- Collection of Information
- Use of Your Personal Data
- Sharing or Disclosing Your Personal Data
- Children’s Privacy
- Your Choices and Selecting Your Privacy Preferences
- Access to and Accuracy of Your Personal Data – Exercising Your Rights
- Cross Border Transfer of Data
- Contacting Us
2. Collection of Information
Avetta may collect information, which may include personal data, from you in two ways: directly from your input and/or automatically through a Service’s technologies.
a. Information provided by you
The types of information Avetta collects directly from you may include the following as well as any other information type that we expressly request, such as by entering and submitting the information to a Service:
- Contact information, such as your name, email address, and telephone number;
- Usernames and passwords;
- Payment information, such as a credit or debit card number;
- Educational and employment background information, including information required for background tests or other employment-related screenings;
- Comments and feedback;
- Interests and communication preferences; and
- Any other information that you provide to Avetta through a Service.
b. Information Collected Automatically
Each Service automatically collects certain information regarding your use of that Service. Examples of information collected automatically include:
- Internet Protocol (“IP”) address used to connect your computer to the Internet;
- Computer, device and connection information, such as browser type and version, operating system, mobile platform and unique device identifier (“UDID”) and other technical identifiers;
- Uniform Resource Locator (“URL”) click stream data, including date and time, and content you viewed or searched for on a Service;
- Location information for location–aware Services to provide you with more relevant content for where you are in the world.
c. Cookies and Web Beacons
- “Session” cookies, which are temporary and deleted when you close your browser;
- “Persistent” cookies, which remain until you delete them or they expire;
- Web beacons, which are electronic images also known as single–pixel gifs.
In general, cookies, web beacons and similar technologies do not contain personal data, but when you furnish your personal data through a Service, this information may be linked to the non–personal data stored in cookies sent to your browser from the Service.
Avetta and its service providers use these technologies for various purposes, including: facilitating the login process; administering, customizing and improving the Service; personalizing the browsing experience; advertising, promotions and surveys; reporting and paying royalties and license fees to third–party providers and content distributors; as well as tracking and analyzing user preferences and trends.
There are a number of ways to manage cookies. On selected Avetta websites, a cookies banner will appear on the home page to ask your consent to set any cookies that are not required to enable you to visit the website and remember your preferences. In addition, the “help” portion of the toolbar on most browsers will tell you how to stop accepting cookies, how to be notified when you receive a new browser cookie, and how to disable existing browser cookies. However, if you block cookies, you may not be able to register, login or make full use of the Service. You can also use your mobile device’s settings to manage the available privacy options.
Our HTML–formatted emails may contain a web beacon to tell us whether our emails are opened and verify any clicks through to links or advertisements within the email. We may use this information for purposes including determining which of our emails are more interesting to users, to query whether users who do not open our emails wish to continue receiving them and to inform our advertisers in aggregate how many users have clicked on their advertisements. The web beacon will be deleted when you delete the email. Emails in plain text rather than HTML will not include the web beacon.
3. Use of Your Personal Data
We use the personal data collected to complete various actions:
- to register you as a user of a Service;
- to review eligibility to use a Service;
- to assist you in soliciting, bidding for or completing a transaction or order;
- to provide and improve service and support;
- to update you on relevant new services and benefits (with your specific, prior opt–in consent, where required);
- to personalize the Service and to select content to be communicated to you or to use features on the Service such as sharing content with a friend or colleague;
- to contact you regarding our products or services or other products and services from third parties (with your specific, prior opt–in consent, where required);
- to invite you to participate in surveys, sweepstakes, competitions and similar promotions (with your specific, prior opt–in consent, where required);
- to conduct business with our service providers;
- for data analysis, audits, developing new products, enhancing the Service, identifying usage trends and determining the effectiveness of our promotional campaigns, or in other ways to which you have expressly agreed in a customer agreement with us;
- to aggregate information in order to anonymize it for data analysis, audits, developing new products, enhancing the Service, identifying usage trends and determining the effectiveness of our promotional campaigns;
- to prepare or implement reorganization or sale of assets or shares;
- to prevent and detect security threats, fraud or other malicious activity; and
- to comply with our legal obligations, respond to government or judicial requests for information (including in the context of private litigation), resolve disputes, and enforce our agreements.
We may on occasion also match or combine the personal data that you provide with information that we obtain from other sources or that is already in our records, whether collected online or offline or by predecessor or affiliated group companies, for the purposes described above.
4. Sharing or Disclosing Your Personal Data
We may share your personal data, or the Service may permit sharing, in the following ways:
- Subscribers. Subscribers to a Service may be able to directly share personal data with each other, or make personal data available to all other subscribers. If the Service offers a content database or subscription service (“Subscription Service”) and you access the Subscription Service through a subscription, your personal data and certain usage data gathered through the Subscription Service may be shared with your institution for the purposes of usage analysis, subscription management, and testing and remediation. If your institution is a corporation or other business entity, additional usage data, such as the types of records you viewed and the number of searches you ran, also may be shared for the purposes of cost attribution and departmental budgeting.
- Operators. Some of our Services offer you the ability to create a profile and upload information to our database. Your profile and information may be then made available for searching, viewing over the Internet and downloading by our operator customers.
- Agents, Representatives, Sponsors, and Business Partners. Your personal data may be accessible to our agents, representatives, sponsors and entities for which we are acting as an agent, licensee, joint venturer or publisher.
- Service Providers. Your personal data may be accessible to our service providers and suppliers, which assist us with producing and delivering our products and services, operating our business, and marketing, promotion and communications. These providers and suppliers include, for example, editors, reviewers, credit, debit and payment card processors, payments processors, customer support, email service providers, IT service providers, banks and shipping agents.
- Other Third Parties: We may share personal data with other third parties if we expressly told you about such potential disclosure at the point at which you submitted the personal data to us. If you do not want us to share your personal data with these companies, you may contact us at: firstname.lastname@example.org.
- Compliance with Law and Similar Obligations. We may share personal data in order to: (i) respond to or comply with any law, regulation, subpoena or court order, or government or judicial request (including in the context of private litigation); (ii) investigate and help prevent security threats, fraud or other malicious activity; (iii) enforce and protect the rights and properties of Avetta or its affiliates; or (iv) protect the rights or personal safety of our employees and third parties on or using our property. Where relevant, we may share or transfer your personal data in order to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- Change in Corporate Circumstances. If Avetta, the Service or a related asset or line of business is acquired by, transferred to or merged with another company, or otherwise reorganized, your personal data may be disclosed to the prospective or actual purchasers, or other persons involved in the transaction. The Service also may provide access to social media features, message boards, chat, forums, blogs, profile pages and other services to which you are able to post personal data and materials. Any information you post or disclose through these services is public. Please be careful when disclosing personal data in these public areas.
5. Children’s Privacy
We do not knowingly collect personal data from children under the age of 18 and Avetta does not target its Services to children under 18.
6. Your Choices and Selecting Your Privacy Preferences
If you are a user of a Service, you can manage available communications preferences when you register with the relevant Service (including by providing your opt–in consent, where required), by updating your account preferences, or, where applicable, by using the “opt–out” or unsubscribe mechanism or other means provided within the communications that you receive. We reserve the right to notify you of changes or updates to the Service whenever necessary.
7. Access to and Accuracy of Your Personal Data – Exercising Your Rights
If a Service allows registered users to access their registration information and make corrections or updates, the accuracy of such information is solely the responsibility of the user. Subject to any right you may have to access, review, correct, raise an objection or block personal data, no access is given to other personal data or data that may have been collected about users.
To protect your privacy and security, we will also take reasonable steps to verify your identity. To view and change the personal data that you directly provided to us, you can return to the webpage or application where you originally submitted your personal data and follow the instructions on that webpage or application, or contact us at the address listed below.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
The security of your personal data is important to us. We use a variety of data security measures intended to ensure the confidentiality and integrity of your personal data.
10. Cross Border Transfer of Data
For the purposes described in Section 3 above, your personal data may be transferred to recipients mentioned in Section 4 above who are located in other countries that may have personal data protection rules that are less protective than the rules in your country.
For transfers of personal data from the EU to the United States, Avetta, LLC and Avetta Subsidiary Holdings, LLC have self–certified to the US Department of Commerce under the EU–U.S. Privacy Shield Framework and the U.S.–Swiss Safe Harbor Framework. Our Privacy Shield Notice is available here. The Safe Harbor Policy for Avetta, LLC and Avetta Subsidiary Holdings, LLC is in section 12 below.
11. Contacting Us
Attention: Privacy Officer
17671 Cowan, Suite 125
Irvine, California 92614, USA
Telephone: 1 949–936–4500
AVETTA has self–certified to the US Department of Commerce under the U.S.–Swiss Safe Harbor Framework and declare that it adheres to the Safe Harbor Principles of Notice; Choice; Onward Transfer; Access; Security; Data Integrity; and Enforcement. To learn more about the Safe Harbor Framework, and to view AVETTA’s certification, please visit http://www.export.gov/safeharbor/ and https://safeharbor.export.gov/swisslist.aspx, respectively.
- Definitions. For purposes of this Safe Harbor Policy, the following definitions shall apply:
- “Agent” means any third–party data processor that processes data provided by AVETTA on its behalf and under its instructions, including, clients, customers, contractors, vendors and suppliers.
- “Personal data” means any data or set of information that identifies or could be used by or on behalf of AVETTA to identify a living individual.
- “Sensitive personal data” means any personal data that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life, or information about criminal or administrative proceedings and sanctions.
- Notice. Where AVETTA collects personal data directly from individuals in Switzerland, it will inform them about the purposes for which it collects and uses personal data about them, the types of non–Agent third parties, if any, to which AVETTA discloses that data; the choices and means, if any, AVETTA offers individuals for limiting the use and disclosure of personal data about them; and how to contact AVETTA. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal data to AVETTA, or as soon as practicable thereafter. In any event, AVETTA will provide notice before it uses or discloses the personal data for a purpose other than that for which it was originally collected. AVETTA users personal data as described above in section 3 (Use of Your Personal Data) and discloses it as described in section 4 (Sharing or Disclosing Your Personal Data).
- Choice. AVETTA will offer individuals the opportunity to choose (opt–out of) whether their personal data is (a) disclosed to a non–agent third party; or (b) used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive personal data, AVETTA will give individuals the opportunity to affirmatively and explicitly (opt–in to) consent to the disclosure of the information to a non–Agent third party or the use of the data for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. AVETTA will provide individuals with reasonable mechanisms to exercise their choices. For more information regarding how to exercise your choices, please see sections 6 (Your Choices and Selecting Your Privacy Preferences) and 7 (Access to and Accuracy of Your Personal Data – Exercising Your Rights) above.
- Onward Transfers. AVETTA will obtain assurances from its Agents that they will safeguard personal data and adhere with the requirements set forth in this Safe Harbor Policy. Examples of appropriate assurances include:
Where AVETTA has knowledge that an Agent is using or disclosing personal data in a manner contrary to this Safe Harbor Policy, AVETTA will take reasonable steps to prevent or stop the use or disclosure.
- a contract between us and the Agent that requires the Agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles;
- the Agent being subject to Swiss Federal Act on Data Protection; and
- Safe Harbor certification of the Agent.
- Security. AVETTA will take reasonable physical, electronic, and administrative safeguards to protect personal data in its possession from loss, misuse, unauthorized access, disclosure, alteration and destruction. AVETTA will take special care to ensure the security of sensitive personal data.
- Data Integrity. AVETTA will use personal data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. AVETTA will also take reasonable steps to ensure that personal data is relevant for its intended use, it is accurate, complete and current.
- Access. Upon request, AVETTA will grant individuals reasonable access to personal data that it holds about them. In addition, AVETTA will take reasonable steps to permit individuals to correct, amend, or delete data that is inaccurate or incomplete. Our website allows you to edit your personal data by accessing the “my profile” feature once you log into your account. If you contact us with a request for access to your personal data, we will evaluate your request and we will respond within 30 days, if not sooner. We will retain your personal data for the minimum length of time as is necessary or required to comply with our legal obligations or enforce our agreements. For more information regarding your access capabilities, please see sections 6 (Your Choices and Selecting Your Privacy Preferences) and 7 (Access to and Accuracy of Your Personal Data – Exercising Your Rights) above.
- Enforcement. AVETTA will conduct compliance audits of its relevant privacy practices to verify adherence to this Safe Harbor Policy. Any AVETTA employee that we determine has acted in violation of this Safe Harbor Policy will be subject to disciplinary action up to and including termination of employment. AVETTA encourages any interested persons to raise any questions or concerns using the contact information provided below. AVETTA will investigate and attempt to resolve any complaints and disputes regarding the use and disclosure of personal data in accordance with the provisions of this Safe Harbor Policy.
AVETTA, LLC has further committed to refer unresolved privacy complaints under the U.S.–Swiss Safe Harbor Principles to an independent dispute resolution mechanism. If you have an unresolved privacy or data use complaint that we have not addressed satisfactorily, please contact, free of charge, our U.S.–based third party dispute resolution provider, TRUSTe, at https://feedback-form.truste.com/watchdog/request.