Policy brief & purpose

Our Company Privacy and Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.

With this policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights.

This Statement of Privacy applies to Baker Communications Web site and services and governs data collection and usage. By using Baker Communications website or services, you consent to the data practices described in this statement.

Scope

This policy refers to all parties (employees, job candidates, customers, suppliers etc.) who provide information to us.

Who is covered under the Data Protection Policy?

Employees of our company and its subsidiaries must follow this policy. Contractors, consultants, interns, volunteers, partners, and any other external entity are also covered. Generally, our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.

Policy elements

As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data, and/or responses to assessment questions. Baker Communications also collects anonymous demographic information, which is not unique to you, such as your state, ZIP code and training preferences.

There is also information about your computer hardware and software that is automatically collected by Baker Communications. This information can include: your IP address, browser type, domain names, access times and referring Web site addresses. This information is used by Baker Communications for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of Baker Communications Web site.

If you choose to follow links from Baker Communications to other web sites, we encourage you to review the privacy statements of those web sites so that you can understand how those web sites collect, use and share your information. Baker Communications is not responsible for the privacy statements or other content on Web sites outside of Baker Communications and Baker Communications family of Web sites.

Our company collects this information in a transparent way. Once this information is available to us, the following rules apply.

Our data will be:

• Accurate and kept up to date
• Collected fairly and for lawful purposes only
• Processed by the company within its legal and moral boundaries
• Protected against any unauthorized or illegal access by internal or external parties

Our data will not be:

• Communicated informally
• Communicated informally
• Stored for more than a client's specified amount of time
• Transferred to states or countries that do not have adequate data protection policies
• Shared with any party other than our published list of sub-processors and parties approved by the data owner or data controller. (exempting legitimate requests from law enforcement authorities)

In addition to ways of handling the data the company has direct obligations towards people to whom the data belongs. Specifically, we must and will:

• Let people know which of their data is collected
• Inform people about how we'll process their data
• Inform people about who has access to their information
• Have provisions in cases of lost, corrupted, or compromised data
• Allow people to request that we modify, erase, reduce or correct data contained in our databases

Use of your Personal Information

Baker Communications collects and uses your personal information to operate Baker Communications Web site and deliver the services you have requested. Baker Communications also uses your personally identifiable information to inform you of other products or services available from Baker Communications and its affiliates. Baker Communications may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.

Baker Communications does not sell, rent or lease its customer lists to third parties. Baker Communications may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. In addition, Baker Communications may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to Baker Communications, and they are required to maintain the confidentiality of your information.

Baker Communications does not use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.

Baker Communications keeps track of the Web sites and pages our customers visit within Baker Communications, in order to determine what Baker Communications services are the most popular. This data is used to deliver customized content and advertising within Baker Communications to customers whose behavior indicates that they are interested in a particular subject area.

Baker Communications Web sites will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Baker Communications or the site; (b) protect and defend the rights or property of Baker Communications ; and, (c) act under exigent circumstances to protect the personal safety of users of Baker Communications , or the public.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.

All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Database to be only accessed by those authorized with special access rights to our systems and are required to keep the information confidential.

Access Control - Access to assessment data is restricted to key personnel only for the purpose of providing our services and revoked immediately upon employee termination. Remote access is only permitted through secure channels, and our password policies require strong passwords and prevent reuse, along with multi-factor authentication where possible.

Personnel - All employees receive data privacy and security training. Our employees must pass a criminal background check and are bound by a non-disclosure agreement.

Encryption - All data is encrypted in transit using secure TLS cryptographic protocols. In addition, data at rest is encrypted where possible.

How long do we keep your information?

The organizations who contract our sales assessment services determine the length of time that data will be retained, and Baker Communications will respect and enforce any retention guidelines specified by these organizations. In many cases, in the case of current employees, it is important for these organizations to have access to your assessment data for a period of many years, in order to view or demonstrate how your abilities have changed over a period of time. In the case of candidates for employment, a long period of time may pass between an individual completing an assessment and actually being hired, and again that information may need to be compared to establish skill progression over a period of many years. Please note that you can exercise your rights to remove your personal information from our systems, as described in this Privacy Policy, at any time

Use of Cookies

Baker Communications Web site use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize Baker Communications pages, or register with Baker Communications site or services, a cookie helps Baker Communications to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Baker Communications Web site, the information you previously provided can be retrieved, so you can easily use Baker Communications features that you customized.

When completing one of our online assessments, we use cookies to track your identity from one page to the next.

You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of Baker Communications services or Web sites you visit.

Sales Assessment Data

All data submitted via our online sales assessments will be shared with the organization who purchased our services (Client). The Client may have separate and independent privacy policies. We therefore have no responsibility or liability for the activities of Clients. Nonetheless, we seek to protect the integrity of your personal information and welcome any feedback about the use of your information.

During the course of providing sales assessment services via our website, we collect information including:

• Contact information, including name. This is used by our Clients to identify your responses.
• Information about your experience in a specific company, type of job, or industry.
• Device data, including your IP address, operating system, device type, and web browser type. This is used for technical support and traceability
• Your email address. This is used to contact you about the status of your assessment and shared with Clients to identify your responses or contact you.

The data from your assessment, stripped of personally identifiable data and aggregated with other such information, may be used by Baker Communications for statistical purposes.

Your assessment questionnaire responses are owned by the Client who has contracted Baker Communications' services to provide assessment services. Please contact the Client directly for any concerns about your assessment results.

If you have completed an assessment with Baker Communications within the past year, we reserve the right, at our discretion, to reuse your previously provided answers as a substitute for asking you the same questions again. Doing this saves you the time and frustration of answering questions you have already answered, and also preserves the integrity of our assessment by minimizing opportunities for a respondent to provide conflicting answers. Note that only multiple-choice answers, and never your personally identifiable information (such as your name and email address), will ever be copied from a previous assessment to a current assessment.

Please contact the Client who has contracted Baker Communications' services to access or correct any of the personal information you provide while using our assessment services.

Behavior Assessments

As part of some of our workshops, attendees make take a brief self-service behavior assessment. The result of this assessment is shared with the data subject and potentially the workshop instructor. This assessment is solely for the use and benefit of the data subject. No decisions, automated or otherwise, are based on this data. Please note that you can exercise your rights to remove your personal information from our systems, as described in this Privacy Policy, at any time

Data Storage

All data is stored on servers located in the United States, and processing of data occurs within the United States.

Legitimate Interests

Please be aware that our assessment services have been contracted in order to protect the legitimate interests of the data controller -- an employer who has determined that it is necessary to understand and/or confirm the sales and/or leadership capabilities of its employees or candidates for employment.

Identifying Your Data Controller

For the purposes of data privacy law, including GDPR, the data controller is the party that controls how your data is being used. As a contracted assessment provider, Baker Communications is acting as a data processor, not a data controller. Since some rights may need to be exercised with the data controller, you have a right to know the identity of the data controller. To obtain the identity of the data controller, please email us at information@bcicorp.com and include the alphanumeric PIN you were provided when starting your assessment (this was also emailed to you in the form of a link). For data collected by Baker Commnications that is not part of a contracted assessment, Baker acts as the data controller.

Your Rights

Baker Communications may serve as a processor of personal information for data controllers located in the European Union. Therefore, we are committed to respecting your rights as they pertain to personal information.

Please note that your rights must also be balanced with the rights of other parties, including the organizations which contract our assessment services. This includes, for example, those parties protecting their legitimate interests as they pertain to understanding your strengths and weaknesses which are measured by our assessments.

Your rights may include the following:

Right of Access - Upon request, we will confirm the personal information we hold about you. Please note that the assessment questionnaires are copyrighted intellectual property and are not considered part of your personal information.

Right to Rectification - Upon request, we will rectify any incorrect "demographics" we hold about you. This would include, for example, your name and email address. In most cases, your information is processed immediately upon its submission, and passed on to the organization which contracted our assessment services. Therefore, in addition to correct our own records, we will forward the correction to the data controller. Note that your right to rectification does not give you the right to change how you answered questions, as doing so would infringe upon the rights of the organization which contracted our services to have trustworthy, unaltered answers.

Right to Erasure - You may contact us to request the removal of your personally identifiable information from our databases. Please note that, in most cases, your information has already been shared with the organization which has contracted our services, so your request will be forwarded to the data controller as well, and subject to their data erasure policies.

Right to Restriction of Processing - If you have submitted personal information to us but it has not yet been processed and sent to the data controller, you may request that we not process your information. We encourage users to instead request that your information be erased, to ensure that no processing can occur.

Right to Data Portability - As there is no industry standard for transmitting assessment data, it is challenging for us to provide you with a copy of your information that can be reused elsewhere. However, we respect your right to obtain a copy of your information and will send you a copy of the personal information -- information that personally identifies you -- which you provided to us upon request in and industry standard format.

All requests to exercise your rights will be addressed without undue delay, and within 30 days. To exercise any of your rights, please contact us via one of the methods listed in the contact information section below. Please note that we will need to confirm your identity.

Changes to this Statement

Baker Communications will occasionally update this Statement of Privacy to reflect company and customer feedback. Baker Communications encourages you to periodically review this Statement to be informed of how Baker Communications is protecting your information.

Contact Information

Baker Communications welcomes your comments regarding this Statement of Privacy. If you believe that Baker Communications has not adhered to this Statement, please contact Baker Communications information@bcicorp.com. We will use commercially reasonable efforts to promptly determine and remedy the problem.

If you are located within the European Union, Baker Communications can be contacted for matters related to the processing of personal data at gdpr-eu@bcicorp.com.

VeraSafe has been appointed as Baker Communication's representative in the United Kingdom for data protection matters, pursuant to Article 27 of the United Kingdom General Data Protection Regulation. If you are located within the United Kingdom, VeraSafe can be contacted in addition to or instead of gdrp-uk@bcicorp.com , only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form:

or via telephone at: +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
United Kingdom