Effective Date: December 2022
The Information Architecture Group (dba IAG Consulting) is the entity that primarily controls the website you are visiting. IAG Consulting and its subsidiaries and affiliates (“IAG”) respect your privacy and are committed to protecting your personal data.
IAG is committed to uphold the highest ethical standards in its business practices and strives to collect, use and disclose personal information in a manner consistent with the laws of countries in which it does business.
This privacy notice will inform you about how we look after your personal data when you visit our website (regardless of where you visit it from), handle your personal data in connection with this website, and tell you about your privacy rights and how the law protects you.
It also describes your choices regarding use, access and correction of your personal data. This privacy notice is provided in a layered format so you can click the numbered links (above) to the specific areas of interest (below). Please also use our Glossary at Section 11 for definitions of some of the terms used in this privacy notice.
It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice complements the other notices and is not intended to override them.
IAG is the entity that is the controller of, and responsible for, the contact information we collect in connection with our marketing initiatives and employment opportunities that often originate with our website located at iag.biz.
We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice or would like to exercise your rights in your personal data, please contact our DPO using the details set out below.
This version is intended to outline and provide mechanisms for exercising your related rights under the legal frameworks in the EU and UK that went into effect on May 25, 2018, and in Californians that went into effect on January 1, 2020.
We may update this privacy notice and its last updated date to reflect changes to our data governance practices. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
This privacy notice applies to any IAG website, application, product, service, or tool (collectively “Services”) where this privacy notice is referenced, regardless of how you access or use them, including through mobile devices.
This privacy notice is intended to give you information on how IAG collects and processes your personal data through your use of any of our Services, including any data you may provide through this website when you purchase a product, course or service, sign-up to a newsletter, participate in a webinar, or download a resource. It also applies to any other communication we may have with you.
Note that our website and Services may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Services, we encourage you to read the privacy notice of every website you visit.
This website and our Services are not intended for children and we do not knowingly attempt to solicit or receive information from children or relating to children.
If you have a question or a complaint about this privacy notice, our global privacy standards, or our information handling practices, you can reach the IAG Data Protection Office in writing at: Privacy Office, IAG Consulting, 1201 N. Market Street, Suite 111, Wilmington DE 19801.
You can also email our Data Protection Officer at email@example.com
Consumers in North America may also reach us by phone at (302) 691-9497
We do not discriminate against any consumer based on the exercise of their consumer rights.
INFORMATION WE COLLECT
We may collect, use, store and transfer different kinds of personal data about you which may be categorized as follows:
- Identity Data which includes first name, last name, username or similar identifier, title, your employer.
- Contact Data which includes business address, corporate or personal email address and telephone numbers. (e.g., postal address for billing, physical address for shipping materials)
- Technical Data which includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Usage Data which includes information about how you use our website, products, and services.
- Marketing and Profile Data which includes your needs and interests related to our products and services, preferences in receiving marketing from us and select third parties, your communication preferences, and responses to assessments, surveys, and sales questions.
- Aggregated Data which include statistical or demographic data for various purposes.
Additionally we may collect, use, store and transfer Aggregated Data which may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
INFORMATION WE DO NOT COLLECT
We do not ask for nor do we collect or process:
- Sensitive personal information
- Special Categories of Personal Data which includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data, or information about any criminal convictions and offences.
HOW WE COLLECT YOUR PERSONAL DATA
We use different methods to collect personal data from and about you including through:
- Direct interactions. You may share with us some of your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: inquire about our products or services; apply for a job opening; request marketing to be sent to you; enter a competition, promotion or survey; or give us some feedback.
- Third parties or publicly available sources. We may receive analytics and advertising data about you from the sources listed below, as well as, other vendors and public sources. Please use the following links for more information about how these third parties collect and use personal data: Microsoft | Google | LinkedIn | salesforce.com
WHEN WE COLLECT YOUR PERSONAL DATA
You or your employer may give us, or we may collect, Identity, Contact, Technical, Usage, Marketing, and Profile Data:
- When you or your employer purchase or register for a product or service
- When you or your employer express an interest in a product or service in business communications with IAG in person, via phone, email, or other forms of communication
- When you access Products, or Resources, or participate in Services such as engagements, training courses, webinars, meetings, or projects, either during in-person interactions or through on-line discussions, communications, or chats.
- Including authenticating through a third party, or using a social media account or connecting your account with the respective social media site. In such cases, those social media sites may give us automatic access to certain personal information retained by them about you. You control the personal information you allow us to have access to through the privacy settings on the applicable social media site and the permissions you give us when you grant us access to the personal information retained by the respective social media site about you. By associating an account managed by a social media site with your account and authorizing us to have access to this information, you agree that we can collect, use and retain the information provided by these social media sites in accordance with this privacy notice. We may also use plug-ins or other technologies from various social media sites. If you click on a link provided via a social media plug in, you are voluntarily establishing a connection with that respective social media site.
- When you visit and take actions on our website, advertising, or email content
- Or when you otherwise correspond or communicate with us
The following table describes the reasons for collecting different types of data, which of the legal bases we rely upon, and (where appropriate) what our legitimate interests are in doing so.
|Type of data
|Lawful basis for processing including basis of legitimate interest
|A. To register you as a new customer or contact
|B. To manage our relationship with you (before or after service delivery) which may include:
(i) Proposing solutions to your needs
(iii) Asking you to leave a review or take a survey
(c) Marketing and Profile
|C. To deliver products and services to you which may include:
(d) Marketing and Profile
|D. To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
(d) Marketing and Profile
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
YOUR CHOICES ABOUT HOW WE USE YOUR PERSONAL INFORMATION
We endeavor to provide you with choices regarding certain personal data uses, particularly around marketing and advertising and also how we provide you with individualized Services and relevant information. We have established an Email Preference Center where you can view and make certain decisions about your personal data. If you have any other questions about this privacy notice or would like to exercise your rights in your personal data (see below), please contact our DPO (see above).
There are some instances, however, where the processing of your information may be limited or determined by others. If your data was provided to us by your employer (or other party paying for our Services on your behalf), we will process the data based on the legitimate interests of your employer in having us provide Services to you in the context of that relationship. We may also process your personal information with regards to our legitimate interest in compliance and maintaining business records. You have a right to object to the processing of your personal information in these circumstances by contacting us at firstname.lastname@example.org.
MARKETING AND PROMOTIONS
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (i.e., marketing).
You may receive marketing communications from us if you or your employer has provided us with relevant information in ways including but not limited to requesting information from us, purchasing products or services from us, communication with us, entering in a competition, or registering for a promotion.
We use this Personal Data to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You may ask us to stop sending you marketing messages at any time by checking or unchecking relevant boxes to adjust your marketing preferences or by following the “Unsubscribe” links on any marketing message sent to you.
Where you opt-out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
You may ask a third party to stop sending you advertising or marketing messages at any time as well by managing your advertising preferences on their sites. Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.
Applicable law in certain countries provides, and this Privacy Statement sets forth, the legal basis upon which we rely in order to process personal data.
Legitimate interests: We may rely on our legitimate interests to process your personal data, provided that our interests are not overridden by your interests, fundamental rights, or freedoms. In particular, we may process your personal data in reliance on a legitimate interest in the effective and lawful operation of this Site and our businesses, as well as the effective delivery of information and services to you. We may have other legitimate interests and, if so, we will make clear what those interests are at the relevant point in time.
Performance of a contract: IAG delivers business and IT training to end user students on the basis of a contract with our customers. These contracts provide for the use of personal data of end user students, such as name, email address, and job title, as necessary to effectuate training delivery.
Compliance with legal obligations: We may process your personal data if necessary for us to comply with a legal obligation arising under an applicable law. Processing any “special” or “sensitive” categories of personal data relating to you will occur because either: (i) you have given us your explicit consent; (ii) it is necessary for the establishment, exercise, or defense of a legal claim; or (iii) you have made the data manifestly public.
We use your personal information to provide and improve our Services, provide you with a personalized experience in using our Services, contact you about your account and our Services, provide you customer service, provide you with personalized advertising and marketing, and to detect, prevent, mitigate and investigate fraudulent or illegal activities.
If we received your personal information from an employer in connection with the provision of Services, we will use that information to communicate with you and provide the Services. We may also provide information about your use of the Services to your employer.
Information about Services provided to a specified individual may appear in invoices and other financial records. We may also process and retain personal information for purposes of compliance with laws and regulations.
We respect your right to access, correct, request deletion or request restriction of our usage of your personal information as required by applicable law. We also take steps to ensure that the personal information we collect is accurate and up to date.
- You have the right to know what personal information we maintain about you
- We will provide you with a copy of your personal information in a structured, commonly used and machine-readable format on request
- If your personal information is incorrect or incomplete, you have the right to ask us to update it
- You have the right to object to our processing of your personal information
- You can also ask us to delete or restrict how we use your personal information, although this right is determined by applicable law and may impact your access to some of our Services
HOW WE MIGHT SHARE YOUR PERSONAL INFORMATION
We may disclose your personal information to other members of the IAG corporate family or to third parties.
More specifically, we may provide personal data
- to others as directed by you
- to third-party postal carriers and couriers to deliver courseware and other pertinent communication
- to employers or other parties providing funding for Services
- to third parties contracted by us for printing and distribution of course materials and other relevant information
- to comply with local laws, such as third-party screening for export compliance
- to consultants or course instructor(s) involved in the delivery of Services
- to third-party platform providers in association with virtual course delivery
- to third-party companies providing invoicing and/or marketing services
- to third-party companies providing quality control services and/or conducting course satisfaction or other surveys
External Third Parties as set out in the Glossary.
We do not sell, rent, or otherwise disclose your personal information to third parties for their marketing and advertising purposes without your consent.
IAG utilizes cloud technologies hosted in North America. We use leading industry providers of cloud hosting.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may aggregate your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We protect your personal information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Cookies are small text files containing a string of characters that can be placed on your computer or mobile device that uniquely identify your browser or device.
Cookies allow a site or services to know if your computer or device has visited that site or service before. Cookies can then be used to help understand how the site or service is being used, help you navigate between pages efficiently, help remember your preferences, and generally improve your browsing experience. Cookies can also help ensure marketing you see online is more relevant to you and your interests.
There are generally three categories of cookies: “Necessary,” “Performance,” and “Preference.” IAG uses all three categories of cookies in connection with its web-based Services.
- Necessary Cookies. These cookies are essential, as they enable you to navigate the Services and use important features, such as accessing your courses.
- Preference Cookies. IAG and our third-party partners may use these types of cookies to deliver content that is relevant to your interests. These cookies can remember that your device has visited a site or service, and may also be able to track your device’s browsing activity on other sites or services other than on the IAG Services. This information may be shared for the purpose of providing aggregate usage statistics and testing of the Service.
The length of time a cookie will stay on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay on your computer or mobile device until they expire or are deleted.
First-party cookies are cookies that belong to IAG, third-party cookies are cookies that another party places on your device through the Services. Third-party cookies may be placed on your device by someone providing a service for IAG, such as remote labs or virtual classroom connectivity.
Most internet browsers are initially set up to automatically accept cookies. If you do not want our Services to store cookies on your device, you can change your browser settings so that you receive a warning before certain cookies are stored. You can also adjust your settings so that your browser refuses most of our cookies or only certain cookies from third parties. You can also withdraw your consent to cookies by deleting the cookies that have already been stored.
If you disable the cookies that we use, this may impact your experience while using the Services, for example you may not be able to access certain functionality of the Services or you may not receive personalized information.
If you use multiple different devices to view and access the Services (e.g., your computer, smartphone, tablet) you will need to ensure that each browser on each device is adjusted to suit your cookie preferences.
The procedures for changing your settings and cookies differ from browser to browser. If necessary, use the help function on your browser or click on one of the links below to go directly to the user manual for your browser.
You can find out a great deal of additional information about cookie settings at third-party sites, such as www.allaboutcookies.org.
SPECIAL RIGHTS AND INFORMATION FOR CALIFORNIA RESIDENTS
Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights around IAG’s collection, use, and sharing of their personal information. IAG does not sell your personal information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. Similarly, we do not offer financial incentives to California residents associated with our collection, use, or disclosure of your personal information.
IAG collects various categories of personal information when you visit our Sites, including identifiers, commercial information, internet or other electronic network or device activity information, geolocation data, and professional information. A more detailed description of the information we collect and how we use it, the categories of third parties with whom we share personal information, and what information may be shared under different circumstances is contained in the policy above.
If you are a resident of California, you have the right to request to know what personal information has been collected about you, and to access that information. You also have the right to request deletion of your personal information, though exceptions under the CCPA may allow IAG to retain and use certain personal information notwithstanding your deletion request. You can learn more about how to submit a data rights request through contact details located within this policy. You may also send your request by email to us at the addresses below. We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.
Separate from the CCPA, California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you unless you request such disclosure. If you have any questions regarding this policy, or would like to change your preferences, you may contact us at the address listed in this policy.
SPECIAL RIGHTS AND INFORMATION FOR EU, UK AND SWISS USERS
From May 25, 2018, the processing of personal data of individuals in the European Union is subject to the EU General Data Protection Regulation (“GDPR”). This section provides information relating to EU users’ rights and IAG’s obligations under the GDPR.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
IAG processes personal data relating to EU customers on one or more of the lawful bases specified in the GDPR.
- The processing is necessary for entering into or performing a contract with you.
We need to process personal data relating to you in order to activate and register products, ensure products and services you use are working as they should, maintain and improve products, answer to questions and requests from you, and provide customer support.
- The processing is necessary for IAG’s legitimate interests. We process usage data to support website functionality, detect and prevent fraud; to protect and defend the rights or property of other customers or third parties, or our own rights and interests. We consider your rights and freedoms when doing so and de-identify personal data to the largest extent practicable. We may also process your personal data to meet regulatory requirements, and to respond to lawful requests, court orders, and legal processes.
- The processing is necessary to meet IAG’s legal obligations. We may need to process your personal data to comply with relevant EU or Member State laws.
- Consent. IAG processes some personal data based on consent. We often do this for our direct marketing communications. You can unsubscribe at any time by following the instructions here http://www2.iag.biz/unsubscribe/u/464.
- The processing is necessary for entering into or performing a contract with you.
If you are an IAG customer within the EU, you have the rights described below with respect to IAG’s processing of your personal data.
- Right of access and explanation: You have the right to receive an explanation of what data IAG has about you and how it uses this data. You have the right to receive a copy of the personal data IAG has about you.
- Right of rectification: If you believe certain information that IAG processes about you is inaccurate or incomplete, you have the right to have this information corrected.
- Right to erasure: You have the right to request to have your data permanently deleted by IAG.
- Right to object: You have the right to object to IAG’s processing of your personal data based on legitimate interests on grounds relating to your particular situation. IAG may continue to process your personal data notwithstanding the objection to the extent permitted under GDPR. You also have the right to object to IAG’s processing of your personal data for direct marketing purposes.
- Right to restriction of processing: You have the right to request that IAG restrict the processing of your personal data in certain situations where you feel the processing is inappropriate.
- Right to portability: You have the right to request portability of personal data that you have actively or passively provided to us (which does not include data derived or inferred from collected data), where the processing of such personal data is based on consent or a contract with you and is carried out by automated means.
- Right to complain to the supervisory authority: You also have the right to file a complaint regarding IAG’s processing of your personal data with the Data Protection Commission, the Irish Supervisory Authority. Their contact information is Data Protection Commission, 21 Fitzwilliam Square, Dublin 2 D02 RD28, Ireland, Phone: +353 57 8684800, +353 (0)761 104 800.
- Right to withdraw consent: Where processing is based on consent, you have a right to withdraw consent at any time. Use of our Sites and our products as described in IAG’s Privacy Statement is voluntary.
To invoke any of these rights, please contact us via phone, email, or postal mail by using the contact information below.
We will only transfer your personal data from the European Economic Area (EEA) to countries outside the EEA, on the basis of appropriate safeguards. When IAG transfers data internationally we rely on
- Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR), or
- Standard Contractual Clauses issued by the European Commission (2010/87/EU, 2001/497/EC or 2004/915/EC).
We may update this privacy statement from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
Lawful Basis means the interest of our organization in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law).
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
External Third Parties include, but are not limited to, Microsoft, Google, LinkedIn, Salesforce.com, Mural, QuestionPro, Olark as further described above.
Data Subject means an identified or identifiable natural person
Controller means the natural or legal person (i.e., corporation) which, alone or jointly with others, determines the purposes and means of the processing of personal data
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
Personal Data means any information relating to a data subject who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that data subject.
Product means any item manufactured, produced, developed, or refined by IAG that may be sold, included in a Service, or provided free-of-charge, shipped or downloaded to a client end-user. This includes, but is not limited to Courses, Software, Applications, Webinars, Samples, Templates, Reports, Kits, Publications, and other resources.