Privacy Policy

Effective Date: October 2024

This is the Privacy Policy for Zenger Folkman Company, 550 East Timpanogos Circle, Bldg G, Suite G-01, Orem, UT  84097.

Thank you for your interest in Zenger Folkman’s (“ZF”) services. ZF takes your privacy very seriously and has created this policy in order to demonstrate our firm commitment to protecting personal information. In particular, this policy sets forth our information gathering and dissemination practices for any personal information gathered on this site. No personally identifiable information will be sold or otherwise used except as outlined in the policy below.

Introduction

ZF is a company with a global reach that delivers high-impact leadership development and corporate training programs in all key industries, sectors and markets in the world.  Our leadership development process includes providing leadership development surveys, coaching and workshops for organizations wishing to boost employee productivity, strengthen employee commitment and improve bottom-line profitability and for individuals wishing to enhance their professional skills.  We are a business to business resource that is contracted by companies (our corporate clients) throughout the world, including the US, EU and Switzerland, to provide screening questionnaires.  Alternatively, we also have “partners” throughout the world, including the European Union, who license our product for sale to local business entities. We also publish a blog which individuals may access independently to take one of our surveys.

Zenger Folkman is committed to acting in compliance with current data protection laws including the European Union’s General Data Protection Regulation (EU) 2016/ 679 (GDPR)

What types of data do we collect?

  1. Zenger Folkman Assessments. If you participate in a Zenger Folkman assessment (“Participant”), the assessment collects first name, last name, email address, optional demographic data (birth year, country, gender, position type, primary function of current position), responses (on a five-point scale) to items regarding the participant’s performance in a set of leadership competency areas.  If you are a respondent who has been invited to give feedback to a Participant, the assessment collects first name, last name, email address, responses (on a five-point scale) to items regarding the Participant’s performance in a set of leadership competency areas, and freeform comments about the Participant’s performance.  If your employer invites you to participate in a Zenger Folkman assessment, your employer will provide Zenger Folkman with your first name, last name and email address in order to register you for participation in the assessment.
  2. Visitors to ZF Website. If you visit our corporate website, we automatically collect the related session data.
  3. Participants in Public Events. If you participate in one of our public events (for example, workshop, certification, webinar, live online event), we may collect your name, email address, telephone number, title, company, business address and other information that will help us serve you better.
  4. Those who opt to receive marketing communications. If you opt in to receive marketing communications from Zenger Folkman, we may collect your name, email address, title, company, business address and other contact information.  In addition, we may use cookie technology (see Cookies below) to connect your history at the ZF website with your other personal information.
  5. Customers, suppliers and other business contacts. If you are a customer, supplier or other business contact, we may collect your name, email address, telephone number and other contact information in the regular course of our interaction with you.

How do we use the data?

  1. Zenger Folkman Assessments. PII collected as part of a Zenger Folkman assessment will be used for the purpose of (a) providing assessment related services, such as individual and aggregate reporting, and (b) in aggregate form, to do research and calculate norms.
  2. Visitors to ZF Website. Zenger Folkman uses technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, track visitors’ movements around the website, and to gather demographic information about our visitor base as a whole (see Cookies below).
  3. Participants in Public Events. If you participate in a ZF public event, ZF will use your information to provide the service for which you have registered, and to communicate with you about the public event.
  4. Those who opt to receive marketing communications. Personal information collected by those who opt to receive our marketing communications will be used to communicate with you about ZF news, events updates, etc. You may choose to unsubscribe at any time by clicking on the unsubscribe link in your email communication or by emailing support@zfco.com
  5. Customers, suppliers and other business contacts. Personal data of customers, suppliers and other business contacts will be used to manage our contractual relationship with you, to carry out contracted obligations, to provide updates about Zenger Folkman and its services

To whom do we transfer data?

ZF may have to share personal data with third parties for processing, sub-processing or to deliver contracted services.  We require that these parties agree to process such information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.  If you participate in an assessment or leadership program or other engagement run by ZF as an employee, ZF will share data with a coach or your employer or with others as contracted between ZF and your employer.

ZF does not rent or sell information to any outside organizations.  ZF will share your personal data with third parties only in the ways that are described in this privacy policy.

ZF may also disclose personal information:

  • When we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of ZF, its users or the public as required or permitted by law.
  • If ZF becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, any personal data controlled by us may be one of the assets transferred to third parties. If a change happens to our business, then the new owners may use personal data in the same way as set out in this privacy notice.
  • To any other third party for whom data subjects or customers have given prior consent

Liability in cases of onward transfers
ZF has responsibility for the processing of personal information that it receives under the Data Privacy Framework Principles and which ZF transfers to a third party acting on ZF’s behalf. ZF will remain liable if ZF’s agent processes such personal information in a manner inconsistent with Data Privacy Framework Principles, unless ZF proves that it is not responsible for the event giving rise to the damage.

Third Parties connected to our website

We use Google Analytics software to collect information about how you use our website. We do this to help make sure the site is meeting the needs of its visitors and to help us make improvements, for example improving site and content searches. We do not allow Google to share our analytics data.

Google Analytics stores information about:

  • the pages you visit
  • how long you spend on each page
  • how you navigated to the site
  • what you click on while you’re visiting the site

We use YouTube to provide videos on some pages of the site. YouTube sets cookies when you visit one of these pages to count the views of embedded YouTube videos.

Neither of these third parties collects or store your personal information (for example your name or address) so this information can’t be used to identify who you are.

Confidentiality and Security Safeguards

Zenger Folkman takes technical, contractual, administrative and physical steps to protect against unauthorized access to, and disclosure of, personal identifiable information (“PII”). These steps can include firewalls, secure socket layer (SSL) encryption, physical security, password authentication, etc. To learn more, you may request a copy of our current Security Policy.

Cookies

What is a Cookie?
A cookie is a small file, or files on your computer, phone, or other devices with a browser to save snippets of text for reference by the website you are visiting. All cookies have expiration dates in them that determine how long they stay in your browser:

Session cookies – these are temporary cookies that expire (and are automatically erased) whenever you close your browser. For example, we use session cookies to grant access to multiple pieces of content.
Persistent cookies – these usually have an expiration date and so stay in your browser until they expire, or until you manually delete them. For example, we use persistent cookies to better understand usage patterns so that we can improve the site for our visitors and provide relevant content in the future.

How does Zenger Folkman use cookies?

Zenger Folkman and our analytics provider use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, track visitors’ movements around the website, and to gather demographic information about our visitor base as a whole. We receive reports based on the use of these technologies on an individual and aggregated basis. Visitor usage data is anonymous unless certain actions have taken place on our website, such as form submission. These actions allow our application to connect cookie data to a personal contact profile.

Visitors can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited.

Data Retention

PII in our Assessment Database
ZF will retain PII in our assessment database indefinitely, or until you or your employer request that we remove it.  This policy allows Participants to do follow-up assessments to evaluate progress over time, and allows employers to do analysis of company trends.

All other PII
ZF will retain PII on our systems only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.  ZF will retain and use this personal information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

External Links

Zenger Folkman is not responsible for the privacy policies of web sites to which Zenger Folkman web site may link or for those of any downstream linkages.

Removal of PII

To remove your PII from our systems,

  • If ZF received your PII from your organization, please contact your organization to request this removal.
  • If ZF received your PII directly from you, contact ZF Customer Support at:

California Privacy Rights

Under California Civil Code Section 1798.83 ZF does not share any personal information with third parties for their own direct marketing purposes.

US Individuals

If you are a US individual whose PII we have and you wish to contact us with a question or complaint you may do so by calling or emailing our Customer Support office at:

GDPR FOR EU INDIVIDUALS

The General Data Protection Regulation has been enacted within the European Union to provide specific protections for those individuals who provide personal data from those jurisdictions.

  • ZF will use PII data ONLY for the intended purposes.
  • ZF will notify you in the event of a breach or incident in which your PII data security is compromised.
  • You have the right to contact ZF to request to review, or erasure of your PII data or to request the limitation of use and disclosure of your PII data. (see contact info below)
  • You have the right to file a complaint directly with the appropriate Data Protection Authority.  Please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for information on the identity and location of any specific EU Data Protection Authority.

ZF would greatly appreciate hearing from any EU individuals with a question or complaint regarding the handling of their personal data. We can be reached at:

Data Privacy Framework

The European Commission, Swiss Government and UK Government has determined that the United States does not currently meet their requirements for “adequacy” regarding the processing of EU, UK and Swiss personal data within the United States. Since ZF processes all data in the US, we have self-certified with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce which provide an additional level of security for EU, UK and Swiss data to accommodate adequacy requirements.

For the purposes of Data Privacy Framework compliance, ZF is subject to the investigatory and enforcement authority of the United States Federal Trade Commissions.

EU-U.S. DPF, THE UK EXTENSION, AND THE SWISS-U.S. DPF

ZF complies with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. ZF has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. ZF has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Pursuant to the Data Privacy Framework ZF commits to the following:

  • We acknowledge the right of EU, UK and Swiss individuals to access their personal data. Those persons wishing to exercise this right may do so by contacting ZF Customer Support at the end of this section.
  • ZF utilizes a third party to host and process all assessment data.
  • ZF may be liable for the onward transfer of EU, UK and Swiss personal data to agent third parties unless we can prove we were not a party to the events giving rise to the damages.
  • ZF is obliged to inform EU, UK and Swiss individuals that we may be required to reveal personal data in response to lawful requests from public authorities including to meet national security and law enforcement requirements.
  • ZF will not use, rent, or sell data to third parties for purposes other than those for which the data was provided or subsequently authorized.
  • ZF does not rent or sell PII to non-agent third parties. If this practice should change in the future we will update this policy accordingly and provide individuals with opt-out (for non-sensitive PII) or opt-in (for sensitive PII) as necessary

In compliance with the EU-US Data Privacy Framework Principles, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), ZF commits to resolve complaints about our collection or use of your personal information transferred to the United States pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. European Union, Swiss and United Kingdom individuals with inquiries or complaints should first contact ZF Customer Support at:

ZF has further committed to refer DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.