Privacy Policy

Effective Date: 01/04/2023

Leadership Studies, Inc., doing business as The Center for Leadership Studies (CLS), is committed to protecting and respecting your privacy. This privacy policy is designed to assist you in understanding how any personal data we collect from you, or that you provide us, when you use our website www.situational.com (the “site”) or https://feedback.situtional.com (Situational Leadership® Online), https://portal.situational.com (CLS Portal), the iSitLead® mobile application, https://MyCLS.com, https://mycls.novoed.com or our e-commerce platform www.store.situational.com (collectively our “Services”) will be processed by us. Please read this privacy policy to learn more about the ways in which we collect and use your data. For the avoidance of doubt, our Services are subject to the Terms of Service or Service Agreement. By using our Services, you consent to our collection, use and disclosure of your data as described in this privacy policy. If we make any material changes to this privacy policy, we will notify you in accordance with the process described in the Changes to This Privacy Policy section.

Data We Collect

We collect and/or process the personal data of different categories of people across our Sites and Services. The categories are:

  • Visitor: A person who is visiting our site and who may fill out forms at our site
  • User: A person who uses our Services
  • Learner: A person who takes a course or engages in course activities through Situational Leadership® Online, MyCLS.com, MyCLS.novoed.com, or the SCORM Cloud service
  • Feedback Provider: A person who engages in Situational Leadership® Online for the purpose of completing the LEAD Other assessment on behalf of a learner

Visitor

If you are a visitor, we will collect the data that you provide to us by filling in forms on our site, providing us with your contact details, or by corresponding with us by phone, email, or otherwise. We maintain records of correspondence for such period of time as we believe is reasonably required, except where you tell us otherwise.

We also use cookies on our sites which may collect data as detailed further in a following section.

Users

When you create a User account for one of our Services, we will collect relevant data to set up your account, such as your name, company name, and email addresses to be able to provide the Services. We also collect user data on the web pages and application functionality that you access or visit as part of the Services to the extent required for the proper operation and functioning of the Services. This data is collected to deliver and improve Services and includes content tracking data generated by learners, as described below. The Services may also be directly accessed through other websites. Personal data that you provide or submit to those sites may be sent to the Services in order to allow us to deliver the Services. We process such data under this Privacy Policy.

Learner

When you take a course within one of our Services, we will collect relevant data to set up your account, generally limited to your name, company name, and email address.

Where the course you take has tracking enabled, we will also collect data such as assessment responses, knowledge check scores, the time you spent in training, and other data related to the service we provide you or your organization. We will only use this data to verify status of completion or to assist with using our Service.

Feedback Provider

Certain courses and course activities require learners to request colleagues, managers, peers (collectively referred as “Feedback Providers”) to complete a feedback assessment on their behalf through services such as Situational Leadership® Online. Learners directly input Feedback Provider data such as first name, last name, email address, and professional relation to the learner (e.g., peer, direct report, manager, other). Responses are stored and used to populate reports and/or profiles of the learner as part of the Services we provide.

Data We Automatically Collect by Service

When you access our Services, whether by computer, mobile device, or other device, we automatically collect certain data about your use of the Service. This data may include without limitation: geographical location, IDs of your computer, mobile or other device; bandwidth used; system and connection performance; browser type and version; operating system; referral source; length of visit; page views; IP address or other unique identifier for your computer, mobile phone, or other device using technologies such as cookies from Google Analytics or built-in logging. This data is not linked to your PII, unless you consider an IP address to be PII, as most or all of this data is typically associated with the IP address you were assigned at the time when we collected such data.

Data You Provide to Us

In some situations, you may provide us with your PII. PII could include your name, street address, phone number, email address, answers to security questions, information about your company or business, name and contact information of colleagues, credit card and/or other payment/ordering information, if necessary, and any other data we collect about you that by itself is not PII but combined with PII could be used to personally identify you.

You may provide us with PII when you:

  • Complete a survey
  • Complete an assessment
  • Make a purchase
  • Register for certain Services, or register and/or set up an account/profile to access, visit and/or use certain portions of our site
  • Enter a new feedback provider on Situational Leadership® Online and
  • Make any other transaction with us or in relation to our Services

Cookies

Our sites use cookies to distinguish you from other visitors to provide you with a better experience and to help us improve our sites. By continuing to browse our sites, you are agreeing to our use of cookies as stated below. We also use cookies as part of our Services to the extent reasonably necessary for us to provide these to you and Learners.

A cookie is a small data file placed on the hard drive of your computer when you visit a website. A “session cookie” expires when you end your session (i.e., close your browser). A “persistent cookie” stores information on your hard drive so when you end your session and return to the same website at a later date, the cookie information is still available. A “web beacon” is a small string of code that represents a clear graphic image, a redirect URL, or JavaScript and is used in conjunction with a cookie.

Our sites may use session and persistent cookies. The cookies placed by our server are readable only by us, and cookies cannot access, read, or modify any other data on your computer. We may use web beacons alone or in conjunction with cookies to compile information about your usage of our sites and interaction with emails from us. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to our sites in order to improve our sites and email communications.

Our sites and the Services may contain links to other websites including share and/or “like” buttons. These other websites, services, and applications may set their own cookies on users’ computers, collect data, or solicit personal information. You should refer to their cookie and privacy policies to understand how your information may be collected and/or used.

Preference Cookies

We use preference cookies to collect information about your choices and preferences and to allow us to remember preferred settings and customize our sites accordingly.

Analytical Cookies

We also use analytical cookies to collect information about your use of our sites and to enable us to improve the way our sites work. For example, analytical cookies show us which are the most frequently visited pages on our sites, help us record any difficulties you have with our sites, and show us whether our advertising is effective or not. This allows us to see the overall patterns of usage on our sites rather than the usage of a single person. We use the information to analyze the site traffic, but we do not use information to identify individuals.

Marketing Cookies

We use Remarketing with Google Analytics to advertise online. Third-party vendors, including Google, may show our ads on sites across the internet.

We, and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on someone’s past visits to our website. Remarketing cookies used by us expire after 30 days. To opt out of Remarketing or to control your ad preferences, please click here.

Controlling Cookies

Most web browsers have a “help” menu where you can review how to prevent your browser from accepting new cookies, how to have your browser alert you when you receive a new cookie, or how to fully disable cookies on your browser. You can learn more about cookies at sites like www.aboutcookies.org. If you use your browser settings to block all cookies, you may not be able to access all or parts of our site.

Below is a list of cookies we use on our site:

Cookie Description Duration Type
__atuvc This cookie is set by Addthis to make sure you see the updated count if you share a page and return to it before our share count cache is updated. 1 year Functional
__atuvs This cookie is set by Addthis to make sure you see the updated count if you share a page and return to it before our share count cache is updated. 30 minutes Functional
_ga This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. 2 years Analytics
_gid This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected includes the number of visitors, the source where they have come from, and the pages visited in an anonymous form. 1 day Analytics
_gat This cookie is installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites. 1 minute Performance
BIGipServersj17web-nginx-app_https null Other
uvc The cookie is set by Addthis.com to determine the usage of Addthis.com service. 1 year Analytics
vuid The domain of this cookie is owned by Vimeo. This cookie is used by Vimeo to collect tracking information. It sets a unique ID to embed videos to the website. 2 years Analytics
loc This cookie is set by Addthis. This is a geolocation cookie to understand where the users sharing the information are located. 1 year Advertisement

Cookies Used in Our Services

We also collect user data on the application functionality that you access as part of the Services to the extent required for the proper operation and functioning of the Services. This data is collected to deliver and improve Services and includes e-learning content tracking data generated by learners, as described above. Our Services are governed by our Terms of Service or Service Agreements.

List of cookies we us for Situational Leadership® Online:

Cookie Description Duration Type
detectionCookie No description Session Other
ASP.NET_SessionId Issued by Microsoft’s ASP.NET Application, this cookie stores session data during a user’s website visit. Session Necessary
.ASPXAUTH No description Past Other

 

List of cookies we use for CLS Portal:

Cookie Description Duration Type
ASP.NET_SessionId Issued by Microsoft’s ASP.NET Application, this cookie stores session data during a user’s website visit. session Necessary
CLSPortal No description 77 years Other
.CSRFENCE No description session Other
_ga The _ga cookie, installed by Google Analytics, calculates visitor, session, and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. 2 years Analytics
_gid Installed by Google Analytics, _gid cookie stores information on how visitors use a website while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. 1 day Analytics
_gat_gtag_UA_11292833_5 Set by Google to distinguish users. 1 minute Analytics

 

List of cookies we use for MyCLS.com:

Cookie Description Duration Type
dnn_IsMobile null Other
.ASPXANONYMOUS This cookie is set by ASP.NET. The cookie is used as a unique ID for users to store tracking data within a session, anonymously. 2 days Necessary
language This cookie is used to store the language preference of the user. Functional
__RequestVerificationToken null Other
_ga This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, and campaign data, and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. 2 years Analytics
_gid This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number of visitors, the source where they have come from, and the pages visited in an anonymous form. 1 day Analytics
_gat_gtag_UA_11292833_7 Google uses this cookie to distinguish users. 1 minute Analytics
vuid The domain of this cookie is owned by Vimeo. This cookie is used by Vimeo to collect tracking information. It sets a unique ID to embed videos to the website. 2 years Analytics
ASPXANONYMOUS. This cookie is set by ASP.NET. The cookie is used as a unique ID for users to store tracking data within a session, anonymously. 2 days Necessary

 

List of cookies we use for our online store:

Cookie Description Duration Type
__cfduid This cookie is set by Cloudfare. The cookie is used to identify individual clients behind a shared IP address and apply security settings on a per client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information. 4 weeks Necessary
_y This cookie is associated with Shopify’s analytics suite. 1 year Analytics
_orig_referrer This cookie is set by a website built on Shopify platform and is used in association with a shopping cart. 2 weeks Necessary
secure_customer_sig This cookie is set by websites built on the Shopify platform and is used in connection with customer login. 20 years Necessary
_shopify_y This cookie is associated with Shopify’s analytics suite. 1 year Analytics
_landing_page This cookie is set by a website built on Shopify’s platform and is used to track landing pages. 2 weeks Analytics
_s This cookie is associated with Shopify’s analytics suite. 30 minutes Analytics
_shopify_s This cookie is associated with Shopify’s analytics suite. 30 minutes Analytics
_shopify_fs This cookie is associated with Shopify’s analytics suite. 1 year Analytics
_shopify_sa_t This cookie is set by Shopify and is used for analytics relating to marketing and referrals. 30 minutes Analytics
_shopify_sa_p This cookie is set by Shopify and is used for analytics relating to marketing and referrals. 30 minutes Analytics
_mkto_trk This cookie is associated with an email marketing service provided by Marketo. This tracking cookie allows the website to link visitor behavior to the recipient of an email marketing campaign to measure campaign effectiveness. 2 years Advertisement
_ga This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, and campaign data, and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. 2 years Analytics
_gid This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number of visitors, the source where they have come from, and the pages visited in an anonymous form. 1 day Analytics
test_cookie This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the users’ browser supports cookies. 15 minutes Advertisement
_gat This cookie is installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites. 1 minute Performance
UserMatchHistory LinkedIn is used to track visitors on multiple websites in order to present relevant advertisement based on the visitor’s preferences. 4 weeks Other
lang This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visits the website. Functional
lidc This cookie is set by LinkedIn and is used for routing. 1 day Functional
lang This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visits the website. Functional
bcookie This cookie is set by LinkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page. 2 years Functional
bscookie This cookie is a browser ID cookie set by LinkedIn share Buttons and ad tags. 2 years Advertisement
lissc This cookie is provided by LinkedIn. This cookie is used for tracking embedded service. 1 year Analytics

List of cookies on MyCLS.novoed.com:

Cookie Description Duration Type
XSRF-TOKEN This cookie is set by Wix and is used for security purposes. session Necessary
_origami_production_shared_session No description available. 3 months Other

 

Security

CLS maintains reasonable and appropriate security measures to protect your information from loss, destruction, misuse, unauthorized access, and/or disclosure. These measures help ensure that your data is safe, secure, and only available to you and to those you provided authorized access. However, no data transmission over the internet or information storage technology can be 100% secure. Although we will do our utmost best to protect your personal data, we cannot guarantee the complete security of your data transmitted to our site or otherwise gathered by us; any transmission and supply of personal data to us is therefore at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

Third Parties

We only make use of third parties where this is necessary for us to make our sites available and offer our Services. We only work with third parties that warrant the implementation of appropriate security measures and practices to protect your data.

We use third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and other technology and services required to operate and maintain our sites and the Services. As part of this, we may be required to transfer (some of) your personal information to these vendors and partners.

Situational Leadership® Online, CLS Portal, and iSitLead® user data are hosted on machines managed by Layer 27 at a TierPoint facility based in the United States.

We use Rustici Software, LLC (SCORM Cloud) as our hosting provider of e-learning content accessed via CLS Portal or your organization’s Learning Management System. All SCORM Cloud data is processed in the United States.

The personal information that we collect from you as part of our marketing efforts, including via our sites, is input directly into our Salesforce database, which is hosted and supported in the United States, and our Pardot database, which is hosted and supported in the United States.

Other third-party vendors we use as part of our Services are currently SendGrid (www.sendgrid.com), Shopify (www.shopify.com), Accord LMS (www.accordlms.com), Intuit (www.intuit.com), MHS (https://mhs.com/), and Wiley (https://www.everythingdisc.com).

Except as described in this policy, we will not share, give, sell, rent, or loan any personal information to any third party, unless:

  • It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service of the specific Service, or as otherwise required by law;
  • We are required to do so by relevant laws or regulations; and/or
  • We are acquired by or merged with another company. In this event, we will notify you before information about you is transferred and becomes subject to a different privacy policy

Our sites may, from time to time, contain links to and from the websites of our group companies, partner networks, clients, and/or affiliates. If you follow a link to any of these websites, please note that these websites are subject to their own privacy policies and that we do not accept any responsibility or liability for these sites and policies. Please check those policies before you submit any personal data to these websites.

NovoEd – Learning Platform

Your access as a learner to specific courses may be managed and hosted through our partner, NovoEd. You can determine if you are accessing NovoEd or not by seeing https://mycls.novoed.com on your browser. By agreeing to access a course through the NovoEd platform, you are also acknowledging you have read and agree to NovoEd’s privacy policy which can be found at https://novoed.com/privacy-policy/.

Uses Made of the Information

We use your information for the following general purposes:

  • Sites and Services provisioning
  • Billing, user identification and authentication
  • To provide you with information about Services via email or telephone that you request from us or which we feel may interest you
  • To carry out our obligations arising from any contracts entered into between your Employer Organization (or you) and us or to enable us to answer any query you have raised
  • To allow you to participate in interactive features of our Services when you choose to do so
  • To notify you about changes to our Services
  • To administer our sites and/or the Services (as applicable) and for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes and as part of our efforts to keep our sites and Services safe and secure

How Long Do We Store Your Data?

We will keep a copy of your personal data for as long as you remain registered with our sites, the applicable Services or are the contact person or learner of any customer we are working with and thereafter for such period as may be required for our legitimate purposes and in compliance with any legal, audit, and compliance requirements provided that in certain cases as outlined below under “Your Rights” we may delete such data on your request, and further provided that in regard to Services, our specific Terms of Service or Service Agreement with you or the relevant customer organization may include relevant specific provisions.

Your Rights

We acknowledge and respect your rights as an individual. If you wish to exercise any of your lawful rights or have questions in this regard, please reach out to us via the contact details provided below.

You have the right to ask us not to process your personal data for marketing purposes. You may also choose not to receive publications or certain other communications from us by explicitly indicating so in the appropriate section of the Registration Form or by opting out by phone, email, or via direct marketing emails sent to you.

We will inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to or may disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by (un)checking certain boxes on the forms we use to collect your data. You can also exercise your rights at any time by contacting us at the contact details included in this privacy policy, by unsubscribing per the method outlined in any emails sent, or during any phone calls with you.

You may also have the right to ask us to provide you with data held on you, amend any inaccurate personal data held on you, and/or to delete such data. However, you should be aware that if you request your details to be deleted, this will mean we will have no record of any opting out that you may have requested, and you therefore may receive unsolicited communications in the future. Where we are processing your information on behalf of our customer, you are generally required to exercise any such rights directly with our customer. The customer would be the organization or individual that determines the processing.

Under California Civil Code sections 1798.83 – 1798.84, California residents who have an established business relationship with us are entitled to ask us for a notice describing what categories of personal customer information we share with third parties, for those third parties’ direct marketing purposes, and to opt out of sharing your personal information with third parties for direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties with which it was shared, along with their names and addresses. If you choose to opt-out or would like a copy of this notice, please submit a written request to us at the address stated below. Please allow 30 business days for a response.

Children’s Privacy

The Services are not directed at, or intended for use by children under the age of 18. We do not knowingly allow anyone under 18 to provide any personal information on our site or platform. Children should always get permission from a parent or guardian before sending personal information over the internet. If you believe your child may have provided us with personal information, you can contact our Information Security Officer using the information in the Contact Us section of this privacy policy and we will delete the information.

Notice to California Residents — Your California Privacy Rights

California’s “Shine the Light” law, Civil Code section 1798.83, permits residents of California to request information about how a business shares their information with third parties for direct marketing purposes. However, under that law, a business is not required to provide this information if it has a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt out of such information sharing. We have such a policy, and we will not share your information with third parties for their direct marketing purposes without your consent. If you would like to opt out of our sharing of your information with third parties for their direct marketing purposes or to find out more about your opt-out rights, please contact our Information Security Officer by email or by mail as described in the Contact Us section.

Changes to This Privacy Policy

We may update this privacy policy from time to time by posting a new version on our site. You should visit this page occasionally to ensure you agree with any changes. When we post a revised privacy policy on our site, we will update the “Effective Date” at the beginning of this policy to reflect the date of the changes.

By continuing to use our site after we post any such changes, you accept the privacy policy as modified.

Contact Us

If you have any questions or concerns about this privacy policy, our treatment of your information, or questions or concerns about the General Data Protection Regulation 2016/679 and our treatment of European Union or European Economic Area personal information, please write to our Information Security Officer by email at dataprivacy@situational.com, or by postal mail at:

Attn: Information Security Officer
The Center for Leadership Studies
280 Towerview Ct
Cary, NC, 27513
USA