Bullhorn Privacy and Cookies Policy
Persons in the EEA / U.K. / Switzerland: Please note our revised statements on data transfers outside of your territory in Sec. 13 and 14 below.
Version (Effective): May 5, 2021
1. Collected Personal Data and How We Use It
1.1. We collect the following categories of personal data from our customers, customers’ candidates and Site visitors:
1.3. Bullhorn may aggregate and/or de-identify personal data (“Aggregated Data”) and use, disclose, distribute, and publish Aggregated Data for statistical, analytical, machine learning and product enhancement purposes. Bullhorn employs reasonable and technically appropriate measures designed to prevent the re-identification of such personal data by a third-party. Aggregated Data may be shared with third parties for research and other purposes.
1.7. Personal data may be disclosed or distributed to another party with which Bullhorn enters, or may enter, into a corporation transaction. If Bullhorn is acquired in a merger, acquisition, or sale of all or substantially all its assets, you will be notified via email, on our Site and/or by a prominent notice on our Service of any change in the uses of your personal data, as well as any choices you may have regarding your personal data. The disclosure of personal data to another party as set forth herein may involve the transfer of such personal data outside the state, province, country or other jurisdiction in which Bullhorn stores or otherwise processes personal data, subject to Bullhorn taking steps to provide that any such transfer is made only in compliance with applicable laws. In the unlikely event of a bankruptcy, insolvency or liquidation, the database containing personal data may be treated as an asset of Bullhorn and may be subject to transfer to a third party.
1.9. Customers are solely responsible for maintaining the confidentiality and security of their user registration and password. Customers or Site visitors may opt-out of receiving sales, promotional or advertising emails from us by selecting the opt-out link located in the message body of all our electronic communications. Customers or Site visitors may also email email@example.com directly with a request to be removed from such communications. We may also track and analyze information that doesn’t directly identify you as a person and aggregate usage and volume statistical information from our Site visitors, customers’ candidates and customers and provide such information in aggregated form to third parties.
1.10. We are a service provider to our customers and have no direct relationship with the customer candidate or any individual whose personal data a customer processes. If you are a candidate or individual of one of our customers and would no longer like to be contacted by a person or entity that uses our Service, please contact the customer that you interact with directly. If you are a customer and would like to update your account, please contact us at firstname.lastname@example.org.
1.11. Marketing: Bullhorn may also ask website visitors who register for the Bullhorn Community, to provide certain information, such as email addresses to use and receive content from the site. Bullhorn will provide these visitors with the ability to opt-in or opt-out of future communications from the Company as required by applicable law. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or at your member profile on our Site or by contacting us at email@example.com.
2.1. Technologies such as cookies or similar technologies are used by Bullhorn and our partners, affiliates, or our service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
2.2. Log in files: We gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, the files viewed on our site (e.g., HTML pages, graphics, etc.), to analyze trends in the aggregate and administer the Site. We do link these automatically-collected data sets to personal data of you that we may have already stored.
2.3.1. Strictly necessary cookies are required for the operation of the Site. These include, for example, cookies which are necessary for users to create an account or login to secure areas of the Site, and cookies that are required to show error or success messages to users.
2.3.2. Session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. This information allows Bullhorn to process your transactions and requests. Session cookies help us make sure you are who you say you are after you’ve logged in and are required to use the Bullhorn application.
2.3.3. Persistent cookies that only Bullhorn can read and use, to identify the fact that you are a Bullhorn customer or a visitor, who has registered for the Bullhorn Community, to identify and maintain your preferences such as language, country and last check out or to receive certain types of content. Persistent cookies remain on your computer after you’ve closed your browser or turned off your computer. They include such information as a unique identifier for your browser. We are careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users or visitors who disable their Web browsers’ ability to accept cookies will be unable to use all aspects of our service or the Bullhorn Community.
2.3.4 Targeting cookies which store a user’s username, the referring user if using the referral network and the referral source to the Site.
2.3.5. The following third party, performance, and targeting cookies could be used:
2.3.6. Functional cookies which store user ids and enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
2.3.7. Strictly necessary cookies are necessary for the website to function. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
2.6. Social Media (Features) and Widgets: Our Site includes social media features, such as LinkedIn. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.
2.7. Blogs: Our Site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal data from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why. Alternatively, if you used a third-party application to post such information, you can remove it, either by logging into the application and removing the information, or by contacting the appropriate third party application.
3. Access to Personal Data Controlled by Bullhorn
Upon request and within 30 days, or as otherwise required by applicable law, Bullhorn will provide you with information about whether we hold, or process on behalf of a third party, any of your personal data. In addition, Bullhorn will take reasonable steps to permit customers to correct, amend, delete, or receive a copy of their personal data. To request this access, please contact email@example.com. In accordance with customer agreements, Bullhorn will, upon request, provide our customers with a copy of their personal data stored by Bullhorn upon expiration or termination of the customer agreements, unless applicable law determines otherwise.
4. Access to Personal Data, Including Biometric Data, Controlled by our Customers
Bullhorn acknowledges that you have the right to access your personal data and to withdraw consent to the use/processing of your personal data. In most cases, Bullhorn has no direct relationship with the individuals whose personal data it processes for customers. We recommend that an individual who seeks access, or who seeks to correct, amend, delete or receive a copy of personal data should direct his/her query to the Bullhorn customer (the data controller).
Bullhorn customers may collect, store and process biometric data of candidates or individuals, including without limitation fingerprint, retinal and facial recognition data using Bullhorn supplied equipment and/or Services. Bullhorn customers and/or their end users are solely responsible for compliance with any applicable biometric data protection laws including, without limitation, obtaining legally required consents and providing legally required notices and/or opt-out/in requirements to such individuals. The use of any Bullhorn Service by customers or their end users does not guarantee compliance with applicable biometric data protection laws. If you are a candidate or individual of one of our customers or their end users and have any questions or requests or objections related to the collection, storage and processing of your biometric data, please contact the customer or end user that you interact with directly.
If requested to remove data by our customer, we will respond within 30 days or as otherwise required by applicable law. Individuals may also submit such inquiries or requests directly to Bullhorn at no cost for them by contacting firstname.lastname@example.org.
5. Data Retention by Bullhorn
6. Data Security
Bullhorn employs reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal data it processes. When the Service is accessed using Microsoft Internet Explorer versions 8.0 or higher, Transport Layer Security (TLS) technology protects information using both server authentication and data encryption to help provide that personal data is safe, and secure while in transit. Bullhorn also implements an advanced security method based on dynamic data and encoded session identifications, and hosts the Service in a secure server environment that uses a firewall and other advanced technology to protect against interference or access from outside intruders. Finally, Bullhorn provides individual usernames and passwords that must be entered each time a customer logs on. These safeguards help protect against unauthorized access, maintain data accuracy, and provide for the appropriate use of personal data. Nevertheless, no method of transmission over the Internet, or method of electronic storage, is one hundred percent (100%) secure, however. Therefore, we cannot guarantee absolute security. If you have any questions about security on our Service, please contact us at email@example.com.
7. Links to Third Party Sites
8. No Services for Minors
We do not knowingly collect information from minors. To use the Site, you must be the age of legal majority in your place of residence. By using the Site, you hereby represent that you are at least the age of legal majority in your place of residence. We do not use an application or other mechanism to determine the age of users of the Site. All information provided to us will be treated as if it was provided by an adult. We will use commercially reasonable efforts to delete information associated with a minor as soon as practicable if we learn that a minor has submitted information about himself/herself to us.
9. Note for California Residents
10. Do-Not-Track Disclosure
There are many methods where web browser signals and similar mechanisms can indicate your choice to disable tracking. But we may not be aware of or able to honor every such mechanism. Because there is not yet a common understanding of how to interpret web browser-based “Do Not Track” (DNT) signals other than cookies, we may not respond to undefined DNT signals to our Sites or online services. More information about “do not track” is available at www.allaboutdnt.org concerning such information.
We may update this privacy statement to reflect changes to our information practices that will become effective upon posting. If we make material changes to this policy, we will notify you here, by email, or by means of a notice through the Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
13. Data Transfers Outside the EEA, U.K. and Switzerland
Bullhorn Group Companies have entered into Standard Contractual Clauses (“SCC”) among them as authorized by the European Commission under the GDPR for the transfer of personal data from Bullhorn Group Companies in the EEA, UK, and Switzerland to Bullhorn Group Companies outside these territories. The SCC set forth the adequate safeguards for the protection of privacy and fundamental rights and freedoms of European individuals for such data transfers outside the EEA, UK and Switzerland. SCC also safeguard personal data access of our data processors outside the EEA, UK and Switzerland. Please use the contact information in Sec. 15 below to obtain more information on these contractual arrangements.
Bullhorn observes the regulatory developments affecting these data transfers to data importers outside the EEA, U.K. and Switzerland after the CJEU’s “Schrems 2” decision of 07/16/20 (C 318/11) and the effects of the end of the BREXIT transitory period for the U.K. Please visit this website frequently for updates or modifications of this Policy.
14. Bullhorn’s EU-U.S. Privacy Shield / Swiss-U.S. Privacy Shield Framework Policy Statement
Bullhorn, Inc. is responsible for the processing of personal data it receives from data exporters under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Bullhorn, Inc. fully complies with the Privacy Shield Principles and the SCC. With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Bullhorn, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Bullhorn, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
The Company adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, and enforcement and liability as described herein.
15. Data Protection Officers
Bullhorn has appointed Data Protection Officers, who are responsible for matters relating to data privacy and protection. The Data Protection Officers can be contacted by email at DPO@bullhorn.com, or by mail at: Bullhorn, Inc., 100 Summer Street, 17th Floor, Boston, MA 02110, Attn: Data Protection Officer, Legal or K.P. van der Mandelelaan 68-70, 3062 MB Rotterdam, Netherlands, Attn: Data Protection Officer, Legal.