The EU General Data Protection Regulation (GDPR) took effect from May 25th 2018. This document sets out how Elaura Asia Pte Ltd and its subsidiaries (collectively, "Elaura") actively comply with this Regulation; most of this has been our established policy since we commenced operations.
Scope of Data Collection
In general, Elaura handles very minimal Personal Data, other than processed Birkman Profiles for individuals and the minimum information required to connect a client with their Birkman Profile (name and email address; additionally we may also have organisation name, address and team or proposed role and other relevant information in the case of organisational development, role benchmarking, recruitment or other programmes).
As Birkman Data has a long shelf-life (i.e. it is valuable to the individual respondent for periods in excess of two or three decades) we retain access to name, email and Birkman Results indefinitely. We encourage our individual users to keep us updated with changes of email address so that we can more readily serve them at a future date.
The optional additional data mentioned above - organisation, team, role etc - is only kept for as long as we are working with that organisation and we have not yet been informed that the individual respondent is no longer employed there. While working with organisations we ask them to provide updated employee lists at regular intervals, precisely for this reason, i.e. so we can remove additional data held on those who are no longer employees.
If you have previously completed a Birkman Questionnaire for Elaura and have now left the employer who paid for your profile, you can ensure that we delete information connecting you to that employer, or delete your Birkman profile altogether, by contacting us at firstname.lastname@example.org
Our platform products (expresso and hoozyu) use an individual's email address as the system-wide unique identifier and username plus an encrypted password in order to access their data stored on our servers (see technical document at elaura.com/data for more details).
Elaura does not track the activity of individuals for marketing or other value-creating purposes; there is limited tracking used by our platform products (expresso and hoozyu - see below for details).
The opt-in newsletter system we use (Mailchimp / Mandrill) tracks the opening of emails by default. Subscribers can unsubscribe from our newsletters at any time, which removes their data from the mailing list.
Our hoozyu product includes 5 informational emails sent by Mailchimp as part of the product, one per day for five days; we have now implemented an opt-in email step for this list, users can opt out of these emails whenever they like; and all users are deleted within a month after they receive the fifth email.
That is the limit of our data collection.
Here is the Detail
Elaura's business consists in supplying an Assessment Tool (The Birkman Method or "TBM") to individuals, institutions and organisations.
Birkman International ("BI"), the publishers of TBM, do the majority of the data collection involved in our business, and are themselves fully GDPR compliant. See birkman.com/gdpr for full details.
Elaura has no access to the biographical data collected by BI, with the exception of Firstname, Lastname, Date of Birth and Gender.
Elaura also has no access to the actual answers given by an individual to the Birkman Questionnaire ("the Q"); we only recieve the processed results of the Q. See elaura.com/data for more details
Elaura does not collect tracking data from its public websites or marketing activities.
We do conduct limited tracking on our platforms, expresso and hoozyu. In that context, the cookies we deploy are for "session" purposes (keeping an individual connected to the right server during a session) and the limited tracking we do (simply of when a user logs in to the platform) is for diagnostic purposes in the case of a user experiencing problems with the system. The cookies expire and are deleted at the end of the session; our server logs are overwritten typically after a week.
As required by the EUs own VAT MOSS Regulation, we track and retain the IP address of online purchasers of our products as part of the required proof of purchaser residency for VAT assignment purposes (this data cannot be relinquished or deleted for seven years, by law).
Elaura never transfers or sells Personal Data to third parties.
As mentioned above, by default we retain access to the Birkman Profiles of all our past clients, in order that we can serve them at a future date (we regularly have individuals contact us for a fresh, updated, copy of their report, five, ten or even fifteen years after they first took the Q). See below for details of the Right to be Forgotten.
Our Banks and Payment Platforms necessarily keep some details of payments made, but we have no access to the account numbers or card details of our customers.
The additional data mentioned in the previous section (e.g. name of organisation, team, role etc) is stored separately from profile data and deleted when no longer required for the purpose it was collected.
Purpose of Data Collection
Depending on whether an individual is completing the TBM Questionnaire ("the Q") for their own use, or have been asked to do so by a current or prospective employer, the purpose of the Data Collection may vary. It may include one or more of the following:
To give them a better understanding of themselves, including their motivations and perspectives.
To enable them to plan their career and professional development, or their next career move.
To enable their current employer to better understand how to deploy their talent and services.
To enable them and their team to function more effectively together, or across functions.
To enable their current employer to benchmark best fit for the role the individual currently performs (normally only applicable to roles occupied by multiple individuals).
To help diagnose and remediate a relational issue in a team or workplace.
To illuminate a specific operational or performance issue, or to map capacity, culture and potential of the organisation in part or as a whole.
To enable a prospective employer to decide whether or not the individual is a good fit for a specific role.
It should be noted that all of these purposes have a positive intent, even where they may focus on a problem area; Elaura does not undertake work where there is any intent to put individuals at a disadvantage.
It is incumbent upon Organisations employing Elaura's products and services that they should communicate the objectives and proposed uses of the TBM data clearly to their employees before such data is collected.
The Four Rights under GDPR
Notwithstanding anything written above, except where otherwise specified by law, all EU citizens have the following four rights, and which we generally extend to all our individual clients.
1. Right to be Forgotten
An individual may request that their data be deleted, either by Elaura alone (in which case Elaura will delete the individual's data from all servers and backups, and ask BI to remove our access to the individual's results); or by both Elaura and BI, in which case BI will also delete all their data. Please note that the latter case is irrevocable: once deleted, it will never be possible to access those TBM results again. If only Elaura deletes the individual's data, then the individual can access their data later by contacting BI direct.
2. Right to Object
An individual may prohibit certain uses of their data, or the collection of certain kinds of data. This will normally mean that the individual decides not to complete the Q or otherwise participate in a specific programme. Refusal to participate may of course put the individual at a disadvantage viz a vis their current or prospective employer (e.g. it may exclude them from consideration for a particular role), but that is an issue over which Elaura has no control.
3. Right to Rectification
If you believe that Elaura or BI is holding incomplete or incorrect data relating to you, you have the right to ask for this to be rectified. In this case you must contact the data processor directly: email@example.com in the case of Elaura and firstname.lastname@example.org in the case of BI
4. Right of Access
Individuals have the right to know what data about them is being processed and how. This document lays out the information which Elaura collects and processes; or you can visit birkman.com/gdpr to see how BI collects and processes data. If you require additional information from Elaura on the data it collects and processes, please contact email@example.com
Elaura Data Management Technical Brief
This briefing document is designed to inform clients as to the technical management details concerning data that is held and managed by Elaura itself, i.e. beyond the data we access via Birkman International's (BI) online system; and the measures Elaura has in place to protect the integrity of this data. (For details on BI's management of data, please see https://birkman.com/gdpr-compliance/ and related links.)
The data Elaura holds and manages includes Birkman Profile data stored on our secure servers for our hoozyu and expresso platforms, for giving individual and corporate clients access to their own detailed scores, and for analysis.
As a provider of cloud-based personal and organisational development services, Elaura Asia Pte Ltd and its subsidiaries (collectively Elaura) have always taken the issue of data security very seriously. To this end, we limit the personally identifiable data that is held online, and ensure that our servers and databases are secure and - where appropriate - encrypted.
We exclusively use the https protocol for all client-server and outbound server connections, using TLS 1.2 with modern cipher suites and forward secrecy implemented.
In the event that we become aware of a possible or actual data breach, it is our policy to immediately inform all clients who may be affected. (For this reason we request that clients keep us updated of changes in their email contact details).
Secondly, it is a principle that this personal data always belongs primarily to the individual: we do not divulge that data to their organisation or any person therein unless the subject provides clear consent. If such access is required for the purposes of a project (which is commonly true) then participants are required to be be informed beforehand by their organisation that their participation in the project will grant specifically defined consent.
Thirdly, where Elaura uses individual data for the purposes of internal research, such data is first anonymised and aggregated.
We expect our clients to take the issue of data security seriously as well, for example by:
Ensuring that personal data is shared appropriately and with explicit permission from the person in question.
If using hoozyu or expresso, to follow best practices for online safety and encouraging all employees / students to do the same (e.g. by using a secure password manager to generate and store passwords, and not re-using passwords between different websites).
Where passwords are lost / forgotten, they can be reset securely via the expresso or hoozyu platform. In the event that a client becomes aware of a possible data breach, we ask the client to inform us immediately on firstname.lastname@example.org so that we can take all necessary measures to re-secure the system and identify actual losses.
Elaura makes use of The Birkman Method as its profiling engine for all of its products and services. The Birkman Questionnaire and associated processing used to produce a Birkman Profile (the processed scores) is a proprietary instrument, owned and operated by Birkman International, Inc of Houston TX, in the USA. It is important to note that Birkman profiles are positive and non-judgemental: there are no bad scores. This means that (unlike, say, exam grades or aptitude test results) in the unlikely event that profile scores are inadvertently released, there should be no adverse impact to the subject.
Examples of profile scores would be: gridStressX = 23, interestArtistic = 97 or cf140_Construction_Extraction = 78.
Elaura has no access to nor copies of an individual’s responses to the Birkman Questionnaire, which are held, along with the processed scores, in Birkman’s own secure facilities in datacentres in the US. Birkman counts many of the largest corporations in the world as its clients and takes data security very seriously; however, it should be noted that in the event that a non-US client insists on ‘no offshoring of data’, expresso, hoozyu and any other Birkman-based product will currently be ruled out of contention.
Elaura accesses and stores only the processed scores for each individual who completes the Birkman Questionnaire and does so via a secure API provided by Birkman. The scores accessible via the API (currently 285 data columns) are tagged with the following personally identifiable data:
Date of Birth
Date Test Scored / Taken
Email address (this may be a corporate or personal email address, depending on the circumstances under which the person completed the Questionnaire)
Language Code (language in which the Q was completed)
DocumentID (guid generated by Birkman for internal purposes)
SubjectID (6-character alphanumeric identifier of this set of results for administrative use)
Tracking (code generated by Elaura manually or via one of our platform systems and then passed to Birkman system tying this profile to order and client details).
Of these, Family Name, Given Name(s), DOB and email address are the most sensitive because of their potential use in phishing and related scams; gender and language code are potentially sensitive to a lesser extent. No data is held in these online databases regarding Job Title / Role, physical location or any other data about the subject.
Users can only access their own data online if they have a hoozyu or expresso account. Username is the user's email address (for all expresso accounts this should be the subject’s corporate email address); password is user generated and is stored only as a non-decypherable, one-way bcrypt hash by the system. All passwords are salted to prevent ‘rainbow table’ attacks and statistical analysis of leaked passwords. This prevents anyone from accessing a password for an expresso account and then trying the recovered password against other accounts (email, bank, online services) the user may have.
Password resets involve a url-encoded guid being sent to the registered user email address and clicked; at no point is the old password accessed or displayed. Provided the client’s own email servers are secure, there is no way for a third party to successfully reset the password and gain access to the expresso or hoozyu account without access to the individual’s email account or Elaura’s own secure administration system.
Administrative and Facilitator Access
Employees of Elaura who have a support or facilitation role and a legitimate reason to do so, have access to individual user accounts via an impersonation function. (Impersonation from a secure administrative account prevents any exposure of passwords, and is fully traceable).
By default, managers in client organisations or e.g. teachers in schools do not get access to other individual's data, so it is up to individuals themselves to initiate any sharing. Where the organisation (business or educational institute) has legitimate reasons to be able to access user data via a facilitator account, this fact is explained to participants before they set up their own account and complete the Birkman Questionnaire.
The expresso platform is hosted in a secure datacentre in London, UK using virtual private servers. Our VPS supplier is UpCloud. Processed scores accessed via the Birkman API are stored in two ways:
Data for the expresso and hoozyu platforms is stored with an external database provider on Amazon Web Services infrastructure in the London. Our provider is MongoDB.
Data for Elaura’s Tableau analytics services are stored on separate database servers in Singapore.
Development and testing operates on separate servers and databases, with no customer data in those databases. Direct Access to all production systems and databases is currently limited to the CEO and lead software developer.
All systems are kept up to date with security patches and best practices. In all cases, data is encrypted in transit and at rest (automated backups are also encrypted and stored in the UK)
Other Data for Analytics
Birkman data can be combined with other data - for example performance, appraisal or engagement data - to generate organisational and operational insights. This process is always under the control of an appropriately trained and supervised Elaura employee.
To reduce the risk of data breaches involving more sensitive individually identifiable information, this data is normally kept in password protected Excel documents on encrypted laptops and blended with Birkman data in Tableau on those laptops.
Data Protection Protocols
Elaura is subject to, and registered as a data controller under, the Data Protection Act 1998 in UK and is also subject to the Personal Data Protection Act 2012 in Singapore, and the NZ Privacy Act 2020.
CEO / Principal Consultant & Data Controller
Elaura Asia Pte Ltd
Last modified August 2023