At ElearningSpecialist we take your personal data seriously.
We only use, process and store your data to the extent necessary to provide the best possible service for you.
Activate LMS is owned and operated by ElearningSpecialist, Testrupvej 119, 8320 Mårslet.
What information do we store in Activate LMS and what do we use it for?
When you use Activate LMS, it typically happens because your employer, or vendor, or customer has given you access to learning material in Activate LMS. The purpose of Activate LMS is to collect various data about your use of the material which has been made available to you.
Activate LMS stores three types of data.
- Data regarding your interactions with the learning material. For example, information on your status, whether you have started, completed, passed, failed a module. Some learning material also saves your answers to questions in the material. Information about when you have accessed learning material, and how much time you have spent will also be stored.
The purpose of collecting this is to prove that you have reviewed the learning material you have been made available and, if necessary, follow up if you do not. It can also be used for statistics.
- Data related to your use of the system. For example, technical information, such as which browser you have used. If you have accessed the system to do other than just take learning material in Activate LMS, the system will also log this. An example of this could be to delete a user (given you have the appropriate permissions to do so). When this happens, this will be saved in the system log.
The purpose of saving such data is: a) to provide support; b) to log the use of the system, for example to prevent abuse/cheating.
- Master data. We store master data about you. It is about First Name, Last Name, Email, Username, which organization you are assigned to and any Learning Profiles you are assigned. Learning profiles are typically your job function if it is relevant to your use of Activate LMS.
The purpose of saving this data is to be able to send your information and be able to identify you in relevant reports and, in addition, to manage your use of Activate LMS
We do not share your data with third parties without your consent.
Who can see your data?
- You can. If you log in to Activate LMS account and click on your name in the upper right corner, you will find your profile page. From here, you can see all the data the system has saved about you. From here you can also download all your data.
- Typically, employees of your employer's organization. It is typically your employer who specifically determines who can see this data. Typically, it will be your manager or an admin. Your colleagues can NOT see your data. The purpose of their access to your data will typically be to be able to follow up with you to create reports, etc.
- Trusted Technical Staff at ElearningSpecialist or Subcontractors. In principle, these persons have access to being able to view your data but must only do so to ensure the operation of the system and to provide technical support.
Deletion of data
Data is deleted continuously as the purpose for which they were collected is terminated.
We store your personal information as long as there is an active customer relationship between data controller and data processor.
Once the active customer relationship has ended, we will keep your personal information as long as we are required by law (see limitation period). Data is evaluated and deleted in connection with the annual evaluation of the security). In the event that data controller requests immediate deletion of data, we will of course comply with this.
You can request deletion of all your data by sending an email to email@example.com. Note that you cannot use Activate LMS if you request few delete your data. Your employer will typically be allowed by law to store data about you in Activate LMS as part of your employment. If you request to be deleted, we will contact your employer to verify that your data can in fact be deleted.
We ensure that your data is secure. In addition to physical and digital security this also includes policies governing our employees’ access to your data.
The basic principle behind our policies is that only staff who need to be able to view your data can access your data. This could be for example technical support. In addition, our staff must, of course, comply with the guidelines governing safe use of IT, including virus protection, encryption, secure passwords, etc.
The operating environment is constantly monitored technically to ensure access to data.
Evaluation of Security
The technical and organizational measures for data protection, including data policies, are assessed on an ongoing basis and evaluated twice a year on the first working day after 1 March and 1 September.
- Zitcom. Højvangen 4, 8660 Skanderborg. Danmark. Datacenter.
Zitcom AS there is ISAE 3402 Type 2 and ISO 27001 Certified. This implies, among other things, that the audit is audited annually by an external auditor. Read more about Zitcom's security and GDPR compliance here: https://www.zitcom.dk/vores-forretning/compliance.
- MailJet. Paris. France. Service we use for sending e-mail.
MailJet ISO 27001 Certified and GDPR compliant. Read more about MailJet's GDPR compliance here: https://www.mailjet.com/gdpr/mailjet-gdpr-compliance/
- ITIDE A/S Åbogade 15, 8200 Aarhus. Denmark. Server operations.
- Microsoft Azure. Hosting of data. Data is located in the EU. Read more about Microsofts GDPR compliance here: https://privacy.microsoft.com/da-DK/ and here http://www.microsoftvolumelicensing.com/Downloader.aspx?documenttype=OST&lang=Danish.
Of course, the relevant data processing agreements exist between all subcontractors.
In addition, we use Zendesk to deliver our paid first line/end-user support service to those of our customers who purchase this service. Read more about Zendesks GDPR compliance here: https://www.zendesk.com/company/customers-partners/eu-data-protection/
Questions about data and data security can be addressed to firstname.lastname@example.org