Privacy policy

I. BrainElem Holdings' objectives

BrainCore Solutions undertakes scientific research based on an understanding of the mechanisms of the human brain during learning. We develop products and services to perform cognitive profiling and help users perform in academic and professional environments. We therefore collect psychometric data used to calibrate educational diagnostics and measure NAD (Neuro Activated Diagnostic) values. These values are used to determine the educational coaching solutions to be implemented. At BrainElem Holdings we fully respect your right to privacy. Consequently, we do not share any of your data with third parties other than the institution or company you have authorized or mandated to carry out the NAD diagnosis. Once the tests have been carried out and returned, you may request that they be destroyed. BrainElem Holdings only retains anonymized statistical data (numbers without names), which are used to calibrate and validate cognitive profiles.

II. What has changed and why.

The General Data Protection Regulation (GDPR), a new text adopted by the European Union (EU), will come into force on May 25, 2018. This text imposes new obligations on companies that process the personal data of EU citizens. We have therefore updated our General Terms and Conditions to explain the relationship with our users in greater detail. The updated Privacy Rules and Terms and Conditions clearly describe the key terms of our data processing practice and collaboration with organizations using our tools.

III. Effective date

 For our existing users, these updates will take effect on May 25, 2018.

IV. The provisions we are putting in place

Here are the main actions we have taken to comply with the new European text:

• The creation of a processing register - In accordance with Article 30 of the new RGPD text, we have set up a register of data collection and processing activities. We have drawn up a census of all our personal data collection processes and mapped those that require human resources-related processing, for each identified purpose and sub-purpose.
• Data minimization - In accordance with Article 5, we guarantee to collect only data that is adequate, relevant and strictly necessary for the purpose of processing, in line with the principle of data minimization.
• Revision of transparency and traceability procedures - we are improving and updating our internal guidelines, as well as our contracts with customers and suppliers, to enable full transparency on the data collected and ensure that third parties who have access to our services use this data in full compliance. To this end, we have required our users to undergo BrainCore Solutions-certified training in order to guarantee the application of our ethical charter.
• Guaranteed high levels of security and confidentiality - Our commitments to the security and confidentiality of our data are already standardized in our contracts and our ethical charter for users of our solutions. We continue to strengthen these procedures to guarantee maximum data protection and security. We would like to point out that BrainElem Holdings uses servers located in Germany to guarantee top-of-the-range hosting conditions, with an infrastructure at the cutting edge of technology in terms of security and energy. By implementing improvements to the way we collect and process our data, BrainElem Holdings is displaying its transparency in order to fully comply with the new GDPR directives when they come into force on May 25, 2018. For more information, you can access our full terms and conditions.

Personal Data Protection

BrainCore Solutions refers to the solutions published by BrainElem SA that enable schools, organizations and companies to create:

• Student or colleague pedagogical profiles and recommendations, based on online tests, created according to the Nemesis © methodology,
• Based on test results and pedagogical profiles, recommendations for interventions with students or colleagues, in the classroom or office, and for coaching, using an objective monitoring and management solution based on Brain Force © ("MBO"). BrainElem Holdings Education © is made available to BrainElem SA customers via a remotely accessible hosted application service located on the https://www.brainelem.com domain.

I

The personal data administrator is BrainElem Holding SA, Route de l'Ile-au-Bois 3, 1870 MONTHEY, SWITZERLAND.

II

For all matters relating to the processing of personal data, including the exercise of user rights, please contact the Data Protection Officer at the following e-mail address: info@braincore.ch

III

The Administrator processes personal data in order to perform the contract (processing test data and sharing its results, including to process complaints and resolve technical problems). The Administrator will also process personal data for purposes resulting from legitimate interests it is defending. This legal basis for the processing of personal data applies in all cases where their processing is justified by the need to guarantee the security of the service, to improve the services and to adapt them to the needs and convenience of the Buyer. Currently applicable legal provisions also oblige the Administrator to process personal data for tax and accounting purposes.

IV

The provision of personal data (e.g. surname, first name, telephone number, e-mail address) is voluntary, but may be a prerequisite for the conclusion and/or performance of the contract. If you do not provide your personal information, BrainCore may not be able to provide test results:

V

Personal data is used by the administrator himself. In the course of its activities, the service provider may collect and process the customer's personal data (mainly contact details and information about them). The service provider undertakes to comply with all applicable laws and/or regulations regarding the protection of personal data. In particular, the service provider undertakes to:

• Allow the customer to access, modify, correct or delete the customer's contact information, if necessary;
• Adopt all reasonable technical and organizational measures to maintain the confidentiality and integrity of the customer's contact information and to prevent unauthorized disclosure, access or use; and
• Not transfer the customer's contact information to a third party without the express consent of the person to whom the customer's contact information is associated. Personal data may also be made available to state institutions and bodies authorized to do so on the basis of generally applicable law.

VI

Data security - safeguards. The service provider will ensure that the data entered via the services and the results are stored and secured for the duration of the contract. In the event of accidental loss or destruction, the service provider will restore lost data from backups recent to the date of data loss. The service provider will make every effort to implement the technical and organizational measures necessary to ensure an appropriate level of data and performance security, and in particular to protect against accidental or unlawful destruction, accidental loss, modification, unauthorized disclosure or access.

VII

At the customer's written request, after expiry of the contract or in the event of early termination of the contract for any reason whatsoever, the service provider and its subcontractors will provide the customer with a copy of all its available data and results in a structured and commonly used format within a reasonable period of time. However, the service provider has the right to create general statistical data on the basis of anonymous customer data and results. Such anonymous statistical data shall be the property of the Service Provider and may be used by the Service Provider after termination of the contract.

VIII

The user has the right to request access to his data, rectification, deletion or restriction of processing, as well as the right to object to processing and the right to transfer data.