This Policy (together with our Terms and Conditions which can be found at https://www.forevermarklearning.com/terms-and-conditions here and any other documents referred to on it) sets out how we will use any personal data which you provide through our central management system (including its content) operated by Forevermark Limited and any associated software and/or online and mobile websites or applications operated by Forevermark Limited that are related to the central management system (collectively, the "CMS"). Forevermark Limited is a limited company registered in England and Wales under company number 06501918, whose registered office is at 17 Charterhouse Street, London, ECIN 6RA, UK.
For the purposes of this Policy, "our Group" means our subsidiaries, our ultimate holding company and its subsidiaries.
INFORMATION WE MAY COLLECT
We may collect, receive, store and process the following data about you:
- information that you provide by filling in forms on our CMS (including information provided at the time of registering to use our CMS, for example, full name, home and/or business address, company, store name and location, title, education, email address, telephone number, demographic information such as age, username and password if you create an account on our CMS and such other information as may be necessary for the purposes identified in this Policy);
- information about you provided by your employer or a person or organisation with whom you have entered into a services contract (including your name, contact details such as email address and telephone number, business address, company, store name and location);
- Information about the courses you have taken and the courses available to you;
- information relating to your performance such as training progress on the different e-learning modules, answers given to quizzes, results and amount of time spent on the different modules;
- information about the device which you use to access the CMS (your "Device") and about your visits to and use of the CMS (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
- information that you provide to us when using our CMS, or that is generated in the course of the use of our CMS (including the timing, frequency and pattern of service use); and
- USES MADE OF YOUR PERSONAL DATA
We (and our Group) use information held about you for the following purposes:
- to carry out our obligations, or exercise our rights, arising from any contracts entered into between you or your employer and us;
- to allow us and your employer or a person with whom you have entered into a services contract to assess, monitor and record your interaction with, and performance on, courses;
- to evaluate your understanding of the Forevermark brand and our industry;
- to identify areas for improvement of your performance with you and/or your employer;
- to communicate with you about existing and future courses, your progress and our CMS;
- for our internal record keeping;
- to allow you to participate in interactive features of our CMS, when you choose to do so;
- to monitor use of our CMS;
- to improve our CMS and courses offered;
- to help us develop products, services and incentive schemes to make available to you, your employer or a person or organisation with whom you have entered into a services contract;
- to ensure that content from our CMS is presented in the most effective manner for you and for your Device;
- to ensure compliance with applicable laws and regulations; and
- for any other purpose that we tell you about specifically when you register or provide data about yourself to us (or your employer or a person or organisation with whom you have entered into a services contract tells you about on our behalf).
WHEN WE MAY DISCLOSE PERSONAL DATA
We may disclose or transfer data personal data to other companies or entities as follows:
- to any member of our Group for the purposes identified in this Policy;
- to your employer or a person with whom you have entered into a services contract for the purposes identified in this Policy (including, in particular, to allow your employer or a person with whom you have entered into a services contract to assess, monitor and record your interaction with, and performance on, courses);
- to third party partners who help operate our CMS and deliver our products and services and our affiliates, service providers and other third parties that provide products or services for this CMS or for our business (such as website or database hosting companies, analytics companies, communication services and other similar service providers that use such information on our behalf);
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements or to protect the rights, property, or safety of Forevermark Limited, our customers, or others;
- to government authorities, and to other third parties when compelled to do so by government and law enforcement authorities or otherwise as required or permitted by law, including but not limited to in response to court orders and subpoenas. We also may disclose user information when we have reason to believe that someone is causing injury to or interference with our rights or property, other users of our CMS, or anyone else that could be harmed by such activities. Additionally, we cooperate with law enforcement inquiries and other third parties to enforce laws, intellectual property rights and other rights;
- to meet certain legal compliance requirements; and
- to prospective sellers or buyers as part of a sale or merger of our business or assets.
WHERE WE TRANSFER YOUR PERSONAL DATA
The data that we collect from you may be transferred to, and stored at, an overseas destination, for the purposes outlined in this Policy. More specifically, we may transfer your data to your local Forevermark entity for the purpose of managing our and their relationship with you and for the purposes outlined in this Policy. We operate in, amongst others, the following countries: Antigua, Aruba, Australia, Bahamas, Barbados, Belize, Botswana, Brunei, Canada, Cayman Islands (Overseas territory of the UK), China, Curacao, Honduras, Hong Kong, Hungary , India, Jamaica, Japan, Kuwait, Macau, Malaysia, Mexico, Namibia, Saudi Arabia, Singapore, South Africa, South Korea, St Barts (Overseas territory of France), St Kitts, St Lucia, St Maarten (Overseas territory of The Netherlands), Thailand, Taiwan, Turkey, UAE, UK, US Virgin Islands (Overseas territory of the US), USA. We may also transfer your personal data to our third party partners and service providers overseas for the purposes outlined in this Policy.
Whenever we transfer your personal data, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our CMS, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
While we have implemented reasonable technical and organisational precautions to protect the security and integrity of personal data provided to our CMS, due to the inherent nature of the internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the internet or while stored on our system or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. We maintain appropriate technical and organisational measures to protect your personal data.
We recommend that you change your password every three months. If you are using a public computer (e.g. at a library), or a shared computer, we urge you to log out of your account and our CMS altogether, and quit the browser application before you leave the computer. This will help prevent others from accessing your account and any personal data.
Request that we correct, amend or update your personal data:
You may review and edit the personal data that is stored in your user account on your profile on this CMS, (e.g. your passwords and other contact information) by visiting our CMS or by contacting us here. Before we correct, amend or update any information, however, we may ask you to verify your identity and to provide other details to help us to respond to your request.
Access to information:
Subject to applicable local laws, you may have the right to access the personal data we hold about you (which may include a right to correct any inaccuracies or request deletion or object to the processing of your information). If you wish to exercise your rights in relation to your personal data which is held by us, please contact us here. We may require verification of your identity before providing a copy of your information as permitted by law.
Additional rights under applicable local law: If you wish to exercise these rights, please contact us here.
CHANGES TO THIS POLICY
We reserve the right to change this Policy at any time. Please check here periodically.
Questions, comments and requests regarding this Policy are welcomed and should be addressed to firstname.lastname@example.org.
ADDITIONAL INFORMATION FOR THE EEA
In order to meet applicable privacy regulations in the European Economic Area ("EEA"), we provide additional information to our EEA users.
Who is responsible for your personal data?
Forevermark Limited will be the data controller for the personal data collected and used in relation to the CMS. Our contact details are set out in the Contact section above.
What is the legal basis on which we rely to process your data?
On some occasions, we process your data with your consent (including when you agree that we may place cookies other than those that are strictly necessary). Where we do process data based on consent, your consent is revocable at any time.
The processing of some of your data (e.g. your log-in details) is necessary in order to provide services on the CMS to you pursuant to the Terms and Conditions. Without this data, we would not be able to provide the CMS to you.
We also process your data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. For example, we have a legitimate interest in:
- ensuring that our employees and personnel at partners and third party contractors are properly trained and understand the De Beers Forevermark brand and our industry and providing information to your employer or a person or organisation with whom you have entered into a services contract so they can ensure the same;
- being able to carry out our obligations, or exercise our rights, arising from any contracts entered into between you or your employer or person or organisation with whom you have entered into a services contract and us;
- improving the CMS and courses offered, and developing products, services and incentive schemes, to better train future employees, partners and third party contractors and to encourage participation in training; and
- ensuring compliance with applicable laws and regulations.
We may transfer personal data to countries outside the EEA, including to countries which have different data protection standards to those which apply in the EEA and including as described in the Where We Transfer Your Personal Data section.
How long do we keep personal data?
We will retain your personal data for a year after account termination. If your account is dormant for a year, we will delete your personal data.
We will retain aggregated and/or anonymised records of CMS participation on an ongoing basis for analytics purposes.
You may ask us for a copy of your information, to correct it, erase it or to transfer it to other organisations at your request. You also have rights to object to some processing and, where we have asked for your consent to process your data, to withdraw this consent. Where we process your data because we have a legitimate interest in doing so (as explained above), you also have a right to object to this. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement or other legitimate grounds to process your data.
We hope that we can satisfy queries you may have about the way we process your data. However, if you have unresolved concerns you also have the right to complain to data protection authorities.