Ideas Portal – Data Privacy and Processing
Posted: 25 May 2018 | Last updated: 04 December 2018
Why we process personal data
We process your personal data so we can gather and crowdsource ideas and input to the itslearning product. This helps us improve our product for the benefit of our users and customers.
You need to have a user account on the Ideas Portal to be able to post ideas or comment on other users ideas. This helps ensure the integrity of the data, and allows us to personalize the experience and reach out to you if we need more information from you.
We process your personal data based on our legitimate interest, having assessed that our interest is necessary and important, and that your interests, rights and freedoms are not likely to be negatively impacted.
How we collect the data
We collect personal data from you when you sign up to the Ideas Portal, submit ideas or contribute feedback to other users ideas.
Any user can register for the Ideas Portal, even if they are not affiliated with itslearning or any of our customers.
Type of data we collect
We collect the following personal data:
- Contact details: Name, email, Ideas Portal user ID, password (encrypted).
- Community contributions. We collect ideas, comments and votes submitted by the user
Who can access your personal data
If you submit an idea or feedback, it will be publicly available on the Ideas Portal together with your name and profile picture (optional).
Your e-mail address will only be available to a few select itslearning Ideas Portal administrators.
How long do we keep personal data?
If no activity, interest, intent or need can be identified within a 5-year period, we delete your personal data. We might de-personalize information you have provided to us for further archiving.
Note that we can keep personal data for longer than the specified time period if it is necessary to comply with legal or contractual obligations.
3rd Parties Involved
For the Ideas Portal we use the following data processor:
- Aha! Labs Inc. (data transfer to the US regulated using EU Standard Contractual Clauses)
Data Processors cannot process personal data independently. They are not allowed to share your personal data with any other 3rd parties. They secure and retain your data for the period we specify.