Privacy and Cookie Policy
Revised Aug 11, 2024.
This Privacy and Cookie Policy (the "Policy") becomes effective on May 30, 2018 for all users, provided that enhanced data protection rights in this Policy required by the EU General Data Protection Regulation (including, without limitation, the "EEA Resident Rights" described in the "Other Important Privacy Information" section) become effective on May 25, 2018 for all EU-resident users who are natural persons.
We, CyberSecOp, LLC, a New York corporation with offices at 1250 Broadway Floor 36 New York, NY 10001 (Manhattan), USA as the data controller ("CyberSecOp," "we," or "us"), explain in this Policy how we collect, process and/or use information that we receive via our websites, emails we send, and mobile applications (collectively, the "Platform") that link to this Policy, as amended from time to time. This Policy describes how CyberSecOp collects, processes, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access, and correction of your personal information. For purposes of this Policy, personal information shall mean any information relating to an identified or identifiable natural person.
This Policy applies only to information we collect, process and use through the Platform. This Policy does not apply to information that we collect through other channels, such as information that we collect offline, from other websites or from emails you send us.
Information We Collect
We collect information about you to provide our services. In order for us to best provide our services to you (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. This means that the data collection is largely necessary for fulfilling the relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below.
Information You Give Us
When you fill out registration forms, submit your resume, or provide us with other personal information actively, we collect that information for processing and use in accordance with this Policy. Because we change our offerings and features from time to time, the options you have to provide us with personal information also may change, but here are some examples of situations in which you will have the opportunity to provide personal information to us:
· Creating an account;
· Signing up for email alerts;
· Completing a form related to one of our products or services;
· Uploading a resume;
· Contacting us for technical support or customer service;
Depending on how you interact with our Platform, the personal information we collect from you may vary. For example, to create an account we may ask only for an email address and password. In other circumstances, such as when you complete a form related to a particular service offering, we may ask you to provide other information, which may include your name, phone number, and/or postal address. We also collect and store certain information associated with actions you take. For example, when you search for jobs, we store the titles, locations and general salary range (if available) of jobs you search for and click on. We also store information about the job postings that you apply to, the time and duration of your activity on our Platform, and other information about your behavior on our Platform.
If you connect to the Platform using Facebook, Google+, or another social networking site (each a "Social Networking Site"), we will receive information that you authorize the Social Networking Site to share with us, which may include public profile information, birthday, current city work, school, and email address. When we receive this information, it becomes CyberSecOp account information for purposes of your use of the Platform. This information also constitutes personal information and is therefore subject to this Policy. Any information that we collect from your Social Networking Site account may depend on the privacy settings you have set with the Social Networking Site, so please consult the Social Networking Site's privacy and data practices. You have the ability to disconnect your Social Networking Site account from your CyberSecOp account by adapting the privacy settings in your Social Networking Site account. If you come to the Platform through a Social Networking Site, from other websites or with devices that enable third parties to collect information from or about you, such third parties receive information about you subject to their privacy policies.
On certain CyberSecOp domains, when you set up an individual user account on the Platform, you may create a profile (a "Profile") that will include personal information you provide. At your request, we will create your Profile with information we extract from a resume you have uploaded on the Platform. When you fill out and save your Profile, your saved Profile can be viewed by prospective employers.
If you enter credit card information on the Platform in connection with a purchase, that information is sent directly from your browser to the third-party service provider we use to manage credit card processing and we do not store it on our servers. The service provider is not permitted to use the information you provide except for the sole purpose of credit card processing on our behalf.
Information We Collect Automatically
When you use the Platform, your device is automatically providing information to us so we can respond and customize our response to you. The type of information we collect by automated means generally includes technical information about your computer, such as your IP address or other device identifier, the type of device you use, and operating system version. The information we collect also may include usage information and statistics about your interaction with the Platform. That information may include the URLs of our web pages that you visited, URLs of referring and exiting pages, page views, time spent on a page, number of clicks, platform type, location data (if you have enabled access to your location on your mobile device), and other information about how you used the Platform.
Automated means of data collection include the following:
Cookies And Tracking Technologies. Technologies such as: cookies, web beacons, locally shared objects (sometimes called "flash cookies"), mobile identifiers and similar technologies ("Cookies") are used by CyberSecOp and our partners (such as advertising, marketing and analytics providers) ("Ad Partners"). We use Cookies to remember users’ settings as well as for authentication and analytics. These technologies may be used in analyzing trends, administering the Platform, tracking users’ movements around the Platform and to gather demographic information about our user base as a whole. Our Ad Partners may also use such technologies to deliver advertisements to you. You can control the use of Cookies at the individual browser level, but if you choose to disable Cookies, it may limit your use of certain features or functions on our website or service. For more information on Cookies, how we use them, the third parties we work with who use them, and how you can control them, please see the section entitled Cookie Policy and Ad Choices.
Log File Information. Log file information is automatically reported by your browser or mobile application each time you access a website on our Platform. For example, when you access a CyberSecOp website, our servers automatically record certain information that your web browser sends when you visit any website. These server logs include information such as your web request, Internet Protocol ("IP") address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, and pages viewed.
Device Information. We collect information about the device you use to access the Platform, including type of device, operating system, settings, and unique device identifiers, and IP address. Whether we collect some or all of this information often depends on what type of device you’re using and its settings. For example, different types of information are available depending on whether you’re using a Mac or a PC, or an iPhone or Android phone. We collect the device type and any other information you choose to provide, such as username, geolocation, or email address. We also use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software records information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
How We Use Information
We use the information we collect to provide our services. In order for us to best provide our services (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Policy. So it is largely necessary for fulfilling the relationship we have with you, and, where that is not the case, we have a legitimate interest in using the information we collect, including personal information, for these purposes:
· to provide you with personalized content, services offered by CyberSecOp as well as promotional content and services (for example, CyberSecOp uses your previous search and browsing history (e.g. the jobs you click on), or your resume or Profile information, to determine relevant search results and provide you with recommended jobs or reach out to you about jobs or companies you may be interested in; we also use your IP address and mobile device for these purposes);
· to moderate and display the employer reviews, interview reviews, salary reports and other content you have submitted for the benefit of our other users;
· to customize and improve the features, performance, and support of the site;
· to provide relevant advertising, including interest-based advertising from us and third parties, which may mean that we share non-personally identifiable information, such as your job title, to third-party advertisers;
· to transmit your application and save your application materials;
· to share your saved Profile or resume with employers;
· for internal operations, including troubleshooting, data analysis, testing, research, and service improvement (this includes use of your IP address and mobile device information to help diagnose problems with our service and to administer the Platform);
· to communicate with you or initiate communication with you on behalf of third parties through your CyberSecOp account or through other means such as email, telephone (including mobile phone), or postal mail, including through the use of contact information that you provide to us or (where it is lawful for us to do so) that we otherwise obtain from third-party resources;
· to analyze use of the Platform and improve the Platform;
· to create aggregate and statistical data that does not identify you individually and that we can commercialize (for example, we use mobile device data and IP addresses to gather demographic information);
· for other purposes that you separately authorize as you interact with CyberSecOP.
When we collect any information that does not identify you as a specific natural person ("Non-Personal Information"), we are permitted to use and disclose this information for any purpose, notwithstanding anything to the contrary in this Policy, except where we are required to do otherwise by applicable law. Examples of Non-Personal Information include: physical location information; demographic information, including gender, dates of birth, ZIP codes, etc.; or any personal information that has been anonymized, aggregated or de-identified. If we combine any Non-Personal Information with your personal information (such as combining your ZIP code with your name), we will use and disclose such combined information as personal information in accordance with this policy. Similarly, if applicable law requires that we treat certain Non-Personal Information as personal information, we will use and disclose this information as personal information in accordance with this policy.
Sharing of information
To protect your privacy, we limit the sharing of your Personal Information outside of CyberSecOp. We conduct our business with great respect for the confidential nature of the provided information. We will not share Personal Information about you except as outlined below:
To help us provide our services to you and/or to improve our services, we engage qualified and reputable third parties to allow us to carry out certain functions such as account processing, client services, and/or data collection relevant to our business. For example, in each instance where you enter into a case through the CyberSecOp Site, we share your Personal Information with third-party service providers in order to perform regulatory-required background checks, with specific technology providers to facilitate document execution, and with third parties that perform transaction execution and other services on your behalf. Pursuant to our agreements with these service providers, their ability to use your Personal Information is specifically limited to the provided service.
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution, or similar event, Personal Information may be part of the transferred assets.
CyberSecOp may share information with our affiliates if the information is required to provide the services you request. An affiliate is a company that we own or control or with which there is common ownership with us.
CyberSecOp also reserves the right to disclose your personal information where required by law to regulatory, law enforcement, or other government authorities, including during routine regulatory examinations. We may also disclose your information as necessary to credit reporting or collection agencies or when necessary to protect our rights or property. We only disclose your personal information to third parties as follows:
We use affiliated and unaffiliated service providers all over the world (including web servers, cloud storage systems, CRM providers, email services, content support teams, marketing partners, advertising partners, and others) to help us deliver our service and run our business subject to strict confidentiality agreements. These companies are authorized to use your personal information only as necessary to provide these services to us;
We will disclose data If we believe in good faith such disclosure is necessary (1) to comply with relevant laws or to respond to subpoenas or warrants or legal processes served on us (though we reserve the right to take action on behalf of our users to defend their right to anonymity when we believe there is a legitimate basis to do so because candid, lawful, anonymous free speech is fundamental to CyberSecOP’s mission of workplace transparency); (2) to enforce our CyberSecOp Terms of Use and Privacy Policy; (3) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; (4) as we otherwise deem necessary and is permitted by applicable laws to protect and defend the rights or property of us, the users of our services, or third parties; or (5) as permitted under applicable laws to meet national security and similar requirements;
· In reorganization or sale of our company or assets, your data may be transferred, subject to the acquirer and its affiliates accepting the commitments made in this Policy and compliance with applicable law;
· If you apply for a particular job through the Platform, we will disclose your personal information to the employer to whom you apply and any vendors they are working with to process your application;
· We invite you to include your resume or other information in more generally available formats for us to share with employers (for example, when you apply to Easy Apply jobs, a static image of your saved Profile);
· We share certain information that does not identify you personally, but which is unique to your use of the Platform, such as job titles that you have entered at the time of registration or on your profile. When we share such information, we do not link job titles with your name when we provide this information to others, such as advertisers, recruiters or employers;
· We will otherwise share personal information with your consent.
Cookie Policy and Ad Choices
This Cookie Policy describes how CyberSecOP, LLC ("we", "our", "us") uses Cookies and similar technologies. For more information on our general data privacy practices.
Cookies
Cookies are small pieces of data that are stored on your computer, mobile phone, or other device when you first visit a page. We use cookies, web beacons, locally shared objects (sometimes called "flash cookies"), mobile identifiers and similar technologies ("Cookies") to help us recognize you on the Platform, enhance your user experience, understand usage of the Platform, and show you relevant advertising. Cookies may also be set by other websites or services that run content on the page you're visiting. To learn more about our partners (such as advertising, marketing and analytics providers) ("Ad Partners") and their use of Cookies. After you register on the Platform, we may connect information we collect from the Cookies set by us and our partners with other information received from you. The provision of your data via Cookies is voluntary except for those Cookies that we place on your device because we need them for the performance of our Platform and our services.
What types of Cookies do we use?
We use two types of Cookies on the Platform: "session cookies" and "persistent cookies." Session Cookies are temporary Cookies that remain on your device until you leave the Platform. A persistent Cookie remains on your device for much longer until you manually delete it (how long the Cookie remains will depend on the duration or "lifetime" of the specific Cookie and your browser settings).
What are Cookies used for?
Cookies transmit information about you and your use of the Platform, such as your browser type, search preferences, job titles, data relating to advertisements that have been displayed to you or that you have clicked on, and the date and time of your use. With the exception of an identifier Cookie that we associate with registered accounts to prevent fraud by members of the Platform, Cookies link to certain unique information such as the job titles that you entered at time of registration or on your profile, but this is not linked to your name.
We use Cookies for things like:
Purpose
Explanation
Authentication
We use Cookies to help us determine whether or not you've signed in to the Platform and to keep you signed in during visits as you access different pages.
Security
We use Cookies to enable and support security features, prevent fraud, and protect your data from unauthorized access.
Preferences and Features
We use Cookies to enable features, help us provide you with personalized content such as showing you your recent search activity.
Advertising
We use Cookies to deliver, evaluate and improve advertising, such as by using information about you to provide relevant advertising both on and off the Platform. Our Ad Partners may use a cookie to determine whether you've already been shown an advert or how it performed, or provide us with information about how you interacted with an ad.
Analytics and Performance
We use Cookies to analyze how our visitors use the Platform and to monitor site performance. These Cookies help us to identify and fix errors, understand and improve services, research and test out different features, and monitor how our visitors reach our sites.
Ad Choices and Managing Cookies
CyberSecOP works with several third parties to provide you with personalized, interest-based advertising. We may target ads to you, and measure their performance, on and off the Platform using:
· Member-provided profile information (e.g., job title, occupation, location, authorized information shared from your Social Networking Site)
· Your use of the Platform (e.g., search history, job clicks, companies you follow);
· Information inferred from data described above (e.g., using job titles from a profile to infer industry, seniority, and compensation bracket).
· IP address or mobile device location information (to the extent you have enabled location tracking on your device);
· Cookies (both on and off the Platform) which may include information from the Ad Partners we use to help deliver relevant ads to you.
How We Work with Third-Party Ad Partners
When we work with our Ad Partners to serve you personalized, interest-based advertising, we do not share information with them that they can use to identify you or associate with you as a specific individual unless you have instructed us to do so (such as when you fill out a lead form in an ad, or approve your Profile for display to employers). Similarly, if one of these Ad Partners have information about you saved in one of their own Cookies on your browser, they use that information to help us send you a relevant ad, but they do not share with us information that we can associate with you as an individual.
We work with third parties, such as Google Analytics, to provide analytics services that use the Cookies set on your device to measure the performance of advertising and track traffic to CyberSecOP generally. We have also implemented Google Analytics Demographics and Interest Reporting, which categorizes Cookie information so that we and third-party service providers can better deliver advertisements that are relevant and useful to you on the Platform and various websites across the internet. In addition, a Cookie on some of our employer clients sites provides us with aggregate data about the number of applications submitted to those sites by users of Platform.
Opting Out of Cookies
CyberSecOP Cookies. We use Cookies that are necessary for us to provide the services you use and you cannot opt out of these Cookies on the Platform. You are able to disable placement of some (but not all) Cookies by setting your browser to decline cookies, though this may worsen your user experience. Additionally, you can also control, manage and/or delete cookies via your browser settings. A useful resource for information about deleting and controlling cookies can be found at AboutCookies.org.
If you enable location data for the mobile version of the Platform (including any version installed as a native application), we may use your location data to serve you geo-targeted ads for employers and other advertisers that are local to you. In such instances, we do not share your location with the advertiser or advertising network; rather, we provide the advertiser or advertising network with a means to push ads through to users located in certain areas. You may disable location services at any time in your device privacy settings or the CyberSecOP native app settings.
Ad Partner Cookies
Here are some options for managing the third-party Cookies used by our Ad Partners:
You are also able to opt out of other third-party advertiser and ad network placement of Cookies or targeted advertising generally by visiting the following links: Network Advertising Initiative; Digital Advertising Alliance; European Interactive Digital Advertising Alliance (for users in the EU); The Digital Advertising Alliance of Canada (for users in Canada); or you can follow opt-out instructions of the Ad Partners we work with listed . You will continue to receive generic ads by companies not listed with these opt-out tools.
You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.
Please note: If ads or other features on the Platform are provided by third parties, those parties set and use their own Cookies that are subject to those third parties' privacy notices and policies. CyberSecOP does not have access to, or control over, these Cookies. Also, if you respond to ads posted by third parties or submit information to third parties via the Platform, such third parties receive information about you subject to their privacy policies.
Do Not Track Signals
We do not currently respond to 'do not track' signals and similar settings or mechanisms. When you use the Platform, we try to provide a customized experience.
Other Important Privacy Information
EEA Resident Rights
If you are a resident of the European Economic Area, you have the following data protection rights:
· If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the "How to contact us".
· In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the "How to contact us".
· You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. Registered users can manage their account settings and email marketing preferences as described in the "Choices Regarding Your Personal Information" section below. If you are an unregistered user, or to opt-out of other forms of marketing (such as postal marketing or telemarketing), you may contact us using the contact details provided under the "How to contact us".
· Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
· You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Choices Regarding Your Personal Information
You have opted-in to promotional communications, or other messages using the contact information (e.g., your email address, your mobile device identifier) you provided to us when you registered or when you requested information from us. You may opt-out of continuing to receive optional messages by following the instructions included in each message. Also, you can control most of the emails you receive from us by editing your email preferences within "My Account" settings on the site; provided you will need to separately opt-out of receiving our various blog post update emails by unsubscribing to each blog that you have originally subscribed to. You can control the mobile push notifications within the "Me" section of the mobile app.
We will send you service-related announcements when we believe it is necessary to do so. Generally, you cannot opt-out of these announcements, which are not primarily promotional in nature. If you do not wish to receive these announcements, you have the option to deactivate your account. In some cases, you can stop or limit the information we collect by automated means.
Close Your Account
If you'd like to close your CyberSecOP account, you can do so within your Account Settings on the Platform. When you close your account, you will no longer have full access to any content you have submitted will be pulled from the display on the Platform, but we reserve the right to keep any information in a closed account in our archives that we deem necessary to comply with our legal or regulatory obligations, resolve disputes and enforce our agreements. If, after you close your account, you wish to know which personal information we keep you can proceed in accordance with your rights set out above.
How Long We Keep Your Personal Information
We keep your personal information only so long as we need it to provide the Platform to you and fulfill the purposes described in this Policy. This is also the case for anyone that we share your personal information with and who carries out services on our behalf. Retention periods can vary significantly based on the type of information and how it is used. Our retention periods are based on criteria that include legally mandated retention periods, pending or potential litigation, our intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving. When we no longer need to use your personal information and there is no need for us to keep it to comply with our legal or regulatory obligations, resolve disputes and enforce our agreements, we’ll either remove it from our systems or depersonalize it so that we can't identify you.
Security Safeguards
Security. We employ physical, electronic, and managerial measures to safeguard the information we collect online. However, no company can fully eliminate security risks, so we cannot make guarantees about any part of our services. You are responsible for keeping your username and password secret. Once you have registered with us, we will never ask you for your password. Please create a unique password for your CyberSecOP account and do not use it for any other web services or applications. Do not share your password with anyone else.
· Do not send money to a prospective employer.
· Do not give out personal or financial account information to a new employer via email.
· Do not cash checks or transfer funds for your employer.
· Beware of job postings that ask you to send your resume to a free email service address (e.g., gmail, yahoo, etc).
· Do not include sensitive information like your National Insurance number in your resume.
· Beware of job listings with spelling errors and bad grammar.
· If something sounds too good to be true, it probably is.
Privacy of Minors
To access or use the Platform you must be 13 years of age or older and, if under 18 or the age of majority in your jurisdiction, your use of Platform must be under the supervision of a parent or guardian or other responsible adult. If you become aware that a child has provided us with personal information without parental consent, please contact us here. If we become aware that a child under 13 has provided us with personal information without parental consent, we remove such information and terminate the child's account.
Data Controller
The information about you that we collect, process and/or use through the Platform is controlled by CyberSecOP, Inc Stanford, Connecticut. CyberSecOP and the services it provides are hosted and provided outside of the European Economic Area (EEA), including in the United States, for the purposes described in this policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country. We take additional measures when information is transferred from the EEA. This includes having standard clauses approved by the European Commission in our contracts with parties that receive information outside the EEA. We also rely on European Commission adequacy decisions about certain countries, as applicable, for data transfers to countries outside the EEA.
You may reach our data protection officer here.
EU-US Privacy Shield Participation
CyberSecOP has certified its compliance with the EU-U.S. Privacy Shield Framework. CyberSecOP is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at privacyshield.gov/list.
CyberSecOP is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CyberSecOP complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, CyberSecOP is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, CyberSecOP may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Updates to Our Privacy Policy
We may revise this Policy from time to time by posting an updated version on the Platform. This version of the Policy will be effective for you as described at the beginning of the Policy. Further revisions of this Policy will become effective as follows: The revised Policy will be effective immediately for unregistered users and users registering accounts or otherwise acknowledging the Policy on or after the revision date. For other users who registered accounts before the revision date, it will also become effective immediately. However, they can object to the new Policy within thirty (30) days after the revision date. If we make a change that we believe materially reduces your rights or increases your responsibilities, we will notify you by email (sent to the email address specified in your account) or by means of a notice on this website prior to the change becoming effective. We may provide notice of changes in other circumstances as well. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Platform is subject to the most current effective version of this Policy.
Copyright Agent
c/o General Counsel
5 Hillandale Avenue Suite 102, Stamford, CT 06902
GC@CyberSecOp.com