At Ascend Consulting Group, we are committed to protecting the privacy of our clients and end-users. This policy outlines how we collect, use, and safeguard subscriber information in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Data Collection
- We collect only the necessary personal information required for the survey process process, limited to name, phone and email address.
- Personal information is collected through secure methods and is stored in encrypted databases.
Data Usage
- Collected data is used solely for the purposes of planning, executing, and managing customer and employee feedback surveys.
- We do not sell, lease, or share personal information with third parties except as necessary to fulfill our contractual obligations or as required by law.
Data Safeguarding
- We implement robust security measures, including encryption, access controls, and regular security audits, to protect personal information from unauthorized access, disclosure, alteration, or destruction.
- Personal information is retained only as long as necessary for the purposes outlined in this policy and in compliance with legal requirements.
Consent and Opt-Out Procedures
We respect the privacy preferences of our clients and end-users. This section outlines our procedures for obtaining consent and honoring opt-out requests.
Obtaining Consent
- Prior to collecting personal information, we obtain explicit consent from individuals through clear and transparent communication.
- Consent is documented and can be withdrawn at any time by the individual.
Opt-Out Requests
- Individuals have the right to opt-out of data collection and usage at any time.
- Opt-out requests can be submitted through our designated communication channels (e.g., email, online form), and we commit to processing these requests promptly and efficiently.
Updates and Amendments
We are committed to maintaining the accuracy and relevance of our policies. This section outlines our approach to keeping policies up-to-date and informing subscribers of any changes.
Policy Updates
- Our privacy policies are reviewed regularly and updated as necessary to reflect changes in laws, regulations, or business practices.
- Updates to the policy are documented with the date of the latest revision.
Notification of Changes
- Subscribers will be informed of any significant changes to the privacy policy through appropriate communication channels (e.g., email, website notification).
- We encourage subscribers to review our privacy policy periodically to stay informed about how we are protecting their information.
Legal Compliance
Adherence to relevant regulations and legal frameworks is a cornerstone of our privacy policy. This section outlines our commitment to legal compliance and the steps we take to mitigate risks and liabilities.
Regulatory Adherence
- We comply with all applicable privacy laws and regulations, including GDPR, CCPA, and other relevant frameworks.
- Our privacy practices are designed to meet or exceed legal requirements, ensuring the protection of personal information.
Risk Mitigation
- Regular compliance audits are conducted to identify and address potential risks and vulnerabilities.
- We provide ongoing training to our staff to ensure they are knowledgeable about privacy laws and best practices.
Accountability
- A designated Data Protection Officer (DPO) is responsible for overseeing compliance with privacy laws and addressing any privacy-related concerns.
- We provide clear channels for individuals to report privacy concerns or violations, and we commit to addressing these issues promptly and effectively.
By adhering to these key components, Ascend Consulting Group ensures the protection of personal information, respects privacy preferences, and maintains trust and transparency in our business-consumer relationships.