PRIVACY POLICY

1. Introduction

1.1 Who we are.

We are QUINTAUM d.o.o., a company incorporated and registered in the Republic of Slovenia, registered number 8828008000, with its registered office at Trnovski pristan 22, 1000 Ljubljana, represented by its director, Dr. Andreja Kodrin (hereinafter referred to as "Quintaum", "Owner", "Partner 1", "we", or "our").

Quintaum is the owner of the Healthy Future Organisation Diagnostic and the Questionnaire and the controller responsible for your personal data processed in connection with your participation in the Quintaum Diagnostic.

1.2 Our commitment. We are committed to operating ethically and to protecting and respecting your privacy, as well as the provisions of the General Data Protection Regulation (GDPR), which came into force on 25 May 2018, and other applicable data protection legislation.

1.3 Contact us. If you have any questions regarding the processing of your personal data, please contact us at: tk@quintaum.com .

2. Types of Personal Information we collect about you

By completing the Quintaum Diagnostic, you provide us with the following types of personal data:

2.1 Identifying Information:

(a) Your gender, marital status, number of children, if you have not answered in the questionnaire that you do not wish to answer such question.

(b) Information on your age group, if you have not answered in the questionnaire that you do not wish to answer such a question. In this case, the only information known is whether you are over 16 years of age.

2.2 Contact details:

(a) Business or private email address; if you have opted to receive a personal report.

2.3 Special Categories of Personal Information:

(a) By completing the Quintaum Diagnostic, you may disclose information about your behavior, preferences, private life, physical and psychological condition, and other information that, taken together or in combination with other information, may constitute Special Categories of Personal Information.

3. Purpose of the Processing of Personal Data

Quintaum Diagnostics captures and analyses data in the areas of overall employee experience, performance management and performance, growth potential and long-term employee well-being. Your organisation will only receive a glimpse of the overall results. The answers are aggregated into a numbered score that shows the level of the different indicators and/or risks.

As a result, we collect and process the personal data and information you disclose to us when you complete the Quintaum Diagnostics questionnaire in order to:

(a) perform a diagnostic,

(b) produce your personal report, if you choose this option,

(c) prepare a joint report for the company, if applicable,

(d) if you so choose, send you the results to the email address you have provided,

(e) comply with our legitimate interests.

If you would like to receive a copy of the Quintaum Diagnostics report by private email, please provide us with your email address at the end of the questionnaire. Please note that by entering this email address you consent to its use for the purpose of sending you the results of the diagnostic.

4. Legal basis for the processing

We will only process your Personal Data on the basis of your consent to process it for one or more specific purposes ("opt-in") and only to the extent to which you have consented in the consent form at the end of the questionnaire.

5. Your rights

You have the following rights in relation to your Personal Data:

(a) Right to withdraw consent: you may withdraw your consent to the processing of your personal data at any time, without affecting the lawfulness of the processing prior to such withdrawal.

(b) Right to object to processing: you may object to the processing of your personal data to the extent that it is based on a legal basis other than your consent.

(c) Right to request access: you have the right to be informed of your personal data subject to processing and to request disclosure of certain aspects of the processing (such as, for example, the types of personal data, the users to whom the personal data have been or will be disclosed, the envisaged retention period of the personal data, etc.).

(d) Right to rectification: you have the right to request the accuracy, rectification, and updating of your personal data.

(e) Right to restrict processing: you have the right to request the restriction of the processing of your personal data under certain conditions. Please note that it may no longer be possible to fulfill certain purposes of the processing of your personal data.

(f) Right to erasure: you have the right to request the erasure of your personal data under certain conditions. Please note that your personal data may be anonymized instead of erased to the extent and in such a form that it no longer identifies you and therefore no longer constitutes personal data.

(g) Right to receive and portability: you have the right to receive personal data in a structured, commonly used, and machine-readable format and, where technically feasible, the right to have it transferred to another processor, without any impediment. Please note that we retain all intellectual property rights (including, but not limited to, all intellectual property rights arising from the content and structure of the questionnaire, the methodology used, the results, reports, etc.), and as a consequence, you are obliged to obtain our prior consent to any use of any material in any form or medium containing your personal data.

(h) Right to lodge a complaint: you have the right to lodge a complaint with the competent data protection authority.

To request the exercise of your rights, please send us an email to: tk@quintaum.com.

6. Automated processing, including profiling

Please note the existence of automated processing, including the possibility of anonymous profiling and machine learning. By agreeing to complete the Quintaum Diagnostics questionnaire, you agree that you are free to refuse to participate or to terminate your participation at any time without penalty.

Your decision to participate in the Quintaum Diagnostics Questionnaire will not have any negative effects on you, either personally or professionally.

7. Retention period

We will keep your personal data for as long as is necessary to fulfill the purpose for which it was collected but in no case longer than 5 years.

After the expiry of the retention period, your personal data will be erased or anonymized into a form that no longer constitutes personal data. Consequently, it will no longer be possible to exercise your right of access, deletion, rectification, and transfer after this period.

Your Personal Report is only accessible electronically for two months from the date of receipt of the message with the link and your personal password, after which it will be deleted.

8. Links to third-party websites and transfer of personal data outside the EU or EEA

We use the services of our contractual partner Momentive Europe UC as a platform for our questionnaires. Momentive Europe UC ensures an adequate level of data processing protection and uses standard contractual clauses approved by the European Commission for data transfers. More about their Privacy Policy (available at: https://www.surveymonkey.com/mp/legal/privacy/ and Terms of Use (available at: https://www.surveymonkey.co.uk/mp/legal/terms-of-use/ )

9. Users of Personal Data

Your responses will remain confidential and anonymous. Without your consent, we will only provide your employer with an aggregated final result and anonymized insight.

10. Final provisions

This Privacy Policy may be subject to change or amendment, so please monitor it regularly.

Date of the last amendment to this Privacy Policy: 01.02.2024

Andreja Kodrin, direktorica

Quintaum, d.o.o