This policy explains how we use personal and financial information collected through the use of the PRISM System by Data Subjects, PRISM Distributors and PRISM Practitioners and their authorised representatives. Our information handling practices are continually reviewed to ensure they are compliant.
PRISM Brain Mapping and our associated companies/entities are committed to complying with the laws intended to protect your right of privacy.
- PERSONAL INFORMATION
2.1 When you use the PRISM site ("The Site") you may be required to provide certain details about yourself. This personal data may be recorded on our internal systems for the reasons set out in paragraphs 2.3 and 2.4 below. PRISM Brain Mapping and PRISM Brain Mapping UK LLP, as the Data Processor, fully acknowledges and accepts the importance of such information and confirms that such data will be used responsibly and in accordance with your rights and the Data Processor’s responsibilities under the Data Protection Act 2018 and General Data Protection Regulation (GDPR).
2.2 The Data Processor is committed to promoting confidence in the manner in which personal information is handled. In this regard, the Data Processor will act ethically and as evidence of this commitment, it will comply with the privacy and data protection requirements of the United Kingdom as set out by the Data Protection Act 2018 and General Data Protection Regulation (GDPR).
(i)to provide you with Materials and Services.
(ii) for customer administration.
(iii) for mailing information to you about our other Materials and Services in which you may be interested, and, where relevant, information on organisations outside the PRISM Brain Mapping who are authorised to offer the Materials and Services.
(iv) to provide, on request, personalised computer-generated reports and related services - to personalise the service provided to you.
(v)to seek your views on products and services.
(vi) for the technical administration of the Site.
2.4 What information do we collect from you, and why?
(i)If you expressly consent to receive marketing communications from PRISM, we will collect and store your forename, surname, company, company address, telephone number, email address so that we can send you information about PRISM news, products, services which may be of interest to you.
(ii) If you are a supplier or client of PRISM Brain Mapping, we will collect and store your name, company details, telephone number, email address and financial data in order to fulfil any contractual obligations with regard to the supply or delivery of services.
(iii) If you are completing a PRISM questionnaire, we will collect and store:
- Your forename and surname – in order to print your names on the report
- Organisation’s name – to assist with file organisation and compilation of some PRISM reports
- Your email address – to send the questionnaire, to send reminders or other information that is critical to why you have been asked to complete a questionnaire, and to send a copy of the report, if applicable
- Your responses to the PRISM questionnaire – these are held in a raw, unprocessed numerical/text format only. No compiled reports are stored by the PRISM system
- Gender – your gender will be stored only to enable scripting of PRISM reports. (This is only relevant where a language employs gender-based grammatical differences.)
PRISM acts in two different capacities – as a Data Controller when processing customer data, and as a Data processor in relation to processing of Data Subjects’ data for the purposes of compiling reports on behalf of our direct clients.
2.5 Who might we share information with?
Your data may be accessed by PRISM Brain Mapping UK employees and by your PRISM Distributor and PRISM Practitioner. Your PRISM Practitioner is identified in the email containing the link to the PRISM questionnaire. As part of our research, PRISM Brain Mapping UK may also share collated, anonymised data publicly for the purposes of validation. If you’re completing a questionnaire about someone else and that person asks to view their data, your privacy will be protected.
2.6 What do we do with your information?
We use your responses to the PRISM questionnaire to calculate and compile your PRISM report and/or Team Maps. Your gender is used only to script reports in languages that have grammatical gender requirements and not in the calculation process. Your data will be held in our secure database and can be accessed by a PRISM Practitioner both as a reference and to produce further reports. PRISM is not responsible for the use of the data by our PRISM Practitioners.
2.7 Our legal basis for processing data
When you provide us with your details for the purposes of obtaining further information or future marketing, you are asked expressly to consent to us processing and storing your personal data in line with this policy. You have the right to withdraw your consent at any time in accordance with this policy.
When you provide us with your details as a supplier or client, this information is processed and stored on the basis of contractual fulfilment with regards to the supply or delivery of services.
When you provide us with your details as part of the completion of a PRISM questionnaire, this information is processed and stored on the basis of your consent. You may request that your data be deleted.
Please see our Data Deletion Policy https://pbma.com.au/data-deletion-policy/ for more information about removing your data from our servers. If this policy is updated, we will post those changes on our website.
If you have questions about this privacy statement, the practices or your dealings with PRISM websites, then please email Tiffany@pbma.com.au
2.8 How long do we keep hold of your information?
There is currently no limit to how long data may be held. It is up to the PRISM Practitioner, as Data Controller, to ensure that data is not held longer than necessary for the purposes for which it is intended. You can request that your data be anonymised or deleted from PRISM’s database at any time.
Please see our Data Deletion Policy for more information https://pbma.com.au/data-deletion-policy/
PRISM Brain Mapping is not responsible for copies of reports downloaded by your PRISM Practitioner or others permitted access to your data by a PRISM Practitioner.
2.9 How can you access the information held about you?
If you purchased your own report, you can request a copy of this to be sent to you by email at any time. If your organisation purchased the report on your behalf, your PRISM Practitioner will usually provide the report for a particular purpose eg coaching, a course or event. In the first instance ask your organisation to contact the PRISM Practitioner. If they do not respond, please refer to our Subject Access Request policy for more information. https://prismbrainmapping.com.au/subject-access-request/
2.10 The Site has security measures in place to protect the loss, misuse and alteration of the information under its control. All pages that contain customer information are password protected.
2.11 All Data Processors, Data Controllers (Certified PRISM Practitioners, Master Practitioners), who have access to and are associated with the processing of personal data, are required to respect the confidentiality of your personal data.
2.12 If you are required to provide certain personal information for the purposes of operating the system, the Data Processor will not rent, sell or exchange such information to third parties except to your employers or potential employers, where you consent, where you would reasonably expect the information to be disclosed or where the Data Processor is legally required to disclose such information.
2.13 Like most website providers, the Data Processor may analyse server log files to collect statistical information about how the Site is used. This type of information is collected only at an aggregate level and includes browser types, Internet service providers, referring / exit pages, platform types, date/time stamps and other broad demographic data. Such data is not linked to personally identifiable information.
2.14 The website does not store details of financial transactions between you and the Operator.
3.2 Cookies work by assigning a number to your computer that has a specific meaning to the assigning website. Cookies, by themselves, cannot be used to find out the identity of any visitor. Unless you choose to provide us with information about you, we will never know who you are, even though our computer has previously deposited a cookie on your computer's hard drive. In addition, you may modify your Internet browser's settings to notify you whenever any website is going to deposit a cookie on your computer's hard drive. This notification option generally gives you the opportunity to decide whether to accept or refuse a cookie before it is deposited. There may be some features on our Website, however, that require a cookie to operate correctly. For example, to become a registered user of our Website, you must allow us to deposit a cookie on your computer's hard drive.
3.3 We do not sell or rent personal information about our on-line customers to any third parties. We will not rent or sell non-public personal information we collect from users except (1) as required by law or (2) with the express authorization or consent of the user.
- WHEN MIGHT INFORMATION BE DISCLOSED?
4.1 We may disclose non-public personal information to unrelated parties in special cases when we have reason to believe that that disclosure is necessary to identify, contact, or bring legal action against a person or persons who may be causing injury to, or interference with, the rights or property of PRISM (including our Website), computer users accessing our Website, or any third party. In addition, we may disclose information about individuals who access our Website to law enforcement agencies, judicial or government authorities, or to other individuals or entities in response to subpoenas, court orders, or other legal processes.
- LINKS WITH OTHER SITES
5.1 The Site may contain links to other Internet websites which we do not operate and, conversely, other Internet websites may contain links to our Website. We are not aware of and are not responsible for the privacy policies, practices, or content of such other websites. We encourage users to read and become familiar with the privacy policies maintained by such other websites.
- INFORMATION FOR MINORS & CHILDREN
6.1 We do not target our Website or our products or merchandise for sale on our Website to children, and our Website does not seek to collect contact information from children under the age of 13.
If you are under the age of 13, please do not email us, contact our Website, attempt to use our Website, submit information to our Website, or ask us to email you.
If you are under the age of 16, you should get permission from a parent, guardian or teacher before you email our Website, contact our Website, attempt to use our Website, submit information to our Website, or ask us to email you.
We are committed to responsible data management. Data relating to identifiable Data Subjects is only obtained, stored, processed and accessed:
- For defined and justifiable purposes
- Securely and confidentially
- Respecting the individual’s rights of review, objection and deletion
Unless required or permitted by law, personal data concerning race, politics, religion, health or sexuality is not obtained or processed without express consent.
- FURTHER INFORMATION
8.1 If you wish to raise any query regarding this Site, please contact: Tiffany@pbma.com.au