Socratic Technologies, Inc. makes every effort possible to comply with the EU General Data Protection Regulation (GDPR).
For any enquiries regarding GDPR please contact our Privacy compliance officer using the following form. CONTACT US
The announcement of an agreement to finalize GDPR was made in December 2015 and following a vote by the EU parliament, the compliance deadline for GDPR was set for May 2018.
The primary objective of the GDPR is to give citizens back control of their personal data. Once GDPR takes effect it will harmonize previous and other data protection regulations throughout the EU. Socratic strongly supports this initiative.
Security requirements are interspersed throughout the law's text. They can be grouped along the following themes:
GDPR expects organizations to stay in control of their data to ensure that it is accessed and processed by authorized users only when appropriate. The control requirements are covered in Articles 5, 25, and 32.
According to GDPR organizations must:
- Only process data for authorized purposes
- Ensure data accuracy and integrity
- Minimize subjects' identity exposure
- Implement data security measures
GDPR puts security at the service of privacy. Security obligations are covered in Articles 6, 25, 28, and 32. To preserve subjects' privacy, organizations must implement:
- Data protection by design and by default
- Security as a contractual requirement with their partners and service providers
- Encryption or pseudonymization
- Security measures that respond to their risk assessment
- Safeguards if they are to keep data for additional processing
Right to Erasure
Even after data is collected, individuals still have a claim to, and a certain amount of control over, that data. 'Right to Erasure' is covered in Articles 17 and 28. GDPR requires organizations to completely erase data from all repositories when:
- A data subject revokes their consent ('Right to be forgotten')
- A partner organization requests data deletion
- A service or agreement comes to an end
When an individual revokes consent to their data, an organization recalls data they've shared, or at the end of a service's term, organizations will need to completely erase the concerned data. This is a difficult requirement because simply deleting data doesn't fully remove it from disk. To fully comply, organizations can encrypt data and then delete the key. This data deletion method renders data completely and permanently unreadable.
Risk Mitigation & Due Diligence
Organizations must assess risks to privacy and security, and demonstrate they're taking appropriate steps to keep privacy safe in light of their findings. These obligations are outlined in Articles 2, 24 and 28. To mitigate risks and perform due diligence, organizations must:
- Conduct a full risk assessment
- Implement measures to ensure and demonstrate compliance
- Proactively help partners and customers comply
- Demonstrate full data control
When an organization contracts with a partner or third-party service, they do not relinquish their responsibility to the data's security. In fact, organizations will be contractually obligated to help each other with security and mitigate risks. Because encryption attaches security directly to the data, it assures the data's safety and keeps the principal organization in control even after it's out of the organization's sights.
When a security breach threatens the rights and privacy of a data subject, organizations need to notify customers and their supervisory authority. Breach notification obligations are outlined in Articles 33 and 34. Under GDPR, organizations are obligated to:
- Notify their supervisory authority within 72 hours
- Describe the data breach's consequences
- Communicate the breach directly to data subjects
If a breach exposes unprotected data, organizations will need notify the supervisory authority for their region and the affected customers. However, if data is encrypted and key management best practices followed, organizations can avoid these notification obligations. Notification is only a requirement when the rights and freedoms of the data subject are at risk.
Code of Ethics
As a means of achieving and implementing ethical research practices, Socratic Technologies, Inc. endorses the following Code of Ethics:
The use of interactive and Internet research technologies provides an unprecedented communication mechanism for the exchange of ideas on a worldwide basis. These same tools also have the potential for misuse, particularly in consideration of the privacy rights of individuals. Socratic is founded on the principles of upholding the highest standards of both ethical and professional conduct in the use of research technologies.
Over and above normal standards of research, our professional activities shall be conducted with particular respect for the individual's right to privacy, both in terms of confidentiality of information collected during the marketing research process and the right to be free from unsolicited and unwanted contact.
SOCRATIC TECHNOLOGIES, INC. PRIVACY NOTICE
Socratic Technologies, Inc. (“we”, “our”, “us”, or “Socratic”) respects and is committed to protecting your privacy. That is why we have adopted this Privacy Notice. This Privacy Notice lets you know how and for what purposes we are collecting, processing, and using your Personal Information (as defined herein). We pledge that we will take reasonable steps to ensure that your Personal Information will only be used in ways that are in compliance with this Privacy Notice.
This Privacy Notice is in effect for any web page, mobile application, third party social media site, email list, onsite electronic data collection, generic information, and Personal Information collected and/or owned by us, no matter the method of collection (e.g., mail, facsimile, sign-up/sign-in page, survey, contest, promotion), including collection through this website and any online features, services, and/or programs we offer (collectively, the “Web Properties”). Notwithstanding the foregoing, this Privacy Notice is not applicable to any other web page, mobile application, social media site, generic information, or Personal Information collected and/or owned by any entity other than Socratic or one of its parents, affiliates and/or subsidiaries. Users of the foregoing resources of entities other than Socratic should refer to the privacy notice in effect for the applicable owner.
This Privacy Notice also applies to information collected by or for us through a means other than the Web Properties. If the same information is collected through the Web Properties and through a means other than the Web Properties, the terms of this Privacy Notice shall apply.
Types of Information Collected
We may collect two types of information when you visit the Web Properties: personal information and usage information.
Personal Information: In order to participate in certain features, services and/or programs of the Web Properties, we may require that you provide us with certain specific information, which we may collect including, among other similar types of information (collectively, “Personal Information”): (1) contact information (e.g., name, address, phone number, email address); (2) demographic information (e.g., date of birth, gender, marital status); (3) bank account and credit/debit card numbers; (4) purchase information regarding our products and services; (5) resume information (e.g., education, work and military history, legal work eligibility status); and (6) your physical location.
Usage Information: We may obtain non-individualized, generic information about you when you visit the Web Properties. This may include your (i) Internet Protocol (or IP) address, protocol and sequence information; browser language; browser type; domain name system requests; browsing history (including time spent at a domain, time and date of your visit); number of clicks; hypertext transfer protocol headers; application client and server banners; and operating system fingerprinting data (collectively, “Browsing Information”); and (ii) MAC address, device ID/UDID, or similar device-specific code used for advertising/marketing tracking purposes.
How Information Is Collected
We may collect Personal Information and Browsing Information about you from the following sources:
- information we receive from you, or on your behalf, through forms you complete, or if you contact us, for example to raise a query;
- information we receive from you through the Web Properties, such as when creating an account, participating in a survey, placing an order, filling out the “Contact Us” form on our website, commenting on our articles posted on our website, or signing up for our newsletter (the “Newsletter”);
- information we receive from your computer or mobile device;
- information we receive from our partners or service providers, and parties that administer our online ordering system; and
- information we receive from other sources, as permitted by applicable laws, rules and regulations.
We may sponsor competitions and/or promotions through the Web Properties. Your participation is entirely voluntary. You may be asked to provide Personal Information or to answer questions in order to participate. We may also transfer Personal Information to certain advertising or marketing partners from whom you have requested to receive information.
You can conveniently sign up to receive our Newsletter by following the prompts on our website. Your receipt of the Newsletter is entirely voluntary. If you have signed up to receive the Newsletter but you no longer wish to receive news updates from us, simply click on the “Unsubscribe” link that you find at the end of each Newsletter.
Additional Ways that Information is Collected Through the Web Properties
Browser Log Files: Our servers automatically log each visitor to the Web Properties and collect and record certain Browsing Information about each visitor. The Browsing Information reveals nothing personal about the user and includes only the generic information described in the definition of “Browsing Information.” We may use this information to examine our traffic in the aggregate, but we do not collect and evaluate this information for individuals.
Web Beacons: Some of our web pages and electronic communications may contain images, which may or may not be visible to you, known as Web Beacons (sometimes referred to as ‘clear gifs’). Web Beacons collect only limited information that includes a cookie number; time and date of a page view; and a description of the page on which the Web Beacon resides. We may also carry Web Beacons placed by third party advertisers. These Web Beacons do not carry any Personal Information and are only used to track usage of the Web Properties and activities associated with the Web Properties. See the “Third Party Opt Out” section below.
Unique Identifier: We may assign you a unique internal identifier to help keep track of your future visits. We use this information to gather aggregate demographic information about our visitors, and we use it to personalize the information you see on the Web Properties and some of the electronic communications you receive from us. We keep this information for our internal use, and this information is not shared with others.
Third Party Opt Out: Although we do not presently do so, in the future we may allow third-party companies to serve advertisements and/or collect certain anonymous information when you visit the Web Properties. These companies may use non-personally identifiable information (including, but not limited to, click stream information, browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to the Web Properties in order to provide advertisements about goods and services likely to be of greater interest to you. These companies typically use a cookie or third party web beacon to collect this information, as further described above. Through these technologies, the third party may have access to and use such non-personalized information about your online usage activity.
You can opt out of certain online behavioral services through any one of the ways described below (you do not need to go to each opt-out site, one is sufficient). After you opt out, you will continue to receive advertisements, but those advertisements will no longer be as relevant to you.
- You can opt out via the Network Advertising Initiative industry opt-out at www.networkadvertising.org.
- You can opt out via the Consumer Choice Page at www.aboutads.info.
- You can opt out via the IAB UK's industry opt-out at www.youronlinechoices.com.
Note: If you opt out as described above, you should not delete your cookies. If you delete your cookies, you will need to opt out again.
Use of Personal Information
The Personal Information that we collect may be used for five main purposes:
- to enable the features of the Web Properties, including, but not limited to: (a) operating any competitions or promotions in which you may participate; (b) setting up and managing your online account, including, but not limited to, our processing your requests for information, and/or providing support services to you; (c) providing services to you; (d) conducting online surveys; and (e) delivering rewards, coupons and offers to you;
- to improve the Web Properties by determining which of our products, features and services are most popular. We may analyze your information and usage information to enable us and our affiliates to provide services to you and develop new features, functionality, and services and otherwise for our internal business purposes;
- to personalize your experience on the Web Properties;
- to communicate with you and to inform you about our and third parties’ products and services. We and/or any of our third party service providers may send you and keep you updated with information about existing and new services, products, and special offers, by email, telephone, mail or by means of any other contact details you provide to us or our affiliates, or to such third party service providers. We may also send you and keep you updated with information about our service and products when you sign up for our Newsletter. We may use your Personal Information in a way that does not identify you in connection with our advertising and promoting our services and products; and
- to license, sell, or share your Personal Information to non-affiliated third party companies whose products and services we believe that you may enjoy. You may, at any time, opt-out of us sharing your Personal Information for such purposes by contacting us as described below in “Choices With Your Personal Information.”
When Information Is Disclosed
In addition to the other times or occasions on which we might disclose Personal Information about you, we might also disclose Personal Information and/or Browsing Information when required by law or in the good-faith belief that such disclosure is necessary to: (1) comply with legal processes and applicable law; (2) enforce this Privacy Notice; (3) take precautions against liability and to respond to any claim that any material, document, image, graphic, logo, design, audio, video, and any other information provided to, from or on the Web Properties by you violates the rights of third parties; (4) assist government enforcement agencies; or (5) protect our rights, property, or safety or the rights, property, or personal safety of our visitors and the public.
We may use your Personal Information and Browsing Information to deliver coupons, offers, and otherwise promote our products and services to you.
We use reasonable precautions to keep the information that is disclosed to us secure. We may provide Personal Information and Browsing Information to our subsidiaries, affiliated companies, and other businesses or persons for the purposes of processing such information on our behalf and promoting the goods and services of our trusted business partners, some or all of which may store some or all of your information on servers outside of the United States. We require that these parties agree to process such information in compliance with our Privacy Notice or in a similar, industry-standard manner, and we use reasonable efforts to limit their use of such information and to use other appropriate confidentiality and security measures. The use of your information by one of our trusted business partners may be subject to that party’s own privacy notice.
You may grant us a license to use certain of your Personal Information, for example in our Survey Terms of Service. Our use of your Personal Information in conformity with any such license will not be a violation of this Privacy Notice.
We may share Browsing Information with third parties to demonstrate the usage patterns for advertisements, content, functionality, promotions, and/or services on the Web Properties and/or on third party websites.
We reserve the right to transfer your Personal Information, as well as any information about or from you, in connection with the merger, sale or other disposition of all or part of our business and/or assets. We cannot make any representations regarding the use or transfer of your Personal Information or other information that we may have in the event of our bankruptcy, reorganization, insolvency, receivership, or an assignment for the benefit of creditors, and you expressly agree and consent to the use and/or transfer of your Personal Information or other information in connection with a sale or transfer of some or all of our assets in any of the above described proceedings. Furthermore, we cannot and will not be responsible for any breach of security by any third parties or for any actions of any third parties that receive any of the information that is disclosed to us.
Account, Password and Security
For certain features available through the Web Properties, we may require the use of encryption technologies provided for your protection and/or account. We use reasonable precautions to protect the privacy of your username, password, and account information.
You, however, are ultimately responsible for protecting your username, password, and account information from disclosure to third parties, and you are not permitted to circumvent the use of required encryption technologies. You agree to: (a) immediately notify us of any unauthorized use of your username or password, and/or any other breach of security; and (b) ensure that you log out from your account at the end of each session. While we may provide certain encryption technologies and use other reasonable precautions to protect your confidential information and provide suitable security, we do not and cannot guarantee or warrant that any information transmitted through the Internet is secure, or that such transmissions are free from delay, interruption, interception, or error.
Employment Opportunity Information Collection
For individuals interested in job opportunities with us, the Web Properties currently or may in the future allow prospective employees to request additional job opportunity information. The Web Properties may be used to collect Personal Information from prospective employees for human resources recruitment purposes. By submitting any of the foregoing information, you consent to its dissemination to, and use by, us and our affiliates. The foregoing also applies to job application inquiries that you may transmit to us other than through the Web Properties.
Information from Children
We do not collect Personal Information from any person that we know to be under the age of thirteen (13). Specifically, the Web Properties are not intended or designed to attract children under the age of thirteen (13). You affirm that you are more than eighteen (18) years of age, or an emancipated minor, or possess legal parental or guardian consent, and are fully able and competent to enter into the terms, conditions, obligations, affirmations, representations, and warranties set forth in this Privacy Notice, and to abide by and comply with this Privacy Notice. In any case, you affirm that you are over the age of thirteen (13), as THE WEB PROPERTIES ARE NOT INTENDED FOR CHILDREN UNDER THIRTEEN (13) WHO ARE UNACCOMPANIED BY THEIR PARENT(S) OR LEGAL GUARDIAN(S).
Parents and legal guardians should be aware that this Privacy Notice will govern our use of Personal Information, but also that information that is voluntarily given by children – or others – in email exchanges, bulletin boards or the like, may be used by other parties to generate unsolicited communications. We encourage all parents to instruct their children in the safe and responsible use of their Personal Information while using the Internet.
For the avoidance of confusion, we may collect Personal Information about children in connection with administering and operating our services, including, but not limited to, information collected as part of a survey administered using our services, and nothing herein shall limit or otherwise restrict our ability or practices with respect to such collection about children.
Privacy Outside the Web Properties
The Web Properties may contain links to other websites, including, but not limited to, Facebook, Pinterest, Twitter and Instagram, and contain advertisements of third parties. We are not and cannot be responsible for the privacy practices or the content of any of those websites. Please check with those websites in order to determine their privacy policies and your rights under them.
Other than under agreements with certain reputable organizations and companies, and except for third party service providers (as described in this Privacy Notice), we do not share any of the Personal Information that you provide to us with any of the websites to which the Web Properties link, although we may share aggregate, non-personally identifiable information with those other third parties. Please check with those websites in order to determine their privacy policies and your rights under them.
European Union Users
If you are visiting us from the European Union, please note that we may collect, transfer, and continue to use your Personal Information outside the European Union for any of the purposes described in this Privacy Notice. By using the Web Properties and providing us with your Personal Information, you consent to our collection, transfer, and continued use of your Personal Information in accordance with this Privacy Notice.
We take reasonable efforts to ensure that information collected through the Web Properties is not lost, misused or altered inappropriately by administering security measures. However, all information accessible and/or transferred over the Internet can potentially be accessed by unauthorized parties; therefore, we cannot guarantee the security of your data transmitted to the Web Properties.
Choices With Your Personal Information
Whether you submit any Personal Information to us is entirely up to you. You are under no obligation to provide Personal Information. However, this information is essential for the provision and quality of some of the services we offer to you, so we cannot provide you with certain services if you choose to withhold requested information.
You may choose to prevent us from disclosing or using your Personal Information under certain circumstances (“opt out”). You may opt out of any disclosure or use of your Personal Information for purposes that are incompatible with the purpose(s) for which it was originally collected or for which you subsequently gave authorization by notifying us by one of the methods at the end of this Privacy Notice, or by following the procedures set forth in an electronic communication from us, if applicable. Furthermore, even where your Personal Information is to be disclosed and used in accordance with the stated purposes in this Privacy Notice, you may elect to opt out of such disclosure to and use by a third party that is not acting as our agent. There are some uses from which you cannot opt out, such as to provide products or services that you have requested from us.
Please note that opting out of the disclosure and use of your Personal Information as a prospective employee may prevent you from being hired as an employee to the extent you are using the Web Properties to apply for an open position.
To the extent applicable, you may opt out of online behavioral advertising by following the instructions set forth above under the above section “Additional Ways that Information is Collected Through the Web Properties,” subsection “Third Party Opt Out.”
Access and Correction
Please contact us in the manner specified at the end of this Privacy Notice to access your Personal Information in our possession and correct inaccuracies of that information in our records. We ask individuals to identify themselves and the information requested to be accessed and amended before processing such requests, and we may decline to process requests in limited circumstances, as permitted by applicable privacy legislation.
Your California Privacy Rights
Under California’s “Shine the Light” law, California residents who provide certain personally identifiable information in connection with obtaining products or services for personal, family, or household use are entitled to request and obtain from us (once a calendar year) information about the customer information we shared (if any) with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2015 will receive information regarding 2014 sharing activities, if any).
To obtain this information, please send an email message to firstname.lastname@example.org with “Request for California Privacy Information” in the subject line and in the body of your message. We will provide the requested information to you at your email address in response.
Please be aware that not all information sharing is covered by the “Shine the Light” requirements, and only information on covered sharing will be included in our response.
Do Not Track Requests
Additionally, because we may collect your Personal Information from time to time, California’s Online Privacy Protection Act requires us to disclose how we respond to “do not track” requests and other similar mechanisms. Currently, our policy is that we do not recognize “do not track” requests from Internet browsers and similar devices.
Your Consent To This Privacy Notice
By using the Web Properties, you consent to the collection and use of your information (including Personal Information) by us as specified above or as we otherwise see fit, in compliance with this Privacy Notice, unless you inform us otherwise by means of the procedure identified below. If we decide to change this Privacy Notice or some part of it, we will make an effort to post those changes on this web page so that you will always be able to understand what information we collect, how we use that information and under what circumstances we may disclose that information to others. Your use of the Web Properties following such publication of any amendment of this Privacy Notice will signify your assent to and acceptance of its revised terms for all previously collected information and information collected from you in the future. We may use comments, information or feedback that you may submit in any manner that we may choose without notice or compensation to you.
If you have additional questions or comments of any kind, or if you see anything on the Web Properties that you think is inappropriate or incorrect, please let us know by email or by sending your comments or requests to:
Socratic Technologies, Inc.
245 N. Main Street
Sebastopol, CA 95472
Attn: Customer Care – Web Properties
Copyright © 1994-. Socratic Technologies, Inc. All Rights Reserved.
Effective as of: January 1, 2016
Last updated: April 25, 2018