Bullhorn Privacy and Cookies Policy

Version: July 6th, 2017

This Privacy and Cookies Policy applies to all data collections and other data processing of Bullhorn, Inc., in particular through www.bullhorn.com and through its service platforms www.bullhornstaffing.com, https://bbo.bullhornstaffing.com, https://www.salesduel.com, and https://prod.vms-express.com (each referred to herein as a “Site”) owned and operated by it. For purposes of this Privacy Policy any reference to “Bullhorn” (or “our” or “us” or “we”) shall mean Bullhorn, Inc., Bullhorn, Bullhorn, International Limited and /or their subsidiaries, as applicable. This Privacy Policy describes how Bullhorn collects, uses, shares and safeguards the personal information (or in the EU/Switzerland: “personal data”) you provide to us. It also describes your choices regarding use, access and correction of your personal information. The use of information collected through our service shall be limited to the purpose of providing the Bullhorn Service (“Service”) for which the customer has engaged Bullhorn as set out in the Master Subscription Agreement, Terms of Service, and other agreements with the customer and this Privacy Policy.

1. Bullhorn’s EU-U.S. Privacy Shield  / Swiss-US Privacy Shield Framework Policy Statement

Bullhorn, Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively.  Bullhorn, Inc.  has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield programs, and to view our certification, please visit https://www.privacyshield.gov/.   Bullhorn, Inc. is committed to subjecting all personal data it receives from data exporters in any European Union (EU), Switzerland or European Economic Areas (EEA) member state, under the Privacy Shield Framework, to its applicable Privacy Shield Principles.  To learn more about the Privacy Shield Framework and the Privacy Shield Principles, please visit the U.S. Department of Commerce’s Privacy Shield website at https://www.privacyshield.gov.

Bullhorn, Inc. is responsible for the processing of personal data it receives from data exporters under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf.  Bullhorn fully complies with the Privacy Shield Principles. The Company adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, and enforcement and liability as described in more detail in our “Commitment to the Privacy Shield Principles” in Section 14 below. With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Bullhorn, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Bullhorn, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under certain conditions which are more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration for an unresolved dispute you may have with us.

2. Collected Information

2.1. We collect the following categories of personal information from our customers, customers’ candidates and Site visitors:

• 2.1.1 Customer candidate contact Information such as name, email address, mailing address, phone number, employment history, health insurance information (excluding health information protected as “sensitive data” under EU/Swiss law), social security number, or tax, license or other identification numbers.
• 2.1.2. Billing Information such as credit or debit card number, ACH payment information and billing address.
• 2.1.3. Identifiers such as user name, account number, password, IP addresses.
• 2.1.4. We also collect the following information from our customers: Information about a customer's business such as company name, company size, business type, and contact information.
• 2.1.5. Demographic information of our customers, customers’ candidates and Site visitors such as age, education, gender, interests, postal code, veteran status, union affiliation, and financial background check results (if applicable).
• 2.1.6. Email addresses, names, and contact information of visitors who register for the Bullhorn Community.
• 2.1.7. Email addresses and names in blog entries.
• 2.1.8 Emails (including addresses and names) of our customers’ users and their recipients.

2.2. We use the personal information collected from these individuals only for the following purposes:

• 2.2.1. Provide the Service to our customers.
• 2.2.2. Keep records of customer activity.
• 2.2.3. Keep records of customer information.
• 2.2.4. Administer a customer's accounts.
• 2.2.5. Respond to a customer's service or support requests.
• 2.2.6. For marketing purposes.

2.3. We will only share your personal information with third parties (our agents) in the ways that are described in our customer agreements and this Privacy Policy. We do not sell your personal information to third parties.

2.4.  We may email information regarding updates to the Service or additional service offerings to our customers in accordance with the terms and conditions of each customer’s agreements with us.

2.5. Other third parties, such as content or third party service providers, may provide content or services through the Service and may need access to your personal information to provide their services to you. Customers will be using a Service to host data and information. Bullhorn will not use or disclose your personal information, except (i) to the extent necessary to provide the Service to you or as requested by you, or (ii) pursuant to law, as determined by Bullhorn in its sole discretion, or (iii) by a court order, or (iv) as described in Section 3.3.5 of this Privacy Policy. Individual customer or customer candidate records may at times be viewed or accessed by Bullhorn’s authorized employees or  agents only for the purpose(s) of (i) providing the Service and related professional services to customer or customer candidates, (ii) resolving a support issue affecting any of them, (iii) to inspect and resolve a suspected violation of customer agreements with a customer, or (iv) as may be required by law, as determined by Bullhorn in its sole discretion, judicial proceeding, subpoena, legal process or binding court order. We also reserve the right to disclose your personal information as required by law and when we believe, in our sole discretion, that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, subpoena, binding court order, or legal process.

2.6. Personal information may be disclosed or distributed to another party with which Bullhorn enters, or may enter, into a corporation transaction. If Bullhorn is acquired in a merger, acquisition, or sale of all or substantially all its assets, you will be notified via email, on our Site and/or by a prominent notice on our Service of any change in the uses of your personal information, as well as any choices you may have regarding your personal information. In the unlikely event of a bankruptcy, insolvency or liquidation, the database containing personal information may be treated as an asset of Bullhorn and may be subject to transfer to a third party.

2.7. Bullhorn may disclose personal information to companies that assist us in providing our Services or that partner with us to provide you their services or content. In this context, any such transfers to third parties are governed by our vendor agreements with them, which provide standards of care for the protection for personal and confidential information that are not less stringent than the standards contained in our customer agreements, and in no event, less than a reasonable standard of care. Such third-party companies are authorized to use your personal information only as necessary to provide these services to us and/or you and for the purposes for which the personal information were collected. In the case of partners with whom you contract directly, their policies regarding personal information will govern your relationship with them as stated in the applicable agreement between you and the partner and we will not be responsible for any actions or omission of these partners.

2.8. Customers are solely responsible for maintaining the confidentiality and security of their user registration and password. Customers or Site visitors may opt-out of receiving advertisement or promotional emails from us by selecting the opt-out link located in the message body of all our electronic communications. Customers or Site visitors may also email privacy@bullhorn.com directly with a request to be removed from such communications. We may also track and analyze information that doesn’t identify you as a person and aggregate usage and volume statistical information from our Site visitors, candidate customers and customers and provide such information in aggregated form to third parties.

2.9. We are a service provider to our customers and have no direct relationship with the customer candidate or any individual whose personal information a customer processes. If you are a candidate or individual of one of our customers and would no longer like to be contacted by a person or entity that uses our Service, please contact the customer that you interact with directly. If you are a customer and would like to update your account, please contact us at privacy@bullhorn.com.

2.10. Marketing: Bullhorn may also ask visitors who register for the Bullhorn Community, to provide certain information, such as email addresses to use and receive content from the site. Bullhorn will provide these visitors with the ability to opt-in or opt-out of future communications from the company. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or at your member profile on our Site or by contacting us at privacy@bullhorn.com.

3. How We Use Cookies, Log Files, Social Media Plug-ins and Other Tracking Technologies

3.1. Technologies such as cookies or similar technologies are used by Bullhorn and our partners, affiliates, or our service providers. These technologies are used in analyzing trends, administering the site, tracking users' movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

3.2. Log in files: We gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, the files viewed on our site (e.g., HTML pages, graphics, etc.), to analyze trends in the aggregate and administer the Site. We do link these automatically-collected data sets to personal information of you that we may have already stored.

3.3. Cookies: We use cookies to remember users' settings (e.g. language preference), and for your authentication when you visit the Site or use the Service, as the case may be. The following information will help you to understand the different types of cookies used:

3.3.1. Strictly necessary cookies are required for the operation of the Site. These include, for example, cookies which are necessary for users to create an account or login to secure areas of the Site, and cookies that are required to show error or success messages to users.

3.3.2. Session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. This information allows Bullhorn to process your transactions and requests. Session cookies help us make sure you are who you say you are after you’ve logged in and are required to use the Bullhorn application.

3.3.3. Persistent cookies that only Bullhorn can read and use, to identify the fact that you are a Bullhorn customer or a visitor, who has registered for the Bullhorn Community, to identify and maintain your preferences such as language, country and last check out or to receive certain types of content. Persistent cookies remain on your computer after you’ve closed your browser or turned off your computer. They include such information as a unique identifier for your browser. We are especially careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users or visitors who disable their Web browsers’ ability to accept cookies will be unable to use all aspects of our service or the Bullhorn Community.

3.3.4 Targeting cookies which store a user’s username, the referring user if using the referral network and the referral source to the Site.

3.3.5. The following third party cookies could be used:

• Google Analytics – the Website uses cookies from Google Analytics to track user behaviors and overall trends. This helps us to improve the way the Site works.
• Silverpop – the Site uses cookies from Silverpop to track user behaviors and market to users based on their behaviors.
• Visual Website Optimizer – the Site uses cookies from Visual Website Optimizer to track users’ reactions to A/B tests. A/B tests are the creation of two or more versions of a website or portion thereof to determine which one performs better.
• Marketo - the Site uses cookies from Marketo to improve user experience and shorten contact forms for visitors that have previously visited the Site.

Please note that other third parties may also use cookies. These cookies are likely to be analytical/performance cookies or targeting cookies and include, for example, those from advertising networks or providers of external services.

3.4. Opt-out: You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited. Many browsers allow a private mode to be activated through which the cookies are always erased after the visit. Depending on each browser, this private mode can have different names. The following is a list of the most common browsers and the different names for “private mode”:

• Internet Explorer 8 and later versions = In Private
• Safari 2 and superior = Private Navigation/Browsing
• Opera 10.5 and later versions = Private Navigation/Browsing
• FireFox 3.5 and later versions = Private Navigation/Browsing
• Google Chrome 10 and later versions = Incognito.

3.5. Targeted Advertisement: We partner with third parties to either display advertising on our Site or to manage our advertising on other sites. Our third-party partners may use technologies such as cookies to gather information about your activities on this Site and other websites to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking http://preferences-mgr.truste.com (or if located in the European Union click or http://www.youronlinechoices.eu). Please note this does not opt you out of generic ads. You will continue to receive generic ads.

3.6. Social Media (Features) and Widgets: Our Site includes social media features, such as LinkedIn. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.

3.7. Blogs: Our Site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at privacy@bullhorn.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. Alternatively, if you used a third-party application to post such information, you can remove it, either by logging into the application and removing the information, or by contacting the appropriate third party application.

4. Access to Personal Information Controlled by Bullhorn

4.1. Upon request and within 45 days, Bullhorn will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. In addition, Bullhorn will take reasonable steps to permit customers to correct, amend, or delete their personal information. To request this access, please contact privacy@bullhorn.com.

4.2. We may retain your information for as long as your account is active or as needed to provide you with our Services, comply with our contractual and/or legal obligations, resolve disputes and enforce our agreements.

5. Access to Personal Information Controlled by our Customers

Bullhorn acknowledges that you have the right to access your personal information. In most cases, Bullhorn has no direct relationship with the individuals whose personal information it processes. We recommend that an individual who seeks access, or who seeks to correct, amend, or delete personal information should direct his query to the Bullhorn's customer (the data controller). If requested to remove data by our customer, we will respond within 45 days.  Individuals may also submit such inquiries or requests directly to Bullhorn at no cost for them by contacting privacy@bullhorn.com.

6. Data Retention by Us

We will retain personal information we process on behalf of our Customers for as long as needed to provide Services to our customer and as required under customer agreements. We will also retain this personal information as necessary to comply with our legal and/or contractual obligations, resolve disputes, and enforce our agreements. When the purpose for which Bullhorn is processing, the personal information is fulfilled, expires or is terminated, Bullhorn will, upon request, provide our customers with a copy of their personal information stored by us, and Bullhorn will then either delete or anonymize/de-identify any remaining personal information in accordance with our customer agreements.

7. Data Security

Bullhorn employs reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal information it processes. When the Service is accessed using Microsoft Internet Explorer versions 5.0 or higher, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help provide that personal information is safe, and secure while in transit. Bullhorn also implements an advanced security method based on dynamic data and encoded session identifications, and hosts the Service in a secure server environment that uses a firewall and other advanced technology to protect against interference or access from outside intruders. Finally, Bullhorn provides individual usernames and passwords that must be entered each time a customer logs on. These safeguards help protect against unauthorized access, maintain data accuracy, and provide for the appropriate use of personal information. Nevertheless, no method of transmission over the Internet, or method of electronic storage, is one hundred percent (100%) secure, however. Therefore, we cannot guarantee absolute security. If you have any questions about security on our Service, please contact us at privacy@bullhorn.com.

8. Links to Third Party Sites

Our Service includes links to other Web sites whose privacy practices may differ from those at www.bullhornstaffing.com and https://bbo.bullhornstaffing.com. If you submit personal information to any of these sites, your information is governed by the applicable third-party’s privacy policies and we are not responsible for it. We therefore encourage you to carefully read the privacy policy of any Web site you visit and raise questions directly with these other providers.

9. No Services for Minors

We do not knowingly collect information from minors. To use the Site, you must be the age of legal majority in your place of residence. By using the Site, you hereby represent that you are at least the age of legal majority in your place of residence. We do not use an application or other mechanism to determine the age of users of the Site.  All information provided to us will be treated as if it was provided by an adult. We will use commercially reasonable efforts to delete information associated with a minor as soon as practicable if we learn that a minor has submitted information about himself/herself to us.

10. Note for California Residents

California law permits California residents who provide us with personal information to request certain information regarding our disclosure of such information to third parties for their direct marketing purposes. We do not, at this time, disclose such information to third parties for their direct marketing purposes. If we change this policy, we will update this provision and provide instructions on how you may make a request for details

11. Do-Not-Track Disclosure

There are many methods where web browser signals and similar mechanisms can indicate your choice to disable tracking. But we may not be aware of or able to honor every such mechanism. Because there is not yet a common understanding of how to interpret web browser-based “Do Not Track” (DNT) signals other than cookies, we may not respond to undefined DNT signals to our Sites or online services. More information about “do not track” is available at www.allaboutdnt.org concerning such information.

12. Severability

The invalidity or unenforceability of any provisions of this Privacy Policy in any country shall not affect the validity or enforceability of any other provision of this Privacy Policy, which shall remain in full force and effect.

13. Changes in this Privacy Policy

We may update this privacy statement to reflect changes to our information practices that will become effective upon posting. If we make material changes to this policy, we will notify you here, by email, or by means of a notice through the Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

14. Commitment to the Privacy Shield Principles

• Notice – Bullhorn discloses the personal data categories being collected from EU/ EEA and Swiss customers, candidate customers and Site visitors, the purpose(s) of the data collection and other data processing, and any third party with whom these personal data may be shared as further described above in Sections 2.1 through 2.5 of this policy.
• Choice – Bullhorn offers all its customers, candidate customers and Site visitors to opt-out of any transfer of data to third parties or use of collected data for purposes other than originally stated for and authorized unless explicitly permitted by the affected individual. We also offer the individuals covered by the Privacy Shield choices for limiting the use and disclosure of their personal data. (See Sections 2.8, 2.9. and 3.4 above). Any covered individual can email us at privacy@bullhorn.com directly with his/her choice request, or can write us using the address indicated at the end of this policy with his/her choice.
• Onward Transfer and Accountability – Bullhorn will disclose personal information covered by the Privacy Shield to its agents only pursuant to the Notice and Choice principle to the extent applicable to the transfer unless the onward transfer is authorized in advance by informed, written consent by the individual affected by it. Before transferring personal information to an agent we will (i) provide that the transfer of such data is only for the limited and specified purposes the personal information were collected for; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Privacy Shield Principles; (iii) take reasonable and appropriate steps to provide that the agent effectively processes the personal information transferred in a manner consistent with our obligations under the Privacy Shield Principles; (iv) require the agent to notify us if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles; and (v) upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing. In the cases set forth in the Privacy Shield Principles, we will be liable for the actions of the agent.
• Security – Bullhorn will take reasonable precautions in its protection of data and any misuse, loss, destruction, alteration, and unauthorized access or disclosure. See Section 7 above for more details.
• Access – Bullhorn will provide access free of charge for its customers and customers’ candidates to their personal information and allow them to correct, amend, or request deletion of personal information where such personal information is inaccurate, unless the cost of such access is prohibitive in relation to the risk of privacy or where the rights of another individual would be violated. See Sections 4 and 5 above for more details on the access request.
• Data Integrity and Purpose Limitation – Bullhorn will take all reasonable steps to provide that any personal information it processes (including any processing through is agents) is limited by the purpose(s) for which such personal information has been collected.
• Recourse, Enforcement and Liability – Bullhorn will attempt to reasonably resolve any concerns related to the processing of his/her personal information directly with the individual. In the event a resolution cannot be reached, EU, Swiss or EEA customers may engage Bullhorn's independent recourse mechanism, our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request if you have any unresolved dispute with us.

Any questions or complaints concerning Bullhorn's Privacy Policy or handling of personal information can be directed to:

privacy@bullhorn.com or
Office of Information Security & Compliance
Bullhorn, Inc.
100 Summer Street
17^th Floor
Boston, MA 02210
Main Number: 1-617-478-9100