"Connecting World Class Information Security Talent with World Class Companies"
Global Privacy/Data Protection Policy of InfoSec Hires, Inc.
Effective: May 25, 2018
Last Revised: May 25, 2018
EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
Privacy Shield Framework
Users Outside of The United States
The Site is hosted in the United States and is governed by United States law. If you are outside the United States when you visit the Site or engage in communications with a InfoSec Hires agent via mail, e-mail or telephone, please be aware that your information may be transferred to, stored and processed in the United States where our servers are located and our central database is operated. As you are contracting for the Services with InfoSec Hires, which is a US company, any information you provide to us, or that we collect through your use of the Services and that is necessary to provide you with the Services, will be stored, processed, and transferred within, or to, the United States. Please be aware that the US and jurisdictions other than the one in which you are located may have a lower standard of data protection laws compared to your own jurisdiction.
Information We Collect
We collect the information that you share with us, including:
Personal Data: "Personal Data” as it is called in some countries, is information that can personally identify you. We maintain one or more databases in the United States to store your Personal Data and may retain it as reasonably required to fulfill the purposes identified herein. Personal Data that we collect depends on how you use the Site. For example, if you register to use or use any of the Services or if you wish to contact us, we may collect your name, email address, IP address, information about other software that you use and the email addresses that you provide to us. If you download and use the Site and/or Services through a mobile device, InfoSec Hires may collect information regarding the type of device you use, operating system version, the device identifier (or “UDID”), your IP addresses, and associated services from your mobile device.
General Information: When you visit the Site, we may collect various categories of general non-personal information (“General Information”). General Information includes browser information, operating system information, and the date, time, length of stay and specific pages accessed during your visits to the Site. When possible, General Information may be linked to Personal Data. We do this to improve services we offer you, and for purposes of our analytics.
We also may collect limited information from the people with whom you interact by email when you use the Site and Services. This information may include the recipient’s name and email address, the number of times that the recipient opens your email, the recipient’s IP address and the computer platform that the recipient is using.
InfoSec Hires does not store your credit card information.
Limitations of InfoSec Hires’s Ability to Locate and Delete Personal Data
InfoSec Hires has limited to no ability to locate Personal Data in areas of the Services in which Personal Data is not typically used (shown below). In these cases, InfoSec Hires would be unable to locate Personal Data for deletion and can only delete whole emails, attachments, presentations and templates at your direction if you know where the Personal Data was disclosed.
Therefore, please do not enter anyone else’s personal information or other Personal Data in these areas of the Services:
· In the email subject line when using the Services.
· In the email body when using templates or automated emails, such as mail merge or campaigns.
· Anywhere in an attachment or file when using attachment tracking.
· Anywhere in a presentation or file when using presentation tracking.
Cookies & Other Online Identification Tools
We do not ask for access or track any location-based information from your mobile device at any time while downloading or using our Services. We may occasionally send you push notifications through the Service’s mobile application to send you email and event notifications and other service related notifications that may be of importance to you. You may at any time opt-out from receiving these types of communications by turning them off at the device level through your settings. Providing your Personal Data to us is your choice. If you choose not to provide us with certain Personal Data you may not be able to take advantage of certain features of the Site and Services.
Behavioral Targeting / Re-Targeting
We use mobile analytics software to allow us to better understand the functionality of our Service’s mobile applications on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any Personal Data you submit within the mobile app.
How We Use Personal Information
Some specific examples of how InfoSec Hires may use your Personal Data are:
· to provide you with information about how you are using email;
· to customize, analyze, adjust and improve the Site and Services to better meet your needs;
· to facilitate communication between InfoSec Hires and you;
· if you are the member of a InfoSec Hires team (employee), to provide your team manager with information about the templates that you create and the data associated with your use of the Site, Services and your email account.
· if you provide us with information about other software and services that you use, we may use your Personal Data to try to synchronize your emails with such other software and services;
· to provide you with information that may interest you, such as our newsletters or emails about our products and services (this information contains a subscriber link allowing you to opt out);
· to provide you with marketing and promotional information about products and services we believe may interest you (this information contains a subscriber link allowing you to opt out);
· to administer a survey (if you consent to participate in the survey via a response email);
· in a customer testimonial posted on the Site;
· to enforce InfoSec Hires’s agreements with you;
· And to prevent fraud and other prohibited or illegal activities.
Disclosure of The Information That We Collect
Business Partners. We may share your information with our business partners who may provide services that integrate with the InfoSec Hires Service. The sharing of this information would be predicated on your use of the integration. InfoSec Hires does not control our Business Partners’ use of the information and their use of the information would be in accordance with their own privacy policies. If you do not want your information shared with these business partners, you can choose not to use the applicable integration.
Sale or Transfer of Information: In the event of a sale, merger, liquidation, dissolution or sale or transfer of substantially all of the assets of InfoSec Hires or the Site, Personal Data and/or other information collected through the Site or the Services may be sold, assigned or transferred to the party acquiring all or substantially all of the equity and/or assets of InfoSec Hires, the Site and/or Services. In the unlikely event of an insolvency, bankruptcy or receivership, your information also may be transferred as a business asset. By using the Site and Services and submitting your information to us, you consent to the sale and transfer of your information as described in this paragraph. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data; and
Frames: Some of our pages utilize framing techniques to serve content to from our partners while preserving the look and feel of our Site. Please be aware that you are providing your Personal Data to these third parties and not to us directly.
Notwithstanding the foregoing, in cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-US Privacy Shield and Swiss-U.S. Privacy Shield, InfoSec Hires is potentially liable.
The Site and/or Services may allow you to connect with other websites, products, or services that we do not control. If you visit or use such services, we recommend that you review and understand their privacy practices before sharing your information with those services.
InfoSec Hires does not store, process or transmit any of your credit card data but relies entirely on third parties to handle these functions. You must comply with such third party’s terms made available to you.
Controlling Your Personal Information
Withdrawal of Consent
Where you have provided your consent to us for use of your personal data or for other processing of your personal data, you can withdraw your consent at any time by emailing us at privacy@InfoSec Hires.com. Please see our cookies section for information about withdrawing your consent for cookies. We process your personal data for marketing purposes with your consent and, at any time after providing consent, you have the right to object to our processing of data about you in order to send you promotions, special offers and marketing, and we will stop processing the data for that purpose.
Under applicable law, certain individuals have access to the Personal Data about them that InfoSec Hires holds and are able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Privacy Principles. If you would like to modify or delete your Personal Data, please submit a request at privacy@InfoSec Hires.com with clear instructions about what you would like modified or deleted. We will respond to your request within 30 days after a complete request is received.
We will retain your information for as long as your account is active or as needed to provide you Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Collection and Use of 3rd Party Personal Information
You may also provide Personal Data about other people, such as their email address. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.
We post customer testimonials on our web site which may contain Personal Data. We do obtain the customer's consent via email prior to posting the testimonial to post their name along with their testimonial. To request removal of your Personal Data from Testimonials please contact us by submitting a request at help.InfoSec Hires.com.
Blog / Forum
You can log in to our Site using sign-in services such as Google’s OAuth and Microsoft 365 OAuth. These services will authenticate your identity and provide you the option to share certain Personal Information with us such as your name and email address to pre-populate our sign up form or create your account.
InfoSec Hires has implemented technical, administrative and physical security measures to protect your information from unauthorized access and use as described in our InfoSec Hires Security Overview. While InfoSec Hires strives to protect your information, no data transmission over the Internet is 100% secure and, consequently, we cannot ensure the security of any information. When you enter any information (including a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). If you have any questions about security on our Web site, you can contact us by submitting a request at help.InfoSec Hires.com.
Our Site Is Not For Use By Minors
We do not knowingly collect information from minors (individuals below 18 years). To use the Site and Services, you must be the age of legal majority in your place of residence. By using the Site and Services, you hereby represent that you are at least the age of legal majority in your place of residence. We do not use an application or other mechanism to determine the age of users of the Site and Services. All information provided to InfoSec Hires will be treated as if it was provided by an adult. If, however, we learn that a minor has submitted information about himself/herself to us, we delete the information as soon as possible.
Third Party Links
We may provide links to third-party web sites that we do not own or control. We are not responsible for the information collection practices of any website that we do not own or control. We encourage you to review and understand the privacy practices of third-party websites before providing any information to or through them.
California law permits individuals who provide InfoSec Hires with Personal Data and who are California residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. InfoSec Hires does not, at this time, disclose Personal Data to third parties for their direct marketing purposes. If InfoSec Hires changes this policy, we will update this provision and provide instructions on how you may make a request for details concerning such information.
Users and Customers from the EU/EEA
All EU-based individuals, irrespective of their nationality, have certain individual rights under the GDPR, such as:
· The right to be informed about the collection and use of their personal data.
· The right of access to find out that is stored about them.
· The right to rectification of their personal data if it is inaccurate or incomplete.
· The right to erasure to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
· The right to restrict processing to ‘block’ or suppress processing of personal data.
· The right to data portability allowing individuals to obtain and reuse their personal data for their own purposes across different services.
· The right to object to the processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing and/or for purposes of scientific/historical research and statistics.
· Various rights in relation to automated decision making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about an individual).
In the event that you wish to make a complaint about how we process your Personal Data, please contact us and we will endeavor to deal with your request. This is without prejudice to your right to raise a complaint with the data protection supervisory authority in the EU member state in which you live or work where you think we have infringed data protection laws.
Independent Recourse Mechanism under the Privacy Shield
InfoSec Hires has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus at no cost to the individual. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
If your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Last Updated: May 25, 2018
Cookies & Other Online Identification Tools
What’s A Cookie?
A “cookie” is a small file or tool sent from a website to your web browser and stored on your computer. A “session cookie” is comprised of temporary bits of information that are erased once you exit your web browser or turn off your computer. A “persistent cookie” is comprised of more permanent bits of information that are placed on the hard drive of your computer and stay there until you delete the cookie. A persistent cookie enables a website to recognize you when you return.
InfoSec Hires also may use web beacons (a.k.a. clear GIFs, web bugs or pixel tags) to personalize your experience of the Site and Services. Web beacons usually are not visible to you and are delivered by a web browser as part of a web page request or in an email. Web beacons collect General Information, such as the number and time of interactions with an email containing a web beacon, the type of browser used and IP address. Web beacons may be used alone or in conjunction with cookies; when web beacons are used with cookies, they may link General Information to Personal Data.
Please note that we use Google Analytics cookies for data analytics purposes, and you can find more information on how Google uses data from these cookies at google.com/policies/privacy/partners. You can visit www.youronlinechoices.eu to opt-out of cookies relating to behavioral advertising. If you delete your cookies, use a different browser or buy a new computer, you will need to renew your opt-out choice. A flash cookie remains after you close your browser and will be accessed every time you use our platform. You should visit Google’s website at https://tools.google.com/dlpage/gaoptout/ to learn more about flash cookies and modify those settings. Please note that if you delete or choose not to accept cookies from us, you will lose some functionality of the Service. To clear all other cookies please go to the settings in your browser.
Turning Cookies On/Off in Your Browser
You can learn more about cookies and the following third-party websites:
All About Cookies: http://www.allaboutcookies.org/
Network Advertising Initiative: http://www.networkadvertising.org/