Make Accurate and Informed Group Decisions using the Delphi Method
Make Accurate and Informed Group Decisions using the Delphi Method
This Privacy Statement was updated on July 13, 2020.
This privacy statement explains how Calibrum handles personal data collected during the normal course of business (sales, marketing, and support), as well as how data are processed in its software and services.
Calibrum complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
For specific information about GDPR, please visit https://calibrum.com/gdpr/
1. CALIBRUM SOFTWARE AND SERVICES
Calibrum creates online collaborative survey software for corporations, research companies, and universities. The software is accessed using a modern browser via the Internet. Calibrum products are self-service; Customers determine and are solely responsible for what and how Customer Data is collected. Customer Data may include data collected from respondents (“Respondents”). Customer Data may be collected via email or a web link.
Calibrum acts as a data processor with respect to Customer Data and processes this data as instructed by Customers, who are the data controllers.
2. DATA COLLECTED DURING NORMAL BUSINESS TRANSACTIONS (UNRELATED TO THE SOFTWARE)
For the www.calibrum.com site: Calibrum collects and analyzes aggregate information of visitors, including the domain name, visited surveys, referring URLs, and other publicly available information. We use this information to help improve our website and services, and to customize the content of our pages for each individual customer. Cookies may be used to deliver customized content to website visitors. No personal data are collected when browsing this site.
Calibrum does not sell or make available specific information about our customers or their clients except as requested by a valid court order or otherwise required by law. We maintain a database of user information which is used only for internal purposes such as technical support, marketing-related activities, and to notify customers of changes or enhancements to the services. Calibrum uses secure services for online credit card payment transactions, and does not record or store credit card information on its site or servers.
3. DATA COLLECTED BY CUSTOMERS
For this section, customers are end-users with valid Calibrum accounts. Customers own and control all information input into the Calibrum software or generated on behalf of customers in connection with the Services (“Data”). Depending on how the Customer chooses to use the software, Data may include personal information. Customers manage all Data, as well as the users who create, manage, distribute, or report the Data.
Calibrum treats all Data as highly confidential and does not classify or represent the Data because only the Customer itself knows what data it’s collecting. In other words, Calibrum provides the services, and Customers use the services as they wish. All Data are safeguarded using industry best security practices that prevent unlawful disclosure. More information is at our security statement https://calibrum.com/security
Calibrum will process Data for the purpose of providing the software and services to customers. Calibrum may also anonymize and aggregate the Data and use such anonymized and aggregated data for its business purposes. Customers must ensure that they follow applicable laws when distributing surveys. This includes following applicable law when collecting personal and health information, preventing unsolicited emails from being sent, and deleting personal information when no longer required.
Unless required by law, Calibrum will never transfer Data to a third-party without the written permission of the customer. In other words, there is no onward transfer.
In the context of an onward transfer, Calibrum has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Calibrum shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Calibrum proves that it is not responsible for the event giving rise to the damage.
Calibrum enables Customers to be compliant with various privacy-related regulations and laws. Features within the products may be used to modify and delete data, create anonymous surveys, and more. For details, please visit https://calibrum.com/gdpr
Calibrum employees do not actively view Data. Any access to Customer accounts requires consent by the end-user, and any exposure to personal information is incidental to providing the services. Customers have the ability to disable Calibrum support from accessing their accounts, but doing so may hinder timely responses and the quality of support.
4. COMPLAINTS AND INQUIRIES
Calibrum is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and individuals have a right to contact the FTC regarding services provided by Calibrum.
If you are an EU or Swiss citizen, and have questions about your personal information that may have been collected in a Calibrum survey, please contact the entity that created or sent you the survey. Data collected and only processes Data as controlled by the customer. If the survey creator is unresponsive to your inquiry, please contact Calibrum Support.
General inquiries regarding this policy, or any complaints regarding surveys that are unresolved by the survey creator, may be sent to Calibrum Support by visiting https://www.calibrum.com and clicking on “Contact Us”. There is no charge for this inquiry.
Calibrum has a team of legal and technical staff to maintain compliance with this policy. For legal inquiries, please contact: firstname.lastname@example.org
Independent Recourse Mechanism: Any disputes are handled by the International Centre for Dispute Resolution (details below). Inquiries are free of charge.
5. INFORMATION RELATED TO PRIVACY SHIELD
For details about the Privacy Shield program: https://www.privacyshield.gov/
The key goals of Privacy Shield are to inform both EU and Swiss individuals about:
- the right of individuals to access their personal data
- the choices and means an organization offers individuals for limiting the use and disclosure of their personal data
- the requirement for an organization to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
Calibrum’ Privacy Shield self-certification does not cover human resources data.
Privacy Shield may provide individuals the right to (i) access the data that we hold about them, (ii) request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield, or (iii) limit the use and disclosure of their personal information. In compliance with the Privacy Shield Principles, Calibrum commits to resolve complaints about our collection or use of personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Calibrum at: email@example.com.
Calibrum has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association (AAA), an alternative dispute resolution provider located in the United States. If an individual does not receive timely acknowledgment of its complaint from us, or if we have not addressed an individual’s complaint satisfactorily, such individual should contact the AAA for more information or to file a complaint (contact details below). The services of the AAA are provided at no cost.
Customer Data is stored in a specific geographical region chosen by the Customer. Where it is necessary to transfer personal data from the European Economic Area to the United States, it is solely for the purpose of processing as per instructions from the controller or to comply with applicable laws.
Calibrum implements appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access.
Because adequate protection is provided by Privacy Shield participants, contracts with Privacy Shield participants for mere processing do not require prior authorization (or such authorization will be granted automatically by the EU Member States), as would be required for contracts with recipients not participating in the Privacy Shield or otherwise not providing adequate protection.
Calibrum self-certifies with Privacy Shield. A self-assessment is signed by a company officer or other authorized representative of the organization at least once a year and made available upon request by individuals or in the context of an investigation or a complaint about non-compliance. Calibrum is required to respond promptly to EU or Swiss individual inquiries, and other requests for information from the Department of Commerce relating to its adherence to the Privacy Shield Principles.
Under Privacy Shield, an individual has the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Under Privacy Shield, Calibrum must respond to individual complaints within 45 days. For additional information, visit:
Calibrum’ Independent Dispute Resolution (IDR) Provider is:
American Arbitration Association
International Centre for Dispute Resolution
New York City, New York, USA
6. LIST OF SUB-PROCESSORS
Presently, Calibrum uses the following sub-processors for optional services to process personal data in the Subscription Services. There is no requirement to use these optional services when using the Calibrum Services.
Subprocessor: Google, LLC
Function: Translation service (manually controlled by user)