Overview and Information that is Gathered by Hogan
The information Hogan learns from customers is used to deliver our services, personalize, and continually improve the online experience of Hogan customers. All information is gathered and stored in the US. Here are the types of information Hogan gathers:
Information You Provide: Hogan receives and stores any information you enter on Hogan’s online platforms. For example, you provide information when you search for a product, take an assessment, place an order, provide information in your account or communicate with us by e-mail or otherwise. As a result of those actions, you might supply Hogan with information such as your name, address, and phone number, credit card information, people (including addresses and phone numbers) to whom purchases have been shipped, people (including addresses and phone numbers) listed in your Hogan shipping address book, content of reviews and e-mails to us, or replies you submit during the assessments. Obviously, you can choose not to provide certain information. However, your decision not to provide information may limit your ability to take advantage of all available online features. Hogan uses the information that you provide for purposes such as generating personal characteristic information, more efficiently and accurately responding to your requests, and customizing and/or improving our products.
Hogan does not link IP addresses to personally identifiable information on its website; however, we reserve the right to link IP addresses and other information supplied by the Internet Service Provider (ISP) to personally identifiable information in order to protect the integrity of our system and for security purposes.
The Internet is a global environment. By using this site and sending information to us electronically, you consent to trans-border and international transmission of any data that you may choose to supply us. Information transmissions to this site and emails sent to us may not be secure. Given the inherent operation and nature of the Internet, all Internet transmissions are done at the user’s own risk.
E-mail Communications: If you do not want to receive e-mail or other mail from us, please unsubscribe by contacting us at firstname.lastname@example.org.
Cookies are small text files that a website transfers to your computer’s browser. Cookies are used by Hogan to measure traffic patterns, personalize content, and control security. The cookies we use supply non-personally identifiable information, but they may identify your computer, browser and Internet specifications.
No Sharing of Information
Hogan is committed to maintaining a healthy relationship with our customers and values the information provided on its online platforms. Hogan does not share customer information with third parties for purposes outside the scope of the products and services we provide. We will never share, sell, or rent your personal information to third parties for promotional use.
Hogan may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect the property and rights of Hogan or a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
Hogan may also be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Security of Information
Hogan is very concerned about safeguarding the confidentiality of your information. We use a variety of industry-standard administrative, physical, and security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. We also require you to enter a password to access your account information. Hogan strives to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input on protected sites.
All payment transactions are processed through a gateway provider and credit card information is not stored or processed on our servers.
It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.
Access to Information
Hogan gives you access to the following information about you for the limited purpose of viewing and, in certain cases, updating that information. This list may change as the Hogan online platforms evolve.
Your Shopping Cart
Your Recent Purchases
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
As discussed above, you can always choose not to provide information. Please be advised, however, that certain information may be required in order to complete a product or fully utilize our services.
Hogan does not sell products for purchase by children. If you are under 18 years of age, you may use Hogan’s online platforms only with involvement of a parent or guardian. Further, Hogan’s testing services are not directed to children or anyone under 18 years of age. Hogan will not knowingly collect, maintain or use any personally identifiable information about anyone under 18 years of age.
United States +1 (918) 749-0632
Hogan Assessment Systems, Inc.
ATTN: Privacy Officer
11 S. Greenwood
Tulsa, OK 74120 USA
Notice: When Hogan collects your personal information, we’ll give you timely and appropriate notice describing what personal information we’re collecting, how we’ll use it, and the types of third parties with whom we may share it.
Choice: Hogan gives you choices about the ways we will use and share your personal information, and we’ll respect the choices you make. If Hogan were to ever engage in any onward transfers of your data with third parties other than our agents, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.
Onward Transfer: Hogan will not disclose your information to unaffiliated third parties without first obtaining your permission, unless of course it’s to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, we are liable for appropriate onward transfers of personal data to third parties.
Security: Hogan takes appropriate physical, technical, and organizational measures around security, availability, processing integrity, and confidentiality to protect personal information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
Data Integrity: Hogan takes appropriate steps to make sure the personal information in our records is accurate.
Relevance: Hogan collects only as much personal information as we need for specific, identified purposes, and we won’t use it for other purposes without obtaining your consent.
Retention: Hogan keeps your personal information for as long as required to fulfill the purposes for which it was collected, or as permitted by law.
Access: Hogan acknowledges that EU individuals have the right to access the personal information that we maintain about them. Hogan provides ways for you to access your personal information, as required by law, so you can correct inaccuracies (see Access to Information above).
Enforcement: Hogan regularly reviews how we’re meeting these privacy promises, and we provide an independent way to resolve complaints about our privacy practices. Hogan is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Independent Recourse: In compliance with the Privacy Shield Principles, Hogan commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Private Shield policy should first contact Hogan (see Contact Us above).
Hogan commits to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. If your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Standard Contractual Clauses
The European Commission’s SCCs, otherwise known as model contracts or clauses, are contract terms developed and approved by the European Commission as ensuring adequate protection for data subjects in accordance with the EU Data Protection Directive 95/46/EC when transferring personal data from the EEA to the U.S. If you are a Hogan client, or the client of one of Hogan’s authorized distributors or partners, transferring personal data in connection with Hogan products and services, please promptly complete, sign and return a copy of the Hogan Standard Contractual Clauses to firstname.lastname@example.org.
Hogan Statement on GDPR Compliance
Hogan Assessment Systems, Inc. (“Hogan”) knows you care how information about you is used and appreciates your trust that we will do so carefully and sensibly. Hogan takes a proactive approach to safeguarding the confidentiality of all information. We use a variety of industry-standard administrative, physical, and security technologies and procedures to help protect personal information from unauthorized access, use, or disclosure. Hogan is committed to the security, availability, confidentiality, and processing integrity of all information collected, regardless of location.
Hogan maintains an information security and privacy program consistent with industry standards, which includes appropriate administrative, physical, and technical safeguards to a) maintain and protect against anticipated threats or hazards to the security, privacy, confidentiality, and integrity of data; and b) protect against any security incident. Additionally, Hogan has undertaken thorough GDPR readiness and impact assessments to ensure the proper policies and procedures are in place for compliance.
In regard to GDPR, Hogan is generally considered a Processor or Sub-Processor, although there may be some instances where Hogan is a Controller (i.e. customer relationship management, accounting processes). As such, Hogan’s legal basis for processing data will typically rely on the following provisions: Article 6(1)(b) ‘performance of a contract’, and Article 6(1)(f) ‘legitimate interest’.
Data will be retained by Hogan 1) for as long as the Controller or Processor is a client of Hogan, 2) until the data is requested to be deleted by the Controller, Processor, or Data Subject, or 3) until the data is no longer necessary to provide the requested services. Anonymized data may be aggregated for our own research purposes.
Hogan utilizes the European Commission’s Standard Contractual Clauses developed and approved as ensuring adequate protection for data subjects in accordance with the EU Data Protection Directive 95/46/EC. The SCC are generally referenced within a Data Processing Agreement entered between Hogan and applicable parties. Hogan will implement any GDPR-specific clauses promulgated by the regulatory body when available.
Hogan has extensive security and privacy policies and procedures which serve as a strong foundation to address the key components within GDPR legislation. An important component of our current security and privacy compliance is the US-based SSAE 16 Service Organization Control (SOC2) Trust Principles. SOC2 compliance and audits map to ISO standards, and as such, share many principles with GDPR in the areas of technical and organizational measures on data security, availability, processing integrity, confidentiality and privacy.
Please contact us with requests for data access, data deletion, or any other questions. We can be reached at email@example.com.