Overview

At Intellek, the protection of Personal Data is paramount. The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that came into force on May 25th, 2018. Intellek welcomed this law as an important step forward in streamlining data protection requirements across the European Union and as an opportunity for Intellek to deepen our commitment to data protection.

Processor vs Controller

Intellek is the Data Processor for all cloud-based solutions and services that form part of the Principal Agreement, between Intellek and the Licensee, including, but not limited to, Intellek LMS, Intellek Learn (eLearning and Assessments), Intellek Create and Intellek Deliver. Intellek is the Data Controller for the purposes of marketing and monitoring Intellek solutions and services.

As the Data Processor Intellek Shall:

use only processors providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.
not engage another processor without prior specific or general written authorization of the controller and ensure that the same data protection obligations as set out in the contract with Intellek and the third-party processor.
provide all Data Controllers with a copy of the Intellek the Data Processor document and the GDPR Terms and Conditions Addendum, that sets out the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller.

As the Data Controller Intellek Shall:

be accountable for compliance with data protection principles as listed in Article 5(1)): Lawfulness, fairness and transparency; Purpose limitation; Data minimization; Accuracy; Storage limitation; and Integrity and confidentiality.
ensure that any Data Processor Intellek uses carries out lawful processing.
ensure requests for consent to be presented in a manner clearly distinguishable from other matters and in an intelligible and easily accessible form.
ensure information and communications related to data requests and rights of erasure are concise, transparent, intelligible and in an easily accessible form, given without undue delay/within one month of receipt of request.

The Right to be Informed

Where Intellek acts as the Data Controller, Intellek understands the importance that each individual has the right to know how their data is being processed and why, you can contact us via our website. Where Intellek is the Data Processor, the request must be submitted by the Licensee, the Data Controller.

The Right of Access & Rectification

Where Intellek acts as the Data Controller, Intellek understands that each individual has the right to request a copy of the data that Intellek has on file. A Data Access Request can be made via our website. If any of the data Intellek holds is inaccurate, Intellek will act on all rectification requests in a timely manner, and aims to do this within 30 days, at a maximum. Where Intellek is the Data Processor, the request must be submitted by the Licensee, the Data Controller.

The Right to Erasure

Where Intellek acts as the Data Controller, Intellek warrants to comply with an individual’s request for the deletion or removal of personal data from all products and services. A Rights to Erasure request can be made via our website. Where Intellek is the Data Processor, the request must be submitted by the Licensee, the Data Controller.

The Right to Restrict Processing

Where Intellek acts as the Data Controller, should an individual wish to object to the processing of their personal data, an individual can submit an unsubscribe request to solutions@Intellek.io. Where Intellek is the Data Processor, the request must be submitted by the Licensee, the Data Controller.

The Right to Data Portability

Whether Intellek is acting as the Data Processor or Data Controller, Intellek shall provide confirmation and access within one month of receipt of the request, at no charge; and provide the data in a commonly used electronic format and securely transferred.

Data Protection Officer (DPO)

Intellek has appointed the Head of Network and Security as Intellek’s DPO. If you have any questions or concerns about the way we collect and process your data, please direct your correspondence to the DPO, by email to: dpo@Intellek.io.

Information Security Code of Practice

All Intellek employees and contractors, irrespective of global location, are aware of their responsibilities under the GDPR and will have had a two-hour session of intensive GDPR training, this follows departmental Head training delivered by outside consultants specializing in data privacy. Moving forward, all Intellek employees and contractors are trained on GDPR compliance at induction, and at a minimum, a refresher will be scheduled every calendar year following induction. It is essential that Intellek’s information-handling systems and information are secure and confidential. Intellek employees and contractors are aware of the processes and best practices, and have all read and confirmed receipt of the Information Security Code of Practice.

Security

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Intellek and each Intellek Affiliate shall in relation to the Licensee’s Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR. In assessing the appropriate level of security, Intellek and each Intellek Affiliate shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

Personal Data Breach

Intellek will notify the Licensee within 72 hours following Intellek becoming aware of the breach and follow the internal Data Breach Response Plan. Intellek will complete the Personal Data Security Breach Notification Form and submit to the Licensee and share a copy with the Licensee detailing:

the nature and the likely consequences of the Personal Data Breach,
the categories and numbers of Data Subjects effected by the Personal Data Breach,
the measures taken or proposed to be taken to address the Personal Data Breach.

Data Protection by Design and by Default

The solutions and services Intellek provides to the Licensee are enhanced based on requests from the Licensee. Intellek will discuss the development request, and in some cases, scope new development with the Licensee. However dummy data is used during all development. Intellek does not use any Personal Data during the development process.

Any enhancements made to the solutions and services Intellek provides will be developed with data protection compliance in mind, and that this may require the Licensee assisting with the Data Protection Impact Assessment (DPIA).

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time.
rc::a	never	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
rc::c	session	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
_cfuvid	session	Calendly sets this cookie to track users across sessions to optimize user experience by maintaining session consistency and providing personalized services
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.

Cookie	Duration	Description
SRM_B	1 year 24 days	Used by Microsoft Advertising as a unique ID for visitors.
_calendly_session	21 days	Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
_uetsid	1 day	Bing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid	1 year 24 days	Bing Ads sets this cookie to engage with a user that has previously visited the website.

Cookie	Duration	Description
CLID	1 year	Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
SM	session	Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains.
_clck	1 year	Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID.
_clsk	1 day	Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and verify ads' clicks on the Bing search engine. The cookie helps in reporting and personalization as well.
MUID	1 year 24 days	Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
VISITOR_INFO1_LIVE	6 months	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
VISITOR_PRIVACY_METADATA	6 months	YouTube sets this cookie to store the user's cookie consent state for the current domain.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.

Cookie	Duration	Description
cf_clearance	1 year	Description is currently not available.
__worker-ppc-production-session-93753a85-3751-5dc9-8a25-814f92c6536f	past	Description is currently not available.

GDPR Compliance Statement