Bullhorn Privacy and Cookies Policy
Version: September 12th, 2016
- Bullhorn’s Privacy Shield Policy Statement/ Swiss-US Safe Harbor
Bullhorn, Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Bullhorn, Inc. is committed to subjecting all personal data it receives from data exporters in any European Union (EU) or European Economic Areas (EEA) member state, under the EU-US Privacy Shield Framework, to its applicable Privacy Shield Principles. To learn more about the Privacy Shield Framework and the Privacy Shield Principles, please visit the U.S. Department of Commerce’s Privacy Shield website at https://www.privacyshield.gov.
Bullhorn, Inc. is responsible for the processing of personal data it receives from data exporters under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Bullhorn fully complies with the Privacy Shield Principles. The Company adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, and enforcement and liability as described in more detail in our “Commitment to the Privacy Shield Principles” in Section 14 below. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Bullhorn, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Bullhorn, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions which are more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration for an unresolved dispute you may have with us.
For personal data transfers out of Switzerland to us, we follow the requirements of the U.S. – Swiss Safe Harbor Framework at http://2016.export.gov/safeharbor/swiss/. Please note our commitments on the U.S. – Swiss Safe Harbor list (https://safeharbor.export.gov/swisslist.aspx). Bullhorn has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. Our commitments to the Privacy Shield (Section 10) also apply to the covered data flows from Switzerland, to the extent applicable, in particular using our U.S.-based third-party dispute resolution provider (free of charge).
- Collected Information
2.1. We collect the following categories of personal information from our customers, customers’ candidates and Site visitors:
- 2.1.1 Customer candidate contact Information such as name, email address, mailing address, phone number, employment history, health insurance information (excluding health information protected as “sensitive data” under EU law), social security number or tax identification numbers.
- 2.1.2. Billing Information such as credit or debit card number, ACH payment information and billing address.
- 2.1.3. Identifiers such as user name, account number, password, IP addresses.
- 2.1.4. We also collect the following information from our customers: Information about a customer’s business such as company name, company size, business type, and contact information.
- 2.1.5. Demographic information of our customers, customers’ candidates and Site visitors, as the case may be, such as age, education, gender, interests, postal code, and financial background check results (if applicable).
- 2.1.6. Email addresses, names, and contact information of visitors who register for the Bullhorn Community.
- 2.1.7. Email addresses and names in blog entries.
2.2. We use the personal information collected from these individuals only for the following purposes:
- 2.2.1. Provide the Service to our customers.
- 2.2.2. Keep records of customer activity.
- 2.2.3. Keep records of customer information.
- 2.2.4. Administer a customer’s accounts.
- 2.2.5. Respond to a customer’s service or support requests.
- 2.2.6. For marketing purposes.
2.4. We may email information regarding updates to the Service or additional service offerings to our customers in accordance with the terms and conditions of each customer’s agreements with us.
2.6. Personal information may be disclosed or distributed to another party with which Bullhorn enters, or may enter, into a corporation transaction. If Bullhorn is acquired in a merger, acquisition, or sale of all or substantially all of its assets, you will be notified via email, on our Site and/or by a prominent notice on our Service of any change in the uses of your personal information, as well as any choices you may have regarding your personal information. In the unlikely event of a bankruptcy, insolvency or liquidation, the database containing personal information may be treated as an asset of Bullhorn and may be subject to transfer to a third party.
2.7. Bullhorn may disclose personal information to companies that assist us in providing our Services or that partner with us to provide you their services or content. In this context, any such transfers to third parties are governed by our vendor agreements with them, which provide standards of care for the protection for personal and confidential information that are not less stringent than the standards contained in our customer agreements, and in no event less than a reasonable standard of care. Such third-party companies are authorized to use your personal information only as necessary to provide these services to us and/or you and for the purposes for which the personal information were collected. In the case of partners with whom you contract directly, their policies regarding personal information will govern your relationship with them as stated in the applicable agreement between you and the partner and we will not be responsible for any actions or omission of these partners.
2.8. Customers are solely responsible for maintaining the confidentiality and security of their user registration and password. Customers or Site visitors may opt-out of receiving advertisement or promotional emails from us by selecting the opt-out link located in the message body of all our electronic communications. Customers or Site visitors may also email email@example.com directly with a request to be removed from such communications. We may also track and analyze information that doesn’t identify you as a person and aggregate usage and volume statistical information from our Site visitors, candidate customers and customers and provide such information in aggregated form to third parties.
2.9. We are a service provider to our customers and have no direct relationship with the customer candidate or any individual whose personal information a customer processes. If you are a candidate or individual of one of our customers and would no longer like to be contacted by a person or entity that uses our Service, please contact the customer that you interact with directly. If you are a customer and would like to update your account please contact us at firstname.lastname@example.org.
2.10. Marketing: Bullhorn may also ask visitors who register for the Bullhorn Community, to provide certain information, such as email addresses to use and receive content from the site. Bullhorn will provide these visitors with the ability to opt-in or opt-out of future communications from the company. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or at your member profile on our Site or by contacting us at email@example.com.
3.1. Technologies such as cookies or similar technologies are used by Bullhorn and our partners, affiliates, or our service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
3.2. Log in files: We gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, the files viewed on our site (e.g., HTML pages, graphics, etc.), to analyze trends in the aggregate and administer the Site. We do link these automatically-collected data sets to personal information of you that we may have already stored.
3.3.1. Strictly necessary cookies are required for the operation of the Site. These include, for example, cookies which are necessary for users to create an account or login to secure areas of the Site, and cookies that are required to show error or success messages to users.
3.3.2. Session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. This information allows Bullhorn to process your transactions and requests. Session cookies help us make sure you are who you say you are after you’ve logged in and are required in order to use the Bullhorn application.
3.3.3. Persistent cookies that only Bullhorn can read and use, to identify the fact that you are a Bullhorn customer or a visitor, who has registered for the Bullhorn Community, to identify and maintain your preferences such as language, country and last check out or to receive certain types of content. Persistent cookies remain on your computer after you’ve closed your browser or turned off your computer. They include such information as a unique identifier for your browser. We are especially careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users or visitors who disable their Web browsers’ ability to accept cookies will be unable to use all aspects of our service or the Bullhorn Community.
3.3.4 Targeting cookies which store a user’s username, the referring user if using the referral network and the referral source to the Site.
3.3.5. The following third party cookies could be used:
- Internet Explorer 8 and later versions = In Private
- Safari 2 and superior = Private Navigation/Browsing
- Opera 10.5 and later versions = Private Navigation/Browsing
- FireFox 3.5 and later versions = Private Navigation/Browsing
- Google Chrome 10 and later versions = Incognito.
3.5. Targeted Advertisement: We partner with third parties to either display advertising on our Site or to manage our advertising on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on this Site and other websites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking http://preferences-mgr.truste.com (or if located in the European Union click or http://www.youronlinechoices.eu). Please note this does not opt you out of generic ads. You will continue to receive generic ads.
3.6. Social Media (Features) and Widgets: Our Site includes social media features, such as LinkedIn. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.
3.7. Blogs: Our Site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. Alternatively, if you used a third party application to post such information, you can remove it, either by logging into the application and removing the information, or by contacting the appropriate third party application.
- Access to Personal Information Controlled by Bullhorn
4.1. Upon request and within 45 days, Bullhorn will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. In addition, Bullhorn will take reasonable steps to permit customers to correct, amend, or delete their personal information. To request this access, please contact email@example.com.
4.2. We may retain your information for as long as your account is active or as needed to provide you with our Services, comply with our contractual and/or legal obligations, resolve disputes and enforce our agreements.
- Access to Personal Information Controlled by our Customers
In most cases, Bullhorn has no direct relationship with the individuals whose personal information it processes. We recommend that an individual who seeks access, or who seeks to correct, amend, or delete personal information should direct his query to the Bullhorn’s customer (the data controller). If requested to remove data by our customer, we will respond within 45 days. Individuals may also submit such inquiries or requests directly to Bullhorn at no cost for them by contacting firstname.lastname@example.org.
- Data Retention by Us
We will retain personal information we process on behalf of our Customers for as long as needed to provide Services to our customer and as required under customer agreements. We will also retain this personal information as necessary to comply with our legal and/or contractual obligations, resolve disputes, and enforce our agreements. When the purpose for which Bullhorn is processing the personal information is fulfilled, expires or is terminated, Bullhorn will, upon request, provide our customers with a copy of their personal information stored by us, and Bullhorn will then either delete or anonymize/de-identify any remaining personal information in accordance with our customer agreements.
- Data Security
Bullhorn employs reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal information it processes. When the Service is accessed using Microsoft Internet Explorer versions 5.0 or higher, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help provide that personal information is safe, and secure while in transit. Bullhorn also implements an advanced security method based on dynamic data and encoded session identifications, and hosts the Service in a secure server environment that uses a firewall and other advanced technology to protect against interference or access from outside intruders. Finally, Bullhorn provides individual usernames and passwords that must be entered each time a customer logs on. These safeguards help protect against unauthorized access, maintain data accuracy, and provide for the appropriate use of personal information. Nevertheless, no method of transmission over the Internet, or method of electronic storage, is one hundred percent (100%) secure, however. Therefore, we cannot guarantee absolute security. If you have any questions about security on our Service, please contact us at email@example.com.
- Links to Third Party Sites
- No Services for Minors
We do not knowingly collect information from minors. To use the Site, you must be the age of legal majority in your place of residence. By using the Site, you hereby represent that you are at least the age of legal majority in your place of residence. We do not use an application or other mechanism to determine the age of users of the Site. All information provided to us will be treated as if it was provided by an adult. We will use commercially reasonable efforts to delete information associated with a minor as soon as practicable if we learn that a minor has submitted information about himself/herself to us.
- Note for California Residents
California law permits California residents who provide us with personal information to request certain information regarding our disclosure of such information to third parties for their direct marketing purposes. We do not, at this time, disclose such information to third parties for their direct marketing purposes. If we change this policy, we will update this provision and provide instructions on how you may make a request for details.
- Do-Not-Track Disclosure
There are many methods where web browser signals and similar mechanisms can indicate your choice to disable tracking. But we may not be aware of or able to honor every such mechanism. Because there is not yet a common understanding of how to interpret web browser-based “Do Not Track” (DNT) signals other than cookies, we may not respond to undefined DNT signals to our Sites or online services. More information about “do not track” is available at www.allaboutdnt.org concerning such information.
We may update this privacy statement to reflect changes to our information practices that will become effective upon posting. If we make material changes to this policy, we will notify you here, by email, or by means of a notice through the Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
- Commitment to the Privacy Shield Principles
- Notice – Bullhorn discloses the personal data categories being collected from EU/ EEA and Swiss customers, candidate customers and Site visitors, the purpose(s) of the data collection and other data processing, and any third party with whom these personal data may be shared as further described above in Sections 2.1 through 2.5 of this policy.
- Choice – Bullhorn offers all its customers, candidate customers and Site visitors to opt-out of any transfer of data to third parties or use of collected data for purposes other than originally stated for and authorized unless explicitly permitted by the affected individual. We also offer the individuals covered by the Privacy Shield choices for limiting the use and disclosure of their personal data. (See Sections 2.8, 2.9. and 3.4 above). Any covered individual can email us at firstname.lastname@example.org directly with his/her choice request, or can write us using the address indicated at the end of this policy with his/her choice.
- Onward Transfer And Accountability – Bullhorn will disclose personal information covered by the Privacy Shield to its agents only pursuant to the Notice and Choice principle to the extent applicable to the transfer unless the onward transfer is authorized in advance by informed, written consent by the individual affected by it. Before transferring personal information to an agent we will (i) provide that the transfer of such data is only for the limited and specified purposes the personal information were collected for; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Privacy Shield Principles; (iii) take reasonable and appropriate steps to provide that the agent effectively processes the personal information transferred in a manner consistent with our obligations under the Privacy Shield Principles; (iv) require the agent to notify us if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles; and (v) upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing. In the cases set forth in the Privacy Shield Principles, we will be liable for the actions of the agent.
- Security – Bullhorn will take reasonable precautions in its protection of data and any misuse, loss, destruction, alteration, and unauthorized access or disclosure. See Section 7 above for more details.
- Access – Bullhorn will provide access free of charge for its customers and customers’ candidates to their personal information and allow them to correct, amend, or request deletion of personal information where such personal information is inaccurate, unless the cost of such access is prohibitive in relation to the risk of privacy or where the rights of another individual would be violated. See Sections 4 and 5 above for more details on the access request.
- Data Integrity and Purpose Limitation – Bullhorn will take all reasonable steps to provide that any personal information it processes (including any processing through is agents) is limited by the purpose(s) for which such personal information has been collected.
- Recourse, Enforcement and Liability – Bullhorn will attempt to reasonably resolve any concerns related to the processing of his/her personal information directly with the individual. In the event a resolution cannot be reached, EU or EEA customers may engage Bullhorn’s independent recourse mechanism, our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request if you have any unresolved dispute with us.
Office of Information Security & Compliance
100 Summer Street
Boston, MA 02210
Main Number: 1-617-478-9100