Revised May 19, 2018.
We, CyberSecOP, LLC, a New York corporation with offices at 132 W 31st St | New York, NY 10001 (Manhattan) , USA as the data controller ("CyberSecOP," "we," or "us"), explain in this Policy how we collect, process and/or use information that we receive via our websites, emails we send, and mobile applications (collectively, the "Platform") that link to this Policy, as amended from time to time. This Policy describes how CyberSecOP collects, processes, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access, and correction of your personal information. For purposes of this Policy, personal information shall mean any information relating to an identified or identifiable natural person.
This Policy applies only to information we collect, process and use through the Platform. This Policy does not apply to information that we collect through other channels, such as information that we collect offline, from other websites or from emails you send us.
Information We Collect
We collect information about you to provide our services. In order for us to best provide our services to you (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. This means that the data collection is largely necessary for fulfilling the relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below.
Information You Give Us
When you fill out registration forms, submit your resume, or provide us with other personal information actively, we collect that information for processing and use in accordance with this Policy. Because we change our offerings and features from time to time, the options you have to provide us with personal information also may change, but here are some examples of situations in which you will have the opportunity to provide personal information to us:
· Creating an account;
· Signing up for email alerts;
· Completing a form related to one of our products or services;
· Uploading a resume;
· Contacting us for technical support or customer service;
Depending on how you interact with our Platform, the personal information we collect from you may vary. For example, to create an account we may ask only for an email address and password. In other circumstances, such as when you complete a form related to a particular service offering, we may ask you to provide other information, which may include your name, phone number, and/or postal address. We also collect and store certain information associated with actions you take. For example, when you search for jobs, we store the titles, locations and general salary range (if available) of jobs you search for and click on. We also store information about the job postings that you apply to, the time and duration of your activity on our Platform, and other information about your behavior on our Platform.
If you connect to the Platform using Facebook, Google+, or another social networking site (each a "Social Networking Site"), we will receive information that you authorize the Social Networking Site to share with us, which may include public profile information, birthday, current city work, school, and email address. When we receive this information, it becomes CyberSecOP account information for purposes of your use of the Platform. This information also constitutes personal information and is therefore subject to this Policy. Any information that we collect from your Social Networking Site account may depend on the privacy settings you have set with the Social Networking Site, so please consult the Social Networking Site's privacy and data practices. You have the ability to disconnect your Social Networking Site account from your CyberSecOP account by adapting the privacy settings in your Social Networking Site account. If you come to the Platform through a Social Networking Site, from other websites or with devices that enable third parties to collect information from or about you, such third parties receive information about you subject to their privacy policies.
On certain CyberSecOP domains, when you set up an individual user account on the Platform, you may create a profile (a "Profile") that will include personal information you provide. At your request, we will create your Profile with information we extract from a resume you have uploaded on the Platform. When you fill out and save your Profile, your saved Profile can be viewed by prospective employers.
If you enter credit card information on the Platform in connection with a purchase, that information is sent directly from your browser to the third-party service provider we use to manage credit card processing and we do not store it on our servers. The service provider is not permitted to use the information you provide except for the sole purpose of credit card processing on our behalf.
Information We Collect Automatically
When you use the Platform, your device is automatically providing information to us so we can respond and customize our response to you. The type of information we collect by automated means generally includes technical information about your computer, such as your IP address or other device identifier, the type of device you use, and operating system version. The information we collect also may include usage information and statistics about your interaction with the Platform. That information may include the URLs of our web pages that you visited, URLs of referring and exiting pages, page views, time spent on a page, number of clicks, platform type, location data (if you have enabled access to your location on your mobile device), and other information about how you used the Platform.
Automated means of data collection include the following:
Log File Information. Log file information is automatically reported by your browser or mobile application each time you access a website on our Platform. For example, when you access a CyberSecOP website, our servers automatically record certain information that your web browser sends when you visit any website. These server logs include information such as your web request, Internet Protocol ("IP") address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, and pages viewed.
Device Information. We collect information about the device you use to access the Platform, including type of device, operating system, settings, and unique device identifiers, and IP address. Whether we collect some or all of this information often depends on what type of device you’re using and its settings. For example, different types of information are available depending on whether you’re using a Mac or a PC, or an iPhone or Android phone. We collect the device type and any other information you choose to provide, such as username, geolocation, or email address. We also use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software records information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
How We Use Information
We use the information we collect to provide our services. In order for us to best provide our services (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. So it is largely necessary for fulfilling the relationship we have with you, and, where that is not the case, we have a legitimate interest in using the information we collect, including personal information, for these purposes:
· to provide you with personalized content, services offered by CyberSecOP as well as promotional content and services (for example, CyberSecOP uses your previous search and browsing history (e.g. the jobs you click on), or your resume or Profile information, to determine relevant search results and provide you with recommended jobs or reach out to you about jobs or companies you may be interested in; we also use your IP address and mobile device for these purposes);
· to moderate and display the employer reviews, interview reviews, salary reports and other content you have submitted for the benefit of our other users;
· to customize and improve the features, performance, and support of the site;
· to provide relevant advertising, including interest-based advertising from us and third parties, which may mean that we share non-personally identifiable information, such as your job title, to third-party advertisers;
· to transmit your application and save your application materials;
· to share your saved Profile or resume with employers;
· for internal operations, including troubleshooting, data analysis, testing, research, and service improvement (this includes use of your IP address and mobile device information to help diagnose problems with our service and to administer the Platform);
· to communicate with you or initiate communication with you on behalf of third parties through your CyberSecOP account or through other means such as email, telephone (including mobile phone), or postal mail, including through the use of contact information that you provide to us or (where it is lawful for us to do so) that we otherwise obtain from third-party resources;
· to analyze use of the Platform and improve the Platform;
· to create aggregate and statistical data that does not identify you individually and that we can commercialize (for example, we use mobile device data and IP addresses to gather demographic information);
· for other purposes that you separately authorize as you interact with CyberSecOP.
When we collect any information that does not identify you as a specific natural person ("Non-Personal Information"), we are permitted to use and disclose this information for any purpose, notwithstanding anything to the contrary in this Policy, except where we are required to do otherwise by applicable law. Examples of Non-Personal Information include: physical location information; demographic information, including gender, dates of birth, ZIP codes, etc.; or any personal information that has been anonymized, aggregated or de-identified. If we combine any Non-Personal Information with your personal information (such as combining your ZIP code with your name), we will use and disclose such combined information as personal information in accordance with this policy. Similarly, if applicable law requires that we treat certain Non-Personal Information as personal information, we will use and disclose this information as personal information in accordance with this policy.
How We Share Information
We only disclose your personal information to third parties as follows:
· We use affiliated and unaffiliated service providers all over the world (including web servers, cloud storage systems, CRM providers, email services, content support teams, marketing partners, advertising partners, and others) to help us deliver our service and run our business subject to strict confidentiality agreements. These companies are authorized to use your personal information only as necessary to provide these services to us;
· In reorganization or sale of our company or assets, your data may be transferred, subject to the acquirer and its affiliates accepting the commitments made in this Policy and compliance with applicable law;
· If you apply for a particular job through the Platform, we will disclose your personal information to the employer to whom you apply and any vendors they are working with to process your application;
· We invite you to include your resume or other information in more generally available formats for us to share with employers (for example, when you apply to Easy Apply jobs, a static image of your saved Profile);
· We share certain information that does not identify you personally, but which is unique to your use of the Platform, such as job titles that you have entered at the time of registration or on your profile. When we share such information, we do not link job titles with your name when we provide this information to others, such as advertisers, recruiters or employers;
· We will otherwise share personal information with your consent.
What types of Cookies do we use?
We use two types of Cookies on the Platform: "session cookies" and "persistent cookies." Session Cookies are temporary Cookies that remain on your device until you leave the Platform. A persistent Cookie remains on your device for much longer until you manually delete it (how long the Cookie remains will depend on the duration or "lifetime" of the specific Cookie and your browser settings).
What are Cookies used for?
Cookies transmit information about you and your use of the Platform, such as your browser type, search preferences, job titles, data relating to advertisements that have been displayed to you or that you have clicked on, and the date and time of your use. With the exception of an identifier Cookie that we associate with registered accounts to prevent fraud by members of the Platform, Cookies link to certain unique information such as the job titles that you entered at time of registration or on your profile, but this is not linked to your name.
Preferences and Features
Analytics and Performance
Ad Choices and Managing Cookies
CyberSecOP works with several third parties to provide you with personalized, interest-based advertising. We may target ads to you, and measure their performance, on and off the Platform using:
· Member-provided profile information (e.g., job title, occupation, location, authorized information shared from your Social Networking Site)
· Your use of the Platform (e.g., search history, job clicks, companies you follow);
· Information inferred from data described above (e.g., using job titles from a profile to infer industry, seniority, and compensation bracket).
· IP address or mobile device location information (to the extent you have enabled location tracking on your device);
· Cookies (both on and off the Platform) which may include information from the Ad Partners we use to help deliver relevant ads to you.
How We Work with Third-Party Ad Partners
When we work with our Ad Partners to serve you personalized, interest-based advertising, we do not share information with them that they can use to identify you or associate with you as a specific individual unless you have instructed us to do so (such as when you fill out a lead form in an ad, or approve your Profile for display to employers). Similarly, if one of these Ad Partners have information about you saved in one of their own Cookies on your browser, they use that information to help us send you a relevant ad, but they do not share with us information that we can associate with you as an individual.
We work with third parties, such as Google Analytics, to provide analytics services that use the Cookies set on your device to measure the performance of advertising and track traffic to CyberSecOP generally. We have also implemented Google Analytics Demographics and Interest Reporting, which categorizes Cookie information so that we and third-party service providers can better deliver advertisements that are relevant and useful to you on the Platform and various websites across the internet. In addition, a Cookie on some of our employer clients sites provides us with aggregate data about the number of applications submitted to those sites by users of Platform.
Opting Out of Cookies
If you enable location data for the mobile version of the Platform (including any version installed as a native application), we may use your location data to serve you geo-targeted ads for employers and other advertisers that are local to you. In such instances, we do not share your location with the advertiser or advertising network; rather, we provide the advertiser or advertising network with a means to push ads through to users located in certain areas. You may disable location services at any time in your device privacy settings or the CyberSecOP native app settings.
Ad Partner Cookies
Here are some options for managing the third-party Cookies used by our Ad Partners:
You are also able to opt out of other third-party advertiser and ad network placement of Cookies or targeted advertising generally by visiting the following links: Network Advertising Initiative; Digital Advertising Alliance; European Interactive Digital Advertising Alliance (for users in the EU); The Digital Advertising Alliance of Canada (for users in Canada); or you can follow opt-out instructions of the Ad Partners we work with listed . You will continue to receive generic ads by companies not listed with these opt-out tools.
You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.
Please note: If ads or other features on the Platform are provided by third parties, those parties set and use their own Cookies that are subject to those third parties' privacy notices and policies. CyberSecOP does not have access to, or control over, these Cookies. Also, if you respond to ads posted by third parties or submit information to third parties via the Platform, such third parties receive information about you subject to their privacy policies.
Do Not Track Signals
We do not currently respond to 'do not track' signals and similar settings or mechanisms. When you use the Platform, we try to provide a customized experience.
Other Important Privacy Information
EEA Resident Rights
If you are a resident of the European Economic Area, you have the following data protection rights:
· If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the "How to contact us".
· In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the "How to contact us".
· You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. Registered users can manage their account settings and email marketing preferences as described in the "Choices Regarding Your Personal Information" section below. If you are an unregistered user, or to opt-out of other forms of marketing (such as postal marketing or telemarketing), you may contact us using the contact details provided under the "How to contact us".
· Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
· You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Choices Regarding Your Personal Information
You have opted-in to promotional communications, or other messages using the contact information (e.g., your email address, your mobile device identifier) you provided to us when you registered or when you requested information from us. You may opt-out of continuing to receive optional messages by following the instructions included in each message. Also, you can control most of the emails you receive from us by editing your email preferences within "My Account" settings on the site; provided you will need to separately opt-out of receiving our various blog post update emails by unsubscribing to each blog that you have originally subscribed to. You can control the mobile push notifications within the "Me" section of the mobile app.
We will send you service-related announcements when we believe it is necessary to do so. Generally, you cannot opt-out of these announcements, which are not primarily promotional in nature. If you do not wish to receive these announcements, you have the option to deactivate your account. In some cases, you can stop or limit the information we collect by automated means.
Close Your Account
If you'd like to close your CyberSecOP account, you can do so within your Account Settings on the Platform. When you close your account, you will no longer have full access to any content you have submitted will be pulled from the display on the Platform, but we reserve the right to keep any information in a closed account in our archives that we deem necessary to comply with our legal or regulatory obligations, resolve disputes and enforce our agreements. If, after you close your account, you wish to know which personal information we keep you can proceed in accordance with your rights set out above.
How Long We Keep Your Personal Information
We keep your personal information only so long as we need it to provide the Platform to you and fulfill the purposes described in this Policy. This is also the case for anyone that we share your personal information with and who carries out services on our behalf. Retention periods can vary significantly based on the type of information and how it is used. Our retention periods are based on criteria that include legally mandated retention periods, pending or potential litigation, our intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving. When we no longer need to use your personal information and there is no need for us to keep it to comply with our legal or regulatory obligations, resolve disputes and enforce our agreements, we’ll either remove it from our systems or depersonalize it so that we can't identify you.
Security. We employ physical, electronic, and managerial measures to safeguard the information we collect online. However, no company can fully eliminate security risks, so we cannot make guarantees about any part of our services. You are responsible for keeping your username and password secret. Once you have registered with us, we will never ask you for your password. Please create a unique password for your CyberSecOP account and do not use it for any other web services or applications. Do not share your password with anyone else.
· Do not send money to a prospective employer.
· Do not give out personal or financial account information to a new employer via email.
· Do not cash checks or transfer funds for your employer.
· Beware of job postings that ask you to send your resume to a free email service address (e.g., gmail, yahoo, etc).
· Do not include sensitive information like your National Insurance number in your resume.
· Beware of job listings with spelling errors and bad grammar.
· If something sounds too good to be true, it probably is.
Privacy of Minors
To access or use the Platform you must be 13 years of age or older and, if under 18 or the age of majority in your jurisdiction, your use of Platform must be under the supervision of a parent or guardian or other responsible adult. If you become aware that a child has provided us with personal information without parental consent, please contact us here. If we become aware that a child under 13 has provided us with personal information without parental consent, we remove such information and terminate the child's account.
The information about you that we collect, process and/or use through the Platform is controlled by CyberSecOP, Inc., Mill Valley, California. CyberSecOP and the services it provides are hosted and provided outside of the European Economic Area (EEA), including in the United States, for the purposes described in this policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country. We take additional measures when information is transferred from the EEA. This includes having standard clauses approved by the European Commission in our contracts with parties that receive information outside the EEA. We also rely on European Commission adequacy decisions about certain countries, as applicable, for data transfers to countries outside the EEA.
You may reach our data protection officer here.
EU-US Privacy Shield Participation
CyberSecOP has certified its compliance with the EU-U.S. Privacy Shield Framework. CyberSecOP is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at privacyshield.gov/list.
CyberSecOP is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CyberSecOP complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, CyberSecOP is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, CyberSecOP may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may revise this Policy from time to time by posting an updated version on the Platform. This version of the Policy will be effective for you as described at the beginning of the Policy. Further revisions of this Policy will become effective as follows: The revised Policy will be effective immediately for unregistered users and users registering accounts or otherwise acknowledging the Policy on or after the revision date. For other users who registered accounts before the revision date, it will also become effective immediately. However they can object to the new Policy within thirty (30) days after the revision date. If we make a change that we believe materially reduces your rights or increases your responsibilities, we will notify you by email (sent to the email address specified in your account) or by means of a notice on this website prior to the change becoming effective. We may provide notice of changes in other circumstances as well. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Platform is subject to the most current effective version of this Policy.