THE INFORMATION SMASHFLY COLLECTS
User–provided Information: You may provide to SmashFly what is generally called “personally identifiable information” or “personal data” (such as your name, email address, postal mailing address, and telephone number(s))(“Personal Information”) to communicate with SmashFly or request information, or enter contests or other promotions SmashFly may sponsor, and to use the features and functionality of the SmashFly Website. You may also provide to SmashFly basic demographic information such as information related to your company’s website such as the name, description and primary language of the site, plus company name, telephone number, e–mail address, mailing address, and/or personal contacts within your company.
SmashFly also provides an area of the SmashFly Website for people looking for a job at SmashFly. In applying for a job or asking for information about a job we may require Personal Information from you such as your physical address or e–mail address, as well as resume information.
More information about flash cookies is available on the Adobe website at:http://www.adobe.com/special/products/flashplayer/security/index.html
THE WAY SMASHFLY USES INFORMATION
SmashFly uses the information that you provide or that we collect to operate, maintain, enhance, and provide all of the features and services found on the SmashFly Website, to respond to your requests and/or communications, and to comply with our legal obligations (e.g. the Digital Millennium Copyright Act).
We will use your email address, without further consent, for transactional or administrative communications such as notifying you of major SmashFly Website updates, new releases or product/service information, or to respond to your questions or communications.
If you opt in to receive promotional communications or newsletters from us, you will be able to opt out of receiving these by clicking on the “unsubscribe” link in the promotional email or newsletter received from us. SmashFly uses all of the information that we collect to understand the usage trends and preferences of our Users, to improve the way the SmashFly Website works and looks, and to create new features and functionality.
SmashFly may use “Automatically Collected” information and “Cookies” information to: (a) automatically update the SmashFly application on your system; (b) remember your information so that you will not have to re–enter it during your visit or the next time you access the SmashFly Website; (c) monitor aggregate site usage metrics such as total number of visitors and pages accessed; and (d) track your entries, submissions, and status in any promotions or other activities.
Information submitted to SmashFly as part of applications for employment, talent network participation, or for partner candidates is used by SmashFly to evaluate your qualifications for the positions sought.
SmashFly also supplements Personal Information collected with information from marketing databases.
WHEN SMASHFLY DISCLOSES INFORMATION
SmashFly does not share your Personal Information with other organizations for their marketing or promotional uses without your prior express consent. Please be aware, however, that any Personal Information that you voluntarily choose to display on any publicly available portion of the SmashFly Website becomes publicly available and may be read, collected and used by others without restriction. We are not responsible for the Personal Information you choose to submit in these forums.
We also have testimonials on our site. Any user that has provided a testimonial on our site allows us to post their testimonial and Personal Information on the site.
SmashFly may share aggregate statistical information gathered from you and other Users with advertisers, business partners, sponsor or other third parties. For example, we may tell an advertiser that X number of visitors visited a certain area on a website or that Y number of men and Z number of women filled out registration forms. We share such information only on an aggregate and anonymous basis.
SmashFly may disclose Personal Information if required to do so by law or in the good–faith belief that such action is necessary to comply with state and federal laws or respond to a court order, judicial or other government subpoena warrant, or legal process in the manner required by the requesting entity.
SmashFly also reserves the right to disclose Personal Information that we believe, in good faith, is appropriate or necessary to take precautions against liability; protect SmashFly from fraudulent, abusive, or unlawful uses; to investigate and defend ourselves against third–party claims or allegations; to assist government enforcement agencies as allowed by law; to protect the security or integrity of the SmashFly Website; or to protect the rights, property, or personal safety of SmashFly, our Users, or others.
You may, of course, decline to share your Personal Information with SmashFly, in which case SmashFly may not be able to provide to you some of the features and functionality found on the SmashFly Website. You may update, correct, or delete your user information and preferences by sending us a request at: info@SmashFly.com. We will respond to your request in a timely manner.
You do not need to set up a user ID and password to use our SmashFly Website because we do not require you to establish your identity when you merely visit our site.
Our web pages contain electronic image requests (called a “single–pixel gif” or “web beacon” request) that allow us to count page views and to access cookies. Any electronic image viewed as part of a web page, including an ad banner, can act as a web beacon. Web beacons are typically 1–by–1 pixel files, but their presence can usually be seen within a browser by clicking on “View” and then on “Source.” We also include web beacons in HTML–formatted newsletters that we send to opt–in subscribers in order to count how many newsletters have been read. SmashFly web beacons do not collect, gather, monitor or share any personally identifiable information about our web site visitors, they are just the technique we use to compile anonymous information about web site usage.
OUR COMMITMENT TO DATA SECURITY
SmashFly uses commercially reasonable physical, administrative, and technical safeguards to preserve the integrity and security of your Personal Information. We cannot, however, ensure or warrant the security of any information you transmit to SmashFly, and you do so at your own risk. Once we receive your transmission of information, SmashFly exercises commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards.
If SmashFly learns of a security systems breach, then we may attempt to notify you directly and/or SmashFly may post a notice on the SmashFly Website if a security breach occurs.
OUR COMMITMENT TO CHILDREN’S PRIVACY
IF YOU ARE UNDER 16 YEARS OF AGE, PLEASE DO NOT USE OR ACCESS THE SMASHFLY WEBSITE AT ANY TIME OR IN ANY MANNER.
Persons who are under 16 years of age are not eligible to use the SmashFly Website, and we require that no information in relation to such persons be submitted to us. SmashFly does not knowingly collect or maintain Personal Information from persons under 16 years of age. If SmashFly learns that Personal Information of persons less than 16 years of age has been collected on or through the SmashFly Website, then SmashFly will take the appropriate steps to delete this information.
If you are the parent or legal guardian of a child under 16 who uses the SmashFly Website, then please contact SmashFly at info@SmashFly.com (or the physical address listed in Section 13 below) to have that child’s information deleted.
For Users visiting the SmashFly Website from the European Economic Area (“EEEA”) or other non–U.S. territories, please note that any data you enter into the SmashFly Website will be transferred outside the EEA or such other non–U.S. territory for use by SmashFly and its affiliates for any of the purposes described herein. In addition, because SmashFly operates globally, we may make information we gather available to worldwide partners, business units and affiliates. By providing any data on the SmashFly Website, you hereby expressly consent to such transfers of your data to the United States or other countries.
The European Union’s General Data Protection Regulation (“GDPR”) and other applicable data protection laws provide certain rights for EEA data subjects. You are entitled to request details of the Personal Information we hold about you and how we process it. You may also have a right in accordance with applicable data protection law to have it rectified or deleted, to restrict our processing of that Personal Information, to stop unauthorized transfers of your Personal Information to a third party and, in some circumstances, to have Personal Information relating to you transferred to another organization. You may also have the right to lodge a complaint in relation to SmashFly’s processing of your Personal Information with a local supervisory authority.
If you object to the processing of your Personal Information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above or that you may not be able to make use of the services and products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your Personal Information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations. We will endeavor to ensure that your Personal Information is accurate and up to date. Therefore, please advise us of any changes to your Personal Information by emailing us at firstname.lastname@example.org.
There are a number of entities through which SmashFly provides its recruitment marketing platform and related products and services. Most of the firm’s main IT systems are located in the United States. Depending on the location where services are provided, a SmashFly affiliate or business partner may be the data controller in relation to your Personal Information. Please contact email@example.com for details and, where necessary having regard to local applicable data protection or privacy laws, a country-specific privacy notice.
IN THE EVENT OF A MERGER OR SALE
In the event that all or substantially all of SmashFly’s assets are acquired by or merged with a third–party entity, we reserve the right, in any of these circumstances, to transfer or assign the information that we have collected from Users to the merger or sale entity as part of that merger, acquisition, sale, or other change of control.
EFFECTIVE DATE, DATE LAST MODIFIED
SmashFly does not send unsolicited e–mails to anyone who has asked us not to contact him or her. To stop receiving e–mails or newsletters from SmashFly, either click on an unsubscribe link on the e–mail or newsletter itself or send a request to be unsubscribed to info@SmashFly.com.
SMASHFLY CONTACT INFORMATION
Please contact SmashFly with any questions or comments about these terms, your Personal Information, and our third–party disclosure practices or your consent choices at: SmashFly Technologies, Inc., 9 Pond Lane, Suite 3A3, Concord, MA 01742 USA. T: 888-282-3092, F: 978-341-8246 or by email to legal@SmashFly.com . We will respond to your inquiry within 30 days of its receipt.
SMASHFLY PRIVACY SHIELD POLICY
SmashFly Technologies, Inc. (“SmashFly”) has adopted this Privacy Shield Policy (“Policy”) to establish and maintain an adequate level of “Personal Data” (defined below) privacy protection. This Policy applies to the processing of Personal Data that SmashFly obtains from customers located in the EEA.
The Federal Trade Commission (FTC) has jurisdiction over SmashFly’s compliance with the Privacy Shield.
All SmashFly employees who handle Personal Data from Europe are required to comply with the Principles stated in this Policy.
Capitalized terms used in this Privacy Shield Policy are defined below.
This Policy applies to the processing of SmashFly Customer Personal Data that SmashFly receives in the United States concerning Candidates who reside in the European Union. SmashFly provides recruitment marketing products and services that serve the needs of businesses.
This Policy does not cover data from which individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.)
RESPONSIBILITIES AND MANAGEMENT
SmashFly has designated the Information Technology (“IT”) department to oversee its information security program; IT works very closely with the Contracts and Legal (“C&L”) team to ensure compliance with the EU Privacy Shield program. C&L shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to legal@SmashFly.com.
SmashFly will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the Personal Data that it collects. SmashFly personnel will receive training, as applicable, to effectively implement this Policy. Please refer to the Data Integrity and Securitysubsection for a discussion of the steps that SmashFly has undertaken to protect Personal Data.
RENEWAL / VERIFICATION
SmashFly will renew its EU Privacy Shield certifications annually, unless it subsequently determines that it no longer needs such certification or if it employs a different adequacy mechanism.
Prior to the re-certification, SmashFly will conduct an in-house verification to ensure that its attestations and assertions with regard to its treatment of SmashFly Customer Personal Data are accurate and that the company has appropriately implemented these practices. Specifically, as part of the verification process, SmashFly will undertake the following:
- Ensure that this Policy continues to comply with the Privacy Shield principles
- Confirm that SmashFly Customers and Candidates are made aware of the process for addressing complaints and any independent dispute resolution process (SmashFly may do so through its publicly posted website, SmashFly Customer contract, or both)
- Review its processes and procedures for training Employees about SmashFly’s participation in the Privacy Shield program and the appropriate handling of SmashFly’s Personal Data
SmashFly will prepare an internal verification statement on an annual basis.
COLLECTION AND USE OF PERSONAL DATA
SmashFly provides various solutions to its SmashFly Customers who purchase/license its products and services. SmashFly collects Personal Data from SmashFly Customers when they purchase/license its products, register with our website, log-in to their account, complete surveys, request information or otherwise communicate with us. For example, SmashFly Customers may choose to seek live support or post to a message board.
The Personal Data that we collect may vary based on the SmashFly Customers’ and Candidates’ interaction with our Website and request for our services. As a general matter, SmashFly collects the following types of Personal Data from its SmashFly Customers and Candidates: contact information, including, a contact person’s name, home email address, home mailing address, personal telephone number, title, and company name. Contact information from SmashFly Customers using our core recruitment marketing platform product would include work email and telephone numbers. No payment information is requested or obtained, as our core product enables our SmashFly Customers to better obtain and communicate with Candidates.
When SmashFly Customers and Candidates use our services online, we will collect their IP address and browser type. We may associate IP address and browser type with a specific customer. We also may collect Personal Data from persons who contact us through our website to request additional information; in such a situation, we would collect contact information (as discussed above) and any other information that the person chooses to submit through our website.
The information that we collect from SmashFly Customers is used for selling the products and services they buy from us, managing transactions, reporting, invoicing, renewals, other operations related to providing services and products to the SmashFly Customer.
SmashFly serves as a service provider. In our capacity as a service provider, we will receive, store, and/or process Personal Data. In such cases, we are acting as a data processor and will process the Personal Information on behalf of and under the direction of our partners and/or agents. The information that we collect from our SmashFly Customers in this capacity is used, as stated above, for managing transactions, reporting, invoicing, renewals, other operations related to providing services to the SmashFly Customer, and as otherwise requested by our partner and/or agent.
Specifically SmashFly uses Personal Data that it collects directly from its SmashFly Customers and Candidates for the following business purposes, without limitation:
- maintaining and supporting its products, delivering and providing the requested products/services, and complying with its contractual obligations related thereto (including managing transactions, reporting, invoices, renewals, and other operations related to providing services to a SmashFly Customer);
- satisfying governmental reporting, tax, and other requirements (e.g., import/export);
- storing and processing data, including Personal Data, in computer databases and servers located in the United States and, in the future, abroad;
- verifying identity (e.g., for online access to SmashFly Customer accounts);
- as reasonably requested by the SmashFly Customer;
- for other business-related purposes permitted or required under applicable local law and regulation;
- and as otherwise required by law or as needed for exercising and defending our legal rights or meeting our legal, contractual and/or regulatory obligations.
DISCLOSURES / ONWARD TRANSFERS OF PERSONAL DATA
Except as otherwise provided herein, SmashFly discloses Personal Data only to SmashFly Customers and Third Parties who reasonably need to know such data only for the scope of a transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.
SmashFly may provide Personal Data to Third Parties that act as agents, consultants, suppliers, subcontractors, subprocessors, and contractors to perform tasks on behalf of and under our instructions. For example, SmashFly may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by SmashFly and they must either:
- comply with the Privacy Shield principles or another mechanism permitted by the applicable EU data protection law(s) for transfers and processing of Personal Data;
- or agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy;
SmashFly also may disclose Personal Data for other purposes, or to other Third Parties when a Candidate has consented to or requested such disclosure. Please be aware that SmashFly may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. SmashFly is liable for appropriate onward transfers of Personal Data to Third Parties.
SmashFly does not collect Sensitive Data (also known as “Highly Sensitive Information under GDPR) from its SmashFly Customers or Candidates.
DATA INTEGRITY AND SECURITY
SmashFly uses commercially reasonable efforts to maintain the accuracy and integrity of Personal Data and to update it as appropriate. SmashFly has implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to SmashFly’s electronic information systems requires user authentication via password or similar means. SmashFly also employs access restrictions, limiting the scope of employees who have access to SmashFly Customer Personal Data.
Further, SmashFly uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all of the time.
ACCESSING PERSONAL DATA
SmashFly personnel may access and use Personal Data only if they are authorized to do so and only for the purpose for which they are authorized.
RIGHT TO ACCESS, CHANGE OR DELETE PERSONAL DATA
- Right to Access. SmashFly Customers and Candidates have the right to know what Personal Data about them is included in the databases and to ensure that such Personal Data is accurate and relevant for the purposes for which SmashFly collected it. Candidates may, through the SmashFly Customer, review their own Personal Data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and SmashFly policies. Upon reasonable request and as required by the Privacy Shield principles, SmashFly allows Candidates working through SmashFly Customers access to their Personal Data, in order to correct or amend such data where inaccurate. SmashFly Customers and Candidates may edit their Personal Data by logging into their account profile or by contacting the applicable SmashFly Customer, respectively. In making modifications to their Personal Data, Candidates must provide only truthful, complete, and accurate information. To request erasure of Personal Data, SmashFly Customers (or Candidates, through the applicable SmashFly Customer) should submit a written request to SmashFly’s headquarters office in Concord, Massachusetts.
- Requests for Personal Data. SmashFly will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise: (a) legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or (b) requests received from the Candidate. If SmashFly receives a request for access to his/her Personal Data from a Candidate, then, unless otherwise required under law or by contract with such SmashFly Customer, SmashFly will refer such Candidate to the SmashFly Customer.
- Satisfying Requests for Access, Modifications, and Corrections. SmashFly will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate Personal Data.
CHANGES TO THIS POLICY
This Policy may be amended from time to time, consistent with the Privacy Shield Principles and applicable data protection and privacy laws and principles. We will make employees available of changes to this policy either by posting to our intranet, through email, or other means. We will notify SmashFly Customers if we make changes that materially affect the way we handle Personal Data previously collected, and we will allow them to choose whether their Personal Data may be used in any materially different manner.
QUESTIONS OR COMPLAINTS
EU-based SmashFly Customers may contact SmashFly with questions or complaints concerning this Policy at the following email address: legal@SmashFly.com
ENFORCEMENT AND DISPUTE RESOLUTION
In compliance with the US-EU Privacy Shield Principles, SmashFly commits to resolve complaints about your privacy and our collection or use of your Personal Information. EU individuals with questions or concerns about the use of their Personal Data should contact us at: legal@SmashFly.com.
If a Customer’s question or concern cannot be satisfied through this process SmashFly has further committed to refer unresolved privacy complaints under US-EU Privacy Shield to an independent dispute resolution mechanism operated by JAMS.
If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by SmashFly, EU individuals may bring a complaint before the JAMS Online Privacy Shield. Information about how to file a complaint before the JAMS program can be found at: https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
SmashFly commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.
If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed please visit: https://www.jamsadr.com/file-a... more information and to file a complaint.
“Candidate” means an identified or identifiable natural living person. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural or social characteristics.
“Employee” means an employee (whether temporary, permanent, part-time, or contract), former employee, independent contractor, or job applicant of SmashFly or any of its affiliates or subsidiaries.
“Europe” or “European” refers to a country in the European Union.
“SmashFly Customer” means a company or organization from the EU that is a business client of SmashFly. The term also shall include any individual agent or representative of a SmashFly Customer, and any employee thereof as part of SmashFly’s business relationship with that company or organization.
“Personal Data” as defined under the European Union Directive 95/46/EC means data that personally identifies or may be used to personally identify a person, including an individual’s name in combination with country of birth, marital status, emergency contact, salary information, terms of employment, job qualifications (such as educational degrees earned), address, phone number, e-mail address, user ID, password, and identification numbers. Personal Data does not include data that is de-identified, anonymous, anonymized, or publicly available.
“Sensitive Data” means Personal Data that discloses a Candidate’s medical or health condition, race or ethnicity, political, religious or philosophical affiliations or opinions, sexual orientation, or trade union membership.
“Third Party” means any individual or entity that is neither SmashFly nor a SmashFly employee, agent, contractor, or representative.
Updated – March 19, 2018