Last Modified: January 1, 2020
1. PRIVACY STATEMENT
PC Legal Tools Inc, dba Tracker Corp (“Tracker”) has created this Policy to demonstrate our commitment to privacy. This Policy discloses information gathering and dissemination practices for Tracker’s Products and third-party software embedded therein, as further defined in Tracker’s Subscription License Agreements (collectively, the “Application”).
A. Information Collection and Use
Tracker is not responsible for the privacy practices of its Customers. Tracker Corp’s Customers may include your employer, or a third party contracted by you or your employer. Accordingly, Tracker encourages users of the Application to read the privacy statements of every applicable company. This privacy statement applies solely to the role Tracker plays in collecting and storing data via the Application or its Company Website.
The Application collects Personal Information (such as name, home address, citizenship status, identification numbers) throughout several points within Tracker’s Products. Candidates or employee users may enter Personal Information directly within the Application and/or Personal Information may be entered indirectly by a Customer’s staff or other systems (i.e., data entered manually or fed electronically from another system into the Application via an integration). Depending on the Application in question, Personal Information within the Application is either stored in our managed hosting provider’s datacenters and/or on a Customer’s systems.
Tracker will not sell, rent, exchange or share Personal Information with any third parties without permission or except as described in this Policy. Tracker will share Personal Information with government authorities and others to respond to investigations, court orders, legal process, or to investigate, prevent or act regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, violations of Tracker’s terms of service, or as otherwise required by law. If Tracker is involved in a merger, acquisition, or sale of all or substantially all its assets, you will be notified via email and/or a prominent notice on our website of any such change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
Matrix of collected Categories of Data:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, education, employment, or employment history.
Some personal information included in this category may overlap with other categories.
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, sex.||YES|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||YES|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||NO|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||YES|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||YES|
|K. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||YES|
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you if you provide your personal information to us.
- Directly and indirectly from activity on Tracker Corp’s websites. For example, from your submissions through our websites’ forms or your website usage details that are collected automatically.
- Directly from our prospects, customers, partners, or their agents.
- Indirectly from our prospects, customers, or their agents. For example, through information we collect from our customers in the course of providing services to them.
B. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
PC Legal Tools Inc, dba Tracker Corp (“Tracker”) participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Tracker is committed to subjecting all Personal Information received from European Union (“EU”) member countries and Switzerland, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit: https://www.privacyshield.gov/Program-Overview. To verify our self-certification under the Privacy Shield Framework, visit U.S. Department of Commerce’s Privacy Shield List.
Tracker is responsible for the processing of Personal Information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Tracker complies with the Privacy Shield Principles for all onward transfers of Personal Information from the EU and Switzerland, including the onward transfer liability provisions.
With respect to Personal Information received or transferred pursuant to each Privacy Shield Framework, Tracker is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain circumstances, Tracker may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Tracker commits to cooperate with the panel established by the EU Data Protection Authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and comply with the advice given by the panel and/or Commissioner, as applicable regarding human resources data transferred from the EU and/or Switzerland, as applicable in the context of the employment relationship.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) via JAMS at https://www.jamsadr.com/eu-us-privacy-shield.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
The Application collects information for its Customers. Unless otherwise removed by the Customer, users are given open notice of and the choice to provide Personal Information, when applicable.
If you are a candidate or employee user of one of our Customers and would no longer like to be contacted by one of our Customers that use the Application, please contact the Customer directly.
By submitting your information to Tracker, you acknowledge and agree that the technical processing and transmission of your information, may involve, (a) transmissions over various networks, including the transfer of this information to the United States and/or other countries for storage, processing and use by Tracker, its affiliates, and their agents; and (b) changes to conform and adapt to technical requirements of connecting networks or devices. Accordingly, you agree to permit such parties to make such transmissions and changes.
D. Correction/Updating Personal Information
Tracker has no direct relationship with the persons whose Personal Information it processes. A candidate or employee user who seeks access, or who seeks to correct, amend, or delete inaccurate data may do so by directly logging into the Application or by contacting the Customer, directly, depending on the Application that is being used.
E. Data Retention
Tracker will retain Personal Information we process on behalf of our Customers within the Application for as long as needed to provide services to our Customers. Tracker will retain this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Customers of Tracker may have differing retention periods.
F. Service Provider, Sub-Processors/Onward Transfer
Tracker may transfer Personal Information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice, choice, and the service agreements with our Customers.
Candidate and employee users are given the opportunity to ‘opt-out’ of a Customer’s mailings and notifications by contacting the Customer directly.
H. Notification of Changes
2. AUTOMATED DATA COLLECTION TECHNOLOGY
A. Information Collection and Use
Tracker may collect information about users automatically as they navigate through the Application. Information collected automatically may include usage details, browser type, URL’s accessed, date and time stamps, IP addresses, and information collected through cookies, telemetry and other tracking technologies.
This information is used by Tracker for several purposes, including authentication, preferences, application health, and performance analytics.
We do not link automatically-collected data to personally identifiable information.
The technologies Tracker uses for this automatic data collection may include, without limitation:
- Flash Cookies. Certain features of the Application may use local stored objects (or Flash cookies) to collect and store information about user preferences and navigation to, from, and on the Application. Flash cookies are not managed by the same browser settings as are used for browser cookies. Users may refuse to allow flash cookies by activating the appropriate setting through their Flash Settings Manager.
3. SECURITY MEASURES
A. Data Security
Each instance of the Application is password-protected and is configured to enforce SSL (128-bit encryption or stronger) to secure access. Passwords are selected using a password strength feature permitting a minimum of eight (8) characters; however, the number of required characters may be configured to be greater than eight (8) characters. Passwords are stored on secure database servers and can only be accessed or updated by parties having sufficient access permissions. Passwords are not sent in clear text over the Internet if the Application is configured to enforce SSL.
Multiple failed login attempts result in users being locked out of the Application. Tracker does not provide VPN to VPN, direct database, or any out-of-band access. All data access is restricted to the web-based platform itself, except for API and other integration methodologies supported by Tracker.
The security of your Personal Information is important to us. We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and when we store and process it in our data center. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security when we have endeavored to follow generally accepted standards. In addition, we do not take responsibility for your systems, the Internet itself or any third-party networks or services used to transmit data which are outside the firewall of the data center we use to process and store your Personal Information. If you have any questions about the security on our website or our services, please contact us.
4. Disclosure of Information for Law Enforcement
Tracker may disclose Personal Information as required by law, such as to comply with a subpoena, or similar legal or security process when we believe in good faith that disclosure is necessary to protect our rights, protect the safety of our users or others, investigate fraud, or respond to a government request.
5. Ownership & Administration
This Policy is owned and administered by the Tracker Privacy Group.
To ask questions or comment about this policy and our privacy practices, contact us at:
567 Sutter St.
San Francisco, CA 94102
This Policy applies to the information gathering and dissemination practices for the Application and supersedes all other policies, procedures, practices, and guidelines relating to the matters set forth herein.
Tracker use reasonable efforts to ensure that all partner integrations maintain information gathering and dissemination practices that meet industry standards for security and privacy, and such use reasonable efforts to protect the security and privacy of all Information received by, though, and on behalf of Tracker. As specific practices are unique to each product and its provider, such practices may not match those set forth herein for the Application.
In addition to the rights described elsewhere in this Policy, you may have additional data protection rights pursuant to applicable data protection legislation. If you are an individual in the European Union (“EU”), these may include the right to data portability, the right to withdraw consent for processing, the right to object to or restrict the processing of your Personal Information, and the right to lodge a complaint with the supervisory authority of the EU country in which you reside.
7. California Residents: Your California Privacy Rights
Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights around Tracker Corp’s collection, use, and sharing of their personal information.
Tracker Corp does not sell your personal information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law.
Tracker Corp collects various categories of personal information when you use the Application, including identifiers, commercial information, internet or other electronic network or device activity information, geolocation data, and professional information. A more detailed description of the information Tracker Corp collects and how we use it is provided above in Section 1. A. Section A describes the categories of third parties with whom we share personal information, and what information may be shared under different circumstances.
If you are a resident of California, you have the right to request to know what personal information has been collected about you, and to access that information. You also have the right to request deletion of your personal information, though exceptions under the CCPA may allow Tracker Corp to retain and use certain personal information notwithstanding your deletion request. You can learn more about how to submit a data rights request through Tracker Corp or through Tracker Corp’s Customer. You may also send your request by email to firstname.lastname@example.org. We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.
Separate from the CCPA, California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you. If you have any questions regarding this policy, you may contact us at the address listed above in Section 5.