Privacy Policy

 
InsideOut Summary Privacy Policy, effective as of 5/25/2018

InsideOut Development, LLC, is referred to in this Privacy Policy as “InsideOut,” or by first person pronouns such as “we,” “us,” “our” etc.  This Privacy Policy explains how and why we collect personal data, and how we process and protect it.  In this policy, we refer to certain defined terms whose definitions may be viewed at the end of this document.

You may skip directly to specific information you are seeking by clicking the following links:

Contact Information

 
You may contact InsideOut at:

InsideOut Development, LLC

10542 South Jordan Gateway, Suite 300

South Jordan, UT 84095

Phone: 1.888.262.2448

Fax: 1.801.253.4135

Privacy Resources

 
We provide the following resources regarding our approach to privacy:

  • This Privacy Policy, which addresses the topics listed in the links provided above.
  • Our Summary Privacy Statement is made available on our websites and other locations wherever we collect personal data via forms or other methods.  The Summary Privacy Statement provides links to this Privacy Policy for those seeking more detailed information.
  • Our Cookies Statement explains how we use cookies and how you can manage cookies.
  • Our Marketing Preferences page enables you to opt-out of marketing communications.

Personal Data We Collect

 
We collect and process personal data relating to our employees and candidates for employment, employees of our customers and suppliers, persons who participate in courses, classes, programs, and marketing events, persons who request information from us and other business contacts.  Following are type of personal data we commonly collect from various categories of individuals and the purposes for which it is used:

Business contacts, including customers and suppliers

  • Contact data, including full name, honorific title, job title, business address, business email address and business telephone number.
  • Account data, including username, password and preferences.
  • Transaction data, including bank account, payment card information, invoice information and payment information.
  • Technical data, including internet protocol (IP) address, browser type and version.
  • Analytics data regarding your use of our websites and services.
  • Marketing and communications preferences

We may collect and processes the foregoing data:

  • In anticipation of, and during the term of, a contractual relationship we enter into with you.
  • When you enter information in websites forms or provide information by other means to request products or services, to create accounts and to communicate with us about other matters.
  • When you place orders with us via our websites or by other means.

The foregoing data is used to procure or provide products and services, to manage contractual relationships, to administer accounts, and to provide information about our products, services, and other information that we think may be of interest to you.  Some of the foregoing information may be stored in cookies, as described in our Cookie Statement.

Our lawful bases for collecting and processing the foregoing information are, as applicable:

  • To facilitate our legitimate interests in obtaining products and services, providing our products and services, communicating information regarding our products and services and conducting other activities necessary or convenient to the management of our business.
  • To perform contracts to which you and we are parties.

Facilitator and coaching community members

  • Contact data, including full name, honorific title, job title, business address, business email address and business telephone number.
  • Account data, including username, password and preferences.
  • Technical data, including internet protocol (IP) address, browser type and version.
  • Analytics data regarding your use of our websites and services.
  • Marketing and communications preferences

We may collect and processes the foregoing data:

  • In anticipation of, and during the term of, a contractual relationship we enter into with you.
  • When you enter information in websites forms or provide information by other means to request products or services, to create accounts and to communicate with us about other matters.

The foregoing data is used to provide facilitators and coaches with access to resources in dedicated sections of our websites and to also provide information about our products, services, and other information that we think may be of interest.  Some of the foregoing information may be stored in cookies, as described in our Cookie Statement.

Our lawful bases for collecting and processing the foregoing information are, as applicable:

  • To facilitate our legitimate interests in providing access to services you may request, administering associated accounts, communicating information regarding our products and services and conducting other activities necessary or convenient to the management of our business.
  • To perform contracts to which you and we are parties.

Snapshot participants (To learn more about snapshots, you may click here.)

  • Contact data, including full name, honorific title, job title, address, email address and telephone number.
  • Questionnaire responses, resulting scores and reports.
  • Technical data, including internet protocol (IP) address, browser type and version.
  • Analytics data regarding your use of our websites and services.
  • Marketing and communications preferences

We may collect and processes the foregoing data:

  • In anticipation of, and during the term of, a contractual relationship we enter into with you.
  • When you enter information in websites forms or provide information by other means to request participation as a snapshot subject or agree to participation as a colleague of a snapshot subject.

Most of the foregoing information is collected only if you choose to provide it in order to participate as either the subject of a snapshot or as a colleague of the subject.  However, some technical data may be collected and stored in cookies, as described in our Cookie Statement.

Our lawful bases for collecting and processing the foregoing information are:

  • to facilitate our legitimate interests in providing snapshot subjects with requested snapshot scores and reports, communicating information regarding snapshots, administering and delivering snapshot surveys and reports, providing information about our products and services to snapshot subjects and their colleagues and conducting other activities necessary or convenient to the management of our business.
  • To perform contracts to which you and we are parties.

Persons requesting information and ordinary website visitors

  • Contact data, including full name, honorific title, job title, address, email address and telephone number.
  • Technical data, including internet protocol (IP) address, browser type and version.
  • Analytics data regarding your use of our websites and services.
  • Marketing and communications preferences

We may collect and processes the foregoing data:

  • When you enter information in websites forms or provide information by other means to request information about products or services and to communicate with us about other matters.

Most of the foregoing information is collected only if you choose to provide it in order to request information or to communicate with us.  However, some technical data may be collected and stored in cookies, as described in our Cookie Statement.

Our lawful basis for collecting and processing the foregoing information is to facilitate our legitimate interests in communicating information regarding our products and services and conducting other activities necessary or convenient to the management of our business.

Current employees, past employees and employee candidates

Information about personal data collected about current employees, past employees and employee candidates is available in our current employee manual which may be requested from Julie Morrow.

Data received from third parties

We may receive personal data about you from third parties or publicly available sources including:

  • analytics providers
  • event organizers
  • list providers

Such data may include:

  • Contact data, including full name, honorific title, job title, address, email address and telephone number.
  • Analytics data regarding your use of our websites and services.
  • Marketing and communications preferences

Our lawful bases for collecting and processing the foregoing information include one of the following:

  • To facilitate our legitimate interests in communicating information regarding our products and services and conducting other activities necessary or convenient to the management of our business.
  • Your consent given in accordance with applicable data protection laws.

We do not collect or process data regarding race or ethnicity, religious beliefs, sex life or sexual orientation, trade union membership, health, genetic or biometric data.

Aggregated data

We use aggregated data to facilitate our research and product development.  Such data is anonymized so that you cannot be identified with the data.

Who Will Have Access to Personal Data?

 
Personal data that you provide to us will be accessible by our employees who require access in order to perform the tasks described in Personal Data We Collect section above.

We may transfer your personal data to third parties for processing or sub-processing purposes. We may also transfer your personal data with controllers.

Third party processors to whom we may transfer your personal data are authorized to process personal data only as necessary to perform and provide the particular services for which they were engaged and only in accordance with this Privacy Policy.  Examples of services which may give contractors or service providers access to personal data include:

  • Hosting our websites.
  • Hosting our email server.
  • Processing your payments.
  • Maintaining, enhancing, or adding to the functionality of our websites.
  • Processing and fulfilling orders.
  • Collecting web analytics data.
  • Enabling us to send you email or performing other administrative services.

Third party controllers to whom we may transfer your personal data include facilitators who perform training and snapshot facilitation and administration and/or their employers.

We enter into data processing agreements with processors and controllers, as applicable, which require that your personal data be processed in compliance with all applicable laws and regulations.

If you participate in snapshots, either as the snapshot subject or as colleagues of the subject, your contact data, snapshot responses and snaphot report information, as applicable, will be shared with the subject and all colleagues in order to facilitate the snapshot.  To learn more about snapshots, you make click here.

We may also share personal data as required by law and with the successor in interest to all or a portion of our business or assets; provided that should such a transfer occur, we will require such successor to agree in writing to use, protect, and maintain the security, integrity, and confidentiality of the transferred personal data in accordance with this Privacy Policy.  We may share anonymized data (which cannot be identified with you or any other data subject) with parties other than those described in this section.

International Transfers of Personal Data

 
This is where Privacy Shield should be considered.

Data Security

 
Taking into account the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including as appropriate:

  • The pseudonymization and encryption of personal data.
  • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
  • A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

In assessing the appropriate level of security we take account in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.

We take steps to ensure that any person acting under our authority who has access to personal data does not process them except on instructions from us.

Criteria and Time Period for Retaining Personal Data

 
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected the data, including for the purposes of satisfying any legal, accounting or reporting requirements.  In some cases, this means that we will retain your personal data indefinitely.  You may request that we delete your data as described in the following section.

Certain Rights Available to You

 
You have the right to request the following from us:

  • access to, and rectification or erasure of, your personal data;
  • restrictions on the processing of your data, and
  • copies of your personal data held by us for the purpose of transferring it to yourself or another party specified by you.

You may direct such requests as described in the Contact Information section above.

In cases where you have given us your consent to collect and use your personal data, you have the right to withdraw that consent at any time (without affecting the lawfulness of processing based on your consent before its withdrawal).

You have the right to lodge a complaint with any applicable supervisory authority.

You are not required to provide us with any personal data we may request.  However, if the requested information is necessary for us to provide any product, service or information requested by you, we will be unable to fulfill your request.

Defined Terms

 
“Controller” means a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Personal data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of a controller.
 

Loading ...