|0.1||Initial Version||Ken McHugh||23/04/2018|
|0.2||Mod for GDPR||Peter Stanbridge||30/04/2018|
|Peter Stanbridge||CTO||Cognitive Edge|
|Mark Anderson||Director||Cynefin Centre New Zealand|
|Everyone else who contracts with our clients.|
This document is addressed to Cognitive Edge SenseMaker® clients/customers and the Cognitive Edge community of practitioners, whose personal contact data are stored in our systems or in our suppliers who process data on our behalf.
Cognitive Edge undertakes to protect all your personal contact and contract data on our systems and on third party systems processing such data on our behalf.
This policy document sets out how we will use your data and how we will comply with our undertaking to protect your data.
Why we hold and process your data
We hold and process Cognitive Edge customer/client system user data in order for us to:
- Provide you with secure access to your SenseMaker® projects and data.
- Contact you if we discover any problems with your project setups or data.
- Respond to any queries or questions that you ask us.
- Communicate licence information with you as required (for example, when project licences have expired and have come for renewal).
We hold and process Cognitive Edge customer/client contact data in order for us to:
- Communicate financial transactions such as proposals, invoices, receipts and contracts.
- Engage in any required credit control communication.
We hold and process Cognitive Edge Network Member data in order for us to:
- Send newsletters to members, containing general news, case studies and information included in 2. below.
- Send notices and marketing material of Cognitive Edge activities, meet-ups, training courses, retreats and events, services and software updates or new software offerings to members.
- Provide members with secure access to the member area of the Cognitive Edge website, including access to materials and services provided by the Cognitive Edge website that is exclusive to community members.
- Send membership renewal notices as they are due.
We hold and process contact information for newsletters or email communications subscribers, in order for us to:
- Send newsletters of various types to you that you have opted into receiving. These letters to non-network members can cover the same material as that provided to the network members as described in the previous section.
We hold and process information for training registrations, in order for us to:
- Send you information with details of training events, and to keep a record of attendance to assess prerequisite eligibility for future training events and courses.
Additional points in relation to how we hold and process your data
The following points pertain to the processes described for newsletters or email communications subscribers:
- We will make it easy for you to opt out of each and any of the individual communication newsletters and notices we send you.
- We will not provide your personal information to others unless you give us permission or we have to do so because applicable law makes it mandatory.
- We will consider that the consent you give us to receive such notifications in each case will last for 12 months. We will then ask you to continue to receive our communication for each of our newsletters and notices after the 12 month period. Non response to such requests will opt you out of receiving further communication of that particular news letter or notice.
- Other members in the network will be able to see your name and country of residence once you have registered. They will be able to see information in the profile you post based on your privacy settings.
The following points pertain to the processes described for those who are network members:
- We will hold your contact details for the period required for membership financial history under taxation laws or if not applicable, only for the period of your membership contract or when you ask us to remove your details, cancelling your membership.
- Cancelling or not renewing your membership details will take you off all the membership records, except for what we need to hold for financial / taxation purposes or in the occasion where there is a disagreement held about our service to you. Removal of membership will also remove you from all news/email contact that is exclusive to membership but not those that are not exclusive to membership unless you explicitly ask us to do so.
The following points pertain to the processing described for those who are SenseMaker® customer/client system users.
- We will only hold contact data for users associated with the client while the client is still an active client (that is, collecting or analysing project data). Once the client has completed work on all client projects, we will remove all client specific user details and all remaining collection data from our system using safe delete methods (non-recoverable).
- Personal data of users whose access is limited to specific projects will have their data removed from the system once the functions they have been authorised for have expired.
- Cognitive Edge will remove any client user from the SenseMaker® system when requested by an authorised customer/client person.
- Cognitive Edge will remove any client project collection data on the request of an authorised customer/client person, using a safe delete method (non-recoverable). Any SenseMaker® users who are exclusively associated with this project will also be removed from the system.
- In the case of any removal of a SenseMaker® client project collection data, the client/customer will have an option to receive a password protected zip file containing XML file versions of the whole project data collection. At all times the customer/client is able to download a CSV version of the project data, provided a client user has been authorised to the CSV data export option for that project.
The following points pertain to the processing described above for customer/client contacts held for financial purposes.
- We will hold your contact details while we need to for legal reasons.
- We will hold your contact details beyond such time if there is any reason to do so, such as any legal proceedings in progress in association with the account and contract.
- We will remove all contact details when we are legally able and the contract has come to an end with the client.
- We will remove any contact details from our system for any contact who has been replaced with a new contact person.
Important data permissions update: Effective immediately, in order to gain access to data or projects, requestors will be required to provide proof of consent from the owner of the data, including a signature and specifically expressed purpose and intent.
How we acquire your contact details
- If you are a network member then you have registered to our member area of the website and paid your subscription.
- If you are a contact in relation to financial matters then we have received your details as part of the contractual process.
- If you are a SenseMaker® user then you have been added to our system either as part of the contractual process (normally associated with an administration user) or we have received a request from an authorised client user to add you to the system.
- If you are a non-member subscriber to our newsletters then you are registered because you have either asked us to put you on the subscription list (say via email) or you have registered on our website to be a subscriber.
- If you are attending one of our courses or other training event then you have registered on the events management system or via e-mail, and paid for the training ticket.
Part of the User Agreement