Notice to Subscribers
Apart from the Information described below, we do not collect nor do we require that you send us any other information. DO NOT SEND US ANY INFORMATION THAT COULD BE DEEMED NON-PUBLIC INFORMATION (I.E., CONFIDENTIAL INFORMATION, EMPLOYMENT RECORDS, PERSONNEL INFORMATION, ETC.). WE ARE NOT RESPONSIBLE FOR SAFEGUARDING CONFIDENTIAL INFORMATION YOU SEND AND YOU AGREE THAT WE ARE NOT LIABLE, UNDER ANY CIRCUMSTANCES FOR ANY PUBLIC DISCLOSURE OF SUCH INFORMATION.
We collect and host the following personally identifiable information (collectively, the “Subscriber Data” or “PII”) uploaded to our “Cerebral” platform (the “Subscription Service”), and may collect additional PII from time to time.
- Email address
We do not delete Subscriber Data unless required by law (e.g., upon receipt of a court order) or if instructed by the subscribing company. We do not alter or monitor the accuracy or sufficiency of Subscriber Data. Subscriber Data will only be used for purposes compatible with providing the Subscription Service to the applicable subscribing company(ies). We will not use Subscriber Data or derive information from it for any advertising or similar commercial purposes.
“Usage Data” is the non-personal information (“NPI”) that we collect based on your usage of the Subscription Service (such as the manner in which you are using the Subscription Service (or functionalities therein), the results of the Subscription Service (such as talent allocation and productivity results), the type of web browser you use, the URL of the previous website you visited, clickstream patterns, your ISP, your operating system and your IP address). We may (directly or through one or more third parties) collect, use and share with third parties the Usage Data to enhance and improve the performance of the Subscription Service (i.e., pursuant to, among other things, third-party analytics tools).
Data Protection Rights
You are entitled to request us access, correction, or erasure of any personal data we hold about you under EU General Data Protection Regulation (GDPR).
We will do our best to respond promptly and in any event within one month of the following:
- Our receipt of your written request; or
- Our receipt of any further information we may ask you to provide to enable us to comply with your request, whichever happens to be later.
If you would like to request access to, or correction or deletion of personal information, you may send your request to us at email@example.com. We will review your request, and may require you to provide additional information to identify yourself.
In certain circumstances, we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect, in accordance with article 17(3) of the GDPR. In such cases, you will be informed promptly and given full reasons for that decision.
We reserve the right to charge a fee or refuse the request if it is considered to be “manifestly unfounded or excessive,” in accordance with Article 12(5) of the GDPR. However, we will make every effort to provide you with the erasure of your personal data if suitable.
Use of Subcontractors
We may hire subcontractors from time to time to provide services (including, without limitation, the Subscription Service) on our behalf.
Subcontractors will be permitted to use Subscriber Data only for the purpose of allowing them to deliver the services we have retained them to provide. All other use of Subscriber Data will be prohibited.
Disclosure of Data
We will not disclose Subscriber Data outside of our subsidiaries and affiliates except (1) as directed by the subscribing company, (2) as described here or in the Operative SaaS Agreement, or (3) as required by law (or to law enforcement to prevent an emergency).
We reserve the right to disclose Subscriber Data (including PII), Usage Data and NPI (collectively, “Information”) to any successor-in-interest of ours, such as a company that acquires us.
We are committed to helping protect the security of your Information. We use, either internally or through third party providers, appropriate, proven technical and organizational measures designed to protect Information against accidental loss, destruction, or alteration; unauthorized disclosure or access; or unlawful destruction. These security measures include: (1) password encryption, (2) data segmentation as between Soulwork customers, (3) cryptographic protocols that provide authentication and data encryption between servers, machines and applications operating over a network (e.g., Transport Layer Security or “TLS”) and (4) database backups.
Subscriber Data Location
Subscriber Data is stored and processed only in the United States.
How to Contact Us
We welcome your comments. Please contact us at firstname.lastname@example.org.