Privacy & Security Policy

Thank you for visiting The Network’s public-facing Web site (http://www.tnwinc.com) and reviewing this privacy policy. The Network’s privacy policy is clear. We will collect no personal information about you when you visit our Web site unless you choose to provide that information to us. Here is how we handle information about your visit to our Web site.

External Website

We may collect personal information when you choose to provide that information to us via the Web site. Such information may include name, address, e-mail address, telephone number, fax number, as well as information about your interests in and use of various programs and services. We collect this information only when you choose to provide it and authorize us to use it. Based on your authorization, we may use the information you provide to communicate with you or respond to your requests for information. Though the tnwinc.com domain has no collection forms of any sort, it does have an SSL certificate installed as an additional security measure.

Download web forms are handled by a secure third-party application (Silverpop) and are protected by that provider’s strict Privacy Policy as well. Their Privacy Policy can be viewed here: http://www.silverpop.com/marketing-company/trust/privacy/index.html.

We also may collect other information such as pages visited, type of browser (e.g., Internet Explorer, Firefox, Chrome), type of operating system (e.g., Windows XP or Mac OS) and the domain name of your Internet service provider. We use this aggregate information to improve our Web site.

While we track our visitors’ page views and activity on the site to improve our digital marketing, we do not capture any personal information while tracking browsing behavior that keeps browsers’ identities undisclosed.

Unauthorized attempts to view, upload or change information on The Network’s servers are strictly prohibited, and violators will be prosecuted to the full extent of the law.

Hotline Reports Via the Web or Telephone

Web report forms and other service-related intake forms reside outside of tnwinc.com; they are redirected to either tnwgrc.com or other domains. These websites are protected by an SSL certificate for secure information transfer over the Internet.

If you are submitting a report, we may also collect other information such as details about the specific workplace issue that you are reporting. All information submitted as part of a report will only be shared with The Network’s interview specialists and the company being reported. This will be done in a manner that protects your anonymity, should you choose to remain anonymous.

We will not share your information with any other parties except as necessary to perform the services that you have authorized, and except as required by law. We will not sell your information to any third party.

With respect to data security, we have appropriate security measures in place in our physical facilities and on our Web form to protect against the loss, misuse or alteration of information that we have collected from you at our intake website(s). If any information is stored on your computer through a “cookie,” that information is only stored temporarily.

Safe Harbor

The Network complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. The Network has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view The Network’s certification, please visit http://www.export.gov/safeharbor/.

The European Union’s Directive on Data Protection prohibits the transfer of personal data to non-EU countries that do not provide an “adequate” level of privacy protection. Safe Harbor certification permits a “certified” entity to transfer personal data from the EU to the United States in accordance with the EU Directive. Our Safe Harbor self-certification stands as our commitment to the U.S. Department of Commerce that our security and privacy policies comply with the Safe Harbor framework.

SSAE 16 / SOC 2

Software as a Service (SaaS) service organizations must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. The Network has affirmed our operational and compliance controls with the successful completion of the Statement on Standards for Attestation Engagements No. 16 (SSAE16) audit and successful receipt of the Service Organization Controls Report (SOC 2). SSAE 16 supersedes the Statement on Auditing Standards No 70 (SAS 70). The Network’s SSAE 16 certification/SOC 2 audit was performed by the independent firm of Cherry, Bekaert & Holland, L.L.P. (CB&H) and recognizes The Network’s commitment to providing secure, reliable and effective operations.

The SOC 2 attests that all operational and compliance controls for our GRC software solutions maintain the following principles: (1) Security – The system is protected against unauthorized access (both physical and logical); (2) Availability – The system is available for operation and use as committed or agreed; (3) Processing Integrity – System processing is complete, accurate, timely and authorized; (4) Confidentiality – Information designated as confidential is protected as committed or agreed; and (5) Privacy – Personal information (i.e. information that is about or can be related to an identifiable individual) is collected, used, retained, disclosed, and destroyed in conformity with the commitments in The Network’s privacy notice and with criteria set forth in generally accepted privacy principles (GAPP) issued by the AICPA and CICA.

Contacting Us

You may request access to the information that we have collected from you and make corrections to the factual inaccuracies in this information by contacting us at the address listed below. If you have previously provided your contact information, but no longer wish to be contacted, please let us know.

If our privacy policy changes at some time in the future, we will post the policy changes to our website. Please check our website periodically for updates.

The Network’s Privacy Officer is Debbie Magid. Any additional inquiries concerning our Privacy Policy should be directed to .(JavaScript must be enabled to view this email address).

This Privacy Policy was updated January 2012.

IN THE NEWS

ATLANTA October 13, 2011

The Network today announced an expansion of its ReadyTraining™ eLearning library with Learning Blocks, short topical training sequences focusing on key content that can be integrated into any ReadyTraining course.