you, we will give you a choice regarding such use or disclosure by appropriate means, which may include use of an opt out mechanism.