I. Notice Principle.
QTurn participates [pending certification] in the Privacy Shield framework ([pending certification]), which can be verified by consulting the Privacy Shield List ([pending certification]).
II. Choice Principle.
Individuals who have provided data used by QTurn have the right to choose whether or not their personal data (a) is disclosed to a third party for uses other than the purpose(s) for which it was originally collected (e.g., program evaluation) or (b) used for a purpose that is materially different from the purpose(s) for which it was originally collected. QTurn never uses, or discloses to a third party for their use, any individual’s data for purposes (e.g., marketing) other than for which it was originally collected.
III. Onward Transfer Principle.
We do not disclose PII to third parties, and third parties (e.g., data analytic consultants) who may process de-identified (aka, anonymized) program evaluation data are required and contracted to commit and adhere to the same Privacy Shield principles used by all QTurn management, staff, and consultants. In the event that QTurn transfers any personal information onward to third-party consultants, QTurn retains responsibility and liability for that third-party’s compliance with all Privacy Shield principles.
IV. Security Principle.
We do not collect personal information from people who visit our website. Any personal information we collect or process pertains only to the organizations or people who participate in the research or continuous quality improvement processes involving educational activities related to schooling, out-of-school time programs, or home health and education services. These data generally include information about the continuous quality improvement behavior of program staff (e.g., reviewing program policies and planning with data) and the socio-emotional behavioral skills (e.g., emotion management and teamwork) of children and youth who participate in these programs that are typically used for purposes of program evaluation. All such data are stored in electronic files saved to QTurn’s password-protected server and processed on password-protected computers.
QTurn reserves the right to disclose personally identifiable information in response to lawful requests by public authorities, as required by law (e.g., where complying with a court order or other legal proceeding served on QTurn).
V. Data Integrity and Purpose Limitation Principle.
As standard practice, we require incoming datasets to be void of personally identifiable information (pii) and, otherwise, remove all pii prior to analyzing the data. In cases where tracking organizations or people over time is required, we ask data controllers to assign unique identification codes to organizations and people and retain in a secure location any pii related to these organizations and people that are necessary for subsequently matching organizations or people to their corresponding identification codes. If the data controller fails to complete this process for data received by QTurn, we complete this process and store the matching information in a password-protected file, in a password-protected folder, on a password-protected server, each of which is accessible only to QTurn management.
We process all data only for the purposes for which the data were collected (e.g., program evaluation) and retain these data only for as long as required to complete a given project.
VI. Access Principle.
Individuals who have provided data used by QTurn have the right to access, correct, amend, or delete information controlled or processed by QTurn that is inaccurate or has been processed in violation of the Privacy Principles. Individuals who wish to access, correct, amend, or delete their data from files controlled or processed by QTurn should send such requests to QTurn via the following contact page: www.qturngroup.com/contact-us/
VII. Recourse, Enforcement and Liability Principle.
VIII. Supplemental Principles.
QTurn also complies with all applicable Privacy Shield supplemental principles, the details of which can be found using the following hyperlinks:
- Sensitive Data
- Journalistic Exceptions
- Secondary Liability
- Performing Due Diligence and Conducting Audits
- The Role of the Data Protection Authorities
- Human Resources Data
- Obligatory Contracts for Onward Transfers
- Dispute Resolution and Enforcement
- Choice – Timing of Opt Out
- Travel Information
- Pharmaceutical and Medical Products
- Public Record and Publicly Available Information
- Access Requests by Public Authorities