This privacy statement explains how Millisecond handles personal data collected during the normal course of business operations (sales, marketing, and support), as well as how data are processed by its products and services. Millisecond complies with the EU-U.S. Privacy Shield framework, and retains the American Arbitration Association/International Centre for Dispute Resolution.
1. MILLISECOND PRODUCTS
Millisecond creates the most sophisticated, high-precision online cognitive testing software for universities, hospitals, and research companies. The software is provided both as a downloadable application and as an Application Service Provider (ASP) model accessed using a modern browser via the Internet. All of Millisecond products are self-service, whereby the end-users are solely responsible for what data to collect and from whom. Research participants may use standard computers or mobile devices to perform psychological tests.
All customer data collected using the software are redundantly stored across a fixed set of secure data centers; data do not move around to other data centers.
Tests may be distributed in numerous ways: via email, a web link, or off-line applications. Tests do not require a password or other authentication by the participant.
2. DATA COLLECTED BY OUR WEB SITE AND SERVICES
Information collected automatically by our website: Millisecond collects and analyzes aggregate information of visitors, including pages visited, referring URLs and other publicly available information. We use this information to help improve our website and services. When you visit our site, Millisecond automatically logs information from your browser such as IP addresses and the type of browser and operating system for the purpose maintaining the security and reliability of the web site, including detecting and preventing fraud, unauthorized access, denial of service, and other malicious attacks. In addition, we use IP Addresses to select which of our servers is nearest you so that you can download our content more quickly. Anonymous cookies may be used to track aggregate site usage.
Information you provide voluntarily: When you use Millisecond's services, Millisecond asks for and collects information about you such as names and email addresses in order to provide account services such as secure authentication and authorization, license delivery, account and password recovery, account notifications, and product announcements. This information is essential for us to fufill our side of the contract in providing you services. If you purchase services from our web site, we may also ask for payment information such as your name, credit card number, and billing address in order to facillitate processing of payment.
Millisecond does not sell or make available to third parties any personal information about our customers or their clients except as requested by a valid court order or otherwise required by law. We maintain a database of user information which is used only internally for operations essential to product services such as user authentication, security and fraud detection, technical support, and to notify customers of changes or enhancements to the services. Millisecond may also store personal information related to purchasing in order to provide customers a record of their purchase history and to enable upgrade or renewal of previously purchased licenses. Millisecond uses secure services for online credit card payment transactions, and does not record or store credit card information on its site or servers.
3. DATA COLLECTED BY CUSTOMERS
For this section, customers are end-users with valid Millisecond accounts. Customers own and control all information input into the Millisecond software or generated on behalf of customers in connection with the Services (“Data”). Depending on how the Customer chooses to use the software, Data may include personal information. Customers manage all Data, as well as the users who create, manage, distribute, or report the Data.
Millisecond treats all Data as highly confidential and does not classify or represent the Data because only the Customer itself knows what data it’s collecting. Millisecond provides the services, and Customers use the services as they wish. All Data are safeguarded using industry best security practices that prevent unlawful disclosure.
Millisecond will only process Data for the purpose of providing the software and services to customers. Customers must ensure that they follow applicable laws when distributing tests. This includes following applicable law when collecting personal and health information, preventing unsolicited emails from being sent, and deleting personal information when no longer required.
Millisecond will never transfer Data to a third-party without the written permission of the customer.
Millisecond employees do not actively view Data. Any access to Customer accounts requires the consent of the customer, and any exposure to personal information is incidental to providing support services.
We collect and retain Personal Data submitted to us for the amount of time necessary to meet your request or fulfill our legal or regulatory obligations, unless it is in our legitimate business interests and not prohibited by law to maintain the Personal Data for longer periods.
5. COMPLAINTS AND INQUIRIES
Millisecond is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and individuals have a right to contact the FTC regarding services provided by Millisecond.
If you are an EU or Swiss citizen, and have questions about your personal information that may have been collected in a Millisecond test, please contact the entity that created or sent you the test. Millisecond is not responsible for any Data collected and only processes Data as controlled by the customer. If the test creator is unresponsive with your inquiry, please contact Millisecond Support.
General inquiries regarding this policy, or any complaints regarding tests that are unresolved by the test creator, may be sent to Millisecond Support by visiting https://www.millisecond.com/about/contact.aspx and emailing or calling using the listed contact information listed. There is no charge for this inquiry.
Any disputes are handled by the International Centre for Dispute Resolution (details below). Inquiries are free of charge.
6. PRIVACY SHIELD
Millisecond complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.
Millisecond has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.
Millisecond is subject to the investigatory powers of the Federal Trade Commission (FTC). Millisecond may be required to disclose personal information in response to lawful requests from public authorities, including to meet national
security or law enforcement requirements.
Millisecond offers online demos of its products, including surveys and psychological tests. Some of these tests may gather personal information that may be used for purposes of product development, product testing, and scientific research.
Millisecond does not share the information with third parties other than those that provide its computing and storage infrastructure. Millisecond stores such information anonymously so that it can not be traced back to any individual's identity.
Because the data are anonymous, Millisecond is unable to provide individuals access to their data.
Researchers may license Millisecond's products to gather and store personal information via surveys or psychological tests for the purposes of scientific or commercial research.
While Millisecond provides services for gathering and storing such data, it does not own these data. Therefore, individuals wishing to access personal information gathered
by researchers, or who wish to limit the use and disclosure of such data, should contact the researchers who recruited them to participate in the study.
Onward Transfers of Personal Data
Except as otherwise provided herein, Millisecond discloses Personal Data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes.
Such recipients must agree to abide by confidentiality obligations. Millisecond may provide Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our
instructions. For example, Millisecond may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been
engaged by Millisecond and they must either:
1) comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Data;
2) or agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy;
Millisecond also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that Millisecond may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Millisecond is liable for appropriate onward transfers of personal data to third parties.
Complaints and Dispute Resolution
In compliance with the Privacy Shield Principles, Millisecond commits to resolve complaints about our collection or use of your personal information.
EU individuals with inquiries or complaints regarding our Private Shield policy should first contact Millisecond at:
Millisecond has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints.
If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint.
The services of EU DPAs are provided at no cost to you.
All claims and disputes not covered by the DPA are to be settled by binding arbitration in the state of Washington, US or another location mutually agreeable to the parties.
An award of arbitration may be confirmed in a court of competent jurisdiction. While Millisecond endeavors to keep personal information secure, Millisecond is not liable for the unauthorized transfer of personal information to third parties by accident or security breach.
If you have questions about Millisecond security, please email us at email@example.com.