GDPR Statement

Introduction

The new EU General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and introduces new responsibilities for every organisation which holds or processes personal data. Under GDPR, “personal data” is very broad and covers any information relating to an identifiable individual (also called a “data subject”). This new regulation will supersede the current Data Protection Act (DPA) and requires organisations to demonstrate compliance. Failure to do so will attract substantial penalties.

Our Commitment

Psytech International Ltd. is committed to high standards of information security and privacy. We place a high priority on protecting data in accordance with regulatory requirements. The company will comply with GDPR regulations when they take effect in May 2018 and will work closely with our clients and partners to meet obligations for any software applications, products or services we offer. Psytech encourages clients and partners to independently familiarize themselves with the GDPR and to make sure they satisfy all requirements.

Personal Data and Consent

We will require explicit and unambiguous consent from respondents before collecting assessment data on behalf of our clients and partners. Each respondent will be shown a privacy statement, with links to more detailed information where appropriate, and require the selection of a checkbox signalling consent to continue. It will not be possible to submit assessment data to our systems without this consent.

Data Sharing

Psytech does not share data with any third party nor do we host advertising for third parties. This means that we have no need to collect and process respondent data beyond what is required for the functioning of our products.

Data Retention and Right to Erasure

We will anonymize data on request from a client or partner or after 24 months at our discretion. Once data has been anonymized, we may use it for statistical purposes such as building norms, validation and ensuring that our tests are fair to all groups. Under these circumstances, data will be held in aggregated form and no personally identifiable data will be discernible. We will provide a means for complete erasure of data on request from a client or partner.

Data Portability

On request, Psytech will provide a basic report of any data held on our system for a given respondent. Clients or partners may want to provide additional data, perhaps in the form of a feedback report, at their discretion.

Where We Store Our Data

Genesys Online data is held in Microsoft Azure’s ‘North Europe’ data centre, located in Dublin. Any access outside the Genesys Online application is restricted to key IT staff who will have the minimum access required to enable standard database maintenance operations and to provide technical support. All access is encrypted and IP restricted.

Cross Border Data Transfer

The data of all our European clients remains in our North Europe data centre and is not transferred outside of this location for any reason.

Contact Information

If you wish to contact us, please send an e-mail to privacy@psytech.com or contact one of our local partners whose information can be found on our website see:

http://psytech.com/About/ContactUs