The dialogues are stored as long as the organizational initiative is ongoing. The PII is stored in encrypted form, the encryption keys are protected and stored separately. 90 days after the end of the organizational initiative, all encryption keys, the name of the customer and the name of the organizational initiative are destroyed, and the dialog data are transferred to a separate platform for research and improvement of the products and services of Sentensor BV. This research platform thus only contains data that cannot be traced back to organizations or natural persons.
To safeguard our client’s Privacy, Sentensor hosts its applications and data within Amazon’s certified datacenters in the EU. These datacenters comply to
- ISO 27001 • SOC 1 and SOC 2 / SSAE 16 / ISAE 3402 • PCI level 1 • FISMA Average • Sarbanes-Oxley (SOX).
Question: Do we record content?
Answer: Yes, the Sentensor Platform stores the digital dialogues it conducts with the participants and processes them into (anonymous) Persona’s and action-oriented agendas. The name and identity of the participants are not present in the dialogues, there is only an encrypted, anonymous, 256-bit integer that identifies each participant.
Question: Can we tell companies which employees are high achievers or low achievers?
Answer: No, we do not provide individual-level data to your employer or any other company. The only place where your individual information will be available is on your own personal dashboard which will accessible solely by you. Managers are only able to view aggregated and anonymized team data.
Question: How well is the data secured?
Answer: the e-mail addresses of the participants are encrypted (AES256), then provided with a digital signature (MAC) and stored separately from the digital dialogues. The encryption keys are stored separately from the other data in a separately secured environment. We remove the encrypted e-mail addresses and the keys 90 days after completion of the project.
Question: What can I find on my individual Sentensor dashboard?
Answer: Depending on the activated product options, participants gain insight into their own Persona, in addition to important points for attention for their contribution to the team dialogue. The data of an individual is only available on their own dashboard, which is also only accessible to that person. Sentensor never gives access to your individual data to anyone other than yourself.
Question: Is Sentensor GDPR compliant?
Answer: Yes, we comply with GDPR Privacy Standards. The Sentensor platform is deployed in Europe and we comply with all EU data protection requirements. The data processed by Sentensor is fully anonymized and aggregated, per employer standards and compliance.
Question: Where is data stored?
Answer: Data is stored on Amazon Web Services Servers within the EU.
SENTENSOR PRIVACY STATEMENT
When you use our website or perform actions there, or when you communicate with us, contact us in any other way, or use our products or services, we may collect, use, share and process information that can be traced back to you (“Personal Data”). Below is a summary of how we process your Personal Data and your rights in this context.
We process your Personal Data for the purpose of our legitimate interests. These are described in detail in this Privacy Statement. We impose clear limits for the use of this information to ensure that your privacy is respected and the information is only used to realise these legitimate purposes.
- Information that we collect about you.
- Contact details (such as an email address).
You may send us contact details when you use our services, via a form on our website, or during a conversation with a sales representative or our customer support team.
- Information about use.
We collect information about your use whenever there is interaction between you and our websites and services. Examples are the websites that you visit, what you click on, when you perform these activities, your language preferences, what you buy, etc.
- Details about devices and browsers.
We collect information about the device and the application that you use to access our services.
- Information from page labels.
As with most websites, our web servers keep log files in which each access of a device to these servers is recorded. These log files contain information about the nature of the access, including IP addresses of origin, internet providers, files presented on our site (such as HTML pages, illustrations, etc.), operating system versions and time stamps.
- Information about referrals.
If you are referred to a Sentensor website by an external location (such as a link on another website or in an email message), we register information about the source that referred you to us.
- Information from third parties and integration partners.
We collect your personal information from third parties if, for example, you have given those third parties permission to share your information with us or if you have posted that information online.
- Invoicing details
We process invoicing details to complete transactions with you when you purchase our products or services;
- Purposes for which we process Personal Data
We collect and process Personal Data with your permission or:
- to comply with our contractual obligation to provide the services to you:
- for the purpose of SENTENSOR’s legitimate interests, viz:
- to improve service provision; and
- to develop new products and functionalities for the services.
- to give you information about our products, manage your registration for and presence at our events and webinars or for office visits, and offer you customer support or communicate with you in another manner;
- to improve our websites and personalise them for you and to guarantee the security and continued functioning of our websites;
- to show you personalised advertisements and send you marketing news about us, our products and our services; and
- to meet our legal obligations pursuant to applicable legislation and cooperate with authorities.
We only collect and process your Personal Data in so far as necessary for these purposes and in so far as there is a legal ground for processing. If necessary, we will ask your prior consent for processing.
SENTENSOR BV is the controller of your Personal Data.
- With whom do we share Personal Data?
We can share the Personal Data with various parties, including:
- Service providers contracted by us (including subsidiaries) who process Personal Data on our behalf for IT, systems administration and hosting, credit card payments, research and analysis, marketing, customer service and data enrichment;
- Public authorities, to the extent that we are obliged by law to provide Personal Data to meet our statutory obligations;
- Your rights with respect to your Personal Data
You have certain rights in respect of your Personal Data. These rights include:
- The right to access Personal Data that we keep about you (right of access);
- The right to rectify incorrect Personal Data and, with due regard for the purposes of processing of Personal Data, to ensure that these are complete (right of rectification);
- The right to delete/remove your Personal Data, in so far as permitted pursuant to applicable data protection legislation (right of deletion; right of erasure);
- The right to restrict our processing of your Personal Data in so far as permitted under law (right of restriction of processing);
- The right to transfer your Personal Data to another controller, in so far as possible (right to data portability);
- The right to object to any form of processing of your Personal Data performed on the basis of our legitimate interests (right of objection).
- The right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects (‘Automated Decision-Making’); there is currently no Automated Decision-Making on our website; and
- In so far as we collect, process and share your Personal Data on the basis of your consent, you have the right to withdraw your consent at any time without this affecting the lawfulness of processing based on consent before its withdrawal.
If you want to exercise your rights with respect to your Personal Data or if you have any questions about our privacy practices, you can send an email to firstname.lastname@example.org. If you are of the opinion that we have not been able to help you with your complaint or question and if you live in the EEA, you are entitled to lodge a complaint with the competent supervisory authority.