Our Commitment to Privacy
Your privacy is very important to U30 Group are we are committed to safeguarding it.
Accordingly, we’ve developed the following privacy policies for you to understand how we collect, use, communicate, disclose and make use of personal information.
The following policies explain our information practices and the choices you may make about the way your information is collected and used. The information herein pertains to every person who participates in the services that we make available (our “Services”) and to every person who visits our website at https://u30com.wpengine.com (the “Site”).
We at U30 Group (“we”, “us” or “our”), respect your concerns about privacy.
This privacy policy (“Policy”) explains our approach to any personal information that we might collect from you using this website (the “Site”) and in other situations or interactions with us, as well as the purposes for which we process your personal information. This Policy also sets out your rights in respect of our processing of your personal information.
This Policy will inform you of the nature of the personal information about you that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it or otherwise cease processing it for a specific purpose. This Policy is intended to assist you in making informed decisions when using this Site or otherwise providing personal information to us or in other situations where we may process your personal information.
Updated: November 5, 2022
USERS FROM CALIFORNIA
If you are a California consumer and would like information about our online and offline privacy practices and your privacy rights, please see this section titled “California Consumer Privacy Statement.” here: https://u30com.wpengine.com/privacy-policy/#CaliforniaConsumerPrivacyStatement
USERS FROM THE EUROPEAN UNION AND THE UNITED KINGDOM
If you are located in the European Union or United Kingdom with rights under the General Data Protection Regulation (“GDPR”), please see our “GDPR Privacy Policy” here: https://u30com.wpengine.com/privacy-policy/#GDPRPrivacyPolicy
TYPES OF PERSONAL INFORMATION WE COLLECT
When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:
- contact information (e.g. name, physical address, telephone number, email address);
- your date of birth;
- information about your employment or education history;
- information about your interests, opinions or beliefs;
- information concerning your health;
- information for hiring talent and human resources (e.g. work eligibility status, financial account information or government-issued identification information);
- your image;
- any additional data that may identify you which you submit to us.
WAYS OF OBTAINING PERSONAL INFORMATION
We may collect and receive your personal information using different methods:
- Personal information you provide to us. You may give us your personal information directly. This will be the case when, for example, you contact us with enquiries, or participate in a survey or market research study, provide feedback to us, provide services to us or otherwise through your interactions with us.
- Personal information we collect from you automatically. When you access and use our Site, we will automatically collect certain technical information about your equipment, browsing actions and patterns. We collect this personal information by using cookies and other similar tracking technologies (see COOKIES section below).
- Personal information received from third parties. From time to time, we may receive personal information about you from third parties. For example, we may receive your contact details from an industry contact or our client or we may receive your CV or resume from your agent or recruitment service provider. We may also use third parties to collect personal information about your interactions with our Site.
We set out in more detail below the specific ways in which we may use your personal data
- Client Administration
We may collect personal information about our client and potential client contacts to enable us to respond to client requests, to administer client accounts with us, to conduct credit checks (if permitted by applicable law), and to verify and carry out financial transactions for payments made to us - Market research and focus groups
As part of our service to our clients, we may collect an individual’s contact details, records of communications, health data, opinion data, age range, nationality, image, and education history for the purposes of carrying out market research through focus groups or interviews. We may do this on behalf of our clients or for our own purpose. - Recruitment
If individuals apply for a job with us or otherwise express an interest in working for us, we will collect contact details and CV or resume information from the individual. - Surveys and voting
We may collect personal information from individuals via surveys or voting polls for the purposes of obtaining feedback on our own or our clients’ products and surveys. Participation in such polls is voluntary and individuals will have the opportunity to decide whether or not to disclose personal information. Certain personal information such as contact details may be required to register to vote or to take part in a survey. We would only use that information to report the results of the survey or vote - Business administration and legal compliance
We may use an individual’s personal information for the following business administration and legal compliance purposes:- To facilitate the operation or effective management of our group of businesses;
- to comply with our legal obligations (including regarding information security);
- to enforce or protect our legal rights;
- to deal with complaints;
- to protect the rights of third parties (including where health or security of an individual is endangered (e.g. a fire)); and
- in connection with a business transition or sale such as a merger, re-organisation, acquisition by another company, or sale of all or a portion of our assets.
HOW WE USE THE INFORMATION WE OBTAIN
Our primary goal in collecting personal information from you is to:
- verify your identity,
- provide our services to clients;
- help us improve our Site, products and services and develop and market new products and services;
- carry out requests made by you to us;
- investigate or settle inquiries or disputes;
- comply with any applicable law, court order, other judicial process, or the requirements of a regulator;
- enforce our agreements with you;
- protect the rights, property or safety of us or third parties, including our other clients and users of the Site;
- provide support for the provision of our services;
- carry out recruitment activities; and
- use as otherwise required or permitted by law.
COOKIES
When you visit our Site, we may collect certain information by automated means, such as cookies and web beacons. The information we obtain in this manner may include IP address, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on our site, and dates and times of website visits. A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server. Through these automated collection methods, we obtain “clickstream data,” which is a log of content on which a visitor clicks while browsing a website and other actions taken on such website. As the visitor clicks through the website, a record of the action may be collected and stored. Your browser may tell you how to be notified when you receive certain types of cookies or how to restrict or disable certain types of cookies. Please note, however, that without cookies you may not be able to use all of the features of our Site.
An example of such third party is Google Analytics, which we use to collect and analyze demographic and other information, and through which Google will collect certain information to be used according to Google’s privacy practices. To opt-out of the use of Google Analytics, click here.
Google’s ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the and the Google Privacy Policy.
To the extent required by applicable law, we will obtain your consent before collecting information using cookies or similar automated means.
INFORMATION WE SHARE WITH THIRD PARTIES
We may share your personal information with our agents, partners, clients, suppliers, contractors or professional advisers or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions; (b) fulfillment of requests for information, receiving and sending communications, analyzing data; (c) provision of IT and other support or internal administrative business services; or (d) assistance in other ancillary to the operation of tasks, from time to time. Our agents, partners, suppliers and contractors will only use your information to the extent necessary to perform their functions.
We will not sell your personal information to other companies and we will not share it with other companies for them to use without your consent, except in in the circumstances listed above or in connection with the sale or merger of U30 Group.
OBTAINING YOUR CONSENT
Where our use of your personal information requires your consent, you can provide such consent:
- at the time we collect your personal information following the instructions provided; or
- by informing us by e-mail, post or phone using the contact details set out in this Policy.
Please note that if you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.
ACCESS
To the extent required by applicable law, we will provide you with reasonable access to the personal information maintained about you and a reasonable opportunity to correct, amend or delete the information where it is inaccurate or has been processed erroneously, as appropriate. We may limit or deny access to personal information where permitted by law (such as where the burden or expense of providing access would be disproportionate or where the rights of third parties would be violated).
You may exercise these rights verbally or in writing by using our contact information provided in the section below entitled HOW TO CONTACT US. We will endeavor to promptly respond to your requests and will respect time frames set by local legislation where applicable.
Please note that in order for you to assert these rights we may need to verify your identity to confirm your right to access your personal information. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal information from you than we currently have.
We provide you with reasonable access to the personal information maintained about you. We also provide you with a reasonable opportunity to correct, amend or delete the information where it is inaccurate. We may limit or deny access to personal information where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of third persons would be violated.
CHOICE AND MEANS
We generally offer you the opportunity to choose whether your personal information may be (a) disclosed to third-party controllers or (b) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by you. Unless we offer you an appropriate choice, we use personal information only for purposes that are materially the same as those indicated in this Policy. To exercise your choices you may contact us as indicated in this Policy.
We may share personal information with our affiliates as described above under INFORMATION WE SHARE WITH THIRD PARTIES
We may disclose personal information without offering an opportunity to opt out, and we may be required to disclose such information (a) to third-party processors we have retained to perform services on our behalf and pursuant to our instructions, (b) if we are required to do so by law or legal process, or (c) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements. We also reserve the right to transfer personal information in the event of an audit or if we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).
CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA
We are committed to keeping the personal information you provide to us secure. We take reasonable and appropriate measures to protect your personal information, including but not limited to sophisticated software and hardware that prevent personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
Where applicable law imposes restrictions on the length of time for which personal information can be retained, we will generally comply with this by retaining personal information only for as long as is necessary for the purposes described in this Policy, after which it will be deleted from our systems. The principle may be departed from where required by law.
If any personal information is only useful for a short period (e.g. for a specific survey or research project), we may delete it at the end of that period.
If you have opted out of receiving communications from us, we will need to retain certain personal information on a suppression list indefinitely so that we know not to send you further communications in the future.
DATA TRANSFERS
Some of the personal information we collect about you may be transferred to countries other than the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your personal information to other countries, we will protect that information as described in this Online Privacy Notice and will comply with applicable legal requirements providing adequate protection for the transfer of personal information to recipients in countries other than the one in which you provided the information.
We may receive personal information under the Privacy Shield and subsequently transfer to a third party acting as an agent on our behalf. In such case, we remain liable if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we are able to prove that we are not responsible for the event giving rise to the damage.
COMPLIANCE WITH THE PRIVACY SHIELD
U30 Group complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. U30 Group has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
U30 Group no longer relies on the EU-U.S. Privacy Shield Framework to transfer personal information to the U.S.
ENFORCEMENT
U30 Group commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield Policy should first contact U30 Group at: [email protected].
If an individual has an unresolved complaint or concern that is not addressed satisfactorily, that individual may contact our U.S. based independent alternative dispute resolution provider (free of charge), Judicial Arbitration and Mediation Services (JAMS). Please contact or visit JAMS here for more information or to file a complaint: https://www.jamsadr.com/eu-us-privacy-shield
You may have the option, under certain conditions, to select binding arbitration for complaints regarding Privacy Shield Panel compliance not resolved by any of the mechanisms listed above. For further information, please visit this section of the Privacy Shield website: www.privacyshield.gov/article?id=ANNEX-I-introduction.
U30 Group is also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
LINKS TO OTHER WEBSITES
Our Site may contain links to other websites for your convenience and information. These websites may be operated by companies not affiliated with U30 Group. Linked websites typically have their own privacy policies or notices, which we strongly suggest you review if you visit any linked websites. We are not responsible for the content of any websites that are not affiliated with U30 Group, any use of those websites, or the privacy practices of those websites.
UPDATES TO OUR PRIVACY NOTICE
This Privacy Notice may be updated periodically. We will post a prominent notice on our Site to notify you of any significant changes to our Online Privacy Notice and indicate at the top of the notice when it was most recently updated.
HOW TO CONTACT US
If you have any questions about this Online Privacy Notice, or if you would like us to update information we have about you or your preferences, please contact us by email at [email protected] or write to us at: U30 Group, Inc. Attn: Data Privacy 6700 Baum Drive, Suite 4 Knoxville, TN 37919 United States
California Consumer Privacy Statement
Effective: January 1, 2020
This California Consumer Privacy Statement supplements the U30 Group Online Privacy Notice and applies solely to California consumers. This section provides information about our online and offline privacy practices. This Statement does not apply to our personnel. This California Consumer Privacy Statement uses certain terms that have the meaning given to them in the California Consumer Privacy Act of 2018 and its implementing regulations (the “CCPA”).
1. Notice of Collection and Use of Personal Information
We may collect the following categories of personal information about you:
• Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers
• Additional Data Subject to Cal. Civ. Code § 1798.80: signature, physical characteristics or description, education, financial information, medical information, and health insurance information
• Protected Classifications: characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status
• Commercial Information: commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies
• Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements
• Geolocation Data
• Sensory Information: audio, electronic, visual, and similar information
• Employment Information: professional or employment-related information
• Education Information: education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)
• Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We may use the categories of personal information listed above for the purposes described in our Online Privacy Notice. In addition, we may use these categories of personal information for certain business purposes specified in the CCPA, as described in this table:
Purposes | Categories of Personal Information |
Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Debugging to identify and repair errors that impair existing intended functionality | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Undertaking internal research for technological development and demonstration | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences] |
Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences] |
In addition, we may also use the following categories of personal information for purposes of managing our career opportunities: [Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]
2. Our Prior Collection, Use and Disclosure of Personal Information
We may have collected and used your personal information, as described in section 1 above, during the 12-month period prior to the effective date of this California Consumer Privacy Statement. For the personal information collected during that timeframe, we describe below: (a) the categories of sources from which we may have obtained the personal information, (b) the categories of third parties with whom we may have shared the information, and (d) the categories of personal information we may have disclosed for a business purpose.
a. Sources of Personal Information
We may have obtained personal information about you from various sources, as described below.
Categories of Sources of Data Collection | Categories of Personal Information |
Directly from you, such as when you contact us with a question or comment | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
From your devices, such as when you visit our Site (or our vendor’s Sites) or when you complete an online survey | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Your family or friends, such as when they provide us with your contact information so we can send information that may interest you | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Vendors who provide services on our behalf, such as consumer panel providers or market research facilities when they provide you an invitation to a market research project | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Social networks, such as if you share your social media with us during a market research project | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
b. Sharing of Personal Information
We may have shared your personal information with certain categories of third parties, as described below.
Categories of Third Parties | Categories of Personal Information |
Clients (i.e. companies who hire us to conduct consumer research) | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
Vendors who provide services on our behalf | Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences |
c. Sale of Personal Information
We do not sell your personal information in exchange for monetary compensation.
d. Disclosure of Personal Information for a Business Purpose
We may have disclosed to third parties the following categories of personal information for a business purpose:
• Identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, and other similar identifiers
• Signature, physical characteristics or description, education, financial information, medical information, and health insurance information
• Characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status
• Commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies
• Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements
• Geolocation Data
• Audio, electronic, visual, and similar information
• Professional or employment-related information
• Education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)
• Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
3. California Consumer Privacy Rights
You have certain choices regarding our use and disclosure of your personal information, as described below.
Access/Know: You may have the right to request, twice in a 12-month period, that we disclose to you the personal information we have collected, used, and disclosed about you during the past 12 months.
Deletion: You have the right to request that we delete certain personal information we have collected from you.
Opt-Out of Sale: Please understand that we do not sell your personal information so you may not submit requests for this as it is not applicable.
How to Submit a Request: To submit an Access or Deletion request, please email us at [email protected] or call toll free at 1-866-680-2835.
Verifying Requests: To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request If you request access to or deletion of your personal information, we may require you to provide any of the following information: Two or more pieces of evidence matching what is maintained by company (excluding name and email address). This may require company to conduct a fact-based verification process with you to properly identify you. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. If you designate an authorized agent to make an access, deletion or opt-out of sale request on your behalf (1) we may require you to provide the authorized agent written permission to do so, and (2) for access and deletion requests, we may require you to verify your own identity directly with us (as described above).
We at U30 Group (“we”, “us” or “our”), respect your privacy. We are committed to safeguarding your privacy and protecting your information against unauthorized use.
This privacy policy (“Policy”) is intended to meet the requirements of the Regulation (EU) 2016/79 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (known as “GDPR”).
Updated: January 5, 2021
WHO PROCESSES YOUR PERSONAL DATA
This Policy applies to the processing of personal data by U30 Group to the extent that processing is subject to the GDPR.
For the purpose of this Policy and the GDPR, to the extent we process your personal data in connection with use cases identified in this Policy, we will be considered a “data controller” of your personal data.
PURPOSE OF THIS POLICY
This Policy explains our approach to any personal data that we might collect from you using this website (the “Site”) and any personal data about you we might collect/process in other situations or interactions with us, and the purposes for which we process your personal data.
This Policy also sets out your rights in respect of our processing of your personal data.
This Policy will inform you of the nature of the personal data about you that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it or otherwise object to our processing of it for a specific purpose. This Policy is intended to assist you in making informed decisions when using the Site or otherwise providing personal data to us or in other situations where we may process your personal data.
TYPE OF PERSONAL DATA WE COLLECT/PROCESS
When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:
- contact information (e. name, physical address, telephone number, email address);
- your date of birth;
- information about your employment or education history;
- information about your interests, opinions or beliefs;
- information concerning your health;
- your image;
- any additional data that may identify you which you submit to us.
WAYS OF OBTAINING PERSONAL DATA
We may collect and receive your personal data using different methods:
- Personal data you provide to us. You may give us your personal data directly. This will be the case when, for example, you contact us with enquiries, complete forms on our Site or in hard copy or participate in a survey or market research study, provide feedback to us, provide services to us or otherwise through your interactions with us.
- Personal information we collect from you automatically. When you access and use our Site, we will automatically collect certain technical information about your equipment, browsing actions and patterns. We collect this personal information by using cookies and other similar tracking technologies (see COOKIES section below)
- Personal data received from third parties. From time to time, we may receive personal data about you from third parties. For example, we may receive your contact details from an industry contact or our client or we may receive your CV or resume from your agent or recruitment service provider. We may also use third parties to collect personal data about your interactions with our Site.
We set out in more detail below the specific ways in which we may use your personal data
Market research and focus groups
As part of our service to our clients, we may collect an individual’s contact details, records of communications, health data, opinion data, age range, nationality, image, and education history for the purposes of carrying out market research through focus groups or interviews. We may do this on behalf of our clients or for our own purpose.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure that we provide the services requested by our clients in an effective and efficient way. Where we process special category data that was collected from an individual directly in connection with this purpose, we will only do so with the individual’s explicit consent. Please note where we do this on behalf of our clients as a data processor we do not require a legal basis for such processing.
Who do we share personal data with for this purpose?
We may share such personal data with our clients, group companies, affiliates, market research partners or agents, third party vendors (such as our IT provider) or professional advisers or such other third parties as indicated in DATA SHARING section below in connection with this purpose.
Surveys and voting
We may collect personal information from individuals via surveys or voting polls for the purposes of obtaining feedback on our own or our clients’ products and surveys. Participation in such polls is voluntary and individuals will have the opportunity to decide whether or not to disclose personal information. Certain personal information such as contact details may be required to register to vote or to take part in a survey. We would only use that information to report the results of the survey or vote
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure that we provide the services requested by our clients in an effective and efficient way. Where we process special category data that was collected from an individual directly in connection with this purpose, we will only do so with the individual’s explicit consent. Please note where we do this on behalf of our clients as a data processor we do not require a legal basis for such processing.
Who do we share personal data with for this purpose?
We may share such personal data with our clients, group companies, affiliates, market research partners or agents, third party vendors (such as our IT provider) or professional advisers or such other third parties as indicated in DATA SHARING section below in connection with this purpose.
Client administration
We may collect personal data about our client and potential client contacts to enable us to respond to client requests, to administer client accounts with us, to conduct credit checks (if permitted by applicable law), and to verify and carry out financial transactions for payments made to us.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure we provide the services requested by our clients in an effective and efficient way.
Who do we share personal data with for this purpose?
We may share such personal data with our third party vendors (such as our payment service providers or IT providers), financial institutions, group companies, affiliates, professional advisors, regulatory bodies or other law enforcers or such other third parties as indicated in DATA SHARING section below in connection with this purpose.
Business administration and legal compliance
We may use an individual’s personal data for the following business administration and legal compliance purposes:
- to facilitate the operation or effective management of our group of businesses;
- to comply with our legal obligations (including our obligations under legislation transposing EU/2016/1148 concerning measures for a high common level of security of network and information systems across the EU (the “Network Information Security Directive”);
- to enforce or protect our legal rights;
- to deal with complaints;
- to protect the rights of third parties (including where health or security of an individual is endangered (e.g. a fire); and
- in connection with a business transition or sale such as a merger, re-organisation, acquisition by another company, or sale of all or a portion of our assets.
Our legal basis for processing
Where we use personal data in connection with a business transition, to enforce our legal rights or to protect the rights of third parties, it is in our legitimate interest to do so. For all other purposes described in this section, we will rely on our obligation to comply with law, such as a court order, to process such personal data.
We will not process any special (or sensitive) categories of personal data or personal data relating to criminal convictions or offences except where we are able to do so under applicable legislation or with the individual’s explicit consent.
Who do we share personal data with for this purpose?
We may share personal data with our clients, group companies, affiliates, agents, partners, third party vendors or professional advisers, emergency service providers or law enforcers or other regulatory bodies (including tax and social security authorities) or such other third parties as indicated in DATA SHARING section below in connection with this purpose.
SHARING YOUR PERSONAL DATA
We may share your personal data with our agents, partners, clients, suppliers, contractors, professional advisors or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions; (b) fulfilment of requests for information, receiving and sending communications, analyzing data; (c) provision of IT and other support services; (d) to facilitate the operation and effective management of our group of businesses; (e) comply with a legal obligation or in connection with a legal claim or dispute or to otherwise protect our legal rights; (f) assistance in other ancillary to the operation of tasks, from time to time. Our agents, partners, suppliers and contractors will use your personal data to the extent necessary to perform their functions. For more details about how we may share your personal data in connection with a particular use case, please refer to the relevant use case above
We will not sell your personal data to other companies and we will not share it with other companies for them to use without your consent, except in the circumstances listed above or in connection with the sale or merger of U30 Group or the division or office responsible for the services.
Please note, the types of third parties we share your personal data with set out above is non-exhaustive and there may be circumstances where we need to share personal information with other third parties in order to operate our Site and to provide our services. We will notify you of any other circumstances where we would share your information on a case by case basis.
OBTAINING YOUR CONSENT
Where our use of your personal data requires your consent, you can provide such consent:
- at the time that we collect your personal data following the instructions provided; or
- by informing us by e-mail, post or phone using the contact details set out in this Policy.
Please note that if you specifically consent to additional uses of your personal data, we may use your personal data in a manner consistent with that consent.
DATA TRANSFERS OUTSIDE THE EEA
We may transmit personal data outside the EEA to certain categories of third parties (as listed above in HOW WE USE YOUR PERSONAL DATA) or to our headquarters in Knoxville, United States (“US”).
In particular when transferring your personal data outside the EEA, we will ensure that, where required by applicable law, at least one of the following safeguards is implemented: (1) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; (2) where we use certain service providers, we may use specific contracts approved by the European Commission referred to as the “model clauses” which give personal data the same protection it has in Europe.
We may receive personal information under the Privacy Shield and subsequently transfer to a third party acting as an agent on our behalf. In such case, we remain liable if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we are able to prove that we are not responsible for the event giving rise to the damage.
CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA
We are committed to keeping the personal information you provide to us secure. We take reasonable and appropriate measures to protect your personal information, including but not limited to sophisticated software and hardware that prevent personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.
Information regarding job applications is encrypted and transmitted in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “https” at the beginning of the URL. Only employees or third parties who need the information to process a specific request are granted access to personally identifiable information.
YOUR DATA PROTECTION RIGHTS
You have the following rights in relation to the personal data we hold about you under certain circumstances:
- To obtain the confirmation that we process personal data about you, to access and obtain copies of the information, as well as information relating to the processing we carry out.
- To request your personal data be corrected where appropriate.
-
- If personal data we hold about you is inaccurate or incomplete, you may request that data be amended. However, please be aware that it is every person’s responsibility to provide us with accurate personal data and to inform us of any changes (e.g. new home address or change of name).
- To request your personal data be deleted, where appropriate.
-
- If you demonstrate that the purpose for which the personal data is being processed is no longer legal or appropriate, the data will be deleted, unless we can demonstrate that we are required to retain the personal data by applicable law or otherwise.
- If we have shared your personal data with others, we will let them know about the deletion where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.
- To request that we restrict the processing of your personal data in some circumstances, such as where you contest the accuracy of the personal data, while we investigate your concern.
-
- It will not prevent us from storing your personal information.
- We will tell you before we lift any restriction.
- If we have shared your personal information with others, we will let them know about the restriction where it is possible for us to do so.
- If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly
- Where processing is based on your consent, to receive your personal data in a commonly used electronic format, or ask that we move your personal data in that format to another provider, where your request relates to the personal data that you gave us directly and where technically possible.
- To object to your personal data being processed where we are relying on ours or a third party’s legitimate interest to do so or for the purpose of direct marketing.
- To withdraw your consent at any time when processing relies upon consent.
Data subjects may exercise these rights verbally or in writing using our contact information provided in the section below entitled CONTACT DETAILS. We will endeavour to promptly respond to your requests. Where you ask us to provide a copy of your personal data we are legally obliged to respond within one month of such request. If your request is denied, we will inform you about the reasons for denial.
Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.
OPT OUT AND UNWANTED COMMUNICATIONS
To opt-out of any future promotional or marketing communications or any other commercial communications from us, you should send a request to us at the contact information in the section entitled CONTACT DETAILS.
ENFORCEMENT RIGHTS AND MECHANISMS
U30 Group commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our GDPR Privacy Policy should first contact U30 Group at: [email protected].
If an individual has an unresolved complaint or concern that is not addressed satisfactorily, that individual may contact our U.S. based independent alternative dispute resolution provider (free of charge), Judicial Arbitration and Mediation Services (JAMS). Please contact or visit JAMS here for more information or to file a complaint: https://www.jamsadr.com/eu-us-privacy-shield
You may have the option, under certain conditions, to select binding arbitration for complaints regarding Privacy Shield Panel compliance not resolved by any of the mechanisms listed above. For further information, please visit this section of the Privacy Shield website: www.privacyshield.gov/article?id=ANNEX-I-introduction.
U30 Group is also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
THIRD PARTY LINKS AND SERVICES
This Site contains links to third party websites and services. Please remember that when you use a link to go from our Site to another website or you request a service from a third party, this Policy no longer applies to these third-party websites and third-party service providers unless we are acting as joint controllers in respect of your personal data with such third party.
Your browsing and interaction on any other websites, or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties.
This Site may integrate with social networking services. You understand that we do not control such services and are not liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party services to operate properly and fairly.
COOKIES
We use cookies and similar technologies to collect personal information from the computer or other device you use to access the Site. “Cookies” are pieces of information that may be placed on your device for the purpose of collecting data to facilitate and enhance your communication and interaction with our Site. We may also allow certain third parties to place cookies as described below.
We use cookies and other technologies on all our sites to ensure the best possible experience on our Site. These uses include:
- analytical cookies to recognize and count users of our Site, measure the effectiveness of our content, and understand how visitors use our Site. We currently use Google Analytics for this purpose; or
- placing, or allowing a third party to place, functional cookies to make a website easier to use, such as cookies that maintain a user’s session.
You can review your Internet browser settings to exercise choices you have for certain cookies. If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We retain personal data only for as long as is necessary for the purposes described in this Policy, after which it is deleted from our systems.
If any personal data is only useful for a short period (e.g. for a specific event or marketing campaign or in relation to recruitment), we will delete it at the end of that period. Please note that if you are an unsuccessful candidate we may keep your information for a short period.
If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list so that we know not to send you further marketing communications in the future.
MODIFICATIONS TO THE POLICY
We reserve the right to modify this Policy as needed, for example, to comply with changes in laws, regulations or requirements introduced by DPAs. Changes must be approved by our privacy points of contact, the office of the corporate legal department, or their designees who will seek input as they reasonably deem appropriate from corporate executives for the amended Policy to enter into force. If we make changes to the Policy, this amended Policy will be submitted for renewed approval according to the relevant applicable provisions of the law. We will inform data subjects of any material changes in the Policy. We will post all changes to the Policy on relevant internal and external websites.
Effective with the implementation of this Policy, all existing and applicable EU company privacy guidelines relating to the collection and/or processing of personal data will, where in conflict, be superseded by the terms of this Policy. No other internal policy that conflicts with this Policy shall be applicable with respect to the protection of personal data handled by us in the EU. We encourage you to review this Policy periodically to be informed of how we use your personal data.
CONTACT DETAILS
For questions or concerns about this Policy, or to ask questions or express concerns about our collection, management and processing of personal data, or to exercise your rights, you may contact us by:
- sending an e-mail to [email protected]; or
- sending us a letter using the following address: U30 Group, Inc. Attn: Data Privacy 6700 Baum Drive, Suite 4 Knoxville, TN 37919 United States