What's A Privacy Policy
A privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, and manages the data of its visitors and customers. It fulfills a legal requirement to protect a visitor or client's privacy.
Countries have their own laws with different requirements per jurisdiction regarding the use of privacy policies.
Our Policy and Standards
This Privacy Policy is effective as of May 20, 2024.
Who we are
Workplace Analytica and Vox (‘Workplace’) is a global tech and consulting firm helping clients improve on customer and employee experience.
How we Care for your Personal Information
Workplace is dedicated to protecting your personal data. This privacy policy contains essential information about the personal data we collect, and the how and why we collect, store, use, and share personal data. Workplace designed and manages the site you are viewing.
This Privacy Policy applies to the collection and use of information of the websites and platforms where this policy is linked (“Sites”, “Product Sites”, “Website”, “Workplace Applicant Sites”). None of the Sites publish content or collect data that is targeted at children.
The use of information collected through our Sites shall be limited to the purpose for which it was gathered, i.e., providing a service for which a Client has engaged Workplace Analytica or Vox is gathering information for research purposes (hereinafter “Product Sites”), providing information to prospective Clients (hereinafter “Website”, or gathering information on applicants for career opportunities at Workplace (hereinafter Workplace Applicant Sites”). For our “Product Sites”, Workplace will abide by each of these laws, as well as any other laws that govern the applicable jurisdiction, solely to the extent that we process your data subject to the jurisdiction covered by each applicable law. For the “Website” and Applicant Sites, Workplace will be controller of your data. The terms of which are detailed below.
Key Terms
Client is an organization who has contracted Workplace to perform services on their behalf. Client may also mean your employer. Our Data Protection Legal@workplaceanalytica.com Officer
Personal data Specific types of information relating to an identified or identifiable individual according to established information classifications
Special category personal data Personal data revealing, political opinions, religious beliefs, philosophical beliefs, or trade union membership. Data concerning health, sex life or sexual orientation
PERSONAL DATA WE COLLECT
Categories of personal data we may collect about you as part of our product sites. First Name and Last Name Email address Publicly available career information Data subject request records Voice data (dependent upon Services provided to you by Workplace) User activity information obtained from session specific. Geolocation data obtained via: IP address
Cookies
Troubleshooting and support services. Categories of personal data we may collect about you as part of our applicant sites
-
Employment application data
-
Assessment results Employment history Professional accolades Student education records of “eligible students” as defined under the Family Educational Rights and Privacy Act Student directory information publicly disclosed by schools including: Student name
-
Address Telephone number
-
Date and place of birth Honors and awards Dates of attendance
-
Categories of personal data we may collect about you as part of our website
-
First Name and Last Name Email address workplace collects personal data drawn from inferences from the information identified above to create a profile about users who have opted-in to Workplace- related products and/or services. These inferences include information about: Consumer preferences
-
User characteristics Behavior
How Your Personal Data Is Collected
Workplace collects personal data directly from our Website, public sites, indirectly from your employer with your consent, or directly from you as an applicant. Workplace may also collect information via automated monitoring of our websites and other technical systems and via communication systems such as email and instant messaging services.
Why and How We Use Your Personal Data
Purpose Reason
-
To provide products and/or services to your employer For the performance of our contract with your employer or to take steps at your employer’s request before entering a contract
-
To verify identity To comply with our legal and regulatory obligations Other processing necessary to comply with professional, legal, and regulatory obligations that might apply to our business, e.g., health and safety regulations.
-
To comply with our legal and regulatory obligations Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory bodies
-
To comply with our legal and regulatory obligations
-
Ensuring business policies are adhered to, e.g., policies governing security and information use For our legitimate interests or those of your employer, i.e., to make sure we are following our own internal procedures so we can deliver the best service to you
-
Operational reasons, such as improving efficiency, training, and quality control For our legitimate interests or those of your employer, i.e., to be as efficient as we can so we can deliver the best service for you at the best price
Ensuring the confidentiality of commercially sensitive information For our legitimate interests or those of your employer, i.e., to protect trade secrets and other commercially valuable information
-
To comply with our legal and regulatory obligations Statistical norming in relation to the services provided by Workplace. (Data that is used for statistical norming is de- identified.)
-
For our legitimate interests or those of your employer to ensure fair and accurate data sets and measurement tools Statistical analysis to help us manage our business, e.g., in relation to delivery of services, product performance, or other For our legitimate interests or those of your employer, i.e., to be as efficient and relevant as we can so we can
-
efficiency measures (Data that is used for statistical norming is de-identified.) deliver the best service for you at the best price
-
Preventing unauthorized access and alteration to systems For our legitimate interests or those of your employer, i.e., to prevent and detect criminal activity that could be damaging for us and for you
To comply with our legal and regulatory obligations
-
Updating and enhancing client’s records For the performance of our contract with your employer or to take steps at your employer’s request before entering into a contract
-
For our legitimate interests or those of a third party, e.g., making sure that we can keep in touch with our clients/you about existing orders and new products
​
Ensuring safe working practices, staff administration and assessments To comply with our legal and regulatory obligations. For our legitimate interests or those of a third party, e.g., to make sure we are following our own internal procedures and working safely so we can deliver the best service to you Marketing our services to:
Existing and former clients
-
Third parties who have previously expressed an interest in our services; For our legitimate interests or those of a third party, i.e., to promote our business to existing and former clients
-
For our legitimate interests or those of a third party, External audits and quality checks, e.g., for ISO certifications, accreditations, and the audit of our accounts For our legitimate interests, i.e., to maintain our accreditations so we can demonstrate we operate at the highest standards applicable in our industry
-
To comply with our legal and regulatory obligations
-
To use full functionality offered by the Sites, a user may be required to provide certain Personal data.
How We Use Anonymized Aggregate Data
-
Summaries of de-identified or anonymized and aggregated data analyses may be presented to public audiences (e.g., scientific conferences). Review of Workplace’s general approaches and accumulated results with professional audiences ensures that Workplace’s assessment methods remain up-to-date with best practices and professional, technical, and legal standards. While these summaries may be linked to general industries, the identities of client organizations and individuals remain confidential.
-
Summaries of aggregated data may also be used to create normative profiles (or “benchmarks”) for assessments. Normative profiles will not identify individuals or client organizations; however, the source data may link back to some or all the client organizations that are contained within the data set for the purpose of defining the characteristics of the norm sample (such as platform, industry, etc.)
-
Circumstances Under Which We Share Personal Data
Workplace will never sell your Personal Data.
We only allow our service providers to handle your personal data if we are satisfied they take commercially reasonable and appropriate measures to protect your personal data. We also impose contractual obligations on service providers to confirm they can only use your personal data to provide services to us, to you, or to remain compliant with applicable laws and regulations of pertinent jurisdictions. We may also share personal data with external auditors in relation to ISO accreditation and the audit of our
accounts.
We may also need to share some personal data with other parties, such as potential buyers of some or all our business during a re-structuring. We will typically anonymize or de-identify information, but this may not always be possible. Recipients of your personal data will be bound by confidentiality obligations.
Workplace will be responsible for the actions of any service providers to whom your Personal Data has been transferred in their performance of Services provided to you, your employer, or WORKPLACE.
Product Site
Workplace routinely shares personal data with
Our affiliates and licensees as required to deliver services to our Clients Service providers we use to help deliver our products and services to you Law enforcement agencies and regulatory bodies to comply with legal and regulatory obligations
Applicant Site
Workplace routinely shares personal data with our affiliates and licensees. Other third parties we use to help us run our business, such as marketing agencies or website hosts; Third parties approved by you Auditors (e.g., in pursuit of ISO and other certifications) Our insurers and brokers (e.g., cybersecurity insurance providers) , bank(s), law enforcement agencies and regulatory bodies to comply with legal and regulatory obligations
Website
Workplace routinely shares personal data with other third parties we use to help us run our business, such as marketing agencies or website hosts; Third parties approved by you
Third-party Use of Personal Data
Workplace’s online or phone surveys collects and stores user information in a secure and private manner on behalf of WORKPLACE to manage online surveys. A client may allow Workplace to create surveys and questionnaires for distribution to potential survey respondents.
Our third-party online survey service provider maintains respondent information that may include information about Workplace survey recipients, and other demographics and data useful to Workplace.
Our third-party online survey provider uses the information they collect to improve the service they provide to Workplace. No information is shared with other third parties.
Newsletter Subscriptions Workplace’s third party newsletter publishing service provider for managing email newsletter subscriptions collects and stores visitor information in a secure and private manner on behalf of Workplace. This information includes, but is not limited to, email address lists, articles, survey answers, letters, and usage statistics.
This information is owned by Workplace and is not accessible to any other third parties. If you no longer wish to receive our newsletter, you may opt-out by following the optout instructions which are included in each communication. Online Client Service Chat Workplace’s third party online client service chat service provider collects and stores user information in a secure and private manner on behalf of WORKPLACE to manage online chat sessions.
If using this function, users will be asked to enter their names in whatever format or detail they prefer. During the chat, users engage in a live question and answer session with a Workplace employee. Our third-party online client service chat service provider maintains dialogue transcripts of these chats. After the chat, users may be asked to fill out an exit survey to obtain valuable feedback about Workplace service. Filling out the exit survey is voluntary. The surveys may ask for contact information and for demographic information. Data is also collected through aggregated tracking information from cookies. Our third-party online client service chat service provider uses the information they collect to improve the service they provide to Workplace. No information is shared with other third parties.
Our third-party online client service chat service provider uses cookies to link profile information (submitted by individuals to Workplace) with the chat sessions managed by Workplace’s employees. By setting a cookie, users do not have to enter their profile
information more than once, thereby saving time while on the chat session. Other statistical information about how our Sites are used is collected to assist the user with their client service experience. Our third-party business service provider uses cookies to link visits to our site with click-through from pay-per-click sponsored ads, placed by Workplace on external search engine sites. They work by placing a cookie on a user's computer when he/she clicks on one of our pay-per-click sponsored ads. Then, if the user reaches one of Workplace’s designated conversion pages, the cookie is connected to our web page. When a match is made, the third-party business service provider records a successful conversion for Workplace.
Tracking Technologies (limited to marketing purposes) Some of our third-party business service providers (e.g., aggregate traffic analytic services such as Google Analytics, search engines and live help chat) use cookies on our site. We have no access to or control over these cookies. Third parties with whom we partner to provide certain features on our Site, or to display advertising based upon your web browsing activity, use local shared objects (“LSOs”) such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML 5 LSOs. This Privacy Policy covers the use of cookies by the Sites and does not cover the use of cookies by any third parties. Technologies such as cookies or similar technologies are used by WORKPLACE and our marketing partners on some of our Sites.
These technologies are used in analyzing trends, storing username and password so that you do not have to enter it each time you visit the site, administering the Site, tracking users’ movements around the Site, and gathering demographic information about our user base. We may receive reports based on the use of these technologies from these marketing partners in an individual and/or aggregated format. Advertising We engage a third-party ad network to either display advertising on our Sites or to manage our advertising on other sites. Our third-party partner may use technologies such as cookies to gather information about your activities on this Site and other sites to provide you advertising based upon your browsing activities and interests. If you do not want to have this information used for serving you interest-based ads, you may opt-out by contacting the data protection officer. Please note this does not opt you out of being served all ads; you will continue to receive generic ads.
-
Promotional Communications Workplace may use your personal data to send you updates by mail, email, telephone, text message, or other instant message about our products and services, including exclusive offers, promotions, new products and/or suggested services.
-
Workplace maintains a legitimate interest in processing your personal data for promotional purpose (see above “How and why we use your personal data”). This means we do not usually require your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly prior to the communication.
-
Workplace will always treat your personal data with the utmost respect and never sell it to other organizations.
-
Workplace may ask you to confirm or update your marketing preferences if you instruct us to provide further products or services in the future, or if there are changes in the law, regulation, or the structure of our business.
Testimonials Workplace may post client testimonials on our Sites, which may contain personal data. We do obtain the client's consent via email prior to posting the testimonial to post their name along with their testimonial. If you wish to have your personal data removed from this section of our site, please contact us at legal@Workplaceworld.com.
Personal Data Disclosed to Vendors
In the last 12 months, Workplace disclosed personal data to vendors in the following categories that identifies, relates to, describes, is capable of being associated with, or could be linked, direct or indirectly, with a particular consumer or household:
-
Identifiers (e.g., first and/or last name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers);
-
Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, physical characteristics or description, address, telephone number, education, employment, employment history, or any other similar information;
Characteristics of protected classifications under California or federal law;
-
Commercial information (e.g., products or services purchased, obtained, or considered, or other purchasing or consumer histories, tendencies or similar information);
-
Biometric information; Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement);
-
Geolocation data; Audio, electronic, visual, haptic, or similar information; Professional or employment-related information;
-
Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences and characteristics.
DATA LOCALIZATION
Where Your Personal Data is Held
-
With the exception of the Transtalent product offerings listed below, all personal data provided to Workplace is hosted at WIX in the United States.
-
Data provided for Transtalent in Simplified Chinese is hosted in China with Alibaba Cloud.
-
Data provided for Transtalent in Traditional Chinese, Thai language, or English language is hosted in Singapore with Alibaba Cloud.
Data may also be accessed or used globally where authorized Client or Workplace associates providing services to the Client are located. In aWorkplacetion, Workplace follows the General Data Protection Regulation (“GDPR”) which applies across the European Union, China’s Personal data Protection Law (“PIPL”), Canada’s Personal data Protection and Electronic Documents Act (“PIPEDA”), Thailand’s Personal Data Protection Act (“PDPA”), as well as all applicable data privacy and security regulations in applicable jurisdictions.
Information may also be stored at our offices and those of our group companies, third party agencies, service providers, employees, contractors, affiliates, representatives, and agents as described above (see: “Who We Share Your Personal data With” above). Some of these third parties may be based outside the European Economic Area and the United States. Note: subprocessors’ servers are not located outside the EEA and U.S.
International Data Transfers
To deliver services to you, it is sometimes necessary for us to share your personal data outside the European Economic Area and United States, e.g.: With our offices outside the EEA and U.S.; With your and our service providers located outside the EEA or U.S.; If you are based outside the EEA or U.S.;
Where there is an international dimension to the services we are providing you.
The following countries to which we may transfer personal data have been assessed by the European Commission as providing an adequate level of protection for personal data: Andorra, Argentina, Canada, Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Republic of Korea, Switzerland, the United Kingdom, and Uruguay.
For more information, see the official website of the European Commission, here: https://ec.europa.eu/info/law/law-topic/data-protection/international- dimension-data-protection/adequacy-decisions_en
Except for the countries list above, non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. WORKPLACE will, however, ensure the transfer complies with data protection laws and exercise reasonable efforts to keep all personal data secure. Our standard practice is to use standard contractual clauses that have been approved by the European Commission. To obtain a copy of those clauses, see: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension- data-protection/standard-contractual-clauses-scc/standard-contractual-clauses- international-transfers_en. If you would like further information, please contact our Data Protection Officer (see “How to Contact Us” below).
Data Privacy Framework (DPF)
Workplace complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.?WORKPLACE has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, WORKPLACE commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, WORKPLACE commits to resolve DPF Principles-related complaints about our collection and use of your personal data.? EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact WORKPLACE using the contact provided below:
If you have a question or complaint related to participation by Workplace in the DPF Frameworks, we encourage you to contact us using the details in the Contact Us section below. For any complaints related to the DPF Frameworks that Workplace cannot resolve directly, we have chosen to cooperate with the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals, the UK Information Commissioner (for UK individuals), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) for resolving disputes with Swiss individuals.
Please contact us if you’d like us to direct you to your data protection authority contacts. As further explained in the DPF Principles, binding arbitration is available to address residual complaints not resolved by other means. Workplace is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
How Long We Keep Your Personal data
We retain your Personal data for as long as needed or permitted considering the purpose(s) for which it was obtained. The criteria used to determine our retention periods include:
-
The length of time we have an ongoing relationship with you or our client (your employer)
-
A period to respond to any questions, complaints, or claims made by you or on your behalf
-
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records for a certain period before we can delete them) Whether retention is advisable to fulfill a lawful request made by a regulatory body of an applicable jurisdiction
​
Your Rights Under the General Data Protection Regulation (“GDPR”) to the extent we are processing data under GDPR jurisdiction.
-
Right to Access The right to be provided with a copy of your personal data (the right of access)
-
Right to Rectification The right to require us to correct any mistakes in your personal data
​
Right to be Forgotten The right to require us to delete your personal data in certain situations
-
Right to Restriction of Processing The right to require us to restrict processing of your personal data—in certain circumstances, e.g., if you contest the accuracy of the data
-
Right to Data Portability The right to receive the personal data you provided to us, in a structured, commonly used and machine- readable format and/or transmit that data to a third party—in certain situations
Right to Object The right to object:
--at any time to your personal data being processed for direct marketing (including profiling).
--in certain other situations to our continued processing of your personal data, e.g., processing carried out for the purpose of our legitimate interests.
Right Not to be Subject to Automated Individual Decision-Making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
You can make any of these requests in relation to your personal data by submitting a data subject access request or contacting us by email, phone or post using the details in the “Contact Us” section of this website.
Your Rights Under the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act ("CPRA") to the extent we to the extent we are processing data under CCPA or CPRA jurisdiction.
​
Disclosure of Personal data We Collect About You You have the right to know:
​
-
The categories of personal data we have collected about you;
-
The categories of sources from which the personal data is collected;
-
Our business or commercial purpose for collecting or selling personal data;
-
The categories of third parties with whom we share personal data, if any; and
-
The specific pieces of personal data we have collected about you.
Please note that we are not required to:
Retain any personal data about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained; Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal data; or
Provide the personal data to you more than twice in a 12-month period. Personal data Sold or Used for a
Business Purpose
N/A Right to Deletion Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
-
Delete your personal data from our records; and Direct any subprocessors to delete your personal data from their records. Please note that we may not delete your personal data if it is necessary to:
-
Complete the transaction for which the personal data was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
-
Debug to identify and repair errors that impair existing intended functionality;
-
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
-
Comply with the California Electronic Communications Privacy Act;
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent; Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us; Comply with an existing legal obligation; or
-
Otherwise use your personal data, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against Discrimination You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things: Deny goods or services to you; Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
Provide a different level or quality of services to you; or Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services. Please note that we may charge a different price or rate or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to our business by your personal data.
How We Keep your Personal Data Secure
Workplace is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. WORKPLACE complies with applicable data protection laws, including applicable security breach notification laws.
How to Exercise Your Rights or Contact Us
Workplace Analytica, 167-169 Great Portland Street London W1W
Changes to this Privacy Notice
Workplace may change this privacy notice from time to time. When we do, we will post changes on the Sites and other places deemed appropriate, so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we share or disclose it.
Choice/Opt-out
Users who provide information requested by the Sites thereby consent to the terms of this Privacy Policy and to Workplace’s use of the information it collects as described in this Privacy Policy. Those who do not agree to this Privacy Policy may not use the Sites. Users also have the right to revoke prior consent at which time access to Sites and usage of Services would cease.