DDI Product Website Privacy Policy

DDI Product Website Privacy Policy 

Last updated: November 2024 

DDI help Organizations assess, train and develop their people. The entity granting you access to DDI’s product website (“Organization”) is a DDI customer that collects and processes your personal data. This privacy policy (“Privacy Policy”) governs DDI’s processing of personal data you and/or the Organization has inputted into DDI’s product sites (“Product Website”) for the purpose of training, developing and/or assessing you.  

For our marketing website privacy policy please see https://www.ddiworld.com/privacy 

For terms of use for DDI products please see https://www.ddiworld.com/terms-and-conditions 

Collection of Information 

DDI does not directly collect your personal data. DDI processes data you and/or the Organization inputs into the Product Website for the purpose of training, developing or assessing you. Such data may include, but is not necessarily limited to business contact information, basic demographic information, assessment data and training data. 

Usage of Personal Data 

DDI will process the personal data only in accordance with the agreement between DDI and the Organization. This includes but is not limited to providing technical support or functional support and ensuring the security of the Product Website. Please contact the Organization with any questions about its use of your personal data. 

Contact and Queries 

The Organization is a Data Controller. A “Data Controller” determines the purposes for which and the means by which personal data is processed. DDI is a Data Processor of your personal data. A “Data Processor” processes personal data only on behalf of the Data Controller and in accordance with the Data Controller’s instructions. All queries regarding your personal data should be directed to the Organization. 

Product Website Usage Information 

1. Cookies 

For information on the cookies that we use on the Product Website and their functionality, please refer to DDI’s Product Website Cookies Policy at https://www.ddiworld.com/product-cookies . 

2. IP address and Usage data 

Our servers automatically collect data about your Internet protocol (“IP”) address when you visit  DDI’s Product Website. Our servers may log your IP address when you request pages from the Product Website, and may also record the pages you visit on the Product Website; other information about the type of web browser, computer, platform, related software and settings you are using; any search terms you have entered on the Product Website; and other data logged by our web servers. We use this information for internal system administration, to help diagnose problems with our servers and to administer our Product Websites. In addition, we use this information to provide analytics to the Organization about their usage of the Product Website. Personal data including IP address are never shared with or sold to any unauthorized third party. 

Use, Disclosure and Sharing of Personal Data 

1. Service providers 

We may use third-party partners to operate and maintain our Software and deliver our products and services in accordance with the agreement we have with the Organization. Third-party providers are contractually restricted from using or disclosing your personal data except as necessary to perform services on our behalf or to comply with legal requirements. Data may be processed within or outside of The United States and/or the European Economic Area, according to the contractual agreement and applicable laws. 

2. Aggregated statistics 

We may aggregate and anonymize non-personally identifiable data into statistics regarding user behaviour such as overall patterns or demographic reports that do not describe or identify any individual user. This shall always be done in accordance with the agreement between the Organization and DDI. 

3. Legally compelled disclosures 

We may disclose your personal data if required to do so by law or subpoena or if we believe that such action is necessary to: (a) conform to the law applicable to DDI or our partners; (b) comply with a judicial or court order, or comply with legal processes served on us or Affiliated Parties; or (c) protect and defend our rights and property, Websites and/or the users of the Websites. 

4. International transfer and processing of Personal Data (applies unless otherwise agreed in writing between the Organization and DDI) 

DDI may use your data for the purposes described herein and as per the agreement between DDI and the Organization. Depending on contractual requirements and applicable law your data will be transferred to and stored in the United States, and processed in the United States and other countries and territories, which may have different privacy laws to your country of residence. We will treat the privacy of your information in accordance with this Privacy Policy and the agreement between DDI and the Organization. 

Your Access and Correction Rights 

You retain the right to submit and correct or delete your personal data by contacting the Organization. In addition, DDI provides a form to submit Data Subject Access Requests here. DDI will forward the request to the Organization and act only upon the Organizations instructions. 

Third-party Websites 

When you are on this Website you may have the opportunity to visit or link to other websites, including other websites operated by us or by unaffiliated third parties. These websites may collect personal data about you and, because this Privacy Policy does not address the information practices of those other websites, you should review the privacy policies of such other websites to see how they treat your personal data. 

Privacy of Minors 

This Website is not directed at minors, as described under applicable law; we do not knowingly collect personal data from minors on our Product Websites. If we become aware that we have inadvertently received personal data from a minor, as described under applicable law, on the Website, we will delete the information from our records. 

Security 

The security and privacy of personal data is of utmost importance to DDI. We use commercially reasonable and industry-standard physical, operational and technical safeguards to preserve the integrity and security of your personal data. More information can be found here: https://www.ddiworld.com/gisp 

GDPR Information Notice and Related Provisions 

The General Data Protection Regulation 2016/679 (“GDPR”) is a regulation on data protection and privacy in the European Union and the European Economic Area (“EEA”). It also addresses the transfer of personal data outside the EU and EEA. The GDPR requires Data Processors to provide the following information: 

1) Controller identity and contact details 

DDI acts only as a Data Processor. The Organization is the Data Controller of your personal data and should provide you with appropriate contact details. 

2) Data Protection Officer 

DDI has appointed a Data Protection Officer who can be reached on dataprotectionofficer@ddiworld.com. However, DDI acts only as a Data Processor. The Organization is the Data Controller and should provide you with appropriate contact details. 

3) Purposes and legal basis for the processing 

DDI will process the data only in accordance with the agreement between DDI and the Organization, including, but not limited to, providing technical or functional support and ensuring the security of the Software. Please contact the Organization with any questions about its use of your personal data. 

4) Information sharing 

We use third-party providers to help us to deliver our products and services. Third-party  providers are contractually restricted from using or disclosing the information, except as necessary to perform services on our behalf or to comply with legal requirements. A list of DDI third party providers can be found at https://www.ddiworld.com/third-party-providers. 

5) International transfers 

Depending on contractual requirements and applicable law, data may be processed within or outside of the European Economic Area. All locations either benefit from an Adequacy Decision or from alternative suitable safeguards in accordance with the agreement between DDI and the Organization. 

EU-US, UK Extension to the EU-US, and Swiss-US Data Privacy Framework: 

Development Dimensions International Inc (DDI) complies with the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework as set forth by the US Department of Commerce with regard to the processing of personal data received from the EU, the UK (and Gibraltar), and Switzerland. We have certified to the US Department of Commerce that we adhere to the EU-US Data Privacy Framework Principles and the Swiss-US Data Privacy Framework Principles. If there is any conflict between the terms in this Privacy Notice and the Data Privacy Framework Principles, the Principles shall govern. Learn more about the Data Privacy Framework program. To view our certification, please visit https://www.dataprivacyframework.gov/list. 
 

6) Data retention 

DDI will retain your data only as agreed between DDI and the Organization and in accordance with applicable laws to which DDI is subject. 

7) Data Subject rights 

DDI acts only as a Data Processor. The Organization is the Data Controller and should provide you with appropriate contact details. In addition, DDI provides a form to submit Data Subject Access Requests here.  DDI will forward the request to the Organization and act only upon the Organizations instructions 

8) Automated decision-making 

DDI acts only as a Data Processor and does not make decisions affecting you. The Organization is the Data Controller and should provide you with appropriate information regarding its decision-making processes. 

US-specific Provisions 

Where DDI is subject to US privacy requirements, the following applies: 

1) Customers 

Personal data provided to DDI by the Organization and the processing of personal data is defined in the Collection of Information and Usage of Personal Data sections of this Policy. 

2) Third-Party Behavioral Advertising 

DDI’s Product Websites do not use cross-site tracking cookies and do not display any advertising. Please see DDI’s Product Website Cookies Policy for more information. 

Updates to this privacy policy 

This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our online information practices. We will indicate at the top of the statement when it was most recently updated.