Privacy Policy

Zenithr Assessments Platform
Zenithr Experience Platform
Zenithr Intelligence System
Zenithr Intelligent system (“Zenithr”) is committed to protecting the privacy and security of the data of its clients and associates (hereafter, “Users”). This Privacy Policy applies to both test-takers (“Assessment Takers or Respondents ”) and administrators (“Assessment Administrators or Hiring Managers”). We want you to understand how we collect and use information through our product and services (hereafter, “Platform”) so you can interact with Zenithr with confidence. By using Zenithr’s Platform you accept and agree to the practices this Privacy Policy describes.
Information We Collect

When you use our Platform, we may collect and use personally identifiable information about you, as well as other information. More specifically, when you use our Platform, we may collect the following information:

  1. From Respondents
    Information relating to your education, including an educational institution’s name, Respondent name, Gender, Nationality, Email Id and Phone Number personal identifiers such as the Respondent number or , other indirect identifiers, such as Respondent ’s date of birth, additional information that, alone or in combination, is linked or linkable to a specific Respondent that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the Respondent with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the Respondent to whom the education record relates, as well as other personally identifiable information about other customers or employees, including, but not limited to, driver’s license number or state-issued identification card number, financial account number, credit card number, or debit card number with or without any required security code, that would permit access to an individual’s financial account.

    If our online proctoring services are used, your webcam and computer screen may be monitored, viewed, recorded, and/or audited to ensure the integrity of the assessment , including by Zenithr or its partners proctors, and university and/or assessment sanctioning body staff. This means that you and your surroundings, and anything else within range of your webcam or viewable on your computer screen, may be monitored, viewed, recorded, and/or audited during your exam. Zenithr will never share images of your surroundings with other test takers. You have the choice of where to take the assessment. Please choose your testing location wisely. If you have concerns about the privacy of your assessment location, you should select another area to complete your test, such as a private room and noise-free environment.
  2. From Administrators / Hiring Manager
    Information used to contact you, including name, email address [FILL IN INFORMATION].
Use of Your Information

We use the information we collect from you primarily to enable us to provide our services in the best possible manner, including our online proctoring and exam integrity services. In addition, your information may be used for the following purposes:

  • To present our Platform and its contents to you;

  • To provide you with information, products or services that you request from us;

  • To fulfill any other purpose for which you provide it;

  • To provide you with notices about your account;

  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;

  • To notify you about changes to our Platform or any products or services we offer or provide though it;

  • To allow you to participate in interactive features on our Platform;

  • To administer our Platform, including by monitoring and analyzing our Platform traffic and usage patterns;

  • In any other way we may describe when you provide the information;

  • For any other purpose with your consent;

  • As otherwise described to you when collecting your personal information; or

  • To evaluate or conduct a merger, divestiture, restructuring, reorganizing, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our consumers is among the assets transferred.

Security

We use commercially suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. These procedures include, but are not limited to, firewalls, encryption, intrusion detection, and Platform monitoring. We also limit access to any personally identifiable information we receive to staff who need access to that information in order to do their jobs. However, no data protection procedures are entirely infallible. As a result, while we strive to protect your personally identifiable information, we cannot guarantee that it will be 100% secure. Your transmission of your data to our Platform thus is done entirely at your own risk.

Sharing Your Information

We may share your personal information as follows:

Generally: We may share your personal information with trusted third parties, hiring partners or our affiliates to assist us in providing our service (a “Business Purpose”), including by acting on our behalf to provide consulting and advisory services. Such third parties have access to personal information as needed to perform their functions, but they are not allowed to use it for other purposes. When we disclose personal information for a Business Purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We share your personal information with the following categories of third parties:

  • Service providers for the processing and storage of digital data

  • Service providers for the processing and storage of video data

We do not sell or rent personal information collected through Zenithr’s Platform to anyone.

Other Circumstances

We may disclose your personal information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party, or if we have a good faith belief that disclosure is necessary to:

  • Comply with applicable laws, regulations, legal process (such as a subpoena), or lawful requests by public authorities, including to meet national security or law enforcement requirements;

  • Enforce applicable Terms of Service, including investigation of potential violations of such Terms, or to detect, prevent, or otherwise address fraud, security, or technical issues;

  • Protect against harm to the rights, property, or safety of Zenithr, our Users, or the public as required or permitted by law; and/or

  • Comply with Respondent Privacy Pledge that allows parental access to, and correction of errors in, their children’s information when Users under 18 years of age interact with our system.

Third Party Websites and Social Media Features

Zenithr’s Platform may contain links to other sites, including those of third parties or business partners. While we seek to link only to sites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use. By accessing other third-party websites or applications through our Platform, you are consenting to the terms and privacy policies of those websites. It is possible that other parties may collect personally identifiable information about your online activities over time and across different websites when you use Zenithr’s Platform.

Review and Correction of Your Information

You may review and edit the information Zenithr collected about you at any time by contacting us at the address below.

Visitors from the European Union and European Economic Area

Zenithr’s Platform is hosted and operated in the Middle East (Bahrain Region ). Unless you have been informed otherwise, by using the Platform, you are consenting to the transfer of your personal information to the us. If you are accessing the Platform from outside the Middle east please be advised that GDPR may not offer the same privacy protections as the law of your jurisdiction. If you are a resident of the European Union or the European Economic Area, please see European Union and European Economic Area Resident Privacy Notice.

Privacy Policy Updates

We update the Privacy Policy occasionally, so please review it regularly. If we materially change our Privacy Policy, we will notify you by contacting you through your user account email address or by posting a notice on our Platform and request new consent. If Zenithr wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to. Your continued use of the Platform will be deemed your agreement that your information may be used in accordance with the new policy. If you do not agree with the changes, then you should stop using the Platform and notify us that you do not want your information used in accordance with the changes.

Contacting Us

We welcome any questions, comments, or complaints you may have regarding this Privacy Policy. Please do not hesitate to contact us at:

info@zenithr.com

This Privacy Policy was last updated on June 9th, 2024

This ZENITHR privacy policy (“Privacy Policy”) is provided in a layered approach so that you can click through to specific areas set out below.

IMPORTANT INFORMATION

Purpose of this Privacy Policy

ZENITHR has agreed with your employer (“Employer Agreement”) to grant you access to the ZENITHR system (“System”) and/or to complete surveys or otherwise use the System. This Privacy Policy sets out how we collect and process your personal data.

References in this Privacy Policy to “your employer” shall refer to the entity who has entered into the Employer Agreement with us. You will typically be an employee, officer, contractor, or consultant of a ZENITHR client.

Our status and responsibilities

Your employer is the data controller for the purposes of personal data processed under this Privacy Policy. ZENITHR will process your personal data on behalf of your employer and in accordance with its lawful instructions.

The information you provide to us and/or upload to the System (whether or not it constitutes personal data) will also be governed by the Employer Agreement.

Where ZENITHR acts as a data controller; for example, where you receive marketing communications from us, our other privacy policy will apply. For further information please see here.

For information on how to contact us, please see the “How to contact us” section below.

PERSONAL DATA WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We will collect and process the following personal data about you:

Information you give us. You may provide us with information about you:

  • When using the System’s functions, including by filling in forms, providing individual feedback, or completing surveys on or via the System. The extent of the information collected in surveys is set by your employer. This information may include your name, photo, age, company email address, company telephone number, job title, level of seniority, department, work start date, salary, and primary office location, as well as any views/comments you provide to us about you or your colleagues’ performance in your respective roles, or information regarding your employer, your colleagues or other third parties during the course of completing surveys or otherwise using the System;
  • If you contact or correspond with us (for example, using any support function we make available), we may keep a record of that correspondence (either directly or through our service providers).
  • Any comments, opinions, and/or feedback you provide to us regarding the System, for example, during any trial or beta period that you may participate in when providing eNPS scores or participating in research panels.

Information your employer gives us. Your employer may provide us with information about you:

  • When creating a user profile for you in order to enable you to access the System under the Employer Agreement (whether on a trial or full basis) or to allow us to send surveys, individual feedback requests, and similar communications to you. This information may include your name, age, company email address, company telephone number, job title, level of seniority, department, work start date, salary and primary office location;
  • Otherwise, in the course of your employer’s use of the System. Information we collect about you. Each time you complete a survey or otherwise use the System, we may automatically collect the following information:
  • When you use the System, we will keep a record of the details of that usage, including the date, time, location, frequency, and duration of the usage;
  • We may obtain further information about you from your employer, for example, to verify your eligibility to access and use the System;
  • Technical information about your computer or mobile device for system administration and analysis, including your IP address, URL clickstreams, unique device identifiers, operating system, and network and browser type;
  • Other information about your use of the System, including the pages you have viewed, the duration spent on the System, and data files you have uploaded to the System. This information may be linked to your user profile (where relevant).

Information we receive from other sources.

  • We work closely with third parties (including, for example, business partners, other companies within our group, subcontractors, and analytics providers) and may receive information about you from them.  Details of third-party providers are set out in the section below entitled “Who we share your information with.”

HOW WE USE YOUR PERSONAL DATA

Please note that we are permitted to collect, use, disclose, and/or otherwise process any information other than personal data, including data sets you upload to the System or otherwise provide to us, to the fullest extent permitted by the Employer Agreement.

Where we have collected, received, or generated personal data from or about you, we may use this for the purposes and on a legal basis as set out below.

Information you give to us. We will use this information to:

  • carry out our obligations arising from the Employer Agreement. This includes providing your employer with aggregated and anonymized reports and analysis summarising information provided during your use of the System, including in any Engagement Surveys, 360° Feedback Assessments, Employee Exit Surveys, aggregated with information from other employees and personnel, and (where relevant) comparing this data with past or future employee responses and/or industry benchmarks. Where applicable, this will also include providing you with individual feedback comments from your colleagues, as well as providing your personal feedback to your colleagues. All survey and/or individual feedback responses are entirely optional: individual questions (or the entire survey) may be skipped, and there is no requirement for any surveys to be completed;
  • contact you for your feedback on our services and to help us evaluate and improve our services, for example, by acting on any information you have provided to us;
  • notify you about changes to the System and any other services of ours that you use, including informing you about new versions of the System and about new features, functionality, and service offerings; or
  • deal with any inquiries, correspondence, concerns, or complaints you have raised or that have been raised by or concerning third parties (such as your employer) involving you and any issues caused by your use of the System.

Information we collect about you. We will use this information:

  • to administer and improve the System and other services, including ensuring that content is presented in the most effective manner for you and for your computer or device;
  • to report to your employer relating to the use of the System, as may be required under the Employer Agreement;
  • for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to allow you to participate in interactive features of the System when you choose to do so;
  • as part of our efforts to keep the System safe and secure or
  • compile reports (which do not personally identify you) on the usage of the System.

Information we receive from other sources.

  • We may combine information from other sources with the information you give to us, or we collect about you and use this information as specified above.

In relation to the above uses, we shall process your personal data on the legal basis determined by your employer or where it’s necessary for the purposes of our legitimate interests, including:

  • to enable us to perform our contractual obligations under the Employer Agreement;
  • to improve or optimize our services;
  • to maintain the security of our computer systems;
  • to understand how the System is used and to improve the user experience of the System;
  • to protect and defend our legal rights;
  • for troubleshooting, and
  • for data analysis, testing, and research purposes.

Please also note:

  • We will not undertake any surveys or analysis via the System by specific reference to any special categories of personal data (including racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, sex life or sexual orientation) unless this has been expressly requested or configured by your employer. Where this is the case, it is your employer’s responsibility to ensure they have obtained your explicit consent to such processing or that they have another lawful basis for such processing (please contact your employer if you have any questions).  However, you might, in the course of providing comments or feedback in a survey, provide personal data within one of the above categories where this has not been requested.
  • For Engagement Surveys, 360° Feedback Assessments, and Employee Exit Surveys, we will not reveal your identity to your employer other than in exceptional circumstances, as explained further below in the section entitled “Who we share your personal data with.”
  • Data collected from you and other employees or personnel may be used by us in an aggregated and anonymized form for statistical and benchmarking purposes, including enabling comparisons to other organizations within the same industry.

WHO WE SHARE YOUR PERSONAL DATA WITH

We may share your personal data with other companies in our group, where necessary or desirable, in the course of the provision of services to you or your employer.

We may also share your personal data with selected third parties in accordance with this policy, including:

  • sub-processors, service providers (for example, IT services), business partners, and/or suppliers for the performance of any contract that we enter into with your employer (such as the Employer Agreement), including the following:
  • Amazon Web Services, Inc. and Heroku, Inc., who provide cloud-hosted infrastructure and services used by us to operate the System as a hosted solution; and
  • Google LLC, Delighted, Inc., Intercom, Inc., Nexmo, Inc., Skilljar Inc., and Gainsight, Inc., who provide product tools and functionality used by us in the delivery of the System and associated services.
  • government or other law enforcement agencies in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information).

We require all our third-party service providers and all other companies within our group to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

We may also disclose your personal data to other third parties in the following circumstances:

  • if we sell or buy any business assets or receive investment into our business, we may disclose your personal data to the prospective or actual buyer, seller, or investee of such business or assets;
  • if ZENITHR ApS or substantially all of its assets are acquired by a third party, in which case personal data held by us, including your data and data about our customers, suppliers, and correspondents, will be one of the transferred assets;
  • we may disclose your personal data to our legal advisers if they need to have access to this information in order to advise us on our legal rights and obligations and
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, in order to enforce or apply our terms of use or other contracts between us and you or your employer, or to protect the rights, property or safety of us, our customers or others.

Engagement survey: responses and your employer

Please note that:

  • feedback and comments provided by you during Engagement Surveys, 360° Feedback Assessments, and Employee Exit Surveys are collated and conveyed to your employer in an aggregated or otherwise anonymized form.  As such, your anonymity is protected by default. Please also note that we merely report the feedback and comments and do not undertake any investigation or assessment into their veracity or legality;
  • The system may include an automated keyword flagging function using a list of keywords that your employer has pre-agreed on.  Any word in comments contained in an engagement survey that matches a keyword is automatically reported to your employer without revealing your identity. We do not, however, notify you when any keywords originating from you are reported to your employer. This keyword flagging function operates automatically, and we do not carry out any manual checks or otherwise monitor, supervise, or exercise any discretion over the transmission of keywords to your employer. We do not assume any responsibility to you in respect of the keyword flagging function, and we expressly disclaim, to the fullest extent permissible by law, any and all responsibility and liability in respect of (a) any failure or delay by us in reporting keywords, and (b) any acts or omissions of your employer as a consequence of or in connection with the reporting of such keywords.

Engagement survey: disclosing your identity to your employer

From time to time, we may receive a request from your employer to disclose your identity, or we may consider it appropriate to disclose your identity in the absence of such a request.  We will consider this in accordance with our internal policy on revealing anonymity.  Your identity will, in general, only be disclosed to your employer where it is necessary to do so for reasons of substantial public interest.  This is only likely to occur in exceptional circumstances.  For example, we may consider (based on your or others’ comments) that you or another person identified is experiencing or at risk of physical, mental, or emotional harm (including self-harm) and requires support and that there is a need to protect the well-being of you or another person, and furthermore that we cannot reasonably obtain your consent (for instance if you are away from your workplace and therefore not contactable for a period of time) or where seeking your consent would prejudice the purpose of the disclosure.  By way of further example, we may consider (based on your or others’ comments) that disclosure of your identity to your employer is necessary to prevent or detect an unlawful act (such as fraud or other criminal act) and that we cannot request your consent since this would prejudice the purpose of the disclosure.

Individual feedback responses

Please note that:

  • feedback and comments provided by you to your colleagues when giving individual feedback are not anonymous, and your identity will be visible to both your colleagues (to whom you have given individual feedback) and other applicable persons determined by your employer, e.g., your colleague’s line manager and/or any designated mentor(s);
  • scores provided by you to your colleagues when giving individual feedback are collated and conveyed to your colleagues (to whom you have given individual feedback) and your employer in an aggregated and otherwise anonymized form, i.e., your colleagues and/or your employer will not be able to see the score you gave to a specific colleague.

Except as explained above, we will not disclose your personal data to any third parties for any other purpose unless we have a legal right or obligation to do so.

INTERNATIONAL DATA TRANSFERS

A number of our service providers are based outside the European Economic Area (“EEA”), predominantly in the United States.  We may transfer your personal data to those services providers in the United States or other countries outside the EEA in order to provide our services via the System.

We have put in place appropriate measures to ensure that your personal data are treated by those third parties in a way that is consistent with and which respects the EU laws on data protection, including putting in place written contractual agreements to meet EU-approved data protection obligations.  If you require further information about these protective measures, please contact us at privacy@zenithr.com.

SECURITY

You will not ordinarily require a username or password to gain access to or complete a survey or otherwise provide us with information via the System. Where we have given you a username, password, and/or security information that enables you to access particular features of the System (for example, as an administrator or manager for your employer), you are responsible for keeping these access credentials confidential. You must not share these details with anyone or store them in a way that may allow a third party to access them. Please see the Terms of Use for more details on your employer’s obligations regarding not sharing your access credential with third parties and how doing so may affect your ability to use the System.

We maintain appropriate technical and organizational measures to ensure an appropriate level of security with respect to all personal data we process. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the System, and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features that are appropriate to the type of personal data you have provided to try to prevent unauthorized access or inadvertent disclosure, which may include two-factor authentication and end-to-end encryption.

CONSENT

Where consent is required for our use of your personal data, by ticking the appropriate consent box or otherwise communicating your consent to us (whether by phone, email, or other means), you consent to our use of that personal data as set out in this policy. If you disclose someone else’s personal data to us, you confirm that you have their consent to disclose this to us and that we can use and disclose it in accordance with this policy.

HOW LONG WE KEEP YOUR PERSONAL DATA FOR

We will retain your personal data for a period of five years, or three months after being removed from the System by your employer, or until six months after our relationship with your employer has ended (whichever is sooner). After this period, your personal data will be anonymized or deleted.

We will not store your personal data for longer than is reasonably necessary to use it in accordance with this Privacy Policy or with our legal rights and obligations. To avoid doubt, aggregated and anonymized data and any information other than personal data can be stored indefinitely.

YOUR RIGHTS

You have the below rights in regards to your personal data. Please contact your employer directly if you would like to exercise any of these rights (other than a change to your marketing preferences, which should be notified directly to us).

  • You have the right to access information about the personal data we hold about you. We reserve the right to charge a reasonable fee in response to unreasonable or repetitive requests or requests for further copies of the same information.
  • Right to object to processing. You have the right to object to the processing of your personal data where that processing is being undertaken by us on the basis of our (or a third party’s) legitimate interest.  In such a case, we are required to cease processing your data unless we can demonstrate compelling grounds which override your objection.  You also have the right to object at any time to the processing by us of your personal data for direct marketing purposes.
  • You have the right to request that we rectify any inaccurate personal data that we hold about you.
  • To the extent permitted by applicable data protection laws, you have the right to request that we erase any personal data that we hold about you based on one of a number of grounds, including the withdrawal of your consent (where our processing of that data is undertaken on the basis of your consent), or if your object to our continued processing (as mentioned above). This right does not extend to information which is not personal data. We also reserve the right to retain your personal data in an anonymized form for statistical and benchmarking purposes.
  • Request to restriction of processing. This enables you to ask us to restrict the processing of your personal data in certain circumstances, for example, if you want us to establish its accuracy or the reason for processing it.
  • You have the right to obtain copies of your personal data to enable you to reuse your personal data across different services and with different companies. You may also request that your personal data be transmitted directly to another organization, which is technically feasible, using our data processing systems.
  • Automated processing. Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects (“Automated Decision-Making”). Automated decision-making currently does not take place in our system or our services.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Please note that if you exercise any of the above rights to require us to restrict or cease processing or to delete personal data, and this type of processing is required in order to facilitate your use of the System, you will no longer be able to use the System following the date on which we action your request.  This does not include your right to object to direct marketing, which can be exercised at any time without restriction. Please allow at least five working days for your request to be actioned.

Save as set out above, your rights detailed above can be exercised free of charge in accordance with applicable data protection laws.

COOKIES

Our System uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you use the System and also allows us to improve the System. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our Privacy Policy will be posted on this page and where appropriate may be notified to you by email or advised to you on next log in to the System. Continued use of the System will signify that you agree to any such changes.

We are committed to resolving any privacy concerns you have. However, if you feel we have not addressed your specific concern, you have the right to make a complaint at any time to the relevant supervisory authority in your country responsible for data protection issues.

This ZENITHR privacy policy (“Privacy Policy”) is provided in a layered approach so that you can click through to specific areas set out below.

IMPORTANT INFORMATION

Purpose of this Privacy Policy

ZENITHR has agreed with your employer (“Employer Agreement”) to grant you access to the ZENITHR system (“System”) and/or to complete surveys or otherwise use the System. This Privacy Policy sets out how we collect and process your personal data.

References in this Privacy Policy to “your employer” shall refer to the entity who has entered into the Employer Agreement with us. You will typically be an employee, officer, contractor, or consultant of a ZENITHR client.

Our status and responsibilities

Your employer is the data controller for the purposes of personal data processed under this Privacy Policy. ZENITHR will process your personal data on behalf of your employer and in accordance with its lawful instructions.

The information you provide to us and/or upload to the System (whether or not it constitutes personal data) will also be governed by the Employer Agreement.

Where ZENITHR acts as a data controller; for example, where you receive marketing communications from us, our other privacy policy will apply. For further information please see here.

For information on how to contact us, please see the “How to contact us” section below.

PERSONAL DATA WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We will collect and process the following personal data about you:


Information you give us. You may provide us with information about you:

  • When using the System’s functions, including by filling in forms, providing individual feedback, or completing surveys on or via the System. The extent of the information collected in surveys is set by your employer. This information may include your name, photo, age, company email address, company telephone number, job title, level of seniority, department, work start date, salary, and primary office location, as well as any views/comments you provide to us about you or your colleagues’ performance in your respective roles, or information regarding your employer, your colleagues or other third parties during the course of completing surveys or otherwise using the System;
  • If you contact or correspond with us (for example, using any support function we make available), we may keep a record of that correspondence (either directly or through our service providers).
  • Any comments, opinions, and/or feedback you provide to us regarding the System, for example, during any trial or beta period that you may participate in when providing eNPS scores or participating in research panels.

Information your employer gives us. Your employer may provide us with information about you:

  • When creating a user profile for you in order to enable you to access the System under the Employer Agreement (whether on a trial or full basis) or to allow us to send surveys, individual feedback requests, and similar communications to you. This information may include your name, age, company email address, company telephone number, job title, level of seniority, department, work start date, salary and primary office location;
  • Otherwise, in the course of your employer’s use of the System. Information we collect about you. Each time you complete a survey or otherwise use the System, we may automatically collect the following information:
  • When you use the System, we will keep a record of the details of that usage, including the date, time, location, frequency, and duration of the usage;
  • We may obtain further information about you from your employer, for example, to verify your eligibility to access and use the System;
  • Technical information about your computer or mobile device for system administration and analysis, including your IP address, URL clickstreams, unique device identifiers, operating system, and network and browser type;
  • Other information about your use of the System, including the pages you have viewed, the duration spent on the System, and data files you have uploaded to the System. This information may be linked to your user profile (where relevant).

Information we receive from other sources.

  • We work closely with third parties (including, for example, business partners, other companies within our group, subcontractors, and analytics providers) and may receive information about you from them.  Details of third-party providers are set out in the section below entitled “Who we share your information with.”

HOW WE USE YOUR PERSONAL DATA

Please note that we are permitted to collect, use, disclose, and/or otherwise process any information other than personal data, including data sets you upload to the System or otherwise provide to us, to the fullest extent permitted by the Employer Agreement.

Where we have collected, received, or generated personal data from or about you, we may use this for the purposes and on a legal basis as set out below.

Information you give to us. We will use this information to:

  • carry out our obligations arising from the Employer Agreement. This includes providing your employer with aggregated and anonymized reports and analysis summarising information provided during your use of the System, including in any Engagement Surveys, 360° Feedback Assessments, Employee Exit Surveys, aggregated with information from other employees and personnel, and (where relevant) comparing this data with past or future employee responses and/or industry benchmarks. Where applicable, this will also include providing you with individual feedback comments from your colleagues, as well as providing your personal feedback to your colleagues. All survey and/or individual feedback responses are entirely optional: individual questions (or the entire survey) may be skipped, and there is no requirement for any surveys to be completed;
  • contact you for your feedback on our services and to help us evaluate and improve our services, for example, by acting on any information you have provided to us;
  • notify you about changes to the System and any other services of ours that you use, including informing you about new versions of the System and about new features, functionality, and service offerings; or
  • deal with any inquiries, correspondence, concerns, or complaints you have raised or that have been raised by or concerning third parties (such as your employer) involving you and any issues caused by your use of the System.

Information we collect about you. We will use this information:

  • to administer and improve the System and other services, including ensuring that content is presented in the most effective manner for you and for your computer or device;
  • to report to your employer relating to the use of the System, as may be required under the Employer Agreement;
  • for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to allow you to participate in interactive features of the System when you choose to do so;
  • as part of our efforts to keep the System safe and secure or
  • compile reports (which do not personally identify you) on the usage of the System.

Information we receive from other sources.

  • We may combine information from other sources with the information you give to us, or we collect about you and use this information as specified above.

In relation to the above uses, we shall process your personal data on the legal basis determined by your employer or where it’s necessary for the purposes of our legitimate interests, including:

  • to enable us to perform our contractual obligations under the Employer Agreement;
  • to improve or optimize our services;
  • to maintain the security of our computer systems;
  • to understand how the System is used and to improve the user experience of the System;
  • to protect and defend our legal rights;
  • for troubleshooting, and
  • for data analysis, testing, and research purposes.

Please also note:

  • We will not undertake any surveys or analysis via the System by specific reference to any special categories of personal data (including racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, sex life or sexual orientation) unless this has been expressly requested or configured by your employer. Where this is the case, it is your employer’s responsibility to ensure they have obtained your explicit consent to such processing or that they have another lawful basis for such processing (please contact your employer if you have any questions).  However, you might, in the course of providing comments or feedback in a survey, provide personal data within one of the above categories where this has not been requested.
  • For Engagement Surveys, 360° Feedback Assessments, and Employee Exit Surveys, we will not reveal your identity to your employer other than in exceptional circumstances, as explained further below in the section entitled “Who we share your personal data with.”
  • Data collected from you and other employees or personnel may be used by us in an aggregated and anonymized form for statistical and benchmarking purposes, including enabling comparisons to other organizations within the same industry.

WHO WE SHARE YOUR PERSONAL DATA WITH

We may share your personal data with other companies in our group, where necessary or desirable, in the course of the provision of services to you or your employer.

We may also share your personal data with selected third parties in accordance with this policy, including:

  • sub-processors, service providers (for example, IT services), business partners, and/or suppliers for the performance of any contract that we enter into with your employer (such as the Employer Agreement), including the following:
  • Amazon Web Services, Inc. and Heroku, Inc., who provide cloud-hosted infrastructure and services used by us to operate the System as a hosted solution; and
  • Google LLC, Delighted, Inc., Intercom, Inc., Nexmo, Inc., Skilljar Inc., and Gainsight, Inc., who provide product tools and functionality used by us in the delivery of the System and associated services.
  • government or other law enforcement agencies in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information).

We require all our third-party service providers and all other companies within our group to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

We may also disclose your personal data to other third parties in the following circumstances:

  • if we sell or buy any business assets or receive investment into our business, we may disclose your personal data to the prospective or actual buyer, seller, or investee of such business or assets;
  • if ZENITHR ApS or substantially all of its assets are acquired by a third party, in which case personal data held by us, including your data and data about our customers, suppliers, and correspondents, will be one of the transferred assets;
  • we may disclose your personal data to our legal advisers if they need to have access to this information in order to advise us on our legal rights and obligations and
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, in order to enforce or apply our terms of use or other contracts between us and you or your employer, or to protect the rights, property or safety of us, our customers or others.

Engagement survey: responses and your employer

Please note that:

  • feedback and comments provided by you during Engagement Surveys, 360° Feedback Assessments, and Employee Exit Surveys are collated and conveyed to your employer in an aggregated or otherwise anonymized form.  As such, your anonymity is protected by default. Please also note that we merely report the feedback and comments and do not undertake any investigation or assessment into their veracity or legality;
  • The system may include an automated keyword flagging function using a list of keywords that your employer has pre-agreed on.  Any word in comments contained in an engagement survey that matches a keyword is automatically reported to your employer without revealing your identity. We do not, however, notify you when any keywords originating from you are reported to your employer. This keyword flagging function operates automatically, and we do not carry out any manual checks or otherwise monitor, supervise, or exercise any discretion over the transmission of keywords to your employer. We do not assume any responsibility to you in respect of the keyword flagging function, and we expressly disclaim, to the fullest extent permissible by law, any and all responsibility and liability in respect of (a) any failure or delay by us in reporting keywords, and (b) any acts or omissions of your employer as a consequence of or in connection with the reporting of such keywords.

Engagement survey: disclosing your identity to your employer

From time to time, we may receive a request from your employer to disclose your identity, or we may consider it appropriate to disclose your identity in the absence of such a request.  We will consider this in accordance with our internal policy on revealing anonymity.  Your identity will, in general, only be disclosed to your employer where it is necessary to do so for reasons of substantial public interest.  This is only likely to occur in exceptional circumstances.  For example, we may consider (based on your or others’ comments) that you or another person identified is experiencing or at risk of physical, mental, or emotional harm (including self-harm) and requires support and that there is a need to protect the well-being of you or another person, and furthermore that we cannot reasonably obtain your consent (for instance if you are away from your workplace and therefore not contactable for a period of time) or where seeking your consent would prejudice the purpose of the disclosure.  By way of further example, we may consider (based on your or others’ comments) that disclosure of your identity to your employer is necessary to prevent or detect an unlawful act (such as fraud or other criminal act) and that we cannot request your consent since this would prejudice the purpose of the disclosure.

Individual feedback responses

Please note that:

  • feedback and comments provided by you to your colleagues when giving individual feedback are not anonymous, and your identity will be visible to both your colleagues (to whom you have given individual feedback) and other applicable persons determined by your employer, e.g., your colleague’s line manager and/or any designated mentor(s);
  • scores provided by you to your colleagues when giving individual feedback are collated and conveyed to your colleagues (to whom you have given individual feedback) and your employer in an aggregated and otherwise anonymized form, i.e., your colleagues and/or your employer will not be able to see the score you gave to a specific colleague.

Except as explained above, we will not disclose your personal data to any third parties for any other purpose unless we have a legal right or obligation to do so.

INTERNATIONAL DATA TRANSFERS

A number of our service providers are based outside the European Economic Area (“EEA”), predominantly in the United States.  We may transfer your personal data to those services providers in the United States or other countries outside the EEA in order to provide our services via the System.

We have put in place appropriate measures to ensure that your personal data are treated by those third parties in a way that is consistent with and which respects the EU laws on data protection, including putting in place written contractual agreements to meet EU-approved data protection obligations.  If you require further information about these protective measures, please contact us at privacy@zenithr.com.

SECURITY

You will not ordinarily require a username or password to gain access to or complete a survey or otherwise provide us with information via the System. Where we have given you a username, password, and/or security information that enables you to access particular features of the System (for example, as an administrator or manager for your employer), you are responsible for keeping these access credentials confidential. You must not share these details with anyone or store them in a way that may allow a third party to access them. Please see the Terms of Use for more details on your employer’s obligations regarding not sharing your access credential with third parties and how doing so may affect your ability to use the System.

We maintain appropriate technical and organizational measures to ensure an appropriate level of security with respect to all personal data we process. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the System, and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features that are appropriate to the type of personal data you have provided to try to prevent unauthorized access or inadvertent disclosure, which may include two-factor authentication and end-to-end encryption.

CONSENT

Where consent is required for our use of your personal data, by ticking the appropriate consent box or otherwise communicating your consent to us (whether by phone, email, or other means), you consent to our use of that personal data as set out in this policy. If you disclose someone else’s personal data to us, you confirm that you have their consent to disclose this to us and that we can use and disclose it in accordance with this policy.

HOW LONG WE KEEP YOUR PERSONAL DATA FOR

We will retain your personal data for a period of five years, or three months after being removed from the System by your employer, or until six months after our relationship with your employer has ended (whichever is sooner). After this period, your personal data will be anonymized or deleted.

We will not store your personal data for longer than is reasonably necessary to use it in accordance with this Privacy Policy or with our legal rights and obligations. To avoid doubt, aggregated and anonymized data and any information other than personal data can be stored indefinitely.

YOUR RIGHTS

You have the below rights in regards to your personal data. Please contact your employer directly if you would like to exercise any of these rights (other than a change to your marketing preferences, which should be notified directly to us).

  • You have the right to access information about the personal data we hold about you. We reserve the right to charge a reasonable fee in response to unreasonable or repetitive requests or requests for further copies of the same information.
  • Right to object to processing. You have the right to object to the processing of your personal data where that processing is being undertaken by us on the basis of our (or a third party’s) legitimate interest.  In such a case, we are required to cease processing your data unless we can demonstrate compelling grounds which override your objection.  You also have the right to object at any time to the processing by us of your personal data for direct marketing purposes.
  • You have the right to request that we rectify any inaccurate personal data that we hold about you.
  • To the extent permitted by applicable data protection laws, you have the right to request that we erase any personal data that we hold about you based on one of a number of grounds, including the withdrawal of your consent (where our processing of that data is undertaken on the basis of your consent), or if your object to our continued processing (as mentioned above). This right does not extend to information which is not personal data. We also reserve the right to retain your personal data in an anonymized form for statistical and benchmarking purposes.
  • Request to restriction of processing. This enables you to ask us to restrict the processing of your personal data in certain circumstances, for example, if you want us to establish its accuracy or the reason for processing it.
  • You have the right to obtain copies of your personal data to enable you to reuse your personal data across different services and with different companies. You may also request that your personal data be transmitted directly to another organization, which is technically feasible, using our data processing systems.
  • Automated processing. Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects (“Automated Decision-Making”). Automated decision-making currently does not take place in our system or our services.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Please note that if you exercise any of the above rights to require us to restrict or cease processing or to delete personal data, and this type of processing is required in order to facilitate your use of the System, you will no longer be able to use the System following the date on which we action your request.  This does not include your right to object to direct marketing, which can be exercised at any time without restriction. Please allow at least five working days for your request to be actioned.

Save as set out above, your rights detailed above can be exercised free of charge in accordance with applicable data protection laws.

COOKIES

Our System uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you use the System and also allows us to improve the System. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our Privacy Policy will be posted on this page and where appropriate may be notified to you by email or advised to you on next log in to the System. Continued use of the System will signify that you agree to any such changes.

We are committed to resolving any privacy concerns you have. However, if you feel we have not addressed your specific concern, you have the right to make a complaint at any time to the relevant supervisory authority in your country responsible for data protection issues.

Talk to us

Take your first step with Zenithr today!

Contact Us
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept