Skip to content

Last Updated: August 5, 2025

This Privacy Notice describes the ways in which Vector Psychometric Group, LLC, together with its U.S. subsidiary, Scientific Software International, Inc. (collectively, “VPG”), collects, uses, discloses, shares, protects, and/or otherwise processes the Personal Information (defined below) that it collects. This Privacy Notice applies to the Personal Information that VPG collects or processes when providing any products or services offered by VPG (collectively, “VPG Services”), which may include, without limitation, VPG’s websites, mobile applications, and software, as well as when VPG is providing services to clients of VPG (each, a “Client”) or as a contract research organization (or “CRO”), and from any online or offline interactions you may have with us.

This Privacy Notice contains information about your privacy rights and how you can exercise them, and in order to access or use VPG Services, you must agree to be bound by this Privacy Notice. This Privacy Notice will be incorporated into and deemed to form a part of any terms of use, terms of service, license agreement, or other terms that may be made available on any VPG website, in any VPG mobile application, or in or in connection with any VPG software, where such terms make specific reference to this Privacy Notice.

Where VPG collects your Personal Information directly from you, VPG will explain the purposes for which it is collecting and using that Personal Information, the types of third parties to which VPG will disclose that information, and the choices and processes (if any) that VPG offers you for limiting the use and disclosure of your Personal Information. VPG will also provide any additional information required by law for a specific context, product, or service. In situations where VPG obtains Personal Information from any VPG Client in connection with services that VPG is providing to that Client, VPG’s Client will be responsible for providing you with appropriate notice and, when applicable, obtaining any requisite consent, unless this function has been delegated to VPG as part of VPG’s services for that Client or is otherwise the responsibility of VPG under applicable law, in which case VPG will collect that Personal Information in accordance with this Privacy Notice.

This Privacy Notice describes (1) VPG’s practices for protecting and managing Personal Information that VPG collects, including how VPG has implemented and complies with the Data Privacy Framework (“DPF”) program and DPF Principles (defined below), as described in more detail in the “Data Privacy Framework” section below, (2) how VPG handles any Personal Information it receives when providing services as a CRO, which may include Personal Information contained in clinical trial data received from VPG’s Clients, and (3) how VPG handles any Personal Information it collects directly from individuals when those individuals are participating in (or seeking to participate in) or are otherwise involved with research studies involving or using any VPG Services or for which VPG is acting as a CRO.

What information do we collect?

User-Provided Information

Your “Personal Information” refers to any information that relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to you as an individual, as well as any information that could be used to identify you as an individual or allow someone to contact you. Personal Information also includes all “personal data,” as that term is defined in the EU General Data Protection Regulation (or “GDPR”). During your use of VPG Services (whether as a registered or unregistered user, as well as when you make any purchases from Scientific Software International, Inc., and if you should choose to contact VPG from any website on which this Privacy Notice is posted), we may collect and process your Personal Information, including: contact information such as your name, e-mail address, phone number, city, and state (or region), employer information, and job title; account and access information such as your username and password information; demographic information such as your age, birth date, gender, and ethnicity; correspondence information that you provide in emails to us or that you provide in response to surveys or inquiries from us; technical and geographical identifiers such as your IP address or location data (as each of those is described in more detail below); information related to purchases and other transactions you engage in with us; images and videos containing you, your voice, or your likeness; and, any other information you provide to us that can be used to identify you.

Personal Information can be collected directly from you as described above, as well as indirectly in ways described in more detail below.

Location Data

When using VPG Services from a mobile or GPS-enabled device, your device may share its geographic location with us if you have consented to location services generally through your device’s settings or accepted a request from us for access to location information. Your device location may be transmitted to us whenever your mobile or GPS-enabled device is running (even if you are not actively using the device or you have VPG Services running in the background). Your device may continue to transmit its location to us until you change your device settings.

If you set your device not to transmit location information to us, certain features of VPG Services may not be available or their functions may be limited. For example, you will have to manually enter a location when conducting a search if the results of that search are dependent in any way on your location.

Other Data

As is typical of many web sites and mobile applications, when you use VPG Services, we may collect information about your device and your usage of VPG Services including (but not necessarily limited to): your IP address (which we may associate with your domain name or that of your Internet access provider or wireless carrier, and your location information); a Unique ID number associated with your device; certain other unique identifiers such as advertising identifiers; web browser and operating system information; the language of your device; the wireless connections you are using; the referring page that linked you to us; your activities within VPG Services, including browsing and transaction history; pages, content, and links you view or click on during your use of VPG Services, and when and for how long you do so; the next website you visit after leaving our website; and, search terms you enter via VPG Services or a referral site that leads you to our website. In addition, we may deploy tracking technologies through VPG Services to collect additional information about your use of VPG Services, as set out in the “How do we use cookies and other tracking technologies?” section of this Privacy Notice. Where a VPG website uses tracking cookies or similar user tracking software or technology, a cookie banner will be displayed to users of VPG Services who are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) (as well as anywhere else where we have determined to provide the information in that cookie banner, whether specifically required by law or otherwise); this cookie banner will invite users to give their consent, where applicable, and will provide further options in respect of the management of cookies.

Personal Information Related to Contract Research or Clinical Trial Participation

When VPG provides data analysis or other research services to its Clients (some of whom are located within the EEA or European Union, the United Kingdom, or Switzerland) as a CRO, VPG may be the recipient of medical and health information, including Personal Information, that will be processed by VPG at the direction of its Client. In most situations, the data received by VPG has already been anonymized or de-identified and is no longer Personal Information; in other situations, the data that VPG receives is pseudonymous and may be used by VPG for research or analysis purposes. In all of these situations (i.e., where VPG receives data from its Client; any situations where VPG is itself collecting the data are described below), whether the information that VPG receives from its Client is Personal Information about research subjects (each a “Subject”), or the information is provided to VPG in an anonymized or pseudonymized form, VPG’s activities will be consistent with the notice and choice provided by its Clients to the Subjects, and VPG’s use of this information will be consistent with the services that VPG is obligated to provide to these Clients.

In addition, when Subject data is collected by VPG’s Client, as the data controller, it will be collected in accordance with (a) the notice provided by that Client to the Subjects, (b) choices made by each Subject, or (c) the legal compliance obligations, policies, procedures, and internal administrative purposes of VPG’s Client, as solely determined by that Client, and not by VPG. Where you are a Subject providing Personal Information to a VPG Client, VPG’s Client will be responsible for providing the appropriate notice to you and, when applicable, obtaining any necessary consent from you. If and to the extent that VPG’s Client subsequently provides your Personal Information to VPG, VPG’s use of that Personal Information will be in accordance with this Privacy Notice.

In situations where VPG is responsible for collecting Personal Information directly from individuals participating in research studies (such individual being referred to herein as “Participants,” which may include, without limitation, patients, their spouses or partners, caregivers, and relatives, clinical investigators or other study personnel, and other consultants, contractors, managers, and agents or representatives of the study sponsor and its corporate affiliates, business partners, and third-party service providers) the collected Personal Information may be used by VPG in order to carry out (or to assist its Client in carrying out) the applicable studies and other study-related services and/or pharmacovigilance. Any such collection of Personal Data by VPG will be at the direction of its Client, such that VPG is acting as the data processor, while the Client is the data controller. VPG’s use of Personal Information in these situations may include the transfer of such Personal Information to the VPG Client that is the study sponsor, and/or to its corporate affiliates, business partners and third-party service providers performing services related to the study; any such transfer (as well as VPG’s use of such Personal Information) will be in accordance with this Privacy Notice. In addition, VPG and/or the Client may provide Participants with additional privacy information related to VPG’s collection of Personal Information in connection with these research studies, as well as additional information on how a Participant’s Personal Information will be processed in the clinical trial.

When VPG is acting on behalf of and/or at the direction of a Client, Personal Information of Subjects and Participants is processed by VPG solely to provide the CRO, data collection, or other services that the Client has contracted VPG to provide, or as might otherwise be required by law. In using and processing Personal Information in these instances, VPG would act solely (a) as the data processor and (b) as instructed by its Client as the data controller. For Subjects, VPG stores data (which may be Personal Information, or anonymized or pseudonymized data) only as long as is needed to fulfill its obligations under VPG’s contract with the Client, comply with applicable law, and maintain records internally in accordance with CRO industry practices. For Participants, VPG collects (if applicable), processes, and retains Personal Information and other data in accordance with instructions provided by the VPG Client sponsoring the study. Once VPG provides Personal Information to its Client pursuant to VPG’s obligations to that Client, the Client, and not VPG, will thereafter be solely responsible for determining whether a Subject’s Personal Information is (a) to be disclosed to a third party or (b) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the Subject.

How do we use Personal Information?

We or our service providers may use the Personal Information we collect from or about you to perform the following functions, to the extent they are applicable to your relationship with VPG or your use of VPG Services, and subject to your rights (as described in this Privacy Notice) to opt out or otherwise customize how we use your Personal Information:

  • enable you to use VPG Services and their features;
  • administer VPG Services and manage any account you maintain with us;
  • customize VPG Services to your interests and based on your history with us;
  • localize the content and articles that are displayed to you based on your geographical location;
  • protect our rights, privacy, safety, and/or property and the rights, privacy, safety, and/or property of our users and business partners;
  • enforce our terms of use and our other agreements and policies;
  • conduct market research;
  • improve or develop new features and offerings in VPG Services;
  • tailor ads displayed to you in VPG Services and elsewhere;
  • send you marketing and other communications, including information about products, services, or events that we think might be of interest to you;
  • respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside of your country of residence;
  • assess your level of interest in and use of VPG Services, emails, and other messaging campaigns, both on an individual basis and in aggregate;
  • generate analytics reports on the usage of VPG Services; and
  • respond to your requests, questions, and concerns.

We may also use Personal Information to meet our internal and external audit requirements and for information security purposes. Where permissible under applicable law, your Personal Information may be used for other purposes, which – if not already covered by this Privacy Notice – we will endeavor to disclose to you when we collect your information that will be used for those other purposes. There may be instances, however, when we will use your Personal Information for purposes that were not disclosed at the time of the data collection; for example, when doing so is necessary to comply with a legal obligation or requirement.

We may also use Personal Information to compile aggregate (and non-personally identifiable) data for us to analyze in order to operate, maintain, manage, and improve VPG Services.

How do we share Personal Information?

We may share your Personal Information:

  • when you have given us your consent or otherwise authorized us to use your Personal Information, or when such use is necessary in order for us to provide you with VPG Services that you have requested;
  • when we believe in good faith that disclosure is necessary to protect our rights or property, protect your safety or the safety of others, investigate fraud, or respond to a government agency, law enforcement, judicial or public authority, or other legal request, or to comply with the law;
  • with our lawyers, auditors, and other professional advisors, and with third-party providers of services such as cloud storage, customer relationship management systems, and analytics databases, when your information is needed by them to provide services to us (or on our behalf);
  • in connection with a proposed corporate change or dissolution, including for example a merger, acquisition, reorganization, consolidation, bankruptcy, liquidation, sale of assets, or wind down of business, where our accumulated customer information may be treated as a business asset and, as with other business assets, this information may be subject to transfer to or acquisition by a third party in connection with the corporate change;
  • with our third-party promotional and marketing partners, including, without limitation, businesses participating in our various programs; and
  • with our parent companies, subsidiaries, affiliates, joint ventures, or other companies under common control with us in order to support the marketing, sale, and/or delivery of any VPG Services.

If VPG Services include or provide access to any public areas that allow for user posts or contributions, then what you voluntarily post to or contribute using those public areas may be available to other users and may be collected by VPG.

VPG Services may allow access to third party content and services and may contain links, banners, widgets, or advertisements that lead to third-party websites. We are not responsible for these other websites or services, and so their posted privacy policies (and not this Privacy Notice) will govern the collection and use of your information through them. We encourage you to read the privacy statements of services visited through VPG Services or websites visited after leaving VPG Services to learn about how your information is treated by others.

How do we secure your Personal Information?

We use reasonable technical, administrative, and physical security measures designed to protect Personal Information collected via VPG Services. We cannot guarantee that any information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from unauthorized access or use (e.g., by hackers). You understand and agree that you use VPG Services, and send us your information, at your own risk.

If you choose to correspond with us by email, text message, social media, other messaging app, or using a “Contact us” feature on VPG Services, a third party could intercept the information you send in transit, and you should therefore take special care in deciding what information you send. We have no liability relating to disclosure of your information due to errors, omissions or unauthorized acts or failures to act by third parties during or after transmission.

If you create an account on VPG Services, you are responsible for maintaining the strict confidentiality of your account password, and you will be responsible for any activity, including disclosure of your Personal Information, that occurs using your account credentials, whether or not you authorized such activity. Please notify us of any actual or suspected unauthorized use of your password or account or any other breach of security of which you are aware.

We have our headquarters in the United States. The Personal Information we or our service providers collect may be stored and processed on servers within or outside of the United States and wherever we and our service providers have facilities around the globe, and certain information may be accessible by persons or companies outside of the United States who provide services for us. Accordingly, we and our service providers may transfer your Personal Information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take reasonable steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it.

If you are a resident of a country other than the United States, then by using VPG Services you acknowledge and consent to our collecting, transmitting, and storing your Personal Information out of the country in which you reside. If you are located in the UK, EEA, or Switzerland, please review the “Data Privacy Framework” section of this Privacy Notice, which describes how VPG complies with the EU-U.S. Data Privacy Framework (including the UK Extension to the EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (as all of those terms are defined below).

How do we use cookies and other tracking technologies?

We, including our service providers or partners on our behalf, may use tracking technologies, which may run on your device when you use VPG Services. Where a VPG website uses tracking cookies or similar user tracking software or technology, a cookie banner will be displayed to users of VPG Services who are located in the EEA or the UK (as well as anywhere else where such information may be required by law or where we have determined to provide such information), which will invite users to give their consent, where applicable, and will provide further options in respect of the management of cookies. The circumstances in which we may deploy tracking technologies include:

  • We may use cookies or local shared objects, such as “Flash cookies.” Cookies are small packets of data that a website stores on your computer’s or mobile device’s hard drive (or other storage medium) so that your computer will “remember” information about your visit. We use both first- and third-party session cookies and persistent cookies. Session cookies are intended to make it easier for you to navigate VPG Services; a session ID cookie expires when you close your browser. A persistent cookie on the other hand remains on your hard drive or in other storage for an extended period of time or until you delete it. You can remove persistent cookies by following directions provided in your web browser’s “help” file. To the extent we provide a log-in portal or related feature for VPG Services, persistent cookies can be used to store your passwords so that you don’t have to enter them more than once. Persistent cookies also enable us to track and target the interests of our visitors to personalize their experience using VPG Services. Similar to many other websites, if you have enabled cookies in your browser, we, independently and through enabled third-party tools and programs, may collect certain technical information using cookies, such as originating IP address, browser type, browser language, how a user got to VPG Services (i.e., the URL of the last website they visited), the next website the user visits, what pages are visited, the length of each site visit, and the date and time of the user’s visit. This information helps us track trends and improve user experiences when using VPG Services.
  • HTML5 may be used to store information on your computer or device about your usage of VPG Services. This information can be retrieved by us to determine how VPG Services are being used by our visitors, how VPG Services may be improved, and to customize VPG Services for our users.
  • We may send instructions to your computer or device using JavaScript or other computer languages to gather the sorts of information described above and other details about your interactions with VPG Services.

These tracking technologies may be deployed by us and/or our service providers or partners on our behalf. These technologies enable us to assign a unique identifier to your computer or device, and relate information about your use of VPG Services to other information about you, including your Personal Information. These technologies also enable us to recognize you when you access VPG Services using different web browsers or devices.

VPG understands that some users may have enabled a “do not track” feature or other mechanism intended to provide consumers with a choice regarding the collection of their personally identifiable information; however, consistent with VPG’s rights under applicable law, VPG and VPG Services do not respond to any such "do not track" requests or other signals sent from a web browser. More information on “Do Not Track” is available at http://www.allaboutdnt.com/.

How can you update or delete your information or opt out of messages from us?

While VPG takes reasonable steps to confirm that the Personal Information we process is accurate, complete, and current, we depend on our users to update or correct their Personal Information whenever necessary. You can update or replace the Personal Information about you we have on record by emailing us at privacy at vpgcentral dot com; while we do not respond to emails we receive requesting changes to Personal Information, we will exercise commercially reasonable efforts to make the requested changes to your Personal Information within a reasonable time after receiving any such email from you.

If you no longer wish to receive emails or text messages from us (as applicable), you can click on the “Unsubscribe” link provided at the end of each email you receive from us and follow the opt-out procedure specified there; please recognize, however, that it may take us a few days to process any opt out request and that even if you opt out of receiving promotional communications from us, we may still send you transactional communications, including messages about your use of VPG Services and messages relating to any open or recently closed technical support or customer support inquiries.

You may request deletion of Personal Information collected or maintained by us. To do so, please submit a request by email to privacy at vpgcentral dot com. We may ask for additional information to verify your request.

We retain Personal Information for as long as it is necessary for us to fulfill the purposes described in this Privacy Notice, unless we are required by law to retain any such information for a longer period of time. Criteria that we use to determine how long to retain information may include, without limitation: the length of our ongoing relationship with you as a user of VPG Services; any requests made to modify or delete information that we have collected; any legal obligation we have to retain data we have collected; and if retention is necessary or advisable for legal reasons (e.g., enforcement of our agreements, resolution of disputes, litigation, regulatory investigations, or compliance with applicable statutes of limitations).

VPG Services are not aimed at children, and we do not knowingly collect Personal Information from children under the age of 13. If you are under 13, please do not give us any Personal Information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Notice by instructing their children to never provide Personal Information without the permission of a parent or legal guardian. If you have reason to believe that a child under the age of 13 has provided Personal Information to us, please contact us at privacy at vpgcentral dot com to request deletion, and we will endeavor to delete that information from our databases as quickly as is reasonably possible.

How can you contact us?

VPG regularly reviews its compliance with this Privacy Notice. Please feel free to contact us with any questions or concerns regarding this Privacy Notice or VPG’s handling of Personal Information by contacting us through any link or “Contact Us” feature available in VPG Services, emailing us at privacy at vpgcentral dot com, or sending mail to us at the following address:

Vector Psychometric Group, LLC

Dept. #880502

P.O. Box 29650

Phoenix, AZ 80038-9650

If we receive formal written complaints at this address, it is our policy to contact the complaining user regarding their concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the use or transfer of Personal Information that cannot be resolved between VPG and an individual.

We hope that can resolve any query or concern you may raise about our use of your information. Individuals located in the EEA or the UK may have the right to lodge a complaint with an applicable supervisory authority.

Additional Terms for Users in the UK, Gibraltar, the EEA, and Switzerland

International Data Transfers Generally

While VPG is based in the United States, VPG operates globally and has users, customers, and Clients located both within and outside the United States. As a result, Personal Information may sometimes be transferred, stored, and/or processed outside of the country or jurisdiction where it was initially collected. Therefore, by using VPG Services or providing any Personal Information to VPG, you acknowledge that Personal Information we collect may be transferred to, stored, and processed in the United States or any other country in which we or our affiliates, service providers, customers, or Clients maintain facilities or conduct business.

VPG will protect your Personal Information in accordance with this Privacy Notice wherever it is processed and take appropriate contractual or other steps to protect it under applicable laws. Where Personal Information of users in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland, or the UK that has not been recognized as having an adequate level of data protection (and the Data Privacy Framework described below is not sufficient to allow or authorize the transfer), the transfer will be governed by the European Commission’s standard contractual clauses.

Data Privacy Framework

This “Data Privacy Framework” section of the Privacy Notice applies when VPG (including its U.S. subsidiary Scientific Software International, Inc.) receives Personal Information from or about individuals in the EEA, UK, or Switzerland in any format including electronic, paper, or verbal, and is included to demonstrate VPG’s commitment to the protection of Personal Information in accordance with all applicable laws, rules, regulations, and privacy principles when VPG is required to transfer Personal Information out of the EEA, UK, and/or Switzerland for the performance of VPG Services and VPG’s business operations in the United States.

The U.S. Federal Trade Commission has jurisdiction over VPG’s compliance with the EU-U.S. Data Privacy Framework (including the UK Extension to the EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework.

Notice:

VPG and its U.S. subsidiary Scientific Software International, Inc., comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. VPG (for itself and for its U.S. subsidiary Scientific Software International, Inc.) has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. VPG (for itself and for its U.S. subsidiary Scientific Software International, Inc.) has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles,” and together with the EU-U.S. DPF Principles, collectively, the “DPF Principles”) with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, and you live in a country or region to which the DPF Principles apply, then the DPF Principles applicable to your country or region shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view VPG’s certification, please visit https://www.dataprivacyframework.gov/.

Affiliated U.S. Subsidiaries Covered by this Certification: This certification also covers VPG’s U.S. subsidiary, Scientific Software International, Inc., which adheres to the DPF Principles in accordance with this certification.

The DPF Principles consist of a set of seven commonly recognized privacy principles, together with supplemental principles and associated guidance; details of the DPF Principles can be found at https://www.dataprivacyframework.gov/program-articles/Participation-Requirements-Data-Privacy-Framework-(DPF)-Principles. Details of VPG’s commitment to adhere to the DPF Principle are provided below; as stated above, if there is any conflict between the terms in this Privacy Notice and the DPF Principles in a country or region to which the DPF Principles apply, the DPF Principles shall govern; provided, however, that VPG’s adherence to the DPF Principles may be limited (a) to the extent required or allowed by applicable law, rule or regulation; (b) to the extent necessary to respond to lawful requests by public authorities, including to meet national security, law enforcement, legal or governmental requirements; or (c) to protect the health or safety of any individual whose Personal Information has been shared with VPG.

Choice:

VPG will not process your Personal Information for purposes other than those for which the information was originally obtained or subsequently authorized by you, unless you explicitly consent to the processing, or as required or permitted by this Privacy Notice or applicable law, or where not prohibited by applicable law or regulation. Consistent with the foregoing, VPG will offer you the opportunity, where practical and appropriate, to choose whether your Personal Information (1) can be used for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by you, or (2) can be disclosed to a third party to which disclosure was not previously authorized. VPG will provide you with reasonable mechanisms to exercise your choices described herein to the extent required by applicable law.

In some cases, even you opt out of disclosures of your Personal Information, VPG may still disclose your Personal Information (a) if required to do so by law, court order or legal process; (b) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (c) under the discovery process in litigation, or where necessary in connection with VPG’s efforts to collect money owed to VPG; (d) to enforce VPG’s policies or contracts; (e) when necessary to prevent or protect against physical harm or financial loss or in connection with any investigation into suspected or actual illegal activity; or (f) in the good faith belief that disclosure is otherwise necessary or advisable. As noted above, VPG also may transfer Personal Information in connection with material event concerning its business, such as (by way of example only) a proposed merger, acquisition, reorganization, consolidation, bankruptcy, liquidation, sale of assets, or wind down of VPG’s business. In any such event, VPG will endeavor to require the transferee or acquiror of VPG’s assets to use any acquired Personal Information in a manner consistent with this Privacy Notice.

Onward Transfer:

In most situations, transfers to third parties will be covered by provisions elsewhere in this Privacy Notice, including (but not necessarily limited to) the provisions above regarding notice and choice.

VPG will endeavor to transfer Personal Information to a third party or Client only where such third party or Client has given assurances that it provides at least the same level of privacy protection as required by the DPF Principles and this Privacy Noice, and that such third party or Client will notify VPG if it should determine that it can no longer meet this obligation. Where VPG has knowledge that a Client is using or disclosing Personal Information in a manner contrary to the DPF Principles or this Privacy Notice, VPG will take reasonable steps to prevent or stop such use or disclosure. With respect to onward transfers to Clients, VPG will remain liable under the DPF Principles if its Client or any other VPG agent processes Personal Information in a manner inconsistent with the DPF Principles, unless VPG can prove that it is not responsible for the event giving rise to the damage.

Security:

As described above, VPG will endeavor to take reasonable technical, administrative, and physical security measures designed to protect Personal Information in VPG’s possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Information in VPG’s possession, and regardless of the form (electronic or tangible hard copy) such Personal Information is in.

Data Integrity and Purpose Limitation:

VPG endeavors to use your Personal Information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by you. For as long as VPG retains your Personal Information, VPG will take reasonable steps to ensure that it only uses Personal Information that is relevant to its intended use, and that is accurate, complete, current, and otherwise reliable in relation to the purposes for which such Personal Information was obtained. When acting as a CRO or in situations where VPG acts on behalf of its Client or another entity, VPG will at all times endeavor to process only such Personal Information as is relevant to the applicable VPG Services, and only for those purposes for which the Personal Information was collected. In addition, where VPG processes your Personal Information as a CRO or otherwise acts at the direction of its Clients, VPG will work with those Clients to provide a way for you to correct or update your Personal Information.

Access:

Upon your written request, VPG will confirm for you whether VPG is processing your Personal Information. In addition, as described above, if you email us with a request to make changes to your Personal Information, VPG will take reasonable steps to correct, amend, or delete any of your Personal Information that is found to be inaccurate, incomplete or processed in a manner non‐compliant with this Privacy Notice or the DPF Principles, except: where the burden or expense of providing access would be disproportionate to the risks to your privacy; where the rights of persons other than you would be violated; or, where doing so is otherwise inconsistent with the DPF Principles. Unless prohibited by applicable law, VPG reserves the right to charge a reasonable fee to cover VPG’s costs to provide copies of Personal Information to individuals who request them.

Where VPG maintains Personal Information as a service provider for its Clients, those Clients are responsible for providing you with access to your Personal Information and with the right to correct, amend or delete your Personal Information where it is inaccurate. In these circumstances, you should direct your questions to the appropriate Client, and if you do not receive a response and you let VPG know, VPG will provide you with reasonable assistance in forwarding your request to that Client.

Recourse, Enforcement, and Liability:

If you have questions or complaints about this Privacy Notice or about VPG’s processing of your Personal Information, VPG encourages you to raise those questions or complaints by contacting VPG using the contact information provided below. VPG commits to answer questions and resolve complaints about our collection or use of your Personal Information as set forth herein. VPG will investigate and attempt to resolve all complaints and disputes brought to VPG’s attention regarding the use and disclosure of Personal Information in accordance with the DPF Principles, as described in this Privacy Notice.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, VPG commits to resolve DPF Principles-related complaints about our collection and use of your Personal Information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of Personal Information received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact VPG at privacy at vpgcentral dot com or by or sending mail to us at the following address:

Vector Psychometric Group, LLC

Dept. #880502

P.O. Box 29650

Phoenix, AZ 80038-9650

In compliance with the DPF Principles and the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, VPG commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (“DPAs”), and the UK Information Commissioner’s Office (“ICO”) and the Gibraltar Regulatory Authority (“GRA”), and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) with regard to unresolved complaints concerning VPG’s handling of Personal Information received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

When VPG’s Clients provide VPG with Personal Information from individuals in the EU, the UK (including Gibraltar), or Switzerland in connection with services that VPG provides to those Clients, the Clients are responsible for providing appropriate notice to (and obtaining any necessary consent from) the individuals whose Personal Information is transferred to the U.S. Individuals may therefore submit complaints concerning the processing of their Personal Information to the relevant Client, in accordance with the Client’s dispute resolution process; provided, that VPG will participate in this process at the request of the Client or the individual submitting the company. Where necessary, whether or not VPG participated in the Client’s dispute resolution process, VPG will take steps to remedy any issues arising out of its potential failure to comply with the DPF Principles.

Under limited circumstances and after other available dispute resolution mechanisms have been exhausted, binding arbitration is available to address certain residual complaints under the DPF not resolved by other means. Additional information on this binding arbitration option is available here: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction.

Data Subject Rights, Legal Bases for Processing, and Objections

VPG is committed to using your Personal Information only in a lawful, transparent, and fair manner. If you are in a region such as the EEA, Switzerland, or the UK (or any other jurisdiction that requires us to identify our legal basis for processing of Personal Information), then depending on the specific Personal Information at issue and the factual context of our use or processing of that Personal Information, VPG relies on the following legal bases in connection with our processing of your Personal Information: (1) your consent (which you have the right to withdraw at any time by contacting us); (2) as necessary to perform any agreement with you or a third party to provide VPG Services; and (3) as necessary for our legitimate interests where those interests do not override your fundamental rights and freedom related to data privacy. We may also process Personal Information as necessary to comply with legal obligations or to protect your vital interests or the interests of others.

If you are in the EEA, Switzerland, or the UK (including Gibraltar), you may have certain rights under the GDPR and other laws in relation to your Personal Information, including: (a) the right to access any Personal Information that we hold about you and, in some circumstances, have that information provided to you so that you can provide or “port” that data to another provider; (b) the right to the erasure of Personal Information that we hold about you (for example, if it is no longer necessary for the purposes for which it was originally collected); (c) the right to request that we stop processing your Personal Information and/or stop sending you marketing communications; (d) the right to require us to correct any inaccurate or incomplete Personal Information; and (e) the right to request that we restrict processing of your Personal Information in certain circumstances (for example, where you believe that the Personal Information we hold about you is not accurate or lawfully held). You may object to Personal Information being processed pursuant to VPG’s legitimate interests, in which case we will no longer process your Personal Information unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims.

To exercise your rights, please contact VPG via email at privacy at vpgcentral dot com. If you have any other questions about our use of your Personal Information, please send a request to the email or postal address specified in the “How Can You Contact Us?” section above. Please note that we may request you to provide us with additional information in order to confirm your identity and ensure that you are entitled to access the relevant Personal Information. You may also have the right to lodge a complaint with the appropriate DPA; for more information on this process, please contact your local DPA.

Additional Terms for Users in California and Nevada

California Privacy Rights

Pursuant to Section 1798.83 of the California Civil Code (also known as California’s “Shine the Light” law), residents of California may ask companies with whom they have an established business relationship (and that are not otherwise exempt) for certain information about the types of Personal Information those companies have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. If you wish to submit a request pursuant to Section 1798.83, please contact VPG via email at privacy at vpgcentral dot com. Please identify your request as a “Shine the Light Request,” include your first and last name and mailing address, and certify that you are a California resident. We reserve the right to require additional information to confirm your identity and/or state of residence. We do not accept Shine the Light requests via telephone, mail, or fax, and we will not be obligated to respond to requests that do not include complete and accurate information.

Nevada Privacy Rights

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. You can exercise this right by contacting us at privacy at vpgcentral dot com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A.

Updates to this Privacy Notice

VPG may revise this Privacy Notice from time to time — e.g., to keep up with changes in the law, or to reflect changes in how we are doing business or how we collect or process Personal Information — in which case we will post the updated Privacy Notice to our Sites and in our Software, and we will update the “Last Updated” date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we will use reasonable efforts to notify you (which may be by use of a pop-up notice on the Sites, or by other means consistent with applicable law) and will take any additional steps that may be required by applicable law. If you do not agree to an update to this Privacy Notice, you may not access or continue to use VPG Services. Your continued use of VPG Services after any revisions have been posted will constitute your acknowledgment and acceptance of the revised terms of this Privacy Notice.

Please note that this Privacy Notice only applies where posted or made available in connection with VPG Services and does not apply to information that we may obtain from you in relation to services (such as websites, mobile applications, software, or other services that are provided to you by third parties) that do not make this Privacy Notice available, and it is your responsibility to read and confirm your agreement with the privacy policies and practices of the third parties providing those services before you provide any personal information to them.

&nsbp;
Close
Image

R.J. Wirth

R.J. Wirth is Chief Executive Officer.