SAI Global Compliance Website Privacy Statement
(From 3 July 2017)

SAI Global Compliance Website Privacy Statement (updated 6 July 2017)

SAI Global Compliance, Inc., previously known as Compliance and Ethics Learning Solutions Corporation operating as Midi, now owned by SAI Global Ltd., and operating as part of the SAI Global Compliance Division ("SAI Global Compliance", "we", "us" or "our"), takes privacy, confidentiality and data protection seriously. We use the utmost care in handling your sensitive and confidential information. We do this because of our own high ethical standards and the stringent demands of our profession.

This privacy statement discloses our privacy practices and expresses our commitment to keeping you informed about the personal information we collect and how it is used. This privacy statement outlines our personal information handling practices for this website, websites that SAI Global Compliance creates and hosts on behalf of its Customers (“Customer Learning Sites”), our corporate website, ethics hotline sites we operate for Customers, and other sites that reference this privacy statement.

This statement is readily available on our home page and at the bottom of every SAI Global Compliance webpage. Some SAI Global Compliance entities, programs and/or sites may have their own, possibly different, privacy statements. We encourage you to read the privacy statements of each of the SAI Global Compliance websites, our Customer Learning Sites, our Customers' ethics hotline sites or program information you visit or review.

Global Privacy Fundamentals

We abide by the privacy laws in the countries where we do business. This privacy statement describes how we abide by a number of global data protection principles, such as the Australian National Privacy Principles (NPPs) related to the collection, use and disclosure, and secure management of personal information.

Collection of Personal Data

SAI Global Compliance Inc. contracts with client companies and organizations ("Customers") to provide many different compliance related products, services and information to their employees, contractors and other designated individuals ("Users" or "Students") on their behalf, including but not limited educational products ("Learning"), and hotline, incident reporting and case management products. Our privacy practices reflect that SAI Global Compliance Inc. collects personal information to operate effectively and to comply with government regulations. 


Customer Learning Sites

In connection with SAI Global Compliance Inc.'s Customer Learning Sites, the personal information SAI Global Compliance collects will be used only as described in this privacy statement and/or in the way we specify at the time of collection. We will not subsequently change the way your personal data is used without your consent.

SAI Global Compliance needs to acquire limited personal information from either the Customer or Student in order for the Student to participate in training or a related program. This information may include but may not be limited to the following:

  • Student name 
  • Email address 
  • Unique Student identification
  • Department
  • Job title
  • Password and supervisor information
  • Information on student progress
  • Date started
  • Time spent in course
  • Progress/completion data
  • Test results

Student information is treated as confidential information of the Customer and is collected on behalf of and shared with the Customer in accordance with their instructions. At the request of the Customer, SAI Global Compliance may use this information to contact the Student and send notifications, reminders and completion certificates.

SAI Global Compliance does not use Student information for marketing purposes. SAI Global Compliance discloses Student information only to third parties whose services are required to facilitate operation of the Customer Learning Sites, and the information is used only for the purpose for which it was originally collected. SAI Global Compliance does not disclose Student information to any other third parties unless expressly directed by the Customer, a court of law or other legally authorized government official.

In an effort to continually improve its offerings and customer service, SAI Global Compliance examines aggregate data, including (but not limited to) numbers of users, numbers of users completing courses, length of time spent with courses, etc. SAI Global Compliance may include Customer data when it compiles and uses this data. Unless SAI Global Compliance receives prior written approval from the Customer, however, SAI Global Compliance will not release any identifiable data to the Customer.

SAI Global does not collect sensitive personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership or the processing data concerning health or sex life. Further, SAI Global does not collect Social Security numbers, national ID numbers or other similar numbers that may identify a particular individual. SAI does not collect personal account or credit card information or other financial data. 


SAI Global Compliance Corporate Website

Visitors to SAI Global Compliance's public website https://www.saiglobal.com/en-us/risk_and_compliance/ are not required to disclose any personal information. We may track activities of visitors in order to refine and enhance our website and to collect marketing data. If a visitor elects to subscribe to a newsletter, view a Webcast or evaluate SAI Global Compliance courses, personal information will be collected from the visitor for survey and marketing purposes. Information may include: name; title; company; e-mail; phone number and other information. Visitor information will not be shared with, rented to or sold to any third parties.

SAI Global Compliance notifies all identified data subjects about the purposes for which personal data is collected and used. In appropriate situations, however, personal information may be “anonymized” so that the identity of individual data subjects cannot be known. In these cases, SAI Global Compliance will not notify you regarding the purpose for which such data are collected and used. 


Cookies and Other Web Technologies

Like many websites, SAI Global Compliance uses automatic data collection tools, such as cookies, embedded web links and web beacons. These tools collect certain standard information that your browser sends to our website such as your browser type and the address of the website from which you arrived at our website. They may also collect information about your Internet Protocol (IP) address (a number automatically assigned to your computer whenever you are surfing the web, allowing web servers to locate and identify your computer, which is a unique address assigned to your PC by your Internet Service Provider or Information Systems Department on a TCP/IP network) and click stream behavior (for example, the pages you view and the links you click). These tools help make your visit to our website easier, more efficient and more valuable by providing you with a customized experience and recognizing you when you return.

SAI Global Compliance notifies all identified data subjects about the purposes for which personal data is collected and used.  In appropriate situations, however, personal information may be “anonymized” so that the identity of individual data subjects cannot be known.  In these cases, SAI Global Compliance will not notify you regarding the purpose for which such data are collected and used.

SAI Global Compliance also uses cookies. A "cookie" is a small data file transferred by a website to your computer's hard drive. Cookies include session cookies, which are destroyed when your browser is closed, and persistent cookies, which may remain available after the browser is closed, until a specified expiration date. SAI Global Compliance uses session cookies to enable its corporate website and Customer Learning Sites to function as designed. Examples of the types of information SAI Global Compliance stores in session cookies include, but are not limited to, your student ID, which course you are viewing and the courses you have viewed. Depending on how our Customer has chosen to deliver courses to you, certain information may be stored in persistent cookies. This information is limited to a numeric Customer code and information enabling you to resume a course where you left off.

Most browsers will accept cookies automatically from the site. You may refuse to accept cookies by adjusting your preferences on your browser. It should be noted that by doing so, you may be unable to access certain pages or areas of the site.

You can find information on popular browsers and how to adjust your cookie preferences at the following websites:

  • Microsoft Internet Explorer: http://www.microsoft.com/info/cookies.htm
  • Mozilla Firefox: http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html

Apple Safari: Blocks cookies by default. To change click Safari, Preferences, Security and choose your preference. 


IP Addresses

We use IP addresses to help diagnose problems, to administer our website, and to gather demographic information. We may also use IP addresses or other information you voluntarily provide SAI Global Compliance, to determine which pages on our site are being visited and topics that may be of interest to you so we can provide you with information that may be of interest. Generally, SAI Global Compliance will aggregate such data only in an anonymous way and will not tie it to a particular individual unless he or she has given prior consent. When you visit our site, SAI Global Compliance recognizes only your domain name. 


Third-Party Web Tracking

We use third-party web tracking from Yahoo!, Google and other providers of similar tracking services to help analyze where visitors go and what they do while visiting our website. These providers use browser cookies to collect anonymous traffic data. They may also use anonymous information about your visits to this and other related websites in order to improve their products and services and provide advertisements about goods and services of interest to you.

SAI Compliance Group will only gather personal information related to your visit to the SAI Compliance Group and related websites. We do not track or collect personal information from your visits to companies or entities outside the SAI Global Compliance group of companies without your prior consent.

If you would like more information about web tracking and to know your options for not having this information used by these providers, see the policies provided by Yahoo! and Google. 


Links to Other Sites

This site may contain links to other sites for your convenience and information. If you access those links, you will leave SAI Global Compliance website. SAI Global Compliance does not control those sites or their privacy practices, which may differ from SAI Global Compliance's practices. SAI Global Compliance is not responsible for the privacy practices or the content of other websites outside the SAI Global Compliance group of companies. This SAI Global Compliance Online Privacy Statement does not cover the personal data you choose to provide or that is collected from these third parties. We encourage you to review the privacy policy of any company before submitting your personal information. 


Consent

By using this website, you consent to the collection and use of the information as described herein. If we decide to make changes to this privacy statement, we will post the changes on this site so that you will always know what information we collect, and how we use it. 


Sharing Your Personal Data

We do not sell, rent, share or trade your personal information to third parties for marketing purposes unless you have granted us permission to do so. We may share your personal information within the SAI Global Compliance group of companies or any of our subsidiaries or affiliates for purposes of data processing and storage.

The SAI Global group of companies operates a number of websites around the world. Any data and information that you volunteer or that is otherwise collected on one of our sites in any one country may be sent electronically to a server for one of these sites in another country. This sharing of personal information with SAI Global Compliance's affiliates may include combining the personal information gathered by certain SAI websites into one or more database(s) usable by SAI Global Compliance and all of its affiliates. Such export of your personal data is a requirement of providing the data to SAI Global Compliance. By providing any Personal Information to us you fully understand and unambiguously consent to the transfer, processing and storage of such information in the United States of America or other countries where SAI Global Compliance does business.

Companies in the SAI group may use the information internationally in connection with processing requests by Customers. Each of the SAI Global Compliance companies have entered into appropriate model contracts to protect your personal data as it is transferred, processed or stored.

We may respond to subpoenas, court orders, legal process or legal demands by government officials by disclosing your personal data and other related information, if necessary. We also may disclose your personal data when we choose to establish or exercise our legal rights or defend against legal claims.

We only provide third parties with the minimum amount of personal data necessary to provide the services on our behalf, and the third parties are not permitted to use your personal data except for the limited purpose of completing the requested service or transaction.

Circumstances may arise where, whether from strategic or other business reasons, SAI Global Compliance decides to sell, buy, merge or otherwise reorganize businesses. Such a transaction may involve, in accordance with applicable law, the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is SAI Global Compliance's practice to seek appropriate protection for information in these types of transactions.

We may collect and possibly share personal data and any other additional information available to us in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of SAI Global Compliance's terms of use, or as otherwise required by law.

SAI Global Compliance will only share personal data about you that is relevant to our legitimate business purposes or as required to meet legal or regulatory requirements. Your personal data is never sold or leased to any external company, unless you have granted us permission to do so. SAI Global Compliance does not disclose personal information about its employees without specific authorization from or notice to the employee, as provided in this statement, or as required by law. In addition, SAI Global Compliance does not collect more Personal Information than is needed to fulfill the purposes set forth in this Statement, unless requested by an SAI Global Compliance Customer and consented to by the data subject.

Should you withdraw consent to the use of your information for any of the above-identified purposes, we will stop using your information for such purposes as soon as it is reasonably possible to do so. SAI Global Compliance will also notify you if withdrawing consent affects our ability to service you. As a part of our providing services to our Customers, we may share personal data from our Customers with other third parties as instructed by the Customer. We may share the personal data with others solely for the purposes of managing the work we are contracted to manage and for no other reason and will abide by any contractual obligations contained in any Customer agreement related to the sharing of personal data we receive from the Customer. 


Data Integrity

SAI Global Compliance takes reasonable steps to ensure that personal data is accurate, complete and current. Compliance 360 and learning products are self-assessed not less than once per year. 


Security of Your Personal Data

SAI Global Compliance is committed to protecting the personal data you share with us. SAI Global Compliance uses a combination of industry-standard security technologies, procedures, and organizational measures to help protect your personal data from unauthorized access, use or disclosure. SAI Global Compliance supports online security using secure server technology because we want your data to be safe. There are state-of-the-art security arrangements and facilities on SAI Group sites to prevent abuse. We bind our employees to observe your privacy and confidentiality rights.

Student Information and other personal data under our control is protected from unauthorized access, alteration, misuse and loss. Information on Customer Learning Sites is stored on servers located in a secure environment that uses a firewall and a variety of other advanced security technology to discourage interference or access from unauthorized individuals. Only our employees and Customer-designated representatives who need the information to perform a specific job (for example, a system administrator) are given access to the information. Access to this information is protected by password. 


Data Retention

SAI Global Compliance does not retain your personal data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. 


Children's Privacy

This site is not intended for use by children under the age of 13. SAI Global Compliance does not knowingly collect personal data from children under the age of 13. If we learn that we have collected personal data from a child under the age of 13, we will delete that data from our systems. 


Verification

SAI Global Compliance conducts an annual self-assessment in order to verify that this privacy statement is published and implemented within the company and that it conforms to the Safe Harbor Principles. 


Your Information

If you have questions or concerns about your personal information, please contact SAI Global Compliance at

SAI Global Compliance
309 Waverley Oaks Road, Suite 204
Waltham, MA 02452
privacyofficer.compliance@saiglobal.com


Your California Privacy Rights

Residents of the State of California, under California Civil Code § 1798.83, have the right to request from companies conducting business in California a list of all third parties to which the company has disclosed personal Information during the preceding year for direct marketing purposes. Alternatively, the law provides that if the company has a privacy policy that gives either an Opt-out or Opt-in choice for use of your Personal Information by third parties (such as advertisers), for marketing purposes, the company may instead provide you with information on how to exercise your disclosure choice options.

SAI Global Compliance qualifies for this alternative option. We have a comprehensive privacy statement and do not use Student information for marketing purposes. We also provide you with details on how you may either Opt-out or Opt-in to the use of your Personal Information by third parties for direct marketing purposes. Therefore, we are not required to maintain or disclose a list of the third parties that received your Personal Information for marketing purposes during the preceding year.

If you are a California resident and request information about how to exercise your third party disclosure choices, you must send a request to privacyofficer.compliance@saiglobal.com


Dispute Resolution

Any questions or concerns regarding the collection, use or disclosure of your personal information should be directed to the SAI Global Compliance Law Department at privacyofficer.compliance@saiglobal.com. SAI Global Compliance will investigate and attempt to resolve complaints and disputes regarding collection, use or disclosure of personal information in accordance with the principles contained in this policy. SAI Global Compliance also agrees to participate in required dispute resolution procedures of the European Oath Protection Authorities to resolve disputes involving E.U. citizens. 


Additional Information

If you have any questions about this privacy statement, the data practices of SAI Global Compliance Webiste or dealings with SAI Global Compliance, please contact us at:

SAI Global Compliance
309 Waverley Oaks Road, Suite 204
Waltham, MA 02452
privacyofficer.compliance@saiglobal.com


Changes to this Statement

If we change our privacy statement, we will post the revised statement here, with an updated revision date. If we make significant changes to our statement, we may also notify you by other means, such as sending an email or posting a notice on our home page. Your continued use of the SAI Global Compliance Website after any change will signify and confirm your assent to those changes.

Previous versions are available to view here: