(including a real name, alias, postal address, Internet protocol address, and email address)
As used throughout this policy, we will refer to Prosci as either “Prosci,” “we” or “us,” and we will refer to our website, www.prosci.com, and our online portal, www.portal.prosci.com, collectively as the “Websites.” Also, we will refer to any services offered through our Websites, emails, or Prosci trainings collectively as the “Services.” Last, we will refer to the following types of information collectively as “Marketing” information: our blog posts, thought leadership articles, webinars, public training events, opportunities to participate in our research, customized information based on your experiences and interactions with our Websites and emails, and additional product information.
We may collect and store information from you, including information that directly or indirectly identifies you, in connection with your use of our Services, including any information you transmit to or through the Services (“Personal Data”). For the purposes of our Services, Personal Data also includes personal data, as defined by the General Data Protection Regulation, personal information, as defined by the EU-U.S. Privacy Shield, and personal information, as defined by the California Consumer Privacy Act. We use Personal Data we collect to provide the Service’s functionality, fulfill your requests, improve the Service’s quality, engage in research and analysis relating to the Service, personalize your experience, track usage of the Service, provide feedback to third-party businesses that are listed on the Service, display relevant advertising, market the Service, provide customer support, message you, back up our systems, allow for disaster recovery, enhance the security of the Service, and comply with legal obligations.
Please also note:
If you create a Prosci account, we store and use the information you provide during the registration process and use of our SaaS applications, such as your full name, email address, zip code, physical address, job title, place of work, and other information you may provide, to assist in purchasing products and/or facilitating our Services, including our SaaS applications and training programs. Specifically, if you have access to the "Prework" application in the Prosci Portal, we may use the Personal Data that you input into the application to logistically prepare our team to deliver the corresponding Prosci training program. If you have access to our "Proxima" application in the Prosci Portal, we may anonymize your data (so that it is no longer Personal Data) and include it in an aggregated data set to be used for analysis and research purposes. Information that you give us via your Prosci account is processed on a third-party server in the United States.
When you use certain Prosci Services, you have the choice to explicitly opt-in to receive marketing communications from Prosci. You can manage some of your messaging preferences through your account settings. We may track your actions in response to the messages you receive from us or through the Service, such as whether you deleted, opened or forwarded such messages. We may also store information that you provide through communications to us, including from phone calls, letters, emails and other electronic messages, or in person in order to better assist you with our Services. Information we gather from your engagement with our marketing communications is used to analyze and improve future marketing efforts. Data that we gather on you via our communications is processed on our third-party inbound marketing and customer relationship management cloud software(s).
If you initiate a transaction through our Websites, such as a material order or payment for a Prosci training program, we may collect and store information about you, such as your name, phone number, address, email, and payment information (such as a credit card number and expiration date), as well as any other information you provide to us, in order to process your transaction, send communications about them to you, and populate forms for future transactions. This information may be shared with our third-party payment processers, and third parties may share such information with us, for the same purposes. When you submit credit card numbers, we encrypt that information using industry standard technology.
We may store information about your use of our Websites or Services, such as your search activity, the pages you view, and the date and time of your visit. We also may store information that your computer or mobile device may provide to us in connection with your use of the Service, such as your browser type, type of computer or mobile device, browser language, IP address, and requested and referring URLs. Information we gather from your engagement with our Websites or Services is used to analyze and improve our offerings. Data that we gather on you via our Websites or Services is processed on our third-party inbound marketing and customer relationship management cloud software(s).
If you participate in any of the Prosci research surveys, usually by invitation, we may collect unique identifiers such as first name, last name, email address, age, organization of employment, IP address, and other location data. Some pieces of Personal Data aid in helping our survey tool to function (IP Address), while other pieces of Personal Data (first name, last name, email address) are used to communicate to you about the status of a particular research study. Also, some pieces of Personal Data might be inherent to the topic of the given survey (age, organization of employment). All Personal Data collected via our research studies is stored in our third-party survey tool and can be deleted at any time. Before analysis, Prosci anonymizes the data set so that no Personal Data is stored on Prosci systems or servers. Analysis is only performed on the anonymized, aggregated data set.
If you attend any of Prosci’s in-person training programs, Prosci personnel may take notes about the execution of the program. These notes may contain anecdotes about participants concerning their preferences on the logistical facets of the program (food, location, learning atmosphere, etc.). These anecdotal notes are made about the training class, in general, and not about specific individuals. Notes about our training programs are only used to advance the quality of future programs, are stored on our third-party customer relationship management software, and are only accessed by Prosci’s training and logistics personnel.
If you attend a Prosci training program, it is very likely that you will have the option to receive a digital certification badge at the completion of the program. Prosci uses a third-party vendor to distribute our digital badges. Prosci or a Prosci Partner will always get the explicit consent of any participant before transferring their personal data (first name, last name, email address, program completion details) to our third-party vendor for distribution of the digital badge.
Some cookies are required for technical reasons in order for our Websites to operate, and we refer to these as "essential" or "strictly necessary" cookies.
Some cookies enable us to track and target the interests of our users to enhance their experience and to track how visitors use our Websites.
Intended to allow or prevent notices of information or options that we think could improve your use of the Service.
These cookies are used to enable you to share pages and content that you find interesting on our Websites.
We share your personal data with your consent or as necessary to complete any transaction or provide any product or Service you have requested or authorized. This includes sharing your personal data with our Sub-Processors, the Prosci family of businesses, and when we are legally bound to do so by law.
We rely on entities that process information for a business purpose on our behalf (“Sub-Processors”) to perform certain services for us in connection with your use of our Services. Prosci's Sub-Processors are contractually bound to only process personal data in order to fulfill the contracted services. We may share information from or about you with our Sub-Processors so that they can perform their services or complete your requests. Our Sub-Processors may share information with us that they obtain from or about you in connection with providing their services or completing your requests. Sub-Processors may also share this information with their subsidiaries, joint ventures, or other companies under common control. A current list of Prosci's Sub-Processors can be found at www.prosci.com/legal/subprocessors. Prosci discloses the following categories of data for the following business or commercial purposes to our Sub-Processors:
(including a real name, alias, postal address, Internet protocol address, and email address)
(including records of products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies )
(associated with a consumer’s interaction with Prosci’s Services)
(limited to a user’s place of work)
We reserve the right to disclose your Personal Data in order to comply with any valid law, court order, or legal process, including in response to any government or regulatory request. If we receive any such request, we will seek to provide only the information that is specifically requested and nothing more.
You can exercise any of your data subject rights by submitting this form, calling our toll-free phone number (1-800-700-2831), or emailing firstname.lastname@example.org. After submitting your request to exercise your data privacy rights, Prosci will first verify your identity using one of the following methods:
Prosci will use appropriate verification methods based on the type and sensitivity of the personal data requested to be disclosed. After verifying the identity of the data subject, Prosci will notify the data subject of receipt of the request within 10 days and respond to the request between 30 and 45 calendar days, depending on the governing jurisdiction of the data subject.
How long we keep information we collect about you depends on the type of information processed, as described in further detail below. After such time described below, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
We retain Personal Data that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required to confirm your certification in our methodology, in order to contact you about our Services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).
When we have no ongoing legitimate business need to process your Personal Data, we securely delete the information or anonymize it or, if this is not possible, then we will securely store your Personal Data and isolate it from any further processing until deletion is possible. We will delete this information from our databases at an earlier date if you so requested.
If you have elected to receive Marketing communications from us, we retain information about your Marketing preferences for a reasonable period of time from the date you last expressed interest in our content, products or services, such as when you last opened an email from us or ceased using your Prosci account, or otherwise withdraw your consent to such processing activities. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
Prosci is responsible for the processing of Personal Data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Prosci complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, including liability for the onward transfer of Personal Data.
If you have any questions or concerns, please contact us via the contact information listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the EU-U.S. Privacy Shield Principles.
In the event we are unable to resolve your complaints or disputes, you may contact JAMS (https://www.jamsadr.com/eu-us-privacy-shield), an alternative dispute resolution provider located in the United States, for more information or to file a complaint. JAMS will investigate and assist you free of charge in resolving your complaint.
As further explained in the EU-U.S. Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Prosci is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Although Prosci is still a member of the Privacy Shield Framework and abides by its principles, we no longer rely on it as the mechanism to transfer data from the European Union to the United States. Instead, Prosci relies on a variety of other mechanisms, including the EU-approved Standard Contractual Clauses and the article 49 derogations of the GDPR.
Prosci complies with the California Consumer Privacy Act (“CCPA”) and is committed to protecting information that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular California consumer or household. Under the CCPA, California consumers have the following rights:
If a California consumer wishes to exercise any of the above privacy rights, they can submit their request via this form, our toll-free phone number (1-800-700-2831), or email (email@example.com). If the data user is not able to make the request themselves, they may appoint an authorized agent to make the request on their behalf. If using an authorized agent, Prosci will require the agent to submit written permission from the consumer, with the exception of when the agent has documented power of attorney. After verifying the identity of the agent, Prosci will process the data user request.
Prosci does not sell consumer’s Personal Data. Prosci does disclose Personal Data to entities that process information for a business or commercial purpose on our behalf (“Sub-Processor”). Prosci discloses Personal Data to its Sub-Processors for the business purposes listed in the “Sub-Processor” section of this policy.
Prosci does not knowingly collect, solicit or sell Personal Data from children under the age of 13. If we learn we have collected or received Personal Data from a child under the age of 13, we will delete that information. If you believe we might have any information from or about a child under the age of 13, please contact us as indicated below.
The privacy of your information is important to us, and we have taken steps aligned with industry best practices to ensure that your information is secure from unauthorized access, use, alteration and disclosure. Please note that no electronic transmission of information can be entirely secure. We cannot guarantee that the security measures we have in place will never be defeated or fail, or that such measures will always be sufficient or effective, so please keep this in mind as you provide your information to us.
Attn: Legal Department
2950 E. Harmony Road, Suite 130
Fort Collins, CO 80528