This privacy statement explains how Millisecond handles personal data collected during the normal course of business operations (sales, marketing, and support), as well as how data are processed by its products and services. Millisecond complies with the and the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF.
Millisecond creates the most sophisticated, high-precision online cognitive testing software for universities, hospitals, and research companies. The software is provided both as a downloadable application and as an Application Service Provider (ASP) model accessed using a modern browser via the Internet. All of Millisecond products are self-service, whereby the end-users are solely responsible for what data to collect and from whom. Research participants may use standard computers or mobile devices to perform psychological tests.
All customer data collected using the software are redundantly stored across a fixed set of secure data centers; data do not move around to other data centers.
Tests may be distributed in numerous ways: via email, a web link, or off-line applications. Tests do not require a password or other authentication by the participant.
Information collected automatically by our website: Millisecond collects and analyzes aggregate information of visitors, including pages visited, referring URLs and other publicly available information. We use this information to help improve our website and services. When you visit our site, Millisecond automatically logs information from your browser such as IP addresses and the type of browser and operating system for the purpose maintaining the security and reliability of the web site, including detecting and preventing fraud, unauthorized access, denial of service, and other malicious attacks. In addition, we use IP Addresses to select which of our servers is nearest you so that you can download our content more quickly. Millisecond stores this information in logs that are deleted after 3 months. Anonymous cookies may be used to track aggregate site usage.
Information you provide voluntarily: When you use Millisecond's services, Millisecond asks for and collects information about you such as names and email addresses in order to provide account services such as secure authentication and authorization, license delivery, account and password recovery, account notifications, and product announcements. This information is essential for us to fulfill our side of the contract in providing you services. If you purchase services from our web site, we may also ask for payment information such as your name, credit card number, and billing address in order to facilitate processing of payment.
Millisecond does not sell or make available to third parties any personal information about our customers or their clients except as requested by a valid court order or otherwise required by law. Millisecond maintains a database of user information used for operations essential to product services such as user authentication, security and fraud detection, technical support, and to notify customers of changes or enhancements to the services. Millisecond may also store personal information related to purchasing in order to provide customers a record of their purchase history and to enable upgrade or renewal of previously purchased licenses. Millisecond shares or stores information with 3rd party subcontractors that provide technical and communication services for its products. Millisecond uses secure services for online credit card payment transactions, and does not record or store credit card information on its site or servers.
For this section, customers are end-users with valid Millisecond accounts. Customers own and control all information input into the Millisecond software or generated on behalf of customers in connection with the Services ("Data"). Depending on how the Customer chooses to use the software, Data may include personal information. Customers manage all Data, as well as the users who create, manage, distribute, or report the Data.
Millisecond treats all Data as highly confidential and does not classify or represent the Data because only the Customer itself knows what data it's collecting. Millisecond provides the services, and Customers use the services as they wish. All Data are safeguarded using industry best security practices that prevent unlawful disclosure.
Millisecond will only process Data for the purpose of providing the software and services to customers. Customers must ensure that they follow applicable laws when distributing tests. This includes following applicable law when collecting personal and health information, preventing unsolicited emails from being sent, and deleting personal information when no longer required.
Millisecond will never transfer Data to a third-party without the written permission of the customer.
Millisecond employees do not actively view Data. Any access to Customer accounts requires the consent of the customer, and any exposure to personal information is incidental to providing support services.
We collect and retain Personal Data submitted to us for the amount of time necessary to meet your request or fulfill our legal or regulatory obligations, unless it is in our legitimate business interests and not prohibited by law to maintain the Personal Data for longer periods.
Millisecond is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and individuals have a right to contact the FTC regarding services provided by Millisecond.
If you are an EU or UK citizen, and have questions about your personal information that may have been collected in a Millisecond test, please contact the entity that created or sent you the test. Millisecond is not responsible for any Data collected and only processes Data as controlled by the customer. If the test creator is unresponsive with your inquiry, please contact Millisecond Support.
General inquiries regarding this policy, or any complaints regarding tests that are unresolved by the test creator, may be sent to Millisecond Support by visiting https://www.millisecond.com/about/contact and emailing or calling using the listed contact information listed. There is no charge for this inquiry.
Any disputes are handled by the International Centre for Dispute Resolution (details below). Inquiries are free of charge.
Millisecond complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Millisecond has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.
Millisecond is subject to the investigatory powers of the Federal Trade Commission (FTC). Millisecond may be required to disclose personal information in response to lawful requests from public authorities, including to meet national security or law enforcement requirements.
Researchers may license Millisecond's products to gather and store personal information via surveys or psychological tests for the purposes of scientific or commercial research. While Millisecond provides services for gathering and storing such data, it does not own these data. Therefore, individuals wishing to access, modify, or delete personal information gathered by researchers, or who wish to limit the use and disclosure of such data, should contact the researchers who recruited them to participate in the study.
Except as otherwise provided herein, Millisecond discloses Personal Data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations. Millisecond may provide Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, Millisecond may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by Millisecond and they must either:
1) comply with the Privacy principles or another mechanism permitted by the applicable protection law(s) for transfers and processing of Personal Data as set forth in EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF;
2) or agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy;
Millisecond also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that Millisecond may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Millisecond remains responsible and liable under the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles unless Millisecond proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Principles, Millisecond commits to resolve complaints about our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding our Private policy should first contact Millisecond at:
inquisit@millisecond.com
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Millisecond commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms, with respect to personal data received or transferred pursuant to the Data Privacy Framework.
If personal data covered by this Privacy Policy is to be used for a new purpose that is materially different from that for which the personal data was originally collected or subsequently authorized, or is to be disclosed to a non-agent third party in a manner not specified in this Policy, Millisecond will provide you with an opportunity to choose whether to have your personal data so used or disclosed. Requests to opt out of such uses or disclosures of Personal Data should be sent to us as specified in the "Questions" section below.
Certain personal data, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, is considered "Sensitive Information." Millisecond will not use Sensitive Information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless Millisecond has received your affinnative and explicit consent (opt-in).
If you have questions about Millisecond privacy, please email us at inquisit@millisecond.com.