Privacy Policy

Effective: 29 April 2020

Magnifi Group, Inc. EU-US & Swiss Privacy Shield Policy

Magnifi Group, Inc. (hereafter, “Magnifi”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union (EU) and Switzerland to the United States. Magnifi has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield programs, and to view our certification, please visit www.privacyshield.gov.

Magnifi respects individual privacy and values the confidence of its customers, employees, business partners and others. Not only does Magnifi strive to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business, it also has a tradition of upholding the highest ethical standards in its business practices. These EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Policies (the “Policies”) set forth the privacy principles that Magnifi follows with respect to transfers of personal information from the EU and Switzerland to the United States, respectively.

Compliance with Privacy Shield Principles

EU-U.S. Privacy Shield Framework

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “EU-U.S. Privacy Shield Framework”) to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EU to the United States.

Magnifi Group, Inc. (“Magnifi” or “we”) recognizes that the European Community has established a data protection regime which applies to the European Economic Area (“EEA”) and restricts companies in the EEA in transferring personal data about individuals in the EEA to the United States, unless there is “adequate protection” for such personal data when it is received in the United States. To create such “adequate protection,” Magnifi adheres to the EU-U.S. Privacy Shield Framework published by US Department of Commerce (“EU-U.S. Privacy Shield Principles”) with respect to personal data about individuals in the EEA that we receive from our clients and other business partners. Magnifi’s EU-U.S. Privacy Shield Certification also extends to data that we receive directly through Magnifi’s publicly accessible websites via secure form submission (any of our websites such as www.learn-wise.com). More information on the EU-U.S. Privacy Shield and Magnifi’s scope of participation in the EU-U.S. Privacy Shield Framework is available at www.privacyshield.gov/welcome

Swiss-U.S. Privacy Shield Framework

The United States Department of Commerce and the Swiss Federal Data Protection and Information Commissioner have agreed on a set of data protection principles and frequently asked questions (the “Swiss-U.S. Privacy Shield Framework”) to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States.

Magnifi Group, Inc. (“Magnifi” or “we”) recognizes that the Swiss Community has established a data protection regime which applies to the Swiss individual and restricts companies within Switzerland when transferring personal data about Swiss individuals in Switzerland to the United States, unless there is “adequate protection” for such personal data when it is received in the United States. To create such “adequate protection,” Magnifi adheres to the Swiss-U.S. Privacy Shield Framework published by US Department of Commerce (“Swiss-U.S. Privacy Shield Principles”) with respect to personal data about individuals in Switzerland that we receive from our clients and other business partners. Magnifi’s Swiss-U.S. Privacy Shield Certification also extends to data that we receive directly through Magnifi’s publicly accessible websites via secure form submission (any of our websites such as www.learnwise.com). More information on the Swiss-U.S. Privacy Shield and Magnifi’s scope of participation in the Swiss-U.S. Privacy Shield Framework is available at www.privacyshield.gov/welcome

Adherence to Seven Privacy Shield Principles

Client Personal Data processed or stored by Magnifi may be subject to contractual agreements with our clients that require more stringent privacy and security safeguards than the requirements in the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. At a minimum, however, Magnifi handles Client Personal Data in accordance with our EU-U.S. and Swiss-U.S Privacy Shield Policies, which are based upon the seven principles identified within the EU-U.S. and Swiss-U.S Privacy Shield Frameworks

This Notice addresses data subjects residing in the EU (“EU Persons”) and Switzerland (“Swiss Persons”) whose data we may receive from one of our clients or other business partners in the EU or Switzerland, e.g., referral partners, integration partners, etc. When Magnifi receives Client Personal Data for processing pursuant to instructions of clients or their partners, we are acting as an agent for our client and do not provide notice to individuals regarding the collection and use of their personal data. Our clients remain responsible for providing notice, if and to the extent they believe such notice is necessary under applicable EU or Swiss law.

Business Purposes for the Collection and Use of Personal Data

Magnifi Group sells and maintains web-based learning management software largely to small and midsize businesses. We receive mostly business-related information from the EU or Switzerland, including contact information of individual representatives of the businesses with whom we are dealing including names, work email addresses, business phone numbers, and business addresses. In connection with our services, our customers use our hosted technology platform to store and process EU or Swiss Data at their own discretion. As EU or Swiss Data covered by this Notice is by definition sent to us by another company in the EU or Switzerland (e.g., a customer of Magnifi), the categories of data sent and the purposes of processing often depend on such other company, with whom the EU or Swiss Person typically has a closer employment or business relationship (and which, therefore, can provide additional information on categories of data shared with us). Such data typically includes, without limitation, names, work email addresses, business roles, and training records. Magnifi will not use Client Personal Data for any other purposes than for the purposes that Magnifi clients provide such information

Magnifi collects and uses EU or Swiss Data for purposes of providing products and services to our customers, communicating with corporate business partners about business matters, processing EU or Swiss Data on behalf of corporate customers, providing information on our/their services, and conducting related tasks for legitimate business purposes.

Contact information and Client Personal Data is accessible only by those Magnifi employees and consultants who have a reasonable need to access such information in order for us to fulfill contractual, legal and professional obligations. All of our employees and consultants have entered into strict confidentiality agreements, and/or have been subjected to thorough criminal background checks requiring that they maintain the confidentiality of Client Personal Data.

Accountability of Onward Transfer

Magnifi recognizes potential liability in cases of onward transfer to third parties. Magnifi does not transfer Client Personal Data to third parties unless:

  1. Lawfully directed by a client
  2. Magnifi may provide Personal Data to third parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, Magnifi may store such Personal Data in the facilities operated by third parties. Such third parties must agree to use such Personal Data only for the purpose for which they have been engaged by Magnifi Group and they must either:
    1. Comply with the Privacy Shield principles or another mechanism permitted by the applicable EU or Swiss protection law(s) for transfers and processing of Personal Data;
    2. Or agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy.
  3. Magnifi Group may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure.
  4. In certain limited or exceptional circumstances in accordance with the EU-U.S. and Swiss- U.S. Privacy Shield Frameworks.

Please be aware that Magnifi Group may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Magnifi Group is liable for appropriate onward transfers of personal data to third parties.

Should Magnifi learn that a third party to which Personal Data has been transferred by Magnifi is using or disclosing Personal Data in a manner contrary to this Policy, Magnifi will take reasonable steps to prevent or stop the use or disclosure.

Annual Assessment

Magnifi assures compliance with this EU-U.S. and Swiss-U.S. Privacy Shield Policy and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks by utilizing the self-assessment approach as specified by the U.S. Department of Commerce. The assessment is conducted on an annual basis to ensure that all of Magnifi’s relevant privacy practices are being followed in conformance with the EU-U.S. and SwissU.S. Privacy Shield Policies and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Any employee that Magnifi determines is in violation of these policies will be subject to discipline, up to and including termination of employment and/or criminal prosecution.

Applicability

Magnifi is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Magnifi also assures compliance with this EU-U.S. and Swiss-U.S. Privacy Shield Policy and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks by fully investigating and attempting to resolve any complaint or dispute regarding the use and disclosure of personal data in violation of this Privacy Policy.

For complaints that cannot be resolved by Magnifi and the complainant, Magnifi agrees to cooperate with JAMS – an independent dispute resolution mechanism, pursuant to the EU-U.S. and SwissU.S. Privacy Shield Frameworks.

Privacy Shield Policy Updates

This EU-U.S. and Swiss-U.S. Privacy Shield Policy may occasionally be updated. When material updates are made, the date of the last revision will be reflected at the end of the page. This page may be bookmarked to facilitate periodic review of this EU-U.S. and Swiss-U.S. Privacy Shield Policy and to note recent updates. Neither this EU-U.S. and Swiss-U.S. Privacy Shield Policy nor updates to it will affect or modify any contracts we have with our clients.

Choice, Access, Review, Update, and Opting Out

If you are an EU or Swiss Person about whom we hold EEA or Swiss Data on a client’s behalf, you may submit the following requests to the business that provided your EEA or Swiss data:

  1. Request access to your EEA or Swiss data
  2. Request to update, correct or delete such EEA or Swiss data
  3. Request changes to the extent of EEA or Swiss data collected
  4. Request to opt out of EEA or Swiss data collection

You can also contact our EU-U.S. and Swiss-U.S. Privacy Shield Contact. We reserve the right to take appropriate steps to authenticate an applicant’s identity, to charge an adequate fee before providing access and to deny requests, except as required by the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

EU-U.S. & Swiss-U.S. Privacy Shield Contact

In compliance with the Privacy Shield Principles, Magnifi commits to resolve complaints about our collection or use of your personal information. EU or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Magnifi at: privacy@magnifigroup.com. Please include “Privacy Shield” in the subject line. Or you may call us at: +1 858.273.2459. We will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with the principles described in this Policy.

Magnifi has further committed to refer unresolved Privacy Shield complaints to JAMS:https://www.jamsadr.com/, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/about/submit-a-case for more information or to file a complaint. The services of JAMS:https://www.jamsadr.com/ are provided at no cost to you.

Alternatively EU or Swiss Persons (EU or Swiss Data Subjects) may complain to their home data protection authority and can invoke binding arbitration for some residual claims not resolved by other redress mechanisms.

If you have a comment or concern that cannot be resolved with us directly, you may contact the competent local data protection authority.

EU-U.S. and Swiss-U.S. Privacy Shield Policy Effective Date: 06/12/2018 (Supersedes: Safe Harbor Statement Effective Date: 12/30/2009).

Privacy Declaration for EU Individuals

It is a matter of course for us to respect your personal rights. This also applies to the handling of personal data during your visit and use of this website. Therefore we, Magnifi Group, Inc., act in accordance with the applicable data protection law. In the following you will learn how we treat your personal data and in particular which data we process for which purposes and which rights you have in this respect.

  1. Subject Matter
    1. This privacy policy applies to the use of the websites offered by Magnifi Group and Magnifi Group GmbH accessible at ​www.learn-wise.com (hereinafter referred to as "Learn-Wise Websites"). This privacy policy does not apply to other websites of the Magnifi Group GmbH or to websites of other service providers to which the Learn-Wise Websites provides links.
    2. The entity responsible within the meaning of the EU General Data Regulation (GDPR) is:
      Magnifi Group GmbH
      Klingholzstraße 7
      D-65189 Wiesbaden
      Germany
      privacy@magnifigroup.com
      www.magnifigroup.com
  2. Personal Data
    Personal data is all information relating to an identified or identifiable natural person. The basic personal date is your name. In addition, your gender, date of birth, address, occupation, e-mail address and IP address are also considered personal data. Non-personal data, on the other hand, is data with which the determination of your actual identity is impossible or at least requires considerable effort. This includes, for example, the aforementioned information if we receive it anonymously or under a pseudonym and therefore cannot assign it to any natural person.
  3. Principle of Anonymity
    When using the Learn-Wise Websites, you remain anonymous to us as long as you do not voluntarily provide us with personal data by contacting us of your own accord.
  4. Provision of Personal Data
    1. The provision of personal data is neither required by law nor by contract for the use of the Learn-Wise Websites. You are not obliged to provide any personal data about yourself. However, you cannot visit the Learn-Wise Websites without transferring the IP address you are using.
    2. Contact with us via our contact form requires the provision of the data described in more detail in Section 6. If you do not provide us with this information, you cannot use the contact form.
  5. Processing of Personal Data
    1. When using the Learn-Wise Websites the following data collected while you are on the site: date and time of access. We do not allow any conclusions to be drawn about an individual person. We do not collect or store IP address.
    2. In all other respects, we will only process your personal data if you voluntarily provide it to us and this is permitted by law or if you have given your consent. We use the personal data provided by you exclusively for the purposes stated in this privacy policy or expressly agreed with you.
    3. We have engaged various service providers to assist us in the provision, operation and maintenance of our IT systems, including the Learn-Wise Websites. These include, for example, hardware and software suppliers, Google Inc. (for the spam protection service reCAPTCHA, see Section 12), hosting providers and data centers. When such service providers work for us, they may be given access to your personal data as recipients. However, these service providers are then also contractually obliged to comply with data protection by means of a so-called order processing agreement; the statutory provisions on data protection also apply to our service providers anyway.
    4. Your personal data will not be passed on, sold or otherwise transferred to third parties, provided that the Magnifi Group Inc. is not considered to be a third party in this sense. Anything to the contrary shall only apply if this is necessary for the execution of the notified or agreed purposes and is permitted under applicable data protection law without consent, if you have expressly given your consent or if we are legally obliged to do so. Section 5.3 remains unaffected and applies independently of this Section.
    5. The personal data provided by you on the Learn-Wise Websites or collected by us will not be used for automated individual decision making.
  6. Contact Form
    1. If you contact us via the contact form, you agree that your message may be processed by us and by the Magnifi Group Inc. together with your stated contact data for the purposes of answering and contacting you. You can also enter a pseudonym (a fictitious name) as the name. Your consent and our legitimate interest in being able to contact users of the Learn-Wise Websites electronically (also by our parent company Magnifi Group Inc.) form the legal basis for the processing (Art. 6 para. 1 lit. a and f GDPR).
    2. To protect us against spam and abuse, we use a custom CAPTCHA query that you must confirm and execute before you can send us a message using the contact form. For the purpose of establishing contact via the contact form you have given the following declaration of consent: "Yes, I give my consent that my data entered above and my message may be processed by Magnifi Group GmbH and Magnifi Group Inc. (San Diego, USA) for the purpose of processing, establishing contact and replying. In this context, I agree to the privacy policy. I can withdraw this consent with effect for the future at any time."
    3. We, including Magnifi Group Inc., will only process the data you provide via the contact form to process your message and respond to you. As long as we have received your contact data, which you provide via the contact form, only for processing, contacting and answering your message, we will not use this personal data for any other purposes. Apart from cases in which we are legally obliged to do so, we will not pass on your contact data to third parties in this case. For the avoidance of doubt, our parent company Magnifi Group Inc. is not deemed to be a third party
    4. Six (6) months after sending the reply, we delete the data transmitted by you via the contact form, unless we are legally obliged to keep it for a longer period or we still need your personal data to carry out or process an existing contractual relationship or for purposes of proof. In such a case we delete the relevant data after the legal retention period has expired or as soon as we no longer need the data for the execution or processing of an existing contractual relationship or for purposes of proof.
    5. You may withdraw your consent at any time for the future (for contact details see Section 17 below). Your contact data will be stored after the withdrawal for as long and as far as we are obliged to do so within the scope of the legal archiving obligations or we still need your personal data to carry out or process an existing contractual relationship or for purposes of proof.
  7. Withdrawal of Consent
    1. Subject to the statutory provisions, you are entitled to withdraw your consent to the processing of your personal data for the future at any time. To do so, please contact the office mentioned in Section 17 below
    2. We point out to you that the processing of your personal data, which we have carried out on the basis of your given consent until your withdrawal, is not affected by the withdrawal and remains legal.
  8. Right of Access, Right to Rectification, Erasure, Restriction of Processing, Object and Data Portability
    Subject to the statutory provisions, you have the right to obtain information from us about your personal data processed by us, as well as the right to correct, delete, restrict processing, object to processing and to data portability. The exact conditions under which you are entitled to the aforementioned rights can be found in Articles 15 to 21 GDPR and Sections 34, 35 and 37 of the Federal Data Protection Act (BDSG). If you wish to exercise one or more of the above rights, please also contact the office indicated in Section 17.
  9. Right of Appeal
    Subject to the statutory provisions, you have the right to contact the responsible supervisory authority with complaints regarding data protection. The Hesse data protection officer is responsible for us. You can reach her / him together with the supervisory authority via the website https://www.datenschutz.hessen.de.
  10. Use of Cookies
    1. We use so-called cookies on the Learn-Wise Websites. These are small text files that are stored on your device (PC, smartphone, tablet, etc.). Some cookies we use will be deleted from your drive (hard disk, solid-state disk, flash memory, etc.) at the end of your browser session (so-called session cookies). Other cookies will be kept stored on your device and allow us to recognize your device when you visit the Learn-Wise Websites for the next time (so-called persistent cookies). In addition, we use cookies from third parties that allow them to process personal data about you and may combine the information they obtain with other information that those third parties have already stored about you or collected from you during your use of the third party services.
    2. As soon as you visit the Learn-Wise Websites, the following cookies are set:
      • PHPSESSIONID: This is a cookie generated by WordPress (the software we use to administer the Learn-Wise Websites). The cookie serves as a general identifier that is used to maintain user session variables. It contains a randomly generated number that is assigned to your browser during the browser session. The cookie is deleted at the end of the browser session.
      • YouTube – related cookies. We embed videos from our YouTube channel on our website; therefore, the following cookies are used:
      — @@History/@@scroll|#: This cookie is used by YouTube to create historical timelines in YouTube videos.
      — PREF: Registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites
      — VISITOR_INFO1_LIVE: This cookie tries to estimate your bandwidth on pages with integrated YouTube videos.
      — YSC: Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
      — KEY: Used to verify what the user entered on all the contact forms. Its purpose is to confirm that users are manually typing on the form as opposed to a spammer using a ‘bot’ to fill them in automatically.
      • The cookies used by Google and their meaning are also described at https://policies.google.com/technologies/types.
    3. If you click on one of the social media links available on the Learn-Wise Websites, the linked website of the social network opens. From there, additional cookies may be stored on your device. These cookies are not under our control. The respective provider is solely responsible for the data protection-compliant behaviour of such cookies.
    4. The legal basis for our use of cookies is our legitimate interest in designing our web presence on the Learn-Wise Websites according to our needs and for providing a great user experience. We embed YouTube videos on the Learn-Wise Websites because we believe they communicate well our products and services. YouTube uses the respective cookies described above as part of their services. (Art. 6 para. 1 lit. f GDPR).
    5. In the privacy settings of your browser, you can view and delete the stored cookies at any time and restrict or prohibit the acceptance of cookies.
    6. When using third-party services on the Learn-Wise Websites (e.g. Google Maps or reCAPTCHA) or when you click on a link, third-party cookies may be used without our express warning. In the privacy settings of your browser, you can also view and delete these stored cookies at any time and restrict or prohibit the acceptance of cookies.
  11. Use of Social Media Links
    We currently do not use any social media plugins on the Learn-Wise Websites. However, we do display social media links from the following social networks:
    • Facebook: www.facebook.com.
    • Twitter: www.twitter.com.
    Each of them is a link to our company appearance on the corresponding social network; the link contains no further functions (unlike, for example, the Like button of Facebook). If you click on a social media link on the Learn-Wise Websites, only the corresponding linked web page opens.
  12. Iframes and Embedded Content
    1. We use iframes (inline frames) on the Learn-Wise Websites to display embedded content of the following provider
      • Youtube: www.youtube.com.
    2. The legal basis for our use of iframes is our legitimate interest in making YouTube videos relevant to us easily accessible to users of the Learn-Wise Websites (Art. 6 para. 1 lit. f GDPR)
    3. If you visit a website of the Learn-Wise Websites with the iframe mentioned in Section 12.1 above, your browser will create a direct link to the provider's servers in order to transfer embedded contents from there into your browser. This content is integrated into the Learn-Wise Websites via the iframe, so that it is displayed as a kind of mini website in the Learn-Wise Websites that you visit. You cannot see that you are surfing on two websites at the same time. YouTube's Internet address is not displayed. You can recognize the YouTube video by the typical red play button with a white triangle.
    4. YouTube, as the provider of the embedded content that is displayed to you via the iframe, learns by the direct connection to your browser that you have visited the corresponding Learn-Wise Websites. If you are logged in to your YouTube account at this time, YouTube will still be able to associate your visit to the Learn-Wise Websites with your account even if you do not click on the embedded YouTube video. If you decide to click and use the content offered, YouTube will know. Your browser then sends further usage data to YouTube, which can be stored and reused by this provider.
    5. For more information about the purpose and scope of data collection and processing by YouTube, please refer to YouTube's privacy policy on its website. The following website is known to us in this respect:
      • YouTube, https://policies.google.com/privacy?hl=de&gl=de.
      There you will also find further information about your rights and privacy settings
  13. Web Fonts
    1. Google web fonts, so-called Google fonts, are used on the Learn-Wise Websites, which require your browser to download them into its cache. To do this, your browser establishes a connection to the servers of the provider of the web fonts and transmits the IP address used by your device at this time. The provider of the web fonts thus learns that a user with your IP address visits our Learn-Wise Websites. If your browser does not support the web fonts used by the Learn-Wise Websites, the display is based on a standard font instead
    2. The legal basis for our use of web fonts is our legitimate interest in displaying texts and fonts of our web presence on the Learn-Wise Websites correctly and independently of the system you use in order to ensure a uniform, visually pleasing presentation of our Learn-Wise Websites on the accessing devices (Art. 6 para. 1 lit. f GDPR).
  14. Google Maps
    1. On the Learn-Wise Websites we use map material from Google Maps and use the programming interface Google Maps API for its integration and geographical representation. As is usual with Google services, Google also collects and processes data about the use of the service when using Google Maps. In this respect, it cannot be ruled out that Google will find out at least the IP address assigned to you during your visit to the Learn-Wise Websites. Depending on which other data (e.g. in cookies) is stored on your device, Google may also obtain further information about you while you surf the Learn-Wise Websites
    2. The legal basis for our use of Google Maps is our legitimate interest to show you our location via the interactive map service Google Maps used by millions of Internet users and to use Google Maps (Art. 6 para. 1 lit. f GDPR).
    3. Further information on the purpose and scope of data collection and processing by Google can be found in Google's privacy policy on the Google website. We are familiar with the following websites in this respect:
      https://policies.google.com/privacy?hl=de.
  15. IT Security
    We take various technical and organizational security measures to protect the integrity and confidentiality of your personal data. For this purpose, your personal data is encrypted during transmission using the so-called Secure Socket Layer technology (SSL). This means that the communication between your computer and the servers of the Learn-Wise Websites takes place using a recognized encryption method, which is considered secure in the current version (currently SSL version 3, 256 bit). If your browser supports SSL, this function protects the transmission of personal data. In this case, most browsers display a short dialog box or a graphic icon to indicate whether the security protocol is supported. You can find further information in the help function of your browser.
  16. Data Protection Contact Details
    1. If you wish to assert your data protection rights, have questions about this privacy policy or our data protection behavior on the Learn-Wise Websites, please contact: privacy@magnifigroup.com
    2. Since we do not meet the legal requirements for the appointment of a data protection officer, we will not appoint a data protection officer until further notice.