Harrison Assessments Privacy Policy ("Privacy Policy")

Last updated: Oct 31, 2022

Introduction to this Privacy Policy

This website (the "Site" or "Website") is owned and operated by Harrison Assessments International, Ltd. ("HA"). At HA, we recognize the importance of privacy to you and are firmly committed to protecting your privacy when you visit the Site and provide information to us. As a result, we have instituted this website privacy policy ("Privacy Policy"). HA is providing this notice to explain how we collect, use, disclose and protect the Personal Information you submit to us when accessing and using the Site.

In general, you may visit the Site and view its content while remaining anonymous to us by not providing any Personal Information. By visiting and using the Site, you agree to the terms of this Privacy Policy and, if you provide us your personal information, you may consent to the collection, use and disclosure of your information as described in the consent and this Privacy Policy.

As used in this Privacy Policy, "we," "our" and "us" means HA and its affiliates.

The meaning of Personal Information

Personal Information is defined in this Privacy Policy as in data privacy laws applicable in your country. In general, it includes any information relating to an identified or identifiable natural person. This means any individual who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifiers (for example, IP addresses - if they can be used to identify you) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Put simply, this includes data which either by itself or with other data held by us or available to us, can be used to identify you.

Personal Information also includes special categories of Personal Information where you provided your explicit consent to do so. This is data about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation (as relevant).

Important notice about international transfers

Due to the global nature of our business, your Personal Information will be stored and transferred to parties located in other countries, including outside the European Economic Area. These other countries will either have different data protection laws than your country of residence or they will not have data protection laws. They may not be deemed by the European Commission as providing adequate protection for Personal Information.

In particular, we store your Personal Information on servers in Singapore. These countries are not deemed by the European Commission to have adequate protections for Personal Information. However, we store all data on Amazon Web Services servers which use the highest level of data security technology. We will use of European Standard Contractual Clauses (SCCs), where required under applicable law. You can find out what these are online at the following address:https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en. If you have any questions or wish to be provided with a copy please contact us (details below). Please note commercially sensitive information may be removed/blanked out from copies supplied to you.

The categories of Personal Information we may collect

Personal Information collected from you include the following:

• your full name, postal address, e-mail address, employer/business and professional information, job titles, telephone and fax numbers, demographic information, IP address and
• any other Personal Information which you voluntarily provide to us from time to time.

Personal Information about other persons

Where you wish to provide us with Personal Information about another person, including colleagues or the persons you act on behalf of, you must ensure that you have their prior permission to do this. You must also share with them a copy of this Privacy Policy as well as any other relevant privacy statements (see above) before you ask them for this permission.

The purposes for which we use and process Personal Information

We use and otherwise process Personal Information only for specific and limited purposes. We ask only for data that is adequate, relevant and not excessive for those purposes. When we ask you for Personal Information, we endeavour to tell you the purposes for which we will process that data where appropriate.

This may include the following:

1. if you choose to register to receive information about our products and services or if you enquire about these we will use your Personal Information in order to respond;
2. where you have provided your consent, or otherwise in accordance with applicable data protection and marketing laws, to contact you occasionally to inform you of new products and/or services we will be providing or we consider will be of interest to you;
3. to process your request for information or to exercise any rights;
4. to diagnose any problems with our server and administer our Website;
5. to generate organizational cultural analysis and work preference reports;
6. processing job applications;
7. for market research and analysis and developing statistics;
8. for compliance with legal and regulatory requirements and good governance obligations.

We will not trade, rent, share or sell Personal Information, survey responses, or any other specific details about you or your organization, with unaffiliated third parties (including direct marketing firms), except as set forth in this Privacy Policy, unless we have requested and obtained your consent.

The legal basis for our use and other processing of your Personal Information under applicable data privacy laws

We have described above the purposes for which we may use and otherwise process your Personal Information in connection with the Website or for our business purposes. We are required by law to indicate to you the legal basis for this use and other processing. This will include (as relevant):

1. in order that we may perform our obligations under any contract with you;
2. processing for legitimate interests provided these are not overridden by your interests and fundamental rights and freedoms (this includes our own legitimate interests and those of other entities and branches in our group of companies), in particular this is relevant when we use and process your Personal Information in order to respond to your enquiries and to address our good governance obligations;
3. processing which is necessary for compliance with our legal obligations laid down by European Union law (where relevant) and by national laws in all of our countries.

Your consent may also be a lawful reason for processing your Personal Information in certain cases. This means your freely given, specific, informed and unambiguous consent. For instance, where we seek your consent in order to send you direct marketing communication (see below). You should be aware that you are entitled under applicable data privacy law to withdraw your consent, where that has been given, at any time. You should be aware that if you do this and if there is no alternative lawful reason for us to rely on to justify the relevant use or other processing on your Personal Information, this may affect our ability to for instance provide you with information about our products and services.

In summary, we need certain categories of Personal Information because that is necessary in order to administer any contract with you (where relevant). Certain other Personal Information is processed for our legitimate interests in cases where this does not result in prejudice to you. If at any time you decide that you do want more information on the legal basis of legitimate interest and/or the other legal bases, please tell us (see "Contact us" below).

Certain other Personal Information is processed based on a consent.

Please note that the processing of Personal Information may be necessary to fulfil a statutory or contractual requirement where this is indicated by us (e. g. online forms). Without certain Personal Information we may not be able to fulfil legal requirements, contractual obligations, your requests and/or your inquiries.

Keeping you informed and direct marketing

With your consent, where relevant we will keep your name, address and contact details (including telephone numbers and email addresses) in our databases and may from time to time use that information to make you aware of our own related products and services as well as updates on developments in our industry sector generally which may be of interest to you. We may contact you in writing, by telephone, fax or email for this. If at any time you decide that you do not want your contact details used for these purposes, please tell us (see "Contact us" below).

Data anonymization and use of aggregated information

We may convert your Personal Information into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports. For example, we may produce reports on which of our product offerings attract the fewest or the highest number of enquiries from brokers and intermediaries and other persons visiting our Website. We may share aggregated data in several ways, including for the same reasons as we might share Personal Information (see "Disclosure of your Personal Information to third parties" below).

In particular, we use technology to collect anonymous information about the use of this Website. For example:

1. we use technology to track which pages of our Website visitors view. We also use technology to determine which web browsers our visitors use. This technology does not identify you personally, it simply enables us to compile statistics about our visitors and their use of our Website.
2. certain pages of this Website may contain hyperlinks to other pages of it. We may use technology to track how often these links are used and which pages on our Website our visitors choose to view. Again this technology does not identify you personally - it simply enables us to compile statistics about the use of these hyperlinks.

We use this anonymous data to improve the content and functionality of this Website and consider areas and subjects which are attracting interest so that we can focus our e-mail updates (for those that wish to receive such communications). This allows us to better understand our Website visitors' interest areas generally and therefore to improve our Website and products and services we offer.

Cookies

We use Google Analytics tools that collect anonymous information about your visits to the website such as the subpages that you have viewed, the time you spent on the website or the transitions between individual subpages. For this purpose, Google LLC cookies are used for the Google Analytics service.

Only authentication cookies are used. No other kind of cookie is used.

Disclosure of your Personal Information to recipients

We may disclose your Personal Information to recipients, including but not limited to as follows:

1. within our group of companies and (if you are located in a jurisdiction where we have branch operations), to our local branch operations for the purposes of use described in this Website Privacy Statement;
2. to our business partners in order to deliver our products and services, this may include agents and other third parties;
3. as necessary in order to comply with a legal requirement (including, where appropriate, any imposed on our group companies in the United States), for the administration of justice, to protect vital interests, to protect the security or integrity of our databases or this Website, to take precautions against legal liability;
4. to regulatory authorities, courts and governmental agencies to comply with legal orders, legal or regulatory requirements and government requests; and
5. HA may engage third parties to manage the Site and provide other services in connection with the Site, such as the collection and analysis of data. Such third parties may have access to certain personal information you provide as necessary for the provision of such services on behalf of HA; provided, however, all such third parties shall be required to protect such personal information in accordance with this Privacy Policy.

Security of Personal Information

We endeavour to use appropriate technical and physical security measures to protect Personal Information which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access, in connection with our Website. These measures include computer safeguards and secured files and facilities. Our service providers are also selected carefully and required to use appropriate protective measures. In certain areas, HA uses industry-standard SSL-encryption to protect data transmissions. Most current browsers support the level of security needed to use these areas.

In particular, we endeavour to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including as appropriate: (a) pseudonymisation (such as where data is separated from direct identifiers so that linkage to an identity is not possible without additional information that is held separately) and encryption, (b) ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process your Personal Information, (c) ensuring the ability to restore the availability and access to Personal Information in a timely manner in the event of a physical or technical incident; and (d) ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational security measures.

Your HA account information is password-protected for your privacy and security. While we strive to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third parties from intercepting this information. You should not assume or expect that any communication that you transmit to us (such as personally identifiable or other data, questions or answers, comments, or suggestions) is confidential. We strongly recommend that you do not disclose your password to anyone. HA will never ask you for your password in any unsolicited communication. HA, any third parties providing services in connection with the Site, and their respective internet service providers shall not be liable or responsible if any information about you is intercepted and used by an unintended recipient.

Retention period or criteria used to determine the retention period

We keep your Personal Information for as long as it is necessary to do so to fulfil the purposes for which it was collected as described above.

In general, the criteria we use to determine data retention periods for Personal Information includes the following: (i) Retention in case of queries. We will retain it for a reasonable period after the relationship between us has ceased (up to 6 months) in case of queries from you; (ii) Retention in case of claims. We will retain it for the period in which you might legally bring claims against us (in Germany this means we will retain it for 10 years) if and to the extent we have entered into any contract with you; (iii) Retention in accordance with legal and regulatory requirements. We will consider whether we need to retain it after the period described in (ii) because of a legal or regulatory requirement.

If you would like further information about our data retention practices please contact us (see "Contact Us" below).

Your rights under data privacy laws

You have various rights under data privacy laws in your country. These may include (as relevant):

the right to request access to the Personal Information we hold about you;

the right to rectification including to require us to correct inaccurate Personal Information;

the right to request the erasure of your Personal Information where it is no longer necessary for us to retain it;

the right to data portability including to obtain Personal Information in a commonly used machine readable format in certain circumstances such as where our processing of it is based on a consent;

the right object to automated decision making including profiling (if any) that has a legal or significant effect on you as an individual;

and the right to withdraw your consent at any time to any processing for which you have previously given that consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before this withdrawal.

Please note that your rights may also include the right to object to processing of Personal Information.

Furthermore you may have the right to lodge a complaint with supervisory authority (e. g. Art. 77 GDPR).

Please see "Contact Us" if you wish to exercise any of these rights (as relevant).

Links to Other Websites

This Website may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of these third-party websites or any association with their operators. We do not control these websites and are not responsible for their data or privacy practices. We urge you to review any privacy policy posted on any site you visit before using the site or providing any Personal Information.

Updated and changes to this Website Privacy Statement

We are continually improving our methods of communication and adding new functionality and features to this Website and to our existing services. Because of these ongoing changes, changes in the law and the changing nature of technology, our data practices will change from time to time. We encourage you to check this page frequently.

Contact Us

If you wish to exercise your data privacy related rights against us please e-mail: legal@harrisonassessments.com

Be sure to include your email address and telephone number with your correspondence.

Alternatively, write to

Harrison Assessments International, Ltd.

Unit 3105, Level 31, Metroplaza Tower 1, 223 Hing Fong Road, Kwai Fong, New Territories, Hong Kong

Phone: (852) 35896541

For other contact details please see our website.