Welcome to (the “Site”). This website privacy policy (“Policy”) describes how ZRG Partners and its subsidiaries (“We”, “we”, or “ZRG”) may use and disclose personally identifiable information that we may collect about you through the Site (“Personal Information”).
Collections and Uses of Personal Information
When you use or register with the Site, we may ask for certain Personal Information. The categories of Personal Information we may request include your name and contact information (email, address and phone number). Depending on the nature of your inquiry or activities on the Site, we may also ask for your job search criteria and preferences, your employment experience, educational history, your skills, references information, background information, and other information contained in your resume, and any login ID or email address and password created by you. The Site also utilizes cookies to track your online activities within this Site, including, but not limited to, registration, submissions, and information requests. After your successful registration with the Site, you will be able to access, review and change your Personal Information provided by you through the Site.
We use Personal Information and other data collected through the Site to register you with the Site, to provide you with information regarding employment opportunities and career-related information, and to otherwise provide you with requested information or services. We may also from time to time use your Personal Information to send you automated email messages or marketing materials regarding our services, including employment information.
Disclosures of Personal Information
As described in Section 4 of the Terms of Use, ZRG may disclose Personal Information to third parties. The disclosure to third parties would occur in the following circumstances:
- We may disclose information to companies and individuals we employ to perform business functions and services on our behalf. Such functions may include, for example, hosting our Web servers, analyzing data, providing legal, accounting and marketing services.
- We may disclose information to the extent necessary or appropriate to government agencies, advisors, and other third parties in order to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to (a) comply with the law requiring such disclosure; (b) protect the rights or property of ZRG or its affiliated companies; (c) prevent a crime or protect national security or (d) protect the personal safety of the users or the public.
ZRG Partners Commitment to the General Data Protection Regulation (GDPR)
ZRG Partners Commitment to the General Data Protection Law (LGPD - The Brazilian General Data Protection Law)
English and Portuguese versions here / As versões em inglês e português estão neste link
ZRG's Waking The Talk
Click here to view ZRG's Walking The Talk Policy Privacy
Data Subject Access Request (DSAR) Form
Data Deletion Request Form
Revisions to the Policy
If we change this privacy policy we will post any updates here for your review. If we change material terms in this Policy, we will provide notice of the revised policy for 30 days on the home page at http://zrgpartners.com/ with a link back to this page.
ZRG is committed to ensuring compliance with a range of data protection regulations, including the General Data Protection Regulation (GDPR), Privacy and Electronic Communications Regulations (PECR), ePrivacy Directive, US and other relevant Data Protection Legislations. Whenever the term 'GDPR' is referenced in this document, it pertains to both The Regulation (EU) 2016/679 (EU GDPR) and The Data Protection Act 2018 (UK GDPR). Should there be a need to refer to other regulations, they will be appropriately and distinctly named.
We are dedicated to respecting the privacy of visitors to our websites. This Privacy Policy outlines ZRG current practices regarding the collection of Personal Data by ZRG from you directly and/or through the ZRG website.
This Privacy Policy is not only intended for individual users but also applies to companies that avail our services. We understand the importance of ensuring GDPR compliance when delivering services to our client companies. As a data controller, ZRG’s Walking the Talk is dedicated to safeguarding the personal data of our clients, adhering to GDPR principles and legal requirements, and offering full transparency.
Protecting your privacy is of utmost importance to us, and ZRG’s Walking the Talk will act in accordance with current legislation and internet best practices.
Data Protection Legislations means (i) the General Data Protection Regulation (Regulation (EU) 2016/679) (“EU GDPR”) and the Directive on Privacy and Electronic Communications (Directive 2002/58/EC); (ii) the EU GDPR as it forms part of UK law by virtue of the European Union (Withdrawal) Act 2018, as modified by the Data Protection Privacy and Electronic Communications (Amendments, etc) (EU Exit) Regulations 2019 (SI 2019/419) (“UK GDPR”); (iii) the Data Protection Act 2018; (iv) the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426); (v) all other applicable data protection and privacy legislation in force in the UK and European Economic Area; and (vi) all relevant codes of practice and guidance issued by the Commissioner, supervisory authorities or other bodies in relation to the processing of personal data, in each case as amended and in force from time to time.
ZRG’s Walking the Talk acts as the Data Controller and is dedicated to protecting the rights of individuals in line with the GDPR. If you have any questions or concerns about your privacy or data protection, please contact our Data Protection Lead at the following details:
Email: dpo@walkingthetalk.com
Phone: +31 (0) 20 240 2233
Personal Data
As defined by the GDPR and other data protection legislation, personal data refers to any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. This broad definition encompasses a wide range of information, including but not limited to, names, addresses, email addresses, identification numbers, IP addresses, and cookie identifiers.
ZRG collects personal data on its website when such data is submitted by you during the registration process or when you request information about our organization. The personal data you provide will only be used by ZRG to provide you with the requested information or services. We will process your data in order to send you the information, updates and other information you have requested until you ask us to stop. Your information will be stored for up to 7 years after our last interaction with you and as defined in our Data Retention policy.
ZRG ensures compliance with the GDPR, and other applicable data protection legislation as far as practicable by complying with the principles of data protection, by keeping personal data up to date, securely storing and destroying it, collecting and retaining only necessary data, protecting it from unauthorized access and disclosure, and implementing appropriate technical measures for data protection.
How do we use your information?
This privacy policy tells you how we, ZRG, will collect, store, process , and use your personal data, including data collected through the use of cookies.
The personal data that we collect directly from you, from our own sources, and data we receive ourselves and receive from third parties may include the following: your name, address, e-mail address, phone number, place of work, job position, and any other details relating to your account, as well as information collected via cookies during your interactions with our website or services.
We use your data to send periodic emails, manage your subscriptions and settings, to improve our website to ensure that content is presented in the most effective manner. We may send you marketing information concerning our products or services which you use or our similar products or services which we think may be of interest to you such as periodic newsletters, latest research reports or series of content we feel could benefit you. This may include information concerning promotions or offers which could benefit you.
ZRG’s services may be delivered by consultants located in the EU, Brazil, USA, Australia, and other countries. These consultants are an integral part of our service delivery team and may require access to your personal data to provide you with the best possible experience.
ZRG is committed to enhancing the quality of our services. To achieve this, we may implement artificial intelligence (AI) technologies to improve user experiences, personalize content, and streamline processes. These AI systems will process data for the purpose of enhancing the services we provide. We ensure that these technologies are implemented in compliance with data protection regulations.
We will only use your personal data for the purposes for which we collected it and as you would reasonably expect your data to be processed and only where there is a lawful basis for such processing, for example:
|
Purpose/Activity |
Type of data |
Lawful basis for processing |
|
To register you as a new customer
|
a. First Name b. Last Name c. Business Email d. Company Name e. Job Title f. Countryz
|
a. Performance of a contract with you b. Consent
|
|
To process and deliver the consultancy products and services you request, including culture-changing solutions, and to manage payments, fees, and charges. |
a. Identity b. Contact c. Financial d. Transaction |
a. Performance of a contract with you b. Necessary for our legitimate interests to recover debts owed to us c. Consent |
|
To manage our ongoing relationship with you which will include notifying you about changes to our terms, services or privacy policy, to maintain our records
|
a. Identity b. Contact c. Profile d. Marketing and Communications
|
a. Performance of a contract with you b. Necessary to comply with a legal obligation c. Necessary for our legitimate interests to keep our records updated and to study how customers use our services d. Consent |
|
To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
|
a. Contact information b. User preferences and other account-related details
|
a. Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise b. Necessary to comply with a legal obligation c. Consent |
|
To use data analytics to improve our website, services, marketing, customer relationships and experiences
|
a. Email address b. User preferences and other account-related details c. Technical d. Usage |
a. Necessary for our legitimate interests to define types of customers for our services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy b. Consent |
|
To make suggestions and recommendations to you about services that may be of interest to you
|
a. Identity b. Contact c. Technical d. Usage e. Profile |
a. Necessary for our legitimate interests to develop our services and grow our business b. Consent
|
|
Conducting assessments and surveys to evaluate and understand corporate culture within client organizations
|
a. Demographic data of employees or participants. b. Responses to survey questions related to behaviors, attitudes, and cultural attributes. c. Feedback and comments provided by employees or participants.
|
a. Consent b. Legitimate interest c. Contractual performance d. Compliance with Legal Obligations
|
|
Designing and planning corporate culture transformation journeys
|
a. Organizational data b. Employee data c. Behavioral data
|
a. Consent b. Legitimate interest c. Contractual performance d. Compliance with Legal Obligations |
|
Measuring and tracking cultural changes over time
|
a. Employee data b. Behavioral data c. Performance data
|
a. Consent b. Legitimate interest c. Contractual performance d. Compliance with Legal Obligations e. Vital Interests |
|
Developing leadership and middle-management teams to align with desired cultural attributes
|
a. Leadership and Management data contact data b. Assessment data c. Behavioral data d. Performance data e. Feedback and Comments data |
a. Consent b. Legitimate interest c. Contractual performance
|
|
Providing training programs to facilitate behavioral changes
|
a. Participant Information b. Training Records c. Assessment Data d. Feedback and Evaluation e. Performance Data |
a. Consent b. Legitimate interest c. Contractual performance
|
How do we collect your personal data?
Each time you visit our website, we may automatically collect information and personal data about your computer for system administration, including where available, your IP address, operating system and browser type subject to you accepting or rejecting our cookies and other tracking pixels.
During the registration process or at any point where personal data is collected by us about you, you may be asked to indicate your preference regarding ZRG sending you information about other ZRG products or services.
We may contact you in relation to your request and our products and services. We may contact you by email, post. and/or phone call. You can ask us not to contact you at anytime and we will amend your preferences for you.
You may unsubscribe at any time by following the ‘unsubscribe’ link at the bottom of any email you receive or by clicking on this link and submitting your email to be unsubscribed.
Why does ZRG need to collect and store personal data?
ZRG recognizes the importance of personal data protection, and we are committed to complying with the General Data Protection Regulation (GDPR) and other relevant data protection legislation in all aspects of our operations. We collect and store personal data for the following lawful purposes, which are integral to our core business of delivering culture change services to other companies:
- Service Delivery and Personalization: To efficiently manage the ZRG website and provide the services requested by both individuals and our client organizations. To analyze visitor behavior, enabling us to enhance our website and service offerings for improved customer support.
- Communication: To keep individuals, employees, and clients informed about news, events, activities, or services offered by ZRG. These communications aim to support our core mission of facilitating culture change within client companies and are essential for providing a seamless and informed experience.
- Feedback and Improvement: We may contact individuals and clients, through surveys to gather insights about their opinions regarding our current services and the potential new services that may aid in achieving culture change goals. This feedback-driven approach is vital in continually enhancing our services.
- Legitimate Business Interests: Additionally, the collection and storage of personal data align with our legitimate business interests, as we believe it is crucial for advancing our core mission of empowering organizations to foster positive culture changes. ZRG ensures that the data collected is proportionate and necessary for these specified purposes and is processed in a manner that respects your privacy rights, providing a secure and confidential environment.
In any event, we are committed to ensuring that the data we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
Will ZRG share my personal data with anyone else?
Under specific circumstances and to fulfill our obligations to you as outlined in this document, your personal data may be shared with carefully chosen third parties, including but not limited to:
- Service providers offering IT and system administration services.
- Various third parties, such as data processors, suppliers, and equipment providers, necessary for the operation and expansion of our business.
- Professional advisors, including lawyers, bankers, auditors, and insurers, providing services such as consultancy, credit scoring, legal aid, fraud protection, insurance, and accounting.
- Other technology companies involved in tracking, analytics, and advertising activities.
- Social media companies.
- Companies within our group of companies.
- Partners and other organizations contributing to the provision of our services to you and the management of our company.
- Government organizations, regulators, and other legal authorities requiring disclosure of processing activities in specific situations.
- Third parties to whom we sell, transfer, or merge parts of our business or assets.
- Other companies necessary for fulfilling our obligations to you and maintaining our business operations.
We ensure that all third parties receiving your data respect the security of your personal information and handle it in compliance with relevant legislation. We only permit such third parties to process your personal data for specific purposes and in accordance with our guidelines.
Regarding the sharing of your personal data, ZRG may disclose your information to third parties based on the following lawful basis:
- Consent: Sharing of your data may occur if you explicitly consent to such sharing.
- Legal Obligations: In some instances, we may be legally obligated to disclose your data to third parties, such as government authorities or regulatory bodies, to comply with the law.
- Legitimate interest: We might collaborate with third-party organizations to facilitate the provision of our services. These organizations are contractually obligated to uphold the security of your data and utilize it exclusively for the purposes outlined by us.
- Business Transition: In the event of a merger, acquisition, or asset sale involving ZRG, your personal data may be transferred to the acquiring entity, and you will be duly informed of such a transfer.
Is my data transferred to other countries by ZRG?
We might transfer and store the information we collect about you in countries different from the one where the data was initially gathered, which may include the United States, or other locations beyond the European Economic Area (EEA) and the United Kingdom. These countries may not have the same data protection regulations as the one in which you originally provided the data. When we transfer your data to other countries, we will safeguard the data as detailed in this Privacy Policy and adhere to the applicable legal requirements that ensure adequate protection for data transfers outside the EEA and the United Kingdom. This includes but is not limited to the Data Processing Agreement (DPA), Standard Contractual Clauses (SCC), Transfer Impact Assessments (TIAs), International Data Transfer Agreement (IDTA) or the UK Addendum, as applicable.
If you are situated within the EEA or the United Kingdom, we will only transfer your personal data if:
- The destination country has received a positive adequacy decision from the European Commission, or
- We have established suitable protective measures for the transfer, such as entering into EU standard contractual clauses, the International Data Transfer Agreement (IDTA) or the UK Addendum and implementing additional safeguards with the recipient, or the recipient adheres to binding corporate rules authorized by an EU or UK supervisory authority.
For more details about the protective measures we've implemented for personal data transfers, please contact us using the information provided in the "How to contact us" section below.
How will ZRG use the personal data it collects about me?
ZRG will handle (collect, store, and process) the data you provide in line with the provisions of the GDPR and other pertinent data protection legislation. Our processing endeavors are geared towards maintaining the accuracy and currency of your data, ensuring that it is not retained longer than necessary. Moreover, as part of our core business in delivering services to other companies for cultural transformation, we are obliged to retain certain data in compliance with legal requirements, including those related to income tax and audits.
How to change your preferences?
At ZRG we strictly adhere to GDPR and other data protection legislation, reflecting our commitment to safeguarding your rights and privacy. We are prepared to promptly address your requests related to personal information access, rectification, data transfer, or discontinuation of processing. Additionally, we can provide guidance on how to file complaints with the relevant authorities. If you wish to make a request or express objections, we encourage you to submit your preferences in writing to the Data Protection Lead at dpo@walkingthetalk.com. Alternatively, you can reach out to us through our website, phone, or email to exercise your rights, file a complaint, or modify your preferences at any time.
How to make a complaint?
In cases where you have provided consent for us to process your data, such as opting in for marketing information or agreeing to the processing of financial data, you retain the right to contact us to revise or revoke your consent at any time. Furthermore, you have the option to object to processing and request the deletion of your data. We fully respect all user rights as defined in the GDPR and described below. If you have any comments or wish to lodge a complaint, please do not hesitate to contact us.
How will ZRG keep my data secure?
ZRG is dedicated to maintaining the confidentiality, integrity, and availability of your personal data and to safeguarding your privacy rights. Our commitment to data security includes protecting your personal data from unauthorized access, securely storing and destroying it, retaining only necessary data, and implementing technical measures for protection.
These security measures are regularly reviewed and updated to align with evolving security standards and best practices.
Under what circumstances will ZRG contact me?
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the data you provide will be subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure.
How long will ZRG retain my personal data?
Your personal data is stored by ZRG on its servers and on the servers of cloud-based service providers that ZR engages, which may be located in the UK, EU or United States. We may maintain your information in hard copy or electronic format, in storage facilities that we either own and operate ourselves or are owned and operated by our service providers.
Furthermore, your data may be processed by individuals operating outside the EEA, including our own staff, staff from our service providers, or other parties. Any such transfer of personal data outside the EEA will be carried out in compliance with the requirements of the GDPR and other pertinent data protection legislation.
ZRG retains your personal data for as long as necessary, considering the purposes for which it was initially collected or legally processed. We may also retain data as required by our legal obligations. For personal data used in marketing, we will continue to keep it until you inform us that you no longer wish to receive such information.
This approach aligns with our core business of providing services to other companies for cultural transformation and adheres to the relevant data protection legislation. For further details on our data retention policy, please refer to our Data Retention Policy.
Can I find out the personal data that the organization holds about me?
ZRG at your request, can confirm what data we hold about you and how it is processed. If ZRG does hold personal data about you, you can request the following data:
• Identity and the contact details of the person or organization that has determined how and why to process your data. In some cases, this will be a representative in the EU and/or UK.
• Contact details of the Data Protection Lead, where applicable.
• The purpose of the processing as well as the legal basis for processing.
• The categories of personal data collected, stored, and processed.
• If we intend to transfer personal data to a third country or international organization, data about how we ensure this is done securely. The EU and UK have approved sending personal data to some countries because they meet a minimum standard of data protection.
• How long the data will be stored.
• Details of your rights to correct, erase, restrict or object to such processing.
• Data about your right to withdraw consent at any time.
• How to lodge a complaint with the supervisory authority.
• Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
• The source of personal data if it wasn’t collected directly from you.
What are my rights as a data subject?
• Right of access – you have the right to request a copy of the information that we hold about you.
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
• Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
• Right of portability – you have the right to have the data we hold about you transferred to another organisation.
• Right to object – you have the right to object to certain types of processing such as direct marketing.
You can exercise your data protection rights at any time by contacting our Data Protection Lead at dpo@walkingthetalk.com. We are committed to responding to data protection requests in accordance with GDPR guidelines.
Our aim is to provide a timely response within one month of receiving your request, which may be extended to two months if your request is complex or if there are multiple requests from you. This extension will be communicated to you within one month, along with the reasons for the delay.
Subject Access Request (SAR) responses are typically provided free of charge. However, we reserve the right to reject or apply reasonable fees to requests that are manifestly unfounded, excessive, or repetitive, in accordance with legal requirements. We will always provide a clear explanation if such a situation arises.
We are fully committed to complying with relevant Data Protection Legislations and will cooperate with any investigations or requests made by the relevant authorities.
If, for any reason, you are not satisfied with our response or handling of your data protection request, you retain the right to directly approach your local data protection authority. A list of these authorities can be found at: Data Protection Authorities List.
Please be aware that our website may include links to external websites operated by our partner networks, advertisers, and affiliates. It is important to note that these websites have their own privacy policies, and we do not accept any responsibility or liability for the content or practices of these websites. We recommend reviewing their privacy policies before providing any personal data to these external sites.
What are our Obligations?
As a company, we are dedicated to safeguarding the personal data of our clients and employees. In accordance with this commitment, we comply with the principles of the General Data Protection Regulation (GDPR) when collecting, utilizing, and handling personal data. This includes adherence to principles of legality, fairness, and transparency; limiting data collection to specific purposes; minimizing the amount of data collected; ensuring accuracy; limiting data storage; maintaining integrity and confidentiality; and being accountable for data protection." can be included in the Privacy Policy.
Changes of this Policy
We will review and update this Privacy Policy regularly to ensure that it is up-to-date and complies with the GDPR and data protection regulation.
We will notify you of any changes to this Privacy Policy by posting the revised policy on our website and/or by sending you an email notification if there are major material changes. You can always access the latest version of this Privacy Policy by visiting our website.
California Consumer Privacy (Exclusive to California Residents)
Distinct regulations pertain to the personal data of individuals residing in California. Additional details can be found by clicking this link.
In accordance with California's "Shine the Light Act," residents of California have the right to seek details regarding how we disclose specific data categories to third parties for their marketing purposes.
How to contact us:
Supervisory Authority Contact Details
Contact name:
Autoriteit Persoonsgegevens
Address:
Prins Clauslaan 60
P.O. Box 93374
2509 AJ Den Haag/The Hague
Netherlands
Email: nfo@autoriteitpersoonsgegevens.nl
Phone: +31 70 888 8500
Fax: +31 70 888 8501
Website: Autoriteit Persoonsgegevens
Data Protection Lead (DPL) Contact Details
Contact name:
Steve McLay
Address:
Keizersgracht 555
1017 DR Amsterdam
Netherlands
Email: dpo@walkingthetalk.com
Phone: +31 (0) 20 240 2233
Website: https://www.walkingthetalk.com/
This Policy is effective as of June 1, 2015. If you have any questions about our website privacy policies, please contact us at:
Mailing Address:
ZRG Partners, LLC
365 West Passaic Street
Suite 465
Rochelle Park, NJ 07662
T: +1.201.560.9900
F: +1.201.701.0374
