Marketing and Sales
Data Privacy and Processing
Posted: 4 May 2018 — Last updated: 4 May 2020
This Privacy Policy (which we will refer to as “Policy” going forward in this page) describes practices around personal data collection related to our marketing and sales activities such as the website, emails, affiliates, offline sales, and virtual and in-person events. For information about other ways itslearning processes personal data, go to the start page of our privacy policy.
How we collect data
Through your interaction with us or use of this website, we may collect the following personal information provided by you, that identifies you as an individual:
- Information you provide through form submissions on our websites. This includes when you contact us, subscribe to our marketing communications, download collateral, register or attend an itslearning event or partner event, and purchase products or services.
- Information that you provide to us or to itslearning employees when you want to engage in business or potential business with us.
- Information you provide when applying for a job at itslearning
- Information you provide to us in personal conversations or events.
- Information from surveys, reviews, or inquiries that you voluntarily take part in.
- Information you submit to us via social media channels.
- Information you or a connected party provides when executing a contract or business relationship.
- We do not intentionally solicit, collect or process data for any child under the age of 18. Once identified, the data is deleted immediately.
We use third party services/vendors, such as the Google Adwords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we position ads to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network.
To avoid being targeted by remarketing services, you can choose not to accept cookies on the website or change your Google Ads settings at https://adssettings.google.com/authenticated.
Why we collect personal data
We collect your data to better provide you information and determine whether our product and services would be a good fit for you. In those cases where we use legitimate interest as lawful basis for our data processing, we will always balance our interest with your right to data privacy.
The legitimate interest basis makes processing lawful only if it is necessary to the controller. It requires transparency and the successful outcome of a balancing test between your right to privacy and our interests. Transparency means it shall be clear to you which data is used and how it’s used. A balancing test requires us to take into consideration factors such as:
- That our interest as controller is significant compared to the impact on your data privacy.
- That we only process what can reasonably be expected by you.
- That we cannot achieve the same result by not processing the data.
As such, our purposes are always legitimate, and the disadvantages to you are few.
These are our specific reasons for processing your data:
- Identify who our customers and potential customers are and their interest or need for itslearning products and services,
- Manage customer and user relationships to promote satisfaction, knowledge and adoption of our product and services,
- Execute core business operations, such as contracts and invoicing, and build and maintain third party relationships.
Type of data we collect
We will never collect data from you without clearly stating what information we are requesting and what we will use it for. This is the type of data we collect:
- Contact details: Name, email, phone number.
- Institution and/or organizational affiliation: Including name, physical address, size.
- Geographical location, IP address, including country, state or province.
- Behavioral or demographic information.
- Data from marketing opt-in lists, campaigns, surveys, or publicly available information
- Collaboration information.
Who can access your personal data
Only employees with a relevant role have access to the personal data we process. All our employees have signed confidentiality clauses.
We have always been committed to ensuring that your data is safe. You can read more about these organizational and technical measures in our GDPR Security Measures page.
How long do we keep your personal data?
If no activity, interest, intent or need can be identified within a 2-year period, we delete your data. The only time we will retain your personal information for longer than is outlined in this Policy is when it is required or allowed by law.
Our website includes hyperlinks to, and details of, third party websites. If you choose to follow links to these sites we encourage users to read the policies of those websites, before providing any personal information, to determine their protections. We are not responsible or liable for these policies or sites and how they handle your personal data.
Additional information
Personal data related to demo accounts are processed using our own software. Read more about how we secure our platform.
We are a global company, so when you provide us personal data, that data may be used, processed, or stored in a country that has data protection laws that are different to the country in which you reside in. However, in compliance with GDPR no data from users in EU/EEA is processed or stored outside the EU/EEA. Additionally, itslearning has policies and procedures in place that are constructed to safeguard and ensure an equal level of protection is applied across the entire organization and in accordance with this Policy.
How we use the data
We only collect or process your data under contractual obligations when we have consent, or when we have a legitimate interest.
Your consent must be clear, unambiguous and freely given. When we request information, we have to tell you what we’d like to know and why. Legitimate interests are uses that are necessary to provide a product or service, or those that could be reasonably expected by the person whose information is being collected.
The chart below explains how we use the data collected through each of our channels, the purpose and the legal basis we have for doing so.
How we collect data | Why we collect data | How we use the data | The legal basis for our use |
You fill out a form on our website, including those from HubSpot and Eventbrite. | Identifying and targeting educational institutions that have an interest and need for a learning management system.
Nurturing relationships with interested potential customers. Managing customer relationships, to better communicate any updates or changes they might be interested in. |
When you fill out a form, we let you know why and how we’ll use the data.
This includes requests such as: to contact us, subscribe to our marketing communications or newsletter, download collateral, register or attend an itslearning event or partner event, and purchase products or services, or identify a company’s need for an LMS. |
Consent |
We collect your information from a publicly available source (e.g. you have your contact information listed on your website.) | Identifying and targeting educational institutions that have an interest and need for a learning management system. | We use this information to ensure that the data we are processing is correct and up to date, as well as to correctly profile whether you have potential, intent or a need to purchase an LMS. | Legitimate Interest |
We’ve partnered with a related company to create a cross-promotional opportunity. | Identifying and targeting educational institutions that have an interest and need for a learning management system. | We use this data to better identify customers who might have a potential need or interest in an LMS. | Legitimate Interest |
We talk to you at an event or tradeshow. | Nurturing relationships with interested potential customers.
Managing customer relationships, to better communicate any updates or changes they might be interested in. |
We use your information to build relationships, to determine whether you may have a need or intent to purchase an LMS, and to obtain explicit consent to be added to our marketing distribution email list for further nurturing. | Legitimate Interest |
We communicate with you via our social media channels. | Nurturing relationships with interested potential customers.
Managing customer relationships, to better communicate any updates or changes they might be interested in. |
We build brand awareness, and link you to information on our website that we believe may prove useful. | Legitimate Interest |
You sign up for a particular piece of email marketing. | Promoting our learning management system to interested potential customers.
Managing customer relationships, to better communicate any updates or changes they might be interested in. |
itslearning has a legitimate interest to send singular emails for one intended purpose, or at the request, or knowledge of the recipient. | Legitimate Interest |
You sign up to be on our marketing distribution list. | Promoting our learning management system to interested potential customers.
Managing customer relationships, to better. |
itslearning will explicitly ask if a prospect would like to be added to the distribution list to receive marketing communication on products, services, topics that may be of interest to them. | Consent |
One of our representatives talks to you in person, email, via drop-in or at a networking event. | Nurturing relationships with interested potential customers
Managing customer relationships, to better communicate any updates or changes they might be interested in |
We follow up on high-level marketing activity and buyer behavior in order to reach out, establish contact, create or foster a relationship, and follow up for the purposes of driving sales and revenue. | Legitimate Interest |
Data Processors
Data processors are third parties with whom we have contracted to assist in our communication to users, customers, partners and prospects. They are not allowed to process your personal information unless we instruct them to do so. They will not share your personal information with any other organization. They will secure and retain your data for the period we specify. In those cases where the data resides in a non-EU country, we indicate the location next to the processor’s name.
Salesforce (US)
We use Salesforce as our CRM system and our main tool for communication with our partners, customers and prospects. We have Binding Corporate Rules that ensure that any data transfer has an adequate level of data protection.
HubSpot (EU)
HubSpot is our marketing automation software and is used to communicate to prospects, users and customers. We have Standard Contractual Clauses with HubSpot, which ensure that any data transfer has an adequate level of data protection.
Adobe Sign (US)
Adobe Sign is used to digitally sign documents. Adobe will store some information about the signed documents or signature/the signing and the event in addition to an audit trail. We have signed Standard Contractual Clauses which ensure that any data transfer has an adequate level of data protection.
Piwik
Piwik is used to analyse the use of our website. Our analytics service provider generates statistical and other information about website use by means of cookies. The information generated relating to our website is aggregated and used to create trending reports about the use of our website. It is used to improve how itslearning.com functions and performs.
Consultants
We use several consulting companies in our day-to-day operations. They have all signed a confidentiality and non-disclosure agreement and a data processing agreement. This list has the current consultants used by itslearning AS.
- Knowit, a web development consultancy
Previous version(s):
Privacy Policy September 2018