Last updated September 13, 2019
Best Companies Group helps to identify and recognize outstanding employers through the management of a multitude of programs such as Best Places to Work, Best Employer, and Best Companies to Work For (“Best Programs”). Through employer and employee surveys, Best Companies Group specializes in assessing the workplace to create lists for publication and recognition by our local and national program partners. Through its Best Employee Surveys (“BES”), Best Companies Group also works with employers to develop customized independent survey projects.
To make sure you stay informed of all changes, you should check these policies periodically. Updates will be referenced by the “Last Updated” date shown above.
Table of Contents
1. Scope – Site Visitors and Employer Organization Users
2. Information We Collect
3. How Do We Use Personal Data?
4. Disclosure of Personal Data
6. Do We Use “Cookies”?
7. Third Party Links
8. California Do Not Track Disclosure
10. Individuals in the European Economic Area (EEA)
11. Changes to this Policy
12. Contact Us
1.1 Site Visitors.
We collect and process Personal Data about direct visitors to our Sites (each a “Site Visitor”), some of whom may also be employer organizations who sign up for our Services (“Employer Organizations”). We may refer to Site Visitors as “you” or “your.”
1.2 Employer Organizations.
We also process Personal Data of Employer Organizations’ employees and business contacts as provided to us by those Employer Organizations for processing in connection with our Services.
When an individual interacts with the Sites, registers for any of our Best Programs or takes one of our surveys, we may collect Personal Data, as follows:
2.1 Personal Data Provided Through the Sites
We collect Personal Data that is voluntarily provided by you when you visit our Sites, for example, when you request information about our programs (such as through the “Contact Us” page or other forms on the Sites) or contact our sales or customer support team. The Personal Data we collect includes your first and last name, employer, address, email address, phone number and any other information you choose to include in the body of your email or message. We also collect your email address and may send you information about our company when you register for a Best Program, subscribe to a Best Companies Group newsletter, or when requesting more information about a customized BES.
2.2 Personal Data Provided Through a Registration Form and Our Employer Benefits and Policies Questionnaire
Each Employer Organization electing to participate in a Best Program is required to complete a registration form and an employer questionnaire. As a part of this process, we collect employer business contact information such as: employer contact names, titles, business email addresses, business phone numbers, and postal mailing addresses. Follow-up requests for clarification or more information may also be a part of this process.
As part of the employer questionnaire, we also collect organizational information about the Employer Organization such as benefits, policies, practices, and workplace demographics (“Employer Data”). All information collected through the employer questionnaire may be used, all or in part, by Best Companies Group and the authorized program partners at a public recognition event. This information may also be used, all or in part, to create and distribute a Best Program online or print recognition publication. We will provide the authorized Best Program partners with the Employer Data only for purposes of list-making and identifying winning employers and only to assist the Best Program partners in the development of the results publication or recognition event.
If an Employer Organization does not make the list, that organization’s Employer Data will not be shared with the authorized Best Program partners or be made public. Information regarding an Employer Organization’s participation in Best Companies Group’s Best Programs, in current or prior years, will not be released unless the Employer Organization has made one or more of the published lists.
2.3 Payment Information
When an Employer Organization makes a purchase from any of the Sites including through our Best Program Sites (such as for registration, reports fees, or additional services), through the reporting Site (“Reports”), or through BES, we collect certain payment and billing information, such as billing address, payment card details (if applicable) and bank account information (if applicable).
When an Employer Organization registers to participate in a Best Program, we will receive employee business email addresses from the registered organization, unless the organization chooses to use paper surveys. The employees’ business email addresses are only used to send invitations to complete the EESS and for no other purpose. A unique link to the online EESS is included in the body of each email invitation. This link expires once the EESS is completed. Additional language describing security and anonymity principles are included in each email invitation and in the online survey, and the email includes a link for the employee to unsubscribe if desired. In addition, an employee should consult its employer’s business email privacy and use policies for further information about the employer’s handling of business emails.
Best Companies Group may store and share anonymized and aggregated results from those who have participated and submitted answers to the EESS through our Best Programs or any other independent survey project conducted through BES.
We retain business email address lists provided by Employer Organizations for up to two years and they may only be used to conduct the optional follow-up employee surveys. To have your business email address removed from further use, click on the unsubscribe link in the email, or contact us as provided in the “Contact Us“ section below.
Best Companies Group has two methods of conducting the EESS: either through an online survey web portal or via hard copy paper surveys. The Employer Organization chooses the method of conducting the survey. Regardless of the survey method, Best Companies Group will never share individual survey completion status or individual EESS responses with any Employer Organization or any third party, unless compelled by legal requirements. The EESS does ask for demographic information (e.g., birth year, gender, ethnicity, job role, etc.); however, this information is not combined with any employee Personal Data that employees provide to us and is used only in anonymized and aggregated form as described below.
Employees’ EESS responses will be aggregated and anonymized, and used in our Best Programs, employee feedback reports or by the authorized Best Program partners for identification of winning employers. To further protect anonymity, Best Companies Group will not include information falling in any demographic category (or combination of demographics) unless there are at least five responses containing the same demographic information.
2.5 Automatically Collected Data
We use Personal Data in the following ways:
3.1 To Deliver Our Programs.
We use Personal Data provided by Employer Organizations through an employer benefits and policies questionnaire to administer and deliver the Best Program, including receiving payments and communicating with each participating Employer Organization (or representative thereof).
Business email addresses of employees that are received from the authorized contact of each Employer Organization are used solely to distribute the employee survey invitation. Each email invitation includes a unique link to the EESS. Unless an employee opts out at the time of submitting a survey, we will retain that employee’s business email address for up to two years for subsequent use in the event the employer elects to have Best Companies Group send a follow-up employee survey, as described under the “Personal Data Provided Through the Employee Engagement and Satisfaction Survey (EESS)“ section above.
3.2 To Respond to Requests.
We use the Personal Data that you provide through the Sites to respond to requests. For example, when asked for information about our programs (e.g., frequently asked questions, report options, registration questions, pricing or BES) we will use your contact information to send you the information you requested. For individuals based in the EEA, such use is necessary to respond to or implement your request before entering into a contract with us.
3.3 For Marketing Purposes.
Best Companies Group may use the business contact details provided by the Employer Organization participating in one of our Best Programs to send information about other or future programs we believe may be of interest to the Employer Organization such as upcoming events or similar promotions. If we do so, each marketing communication we send, will contain instructions permitting an “opt out” of receiving future marketing communications. Note however, that you cannot opt-out of some administrative communications that are reasonably necessary in connection with your participation in our Best Programs, such as billing or service notifications. In addition, if at any time you do not wish to receive any future marketing communications or you want to have your name deleted from our mailing lists, please contact us as provided in the “Contact Us“ section below. The list of employee business email addresses provided by an Employer Organization for survey purposes will not be used for marketing, and are only used to send the invitation to the survey.
Where required by applicable law (such as if you are an individual based in the EEA), we will send you marketing information by email only if you had provided your consent to our doing so at the time you provided us with your Personal Data (for example, when you completed a participation registration form). In such instance, when you provide us with your consent to be contacted for marketing purposes, you have the right to withdraw such consent at any time by following the instructions to “opt-out” of receiving marketing communications in each marketing email we send you, or by contacting us as provided in the “Contact Us“ section below.
3.4 For Research and Benchmarking Purposes.
We will anonymize and aggregate the EESS responses for the purposes of our Best Programs, and for research, benchmarking, and trending purposes. In addition, anonymized and aggregated employee EESS responses may be included in a Best Companies Group Insights Report package purchased by that employee’s Employer Organization. Employees will not be individually identifiable from any EESS responses. For individuals based in the EEA, this use of your Personal Data is necessary for our legitimate interests in conducting research activities and improving our products and services.
3.5 For other legitimate business purposes.
We may also use Personal Data for other legitimate purposes, which include the following:
- To respond to your inquiries, comments, feedback or questions
- To administer and protect our business and the Sites, prevent fraud, criminal activity, or misuse of our Sites, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data)
- To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties, and recover debts due to us.
For information about what we mean by legitimate interests and the rights of individuals in the European Economic Area, please see the “Individuals in the European Economic Area“ section below.
Best Companies Group will never share an employee’s individual survey completion status or specific survey responses with the Employer Organization or any third party, unless compelled by legal requirements.
We may share Personal Data with certain affiliates and other third parties, as follows:
We share Personal Data of Employer Organization business contacts with our affiliates in order to inform about services we believe may be of interest to the Employer Organization that are provided by those affiliates. If we send such marketing communications, each one will contain instructions permitting you to “opt out” of receiving future marketing communications. Where required by applicable law (for example, if you are an individual in the EEA), we will only send marketing information from our affiliates by email if you have consented to us doing so at the time you provide us with your Personal Data.
4.2 Third Party Service Providers.
We share Personal Data with our third party service providers as needed to assist us in operating our Sites, conducting our business, and providing Services to our Employer Organization customers. These service providers include website hosting partners, data centers, sign-on authentication software providers, website analytics companies, advertising technology companies, providers of CRM, marketing and sales software solutions, call tracking and online chat providers, customer support providers, and providers of billing, order management and payment processing functions. Where these parties have access to and process Personal Data on our behalf in the course of performing their duties to us, they are required to keep the Personal Data confidential and secure.
4.3 Business Partners and Advertisers.
If an Employer Organization is participating in a Best Program, Best Companies Group may share the employer business contact information with the relevant Best Program partners. Best Program partners may contact Employer Organization participants to inquire about information related to the Best Companies recognition event and/or the online or printed recognition publication.
In addition, we may provide advertising on our Sites and if you click on a third party advertisement on a Site, it will take you to the advertiser’s website.
We may also share Personal Data of Employer Organization business contacts with our business partners in order to inform about services we believe may be of interest to the Employer Organization that are provided by those business partners. If we send you marketing communications, each one will contain instructions permitting you to “opt out” of receiving future marketing communications. Where required by applicable law (for example, if you are an individual in the EEA), we will only send you marketing information from our business partners and advertisers by email if you have consented to us doing so at the time you provide us with your Personal Data.
4.4 Business Transfers.
If we are involved in a merger, acquisition, financing, due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, Personal Data and other information provided to us may be transferred to a successor or affiliate as part of that transaction along with other assets.
4.5 Legal Requirements.
If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or lawful request by public authorities, (ii) protect and defend the rights or property of Best Companies Group, (iii) act in urgent circumstances to protect the personal safety of users of the Sites or the public, or (iv) protect against legal liability.
We take reasonable and appropriate steps to protect the Personal Data provided via the Sites from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet, email or other electronic transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us via the Internet.
Our Sites are scanned on a regular basis for security holes and known vulnerabilities. We use malware scanning on a regular basis. Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
Yes. Cookies and similar technologies are small files that a website or its service provider transfers to a computer’s hard drive through a Web browser (if the user allows) that enables the website’s or service provider’s systems to recognize the user’s browser and capture and remember certain information.
Best Companies Group does not knowingly collect Personal Data from children under the age of (or 16 where required by applicable law) without parental consent. If you have reason to believe that a child under the age of 13 (or 16 where applicable under law) has provided Personal Data to Best Companies Group through a Site please contact us as provided below in the “Contact Us“ section with sufficient detail to enable us to delete that information from our databases.
This Section 10 applies only if we collect through any of the Sites any Personal Data of individuals based in the EEA or if we track individuals in the EEA who access our Sites, and it applies only to those individuals who are based in the EEA.
Best Companies Group is the controller (as defined under the General Data Protection Regulation (GDPR)) for processing and using the Personal Data of EEA individuals that is collected through our Site. Please see the “Contact Us” section below to find out how to contact us.
Subject to applicable law, you may be able to exercise any of the following rights in relation to your Personal Data:
- Right to know what information we have about you: This is known as the “right of access” and gives you the right to find out what, if any, Personal Data we have about you, how we process it, and to request a copy of the Personal Data.
- Right to correct your information: This is known as the “right of rectification” and gives you the right to ask that we correct or complete any Personal Data we have about you.
- Right to delete your information: This is known as the “right to erasure” or “right to be forgotten” and gives you the right to ask us to delete your Personal Data.
- Right to change how we use your information: This is known as the “right to restrict processing” and gives you the right to ask us to change how we use your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us using it in a certain way.
- Right to move your information: This is known as the “right to data portability” and gives you the right to ask to receive your Personal Data from us in a structured, commonly used and machine-readable format or to have it transmitted to another controller.
- Right to stop us from using your information: This is known as the “right to object” and gives you the right to ask us at any time to stop using your Personal Data.
- Rights relating to how we use your information to categorize you or make decisions about you: This is known as the “right in relation to automated decision-making and profiling.”: You have the right to be free from decisions we may make that are based solely on automated processing of your Personal Data, including profiling, if they produce a significant legal effect on you, unless such decision-making or profiling is necessary for entering into or performing a contract between you and us, or is made with your explicit consent.
- Right to withdraw consent: If we rely on your consent to use your Personal Data, you have the right to withdraw that consent at any time. This will not affect our use of your data before we received notice that you wished to withdraw your consent.
- Right to file a complaint with the supervisory authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the supervisory authority that is authorized to hear those concerns in your jurisdiction.
10.3 Legitimate Interest.
Use of Personal Data of an individual based in the EEA, as described above, is necessary for the legitimate interests of Best Companies Group to conduct an employee survey as part of a Best Program. It is also in the legitimate interest of the participating Employer Organization in measuring workforce engagement and satisfaction. When we process your Personal Data for our legitimate interests, we consider and balance any potential impact on you and your rights under data protection laws. Our legitimate interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you, unless we have your consent or those activities are otherwise required or permitted by law. You have the right to object to any processing that is based solely on our legitimate interests. For more information on your rights, please see the “Rights of Individuals Based in the EEA“ section above.
10.4 Data Transfers.
10.5 Data Retention.
If you are an employee of an Employer Organization participating in a Best Program, we may retain your business email address which was provided to us by your employer in connection with an EESS for up to two years after you completed an EESS to facilitate follow-up surveys (if applicable), unless you tell us that you do not want your email address to be stored for this purpose at the time you submit your survey responses. After that time, your business email address will be deleted. Your employer may provide your business email address to us again after deletion if it elects to participate later in another Best Program or follow-up survey.
If you elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving such communications in accordance with our policies.
To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and applicable legal requirements.
- Best Companies Group
- By email: Support@BestCompaniesGroup.com
- By phone:
(US) + 877-455-2159 (Toll-Free)
(UK) +44 (0)1252 843431
- By web to manage your cookie choices
General Data Protection Regulation (GDPR) – European Representative [Add EDPO logo]
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Best Companies Group has appointed a company called “European Data Protection Office” (EDPO) as its GDPR representative in the EEA. If you are an individual based in the EEA, in addition to or alternatively to contacting us, you can also contact EDPO regarding matters pertaining to the processing of your Personal Data under GDPR as follows: