Application Privacy Policy
Effective Date – January 1, 2024
Sciolytix, Inc. creates software that helps organizations hire and develop their people better, faster, and cheaper. We have two products: the ImpactSIMs™ Sales Assessment and DigitalChalk Learning Management System (LMS). The entity granting you access to Sciolytix’s software (“Organization”) is a Sciolytix customer that collects and processes your personal data. This privacy policy (“Privacy Policy”) governs Sciolytix’s processing of personal data you and/or the Organization has inputted into Sciolytix’s software application (“Software”) for the purpose of recruiting, training, and/or managing you.
Collection of Information
Sciolytix does not directly collect your personal data. Sciolytix processes data you and/or the Organization inputs into the Software for the purpose of recruiting, training, and/or managing you. Such data may include, but is not necessarily limited to, candidate data, employee data, contractor data, student data, training data, and performance data.
Usage of Data
Sciolytix will process the data only in accordance with the agreement between Sciolytix and the Organization, including, but not necessarily limited to, providing technical or functional support, and ensuring the security of the Software. Please contact the Organization with any questions about its use of your personal data.
Contact and Queries
The Organization is a data controller. A (Data Controller”) determines the purposes for which and the means by which personal data is processed. Sciolytix is a data processor of your personal data. A (“Data Processor”) processes personal data only on behalf of the controller and in accordance with the Data Controller’s instructions. All queries regarding your personal data should be directed to the Organization.Website Usage Information
1. Cookies
For information on the cookies we use, and their functionality please refer to our cookie policy.
2. IP address and Clickstream data
Our servers automatically collect data about your internet protocol (“IP”) address when you visit a Sciolytix webpage (“Website”). Our servers may log your IP address and sometimes your domain name when you request pages from a Website. Our servers may also record the referring page that linked you to us (e.g. another website or a search engine); the pages you visit on a Website; the website you visit after the Website; other information about the type of web browser, computer, platform, related software and settings you are using; any search terms you have entered on the Website or a referral website; and other data logged by our web servers. We use this information for internal system administration, to help diagnose problems with our servers, and to administer our Websites. Such information may also be used to gather broad demographic information, such as country of origin and Internet service provider. Personal data including IP addresses are not used to facilitate contact with users who have not provided their contact details to Sciolytix . Personal data is not shared with nor sold to any unauthorized third-party
Use, Disclosure, and Sharing of Personal Data
1. Service providers
We may use third-party partners to operate and maintain our Software and deliver our products and services in accordance with the agreement we have with the Organization. Third-party service providers are contractually restricted from using or disclosing your personal data except as necessary to perform services on our behalf or to comply with legal requirements. Data may be processed within or outside of the European Economic area, according to the contractual agreement and applicable laws.
2. Aggregated statistics
We may aggregate and anonymize non-personally identifiable data into statistics regarding user behavior such as overall patterns or demographic reports that do not describe or identify any individual user. This shall always be done in accordance with the agreement between the Organization and Sciolytix .
3. Legally compelled disclosures
We may disclose your personal data if required to do so by law or subpoena or if we believe that such action is necessary to: (a) conform to law applicable to Sciolytix or our partners; (b) comply with a judicial or court order, or comply with legal processes served on us or Affiliated Parties; or (c) protect and defend our rights and property, Websites, and/or the users of the Websites.
4. Worldwide transfer and processing of Personal Data (applies unless otherwise agreed in writing between you or the Organization and Sciolytix )
Sciolytix may use your data for the purposes described herein and per the agreement between Sciolytix and the Organization. Depending on contractual requirements and applicable law, your data may be processed and transferred in and to the United States and other countries and territories listed herein, which may have different privacy laws from your country of residence, and which may afford varying levels of protection for your personal data. Regardless of the laws in place in these countries, we will treat the privacy of your information in accordance with this Privacy Policy and the agreement between Sciolytix and the Organization.
Your access and correction rights
You retain the right to submit and correct or delete your personal data by contacting the Organization.
Sciolytix Inc. is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
Data Privacy Framework
Sciolytix Inc. is NOT yet certified with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce, but has applied for self-certified.
Once certified, Sciolytix will be committed to the following:
Sciolytix, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.
Sciolytix , Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Sciolytix Inc, commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Sciolytix Inc. at: privacy@sciolytix.com
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Sciolytix Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.
As required under the principles, when we receive information under the Data Privacy Framework and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Data Privacy Framework if the agent processes the information in a manner inconsistent with the Data Privacy Framework and we are responsible for the event giving rise to the damage.
We encourage you to contact us at privacy@sciolytix.com should you have a Data Privacy Framework related (or general privacy-related) complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact the independent recourse mechanism listed below:
UK Information Commissioner’s Office (ICO)
EU Data Protection Authorities (DPAs)
We have committed to cooperating and complying with the information and advice provided by an informal panel of data protection authorities in the European Economic Area, and/or the Swiss Federal Data Protection and Information Commissioner (as applicable) in relation to unresolved complaints (as further described in the Data Privacy Framework Principles). You may also contact your local data protection authority within the European Economic Area or Switzerland (as applicable) for unresolved complaints.
Under certain conditions, more fully described on the Data Privacy Framework website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.
Sciolytix Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Third-party websites
When you are on this Website you may have the opportunity to visit or link to other websites, including other websites operated by us or by unaffiliated third parties. These websites may collect personal data about you, and because this Privacy Policy does not address the information practices of those other websites, you should review the privacy policies of such other websites to see how they treat your personal data.
Privacy of minors
This Website is not directed at minors, as described under applicable law, we do not knowingly collect personal data from minors, as described under applicable law, on our Websites. If we become aware that we have inadvertently received personal data from a minor, as described under applicable law, on a Website, we will delete the information from our records.
Security
The security and privacy of personal data is of utmost importance to Sciolytix . We use commercially reasonable and industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your personal data. More information can be found here: https://www.Sciolytix.com/company/security.
GDPR Information Notice and Related Provisions
The General Data Protection Regulation 2016/679 (“GDPR”) is a regulation on data protection and privacy in the European Union and the European Economic Area (“E.E.A.”). It also addresses the transfer of personal data outside the E.U. and E.E.A. GDPR requires Data Processors to provide the following information.
1) Controller Identity and Contact Details
Sciolytix acts only as a processor. The Organization is the controller of your personal data and should provide you appropriate contact details.
2) Data Protection Officer
Sciolytix has appointed a Data Protection Officer who can be reached at privacy@sciolytix.com. However, Sciolytix acts only as a processor. The Organization is the Data Controller and should provide you appropriate contact details.
3) Purposes and Legal Basis for the Processing
Sciolytix will process the data only in accordance with the agreement between Sciolytix and the Organization, including, but not necessarily limited to, providing technical or functional support, and ensuring the security of the Software. Please contact the Organization with any questions about its use of your personal data.
4) Information Sharing
We may use third-party providers to help us to deliver our products and services. Third-party service providers are contractually restricted from using or disclosing the information, except as necessary to perform services on our behalf or to comply with legal requirements.
5) International Transfers
Depending on contractual requirements and applicable law, data can be processed within or outside of outside of the European Economic area. All locations either benefit from an Adequacy Decision or from alternative suitable safeguards.
6) Data Retention
Sciolytix will retain your data only as agreed between Sciolytix and the Organization and in accordance with applicable laws to which Sciolytix is subject.
7) Data Subject Rights
Sciolytix acts only as a Data Processor. The Organization is the controller and should provide you appropriate contact details.
8) Automated Decision-making
Sciolytix acts only as a processor and does not make decisions impacting you. The Organization is the controller and should provide you appropriate information regarding its decision-making process.
U.S. Specific Provisions
Where Sciolytix is subject to U.S. privacy requirements the following applies:
1) Job Applicants and Employees
Sciolytix collects or is provided personal data such as name, address, email address, and social security numbers from job applicants, employees, and contractors for, among other things, legitimate human resource business reasons such as payroll administration, filling employment positions, maintaining accurate benefits records, meeting governmental reporting requirements, security, health and safety management, performance management, company network access, and authentication. Sciolytix does not engage in automated decision-making.
2) Customers
Personal data provided to Sciolytix by the Organization and the processing of personal data is defined in the Collection of Information and Usage of Data sections of this policy.
3) Do Not Track.
Your browser may allow you to set a “Do not track” preference. Unless otherwise stated, our sites do not honor “Do not track” requests. However, you may elect not to accept cookies by changing the designated settings on your web browser. Please note that if you do not accept cookies, you may not be able to use certain functions and features of our Webpages.
Updates to our privacy statement
This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our online information practices. We will indicate at the top of the statement when it was most recently updated.
Language
The governing language of this Privacy Policy is English, which shall prevail over any other language used in any translated document.