Know your value: Download the 2025 SE Compensation & Workload Report now!
Read now

Consensus Privacy Policy

At Consensus, we are committed to protecting personal information. In this Privacy Notice (“Notice”), Consensus Sales LLC and its affiliated entities (“Consensus”, “we,” or “us”) set out how we, as data controller, may collect, create, share and use personal information relating to identifiable individuals (“Personal Data”) and provide you with information regarding your Personal Data rights and choices.

This Privacy Notice is integrated into and made part of the Consensus Master Subscription Agreement found here: (https://goconsensus.com/terms-of-service/) and by continuing to use our Sites, or the Services, you agree to both this Privacy Notice and the Consensus Terms and Conditions.

1.          SCOPE OF THIS NOTICE

This Notice describes Consensus’s privacy practices for Personal Data collected by Consensus websites (“Sites”) (together the “Service(s)”) as well as other activities, such as if you visit our offices, attend a Consensus event or otherwise interact with Consensus and provide Personal Data, such as corresponding by email, unless such activities are covered by our other notices outlined below. 

Please read this Notice in full. By using our Sites, using the Services, or participating in other activities with Consensus described below, you consent to the collection, creation, sharing and use of information as described in this Notice, where consent is required by relevant law.

Unless specifically identified, references to Services will include both the operation of Sites as well as the Services.

Consensus also operates a public forum on certain Consensus social media pages and on our websites (“Forums”). The purpose of Forums is to discuss our products and Services. Please note that any Personal Data you choose to post in a Forum may be read or used by other visitors (for example, to send to you unsolicited messages). Consensus Forum users should not upload sensitive or confidential content on this public forum.

As a convenience to visitors to our Sites, we may also provide links to other websites that are not governed by this Notice. These linked websites are not under the control of Consensus and we are not responsible for the content on such websites or the protection/privacy of any information which you provide while visiting such websites.

2.        PERSONAL DATA WE MAY COLLECT

The Personal Data Consensus may collect about you will depend on your interaction/relationship with us. It may include:

  • account information you give us about yourself, such as contact information
  • equipment information we collect about equipment on our network like the type of device you use, device ID, and phone number if you browse our Sites, information systems data relating to your interaction with our Sites, such as location (e.g., IP address), cookie related information (see section 6 below), usage (e.g., mouse clicks, page visits, feature usage, view time, downloads) and other information, such as language preference;
  • location information we collect which is automatically generated when devices, products and services interact with cell towers and Wi- Fi routers. Location can also be generated by Bluetooth services, network devices and other tech, including GPS satellites;
  • if you complete a webform on our Sites (e.g., to make a purchase), attend a Consensus event (online or in-person), or otherwise send this data to Consensus (e.g., by email, telephone, exchange of business cards), identifying/contact information such as your name, job title, work email, organization/employer name, work telephone, and location information such as work address;
  • if you purchase Consensus products or Services, financial or billing data, such as name, address, credit card number or bank account information;
  • if you attend a Consensus event (in-person or online) or our offices, your attendance details (e.g., entry time);
  • if you avail yourself of Consensus Services, such submit a technical support case, your activity with Consensus to interact with and take part in these services;
  • your image and/or voice, such as for phone/video call recordings (for training, quality assurance and administration purposes), if you attend a Consensus event (event recording) or office (e.g., CCTV), post an image/recording to a Consensus Site (e.g., add a profile photo to a Forum) or you otherwise send a recording/image to Consensus;
  • information from otherwise engaging/interacting with you, such as your feedback to us through our Services and responses to any promotional or survey communications; and/or

We may also collect Personal Data about you from third parties, such as vendors (e.g., web analytics tools, data enrichment providers) and Consensus partners (e.g., where your contact details are provided to enable delivery of Consensus software, for customer success purposes and/or in relation to maintenance/support, including renewal and/or cancellation of same). We also maintain social media pages and may collect Personal Data from you when you interact with these or communicate with us through our social media pages.

3.      USER OF PERSONAL DATA

Depending on your relationship with Consensus, we may use your Personal Data for different purposes. Where required by applicable law in relation to the particular use, we will obtain your consent to collect and use your Personal Data. Otherwise, we will rely on another legal basis, such as in connection with a contract or for our legitimate interests, as set out below.

  • Perform a contract: We may process your Personal Data in connection with a contract with you or your organization, such as to process relevant payments, deliver (customer) or receive (vendor) products/services.
  • Operate our Services: We may use your Personal Data to provide our Services, content and offerings (e.g., downloads, registrations for accounts or profiles, such as a Consensus Account), including necessary functionality, content customization (e.g., based on what we think will interest you), and functionality to enhance ease of use (e.g., make the Services easier for you to use by not making you enter information more than once, etc.). Unless such processing is in connection with a contract or our legitimate interests, it will be on the basis of your consent.
  • Improve our Services: We process your interactions with our Services, content and offerings (e.g., Consensus support) to assess and improve these and the user experience, such as by use of cookies (see section 6 below). This data is typically aggregated unless Personal Data is required for the particular processing operation. We process your Personal Data for this purpose for our legitimate interests of maintaining and improving our Services and providing tailored content, or where required by law, on the basis of your consent.
  • Manage contact requests: We may use your Personal Data to reply to contact initiated by you, such as through a webform, chatbot, survey responses or Consensus support.  We process your Personal Data for these purpose for our legitimate interest in replying to/fulfilling your request, collecting survey responses and to carry out our contractual obligations under the applicable terms (e.g., providing Consensus support).
  • Other communications: We may use your Personal Data to otherwise communicate with you to manage our relationship with you/your organization, such as to manage our offerings, for customer success purposes, to contact you regarding updates to our offerings you may be interested in, and to run surveys. Such processing will be to fulfil our contractual obligations, where necessary for our legitimate interests or, where legally required, with your consent.
  • Billing: We may use your personal data for billing, collection, and protection of our property and legal rights.
  • Call recording: We may record phone or video calls (e.g., Zoom) for training, quality assurance, the functionality of programs, functionality, or features you have selected, and/or administration purposes. We process this Personal Data on the basis of our legitimate interests however, if required under applicable law, we will obtain your consent or give you the option to object to the call being recorded.
  • Marketing: We may use your Personal Data to contact you for marketing purposes, such as to alert you to product upgrades, special offers, updated information/services from Consensus, and to contact you (e.g., by phone or email) regarding your interest in our offerings and/or invite you to Consensus events. Such contact will be on the basis of legitimate interest or, where legally required, on the basis of your consent. To opt-out of marketing contact, please unsubscribe here support@Consensus.com.
  • Events: We may process your Personal Data to operate Consensus events, including training/education related activities, in-person and online, that you have selected to attend. Such processing will be on the basis of our legitimate interests or to perform a contract with you under the applicable terms of service.
  • Manage premises: Where you attend our offices, we may process your Personal Data to administer our premises and fulfil our legal obligations regarding health and safety, and to manage the security of our premises to ensure there is no unauthorized access. Such processing will be on the basis of our legitimate interests and/or to carry out our legal obligations.
  • Compliance and Security: We process your Personal Data to comply with our legal obligations and to ensure compliant use/security, such as to ensure the use of our Services, content and offerings in compliance with our terms and/or to ensure their security, to cooperate with courts, regulators or other government authorities to the extent processing/disclosure of Personal Data is required under applicable law, where it is necessary to protect our legal rights or those of others, or for other compliance purposes such as auditing, investigations and responding to legal processes or lawful requests. Where we process health related data for Covid-19 related reasons or to accommodate a reasonable adjustment for a disability, we will only do so to carry out our legal obligations relating to health and safety, under applicable law.
  • Professional advisers: In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data.
  • Third parties involved in a corporate transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
  • We may also combine Personal Data we hold about you. For example, we may combine your contact information with your usage data relating to our offerings and our Services for the purposes above, such as to improve our Services and our offerings, as well as to create more tailored experiences by providing content that may be of interest to you. We may also use your Personal Data to fulfil any other purposes disclosed to you at the time of collection or as otherwise required/permitted by applicable law.

4.SHARING PERSONAL DATA

Consensus may share Personal Data for various purposes, such as:

  • within the international group of Consensus companies to operate our business and provide our Sites, products and Services;
  • with authorized Consensus vendors, advisors and contractors providing services on our behalf (such as a technology or professional service providers) to operate our business, Sites, products and Services;
  • if you register for or attend a Consensus event, Consensus may share participant information (e.g., your name, organization, work email) with other participants, organizers or hosts of the same event in order to facilitate the event and the subsequent exchange of ideas. Consensus may also share your contact details with event sponsors where you have consented, e.g., through registration, to these sponsors contacting you regarding their own offerings. Your contact details may also be used by other hosts of the same event, such as to send marketing material, according to their privacy notices provided to you;
  • sharing with non-Consensus companies or entities where authorized or required by law. This can happen when we: (i) comply with court orders, subpoenas, and lawful discovery requests, and as otherwise authorized or required by law; (ii) detect and prevent fraud; (iii) provide or obtain information related to payment for your service, (iv) route your calls or other communications, (v) defend and enforce our legal rights.

Consensus will only share Personal Data to the extent needed to perform the relevant use and will take such steps as are necessary to safeguard Personal Data. For example, our vendors, advisors and contractors are required to keep such Personal Data confidential and not to use it other than for the purposes intended. Consensus partners are obliged to comply with the privacy rules set out in their agreement with Consensus. Consensus does not sell or rent Personal Data to third parties.

Consensus may also disclose Personal Data to comply with legal requirements, such as in relation to legal proceedings or investigations by governmental or law enforcement agencies (including national security agencies), or to meet tax or other reporting requirements, including to (a) protect and defend the rights or property of Consensus, including the defense and management of legal claims and investigations, (b) act in urgent circumstances to protect the personal safety of users our Services, our Consensus team members, or the public, (c) as part of a merger or change in corporate ownership or control, and/or (d) as otherwise permitted or required by applicable law.

5.LEGAL BASIS FOR PROCESSING (FOR EU/UK/SWISS DATA SUBJECTS)

If you are an individual in the European Union, the United Kingdom, or Switzerland, we collect and process Personal Information about you only where we have legal basis for such processing in accordance with applicable data privacy laws. The legal basis that Consensus relies on when processing your Personal Data depends on the type of the processing, as described in this Notice namely:

  • You have given your consent to the processing of your Personal Data for one or more specific purposes (such as when you subscribe to a newsletter, or submit a web form).
  • The processing is necessary for the performance of a contract to which you or your employer are a party or to take steps at your request prior to entering a contract.
  • The processing is necessary for compliance with a legal obligation to which we are subject. 
  • The processing is necessary to protect your vital interests or those of another natural person.
  • The processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms, which require protection of your personal data.
  • Other applicable legal bases for data processing, especially provisions of law applicable to Consensus.

If the legal basis for the processing is your consent, you have the right to withdraw at any time your consent to the processing, without this affecting the lawfulness of previous processing under your consent, until the date of your withdrawal. This might lead, however, to your inability to interact with the Services.

6.COOKIES AND SIMILAR TECHNOLOGIES

As is true of most websites, when you visit our Sites, cookies will be placed on your device (computer, mobile or tablet). A “cookie” is a small text file that is placed on your device by websites you visit. Some of the cookies we use are strictly necessary to operate our Sites. Others relate to the Site’s performance, functionality and/or to advertising. Information relating to a cookie or similar technology may include identifiers such as IP address, and information like general location, browser type and language, and internet activity such as timestamps. Consensus uses the following types of cookies and similar technologies on our Sites:

A. Strictly Necessary: These cookies enable the Sites to function correctly and deliver the Services and products you have requested. These cookies do not gather information about you that could be used for marketing or remembering other websites you have visited on the internet.

B. Functional: These cookies do things like remember your preferred language, understand your preferences and associate users to forms submitted to enable pre-completion of subsequent forms as well as improve and customize your experience on our Sites.

Performance: We use third-party analytics tools to help us analyze how our Sites and other electronic mediums are used, such as allowing us to compile reports on website activity, providing us other services relating to website activity and internet usage and whether email communications are opened or left unread.

C.Advertising: These cookies may be set on our Sites by our advertising partners. They may be used to build a profile of your interests and/or show you relevant adverts on other sites. If you wish to not have your online information used for this purpose you can also visit resources such as https://optout.networkadvertising.org and/or https://www.youronlinechoices.eu (please note these and similar resources do not prevent you from being served ads as you will continue to receive generic ads).

Cookies can be session-based (which disappear once you close your device or browser) or persistent (which remain on your device afterwards). Consensus may also rely on cookies or similar technology operating on other websites, for example to display our adverts to you. You can generally disable the use of cookies by changing your browser settings. You may also adjust your browser settings, however if you choose to not have your browser accept cookies from the Consensus Sites, you will not be able to experience a personalized visit and it may limit your ability to use some features on our Sites. For more information about cookies, visit https://www.aboutcookies.org. We may also use pixels, web beacons and similar technologies on our Sites and in emails, for example in a marketing email that notifies us if you click on a link in the email.

7.PROTECTIONS OF PERSONAL DATA

Consensus takes appropriate precautions to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction. Such measures may include (i) using security controls such as, passwords, firewalls and/or encryption, (ii) restricting Personal Data to those with a legitimate purpose in receiving/accessing it, (iii) deidentifying Personal Data, or assigning codes or pseudonyms when the personal identifiers are not required for the purpose at hand, (iv) providing training and internal policies to team members to embed privacy and security across our organization, and (v) putting in place relevant procedures (such privacy and security vetting) and contracts relating to the use and protection of Personal Data with third parties.

Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is fully secure, and no one can guarantee absolute data security.

You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.  

For inquiries related to data security please contact Consensus at: security@goconsensus.com.

 

8.      HOW LONG WE RETAIN PERSONAL DATA

Consensus will retain and process Personal Data for a period of time consistent with the purpose of collection (see section 3 above) and/or as long as necessary to fulfil our legal obligations. We determine the applicable retention period by taking into account the (i) amount, nature and sensitivity of the Personal Data, (i) relevant use, including whether we can achieve the use through other means (e.g., by instead using deidentified data); (iii) potential risk of harm from unauthorized use or disclosure of the Personal Data, and (iv) applicable legal requirements (e.g., statutes of limitation). 

9.      CHILDREN’S PRIVACY

We don’t knowingly collect personal information from anyone under 18. We also won’t contact a child under 18 for marketing purposes without parental consent. Consensus Services are intended for adult use and not for use by minors.

10.      INTERNATIONAL TRANSFER OF PERSONAL DATA

The Personal Data that we collect or receive about you when providing the Services may be transferred to and processed by recipients which are located inside or outside the European Economic Area (“EEA”). Consensus transfers your Personal Data only to countries which provide an adequate level of data under applicable data protection laws, as determined on the basis of an adequacy decision issued by the EU Commission. These countries are listed here.

Other recipients might be located in other countries which were not recognized as offering an adequate level of protection from a European data protection law perspective, but in such a case Consensus will take all necessary measures to ensure that transfers out of the EEA are adequately protected as required by applicable data protection law. With respect to transfers to countries not providing an adequate level of data protection the transfer is made based on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved code of conducts together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient.

With respect to Personal Data transferred from the EU, UK, or Switzerland to the U.S., please note the following:

Consensus complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. 

Consensus has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. 

Consensus has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit this website.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Consensus commits to resolve DPF Principles-related complaints about our collection and use of your Personal Data. EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Consensus at: 125 East Main St., Ste. 118, American Fork, UT 84003 or privacy@goconsensus.com.

The Federal Trade Commission has jurisdiction over Consensus’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). 

Under certain conditions, You may have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. Please see Annex I to the DPF Principles for additional information here.

The DPF Principles also describe our obligations with respect to Personal Information that we transfer to third parties as described elsewhere in this Policy. We remain responsible and liable as provided in the DPF Principles if the third party processes the Personal Information in a manner that is not consistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage.

11.      YOUR RIGHTS AND CONTROLLING YOUR PERSONAL INFORMATION

If you are an individual in the European Union, the United Kingdom, or Switzerland, you have the following rights, pursuant to the privacy law applicable to Consensus:

  • to request access to your Personal Data, to obtain confirmation as to whether or not your Personal Data is being processed by Consensus and to obtain a copy of your Personal Data that is being processed. Consensus provides you with means to ensure that your Personal Data is correct and up-to-date. You can access your Personal Data by contacting Consensus. If you have an account with Consensus, you can update your Personal Data in your Consensus account.
  • to request rectification of your Personal Data;
  • to request erasure of your Personal Data: (a) your Personal Data are no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) if you withdraw your consent for processing, if this was the legal base for processing and where there is no other legal ground for the processing; (c) if you object to the processing and there are no overriding legitimate grounds for the processing, or if you object to a processing for marketing purposes or profiling; (d) if your Personal Data has been unlawfully processed; and/or (e) if your Personal Data has to be erased for compliance with a legal obligation in Union or Member State law to which Consensus is subject. 
  • If you have an account with Consensus, you can correct, update or delete your Personal Data in Your Consensus account. If you want to exercise Your right to have your Personal Data erased from Consensus records, please submit a request privacy@goconsensus.com;
  • to request restriction of processing your Personal Data, if you contest the accuracy of your Personal Data, for the period enabling us to verify the accuracy of your Personal Data, if the processing is unlawful and you oppose the erasure of your Personal Data and requests the restriction of its use instead, if Consensus no longer needs your Personal Data, but such is required by You for the establishment, exercise or defense of legal claims, or if you objected to processing pending the verification whether the legitimate grounds of Consensus override your legitimate rights;
  • to request data portability to another data controller, if you have provided your Personal Data in a structured, commonly used and machine-readable format and this has been processed by Consensus based on your consent or based on a contract executed with you;
  • to object to the processing of your Personal Data (including objection to profiling) if Consensus processes your Personal Data based on legitimate interest;
  • to object to being subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you and;
  • the right to lodge a complaint with a supervisory authority.

If you have declared your consent regarding certain collecting, processing and use of your Personal Data, You can revoke this consent at any time with future effect. Furthermore, you can object to the use of your Personal Data for marketing purposes without incurring any costs other than the transmission costs in accordance with the basic tariffs and without this affecting the use of the Services you have contracted. For example, if you have given your consent to Consensus in this respect, you may opt out of receiving marketing communications from us by using the unsubscribe link within each email, or by contacting us and requesting that you are removed from our marketing email list or registration database.

Your request to exercise your rights above may be limited in certain situations generated by the fact that, for example, your request would reveal information about another person, or in case you ask us to delete information which we or your employer have a legitimate interest for keeping and further processing.

To exercise Your rights stated above, please contact us using the contact details, as stated under the “Contact us” section below.

Also, if you are an individual outside the European Union, the United Kingdom, or Switzerland, Consensus provides you with means to ensure that your Personal Data is correct and up-to-date. You can access your Personal Data by contacting Consensus. You can also update your Personal Data in your Consensus account. You are entitled to request the correction, update, restriction and deletion of your Personal Data under the conditions mentioned in this Privacy Policy. You have the right to object at any time, based on legitimate grounds, regarding the processing of your Personal Data by Consensus.

Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.

Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example providing user support), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.

Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

12.      CONTACT OR COMPLAINT INFORMATION

In compliance with the Data Privacy Framework Principles, Consensus commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, Swiss and United Kingdom individuals with DPF inquiries or complaints should first contact:

Via US Postal Service at:

Consensus Sales, LLC.

Attn: Privacy-Legal

125 East Main St.

Ste. 118

American Fork, UT 84003

or

Via email at:

privacy@goconsensus.com

We will investigate and attempt to resolve any DPF-related complaints or concerns within forty-five (45) days of receipt.

Consensus has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by International Centre for Dispute Resolution / American Arbitration Association (“ICDR/AAA“). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https:/go.adr.org/dpf_irm.html. for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. 

See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-3558

13.      CHANGES TO THIS NOTICE

Consensus reserves the right to modify or update this Notice from time to time to reflect changes in technology, our practices, law and other factors impacting the collection/use of Personal Data. You are encouraged to regularly check this Notice for any updates. We may also collect, use and disclose Personal Data for other purposes otherwise disclosed to you at the time of collection/processing in a supplementary notice.

Last updated: April 15, 2024