© 2025 by ProvenBase. All rights reserved.
| Privacy Notice | Terms of Use | Cookie Preferences | Do not sell my information
- Law Enforcement Request Policy
- Data Subject Requests Metrics
- Data Processing Addendum
- Third Party Sub-processors
- Candidate Privacy
- Privacy Policy
- Personal data we collect
- Cookies, Mobile ID’s and similar technologies
- Our use of personal data
- Our sharing of personal data
- Handling information in the United States
- Choice and control of personal data
- European data protection rights
- California privacy rights
- Retention of personal data
- Security of personal data
- Changes to this privacy statement
- How to contact us
Privacy Statement
Last Updated: Dec 3, 2024
Your privacy is important to us. This privacy statement explains our collection, use, and disclosure of personal data. This privacy statement applies to ProvenBase, Inc. and to our controlled affiliates and subsidiaries (“ProvenBase”). References to our “products” in this statement include our websites, apps, software, and services (“Services”). This statement applies to our products that display or reference this statement, but it does not apply to any products that display or reference a different privacy statement.
For residents of California please click here to find out more about your rights under CCPA
Your privacy is important to us. This privacy statement explains our collection, use, and disclosure of personal data. This privacy statement applies to ProvenBase, Inc. and to our controlled affiliates and subsidiaries (“ProvenBase”). References to our “products” in this statement include our websites, apps, software, and services (“Services”). This statement applies to our products that display or reference this statement, but it does not apply to any products that display or reference a different privacy statement.
For residents of California please click here to find out more about your rights under CCPA
PERSONAL DATA WE COLLECT ABOUT JOB PROSPECTS / CANDIDATES
We collect various categories and types of "Personal Information" pertaining to job prospects/Candidates. This includes:
Contact information. We collect first name, last name or alias, email address, phone number, and/or mobile number.
Professional or Employment-Related Information. Comprises work history, job title, skills, years of experience, and education details.
Demographic data. ProvenBase assists recruiters and hiring managers to set obtainable diversity goals and help find the diverse prospects. Acting as a processor, we draw inferences, such as race, gender, to support employers in their diversity, equity, and inclusion initiatives.
As part of our other products, we may also act as a processor to assist our customers in their overall decision-making in their recruitment and hiring efforts. For further information, please see our customers’ privacy notices.
Information we obtain about prospects/candidates from third-party sources. We also obtain information from third parties. These third-party sources include, for example: Data brokers. Data brokers and aggregators from which we obtain candidate data to supplement the data we collect. We may obtain contact information, employment information, and other demographic data from third party data brokers.
Publicly available sources. We obtain data about job prospects, from sources of information such as open government databases and public-facing websites, including, for example, contact information, geolocation data (such as city, state, and country), content and files (such as social media profile pictures), employment-related information, and other demographic data.
Content and files. We collect professional social network pictures.
Location data. We collect location information at the city/metro area level.
Additionally, you can find further information about candidate privacy here.
PERSONAL DATA WE COLLECT ABOUT USERS OF OUR SERVICES
If you identify as a Business User (i.e. a user of our Services) or a visitor of our Sites, we gather supplementary information directly from you. This includes contact details, professional and employment information, and other identifying details that you provide when establishing your account or completing a form on our website. For instance, this could be when subscribing to our newsletter or other marketing communications.
Payment information. We collect financial information including payment card details, It is collected directly by our partners like Stripe, which remains inaccessible to us. However, we will collect billing addresses for record-keeping purposes.
Information we collect about users automatically. When you use our products or visit our website, we collect some information automatically. For example:
Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the Cookies, Mobile IDs, and Similar Technologies section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.
Information we create or generate users of our services. We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.
Third party partners. Third party applications and services, including social networks you choose to connect with or interact with through our services may collect and share information with us, such as your contact information, usage data, device identifiers, and demographic data.
Co-Branding/Joint Partners. Partners with which we offer co-branded services or engage in joint marketing activities may share information such as contact information with us. Other third parties. Users of our services may upload contact information, geolocation data (such as city, state, and country), demographic data, and other employment-related information, such as a resume, about job prospects to our services.
When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.
Contact information. We collect first name, last name or alias, email address, phone number, and/or mobile number.
Professional or Employment-Related Information. Comprises work history, job title, skills, years of experience, and education details.
Demographic data. ProvenBase assists recruiters and hiring managers to set obtainable diversity goals and help find the diverse prospects. Acting as a processor, we draw inferences, such as race, gender, to support employers in their diversity, equity, and inclusion initiatives.
As part of our other products, we may also act as a processor to assist our customers in their overall decision-making in their recruitment and hiring efforts. For further information, please see our customers’ privacy notices.
Information we obtain about prospects/candidates from third-party sources. We also obtain information from third parties. These third-party sources include, for example: Data brokers. Data brokers and aggregators from which we obtain candidate data to supplement the data we collect. We may obtain contact information, employment information, and other demographic data from third party data brokers.
Publicly available sources. We obtain data about job prospects, from sources of information such as open government databases and public-facing websites, including, for example, contact information, geolocation data (such as city, state, and country), content and files (such as social media profile pictures), employment-related information, and other demographic data.
Content and files. We collect professional social network pictures.
Location data. We collect location information at the city/metro area level.
Additionally, you can find further information about candidate privacy here.
PERSONAL DATA WE COLLECT ABOUT USERS OF OUR SERVICES
If you identify as a Business User (i.e. a user of our Services) or a visitor of our Sites, we gather supplementary information directly from you. This includes contact details, professional and employment information, and other identifying details that you provide when establishing your account or completing a form on our website. For instance, this could be when subscribing to our newsletter or other marketing communications.
Payment information. We collect financial information including payment card details, It is collected directly by our partners like Stripe, which remains inaccessible to us. However, we will collect billing addresses for record-keeping purposes.
Information we collect about users automatically. When you use our products or visit our website, we collect some information automatically. For example:
Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the Cookies, Mobile IDs, and Similar Technologies section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.
Information we create or generate users of our services. We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.
Third party partners. Third party applications and services, including social networks you choose to connect with or interact with through our services may collect and share information with us, such as your contact information, usage data, device identifiers, and demographic data.
Co-Branding/Joint Partners. Partners with which we offer co-branded services or engage in joint marketing activities may share information such as contact information with us. Other third parties. Users of our services may upload contact information, geolocation data (such as city, state, and country), demographic data, and other employment-related information, such as a resume, about job prospects to our services.
When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.
We use cookies, web beacons, mobile analytics and advertising IDs, and similar technologies to operate our websites and online services and to help collect data, including other identifiers and device information and usage data.
Cookies are small text files placed on your device that can be recalled by a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well.
Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website. When your browser opens a webpage that contains a web beacon, it automatically connects to the web server that hosts the image (typically hosted by a third-party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our promotional email messages or newsletters to tell us if you open and act on them.
We, and our analytics and advertising partners, use these technologies in our websites, and online services to collect personal information (such as the cookies stored on your browser, the advertising identifier on your mobile device, or the IP address of your device) when you visit our site. We and our partners also use these technologies to collect personal information about your online activities over time and across different websites or online services. This information is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site, develop inferences, deliver and tailor interest-based advertising, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the information we collect or infer with third parties for these purposes.
The third-party analytics and advertising providers we use on our websites include
Cookies are small text files placed on your device that can be recalled by a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well.
Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website. When your browser opens a webpage that contains a web beacon, it automatically connects to the web server that hosts the image (typically hosted by a third-party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our promotional email messages or newsletters to tell us if you open and act on them.
We, and our analytics and advertising partners, use these technologies in our websites, and online services to collect personal information (such as the cookies stored on your browser, the advertising identifier on your mobile device, or the IP address of your device) when you visit our site. We and our partners also use these technologies to collect personal information about your online activities over time and across different websites or online services. This information is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site, develop inferences, deliver and tailor interest-based advertising, combat fraud, and fulfill other legitimate purposes. We and/or our partners also share the information we collect or infer with third parties for these purposes.
The third-party analytics and advertising providers we use on our websites include
| Company / Service | Purpose(s) | Privacy Notices | Manage Settings (opt-out) |
|---|---|---|---|
| Google Analytics | Analytics | www.google.com/policies/privacy/partners | https://tools.google.com/dlpage/gaoptout |
Cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
Email web beacons. Most email clients have settings which allow you to prevent the automatic downloading of images, which will disable web beacons in the email messages you read.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
-Digital Advertising Alliance (DAA)’s self-regulatory opt-out page ( https://optout.aboutads.info/) ) and mobile application-based "AppChoices" download page (https://youradchoices.com/appchoices)
-Network Advertising Initiative (NAI)’s self-regulatory opt-out page (https://optout.networkadvertising.org/).
In the mobile environment, most mobile operating systems offer device-based opt-out choices that are transmitted to companies providing interest-based advertising. To set an opt-out preference for a mobile device identifier (such as Apple's IDFA or Android's GAID), visit the device manufacturer's current choice instructions pages, or read more about sending signals to limit ad tracking for your operating system here: https://www.networkadvertising.org/mobile-choices. . Please note that these settings must be performed on each device (including each web browser on each device) for which you wish to opt-out, and if you clear your cookies or if you use a different browser or device, you will need to renew your opt-out preferences.
Do Not Track. Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
Email web beacons. Most email clients have settings which allow you to prevent the automatic downloading of images, which will disable web beacons in the email messages you read.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
-Digital Advertising Alliance (DAA)’s self-regulatory opt-out page ( https://optout.aboutads.info/) ) and mobile application-based "AppChoices" download page (https://youradchoices.com/appchoices)
-Network Advertising Initiative (NAI)’s self-regulatory opt-out page (https://optout.networkadvertising.org/).
In the mobile environment, most mobile operating systems offer device-based opt-out choices that are transmitted to companies providing interest-based advertising. To set an opt-out preference for a mobile device identifier (such as Apple's IDFA or Android's GAID), visit the device manufacturer's current choice instructions pages, or read more about sending signals to limit ad tracking for your operating system here: https://www.networkadvertising.org/mobile-choices. . Please note that these settings must be performed on each device (including each web browser on each device) for which you wish to opt-out, and if you clear your cookies or if you use a different browser or device, you will need to renew your opt-out preferences.
Do Not Track. Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
Our use of personal data
| Purpose of use | Personal Data of Users of Our Services | Personal Data of Job Prospects / Candidates |
|---|---|---|
| Product and Service Delivery. To provide and deliver our products, including securing, troubleshooting, improving, and personalizing those products. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, user inferences, and user information provided by third parties. | Contact information, demographic data, including employment-related information, content and files, prospect inferences, geolocation data, and any other category of information provided by third parties. |
| Business Operations. To operate our business, such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, and meeting our legal obligations. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, user inferences, and user information provided by third parties, including employment-related information. | Contact information, demographic data, geolocation data, content and files, and prospect inferences, and prospect provided by third parties, including employment-related information. |
| Product Improvement, Development, and Research. To improve our products, develop new products or features, and conduct research. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, prospect and user inferences, and prospect and user information provided by third parties, including employment-related information. | Contact information, demographic data, including employment-related information, content and files, prospect inferences, geolocation data, and any other category of information provided by third parties. |
| Personalization. To understand you and your preferences to enhance your experience and enjoyment using our products. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and user inferences. | |
| Customer Support. To provide customer support, and respond to your questions. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and user inferences. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and inferences. |
| Communications. To send you information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages. | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and user inferences. | |
| Marketing. To communicate with you about new products, offers, promotions, rewards, contests, upcoming events, and other information about our products and those of our selected partners (see the Choice and Control section of this privacy statement for how to change your preferences for promotional communications). | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and user inferences. | |
| Advertising. To display advertising to you (see the Cookies section of this privacy statement for information about personalized advertising and your advertising choices). | Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, usage data, and user inferences. |
We use the personal data we collect for purposes described in this privacy statement or otherwise disclosed to you. For example, we use personal data for the following purposes:
If you are a Candidate/Prospect, we use personal information to Provide Candidate Search Services: We use Personal Information of Candidates to help make great matches between employers and prospective employees. Specifically, we use Candidate Personal Information to help our business customers engage with job candidates who may be interested in the job opportunities. When our business customers search for employees with certain skills and talents, they can contact Candidates who match their searches, so the Candidates may learn more about the new job opportunities. Those job opportunities may be a better fit for their professional skills and interests or simply more exciting to them.
We map data we collect from different sources to achieve these purposes and to give you a more seamless, consistent, and personalized experience.
Security and Fraud Prevention. The utilization of personal information is integral to safeguarding the Sites and Services, as well as our company and others, with the aim of preventing fraud, theft, and misconduct. We assure you that the personal information collected will not be employed for materially different, unrelated, or incompatible purposes than those stated above without prior notice.
If you are a Candidate/Prospect, we use personal information to Provide Candidate Search Services: We use Personal Information of Candidates to help make great matches between employers and prospective employees. Specifically, we use Candidate Personal Information to help our business customers engage with job candidates who may be interested in the job opportunities. When our business customers search for employees with certain skills and talents, they can contact Candidates who match their searches, so the Candidates may learn more about the new job opportunities. Those job opportunities may be a better fit for their professional skills and interests or simply more exciting to them.
We map data we collect from different sources to achieve these purposes and to give you a more seamless, consistent, and personalized experience.
Security and Fraud Prevention. The utilization of personal information is integral to safeguarding the Sites and Services, as well as our company and others, with the aim of preventing fraud, theft, and misconduct. We assure you that the personal information collected will not be employed for materially different, unrelated, or incompatible purposes than those stated above without prior notice.
Our sharing of personal data
Service Providers
We disclose personal information to our authorized service providers who carry out specific services on our behalf, referred to as "Service Providers." For instance, we engage a payment processor, such as Stripe, for payment processing. Additionally, we may collaborate with other Service Providers for services like hosting and maintaining our databases and sites, data storage and management, and marketing and promotions. We only furnish our Service Providers with the necessary information for them to execute these services on our behalf. Each Service Provider is obligated to adopt reasonable security procedures and practices, tailored to the nature of the information involved, to safeguard personal information against unauthorized access, use, or disclosure. Furthermore, Service Providers are strictly prohibited from utilizing personal information for purposes other than those specified by us.
Sharing of Prospect Data With Business Customers
We may share prospect data with business customers and business users using our Services.
Business Users Data upload or Data Input by Customers
In the course of utilizing our Services, our Business Users have the option to furnish us with information pertaining to Candidates or potential employees. Additionally, Business Users may share credentials for third-party sites or services to synchronize specific emails or other information with our Services, contributing to what we collectively term as "Business Customer Data." We regard Business Customer Data as confidential and refrain from utilizing it for purposes other than the delivery of services to the customer or Business User who supplied the information. Importantly, we do not disseminate or disclose Business Customer Data to any parties other than the customer or Business User who originally provided it.
Compliance with Law Enforcement and Laws
We cooperate with government, law enforcement, and private entities to uphold and adhere to legal requirements. If, in our judgment, it is deemed necessary or appropriate to address legal requests, which may include court orders and subpoenas, we may disclose Personal Information and any other pertinent information about you to government, law enforcement officials, or private parties.
In addition, we share each of the categories of personal data described above for the following business purposes:
- Our subsidiaries, affiliates, and related companies share common data systems and process personal data as needed to provide our products and operate our business.
- We share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to process payments or assist in protecting and securing our systems and services may need access to personal data to provide those functions.
- We may also disclose personal data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
We will also access, transfer, disclose, and preserve personal data when we believe that doing so is necessary to:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
- Protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
- Operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks; or
- Protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
Third-party vendors, including analytics, advertising, and Application Programming Interface (API) companies, also collect personal data through our website and apps including, transaction details, account information, marketing and communications data, demographic data, content and files, geolocation data, usage data, and inferences associated with identifiers and device information (such as cookie IDs, device IDs, and IP address) as described in the Cookies section of this statement.
Finally, we may share de-identified information in accordance with applicable law.
Other Sharing of Personal Data
We may permit social media platforms, third-party advertisers, and service providers, such as LinkedIn, Facebook, and digital advertising networks, to gather internet and other electronic activity data during your visits to the Sites and Services. These entities collect information to assist in analyzing the effectiveness of our advertising efforts and may track your online activities across various websites over time to deliver targeted advertising based on your interests. Generally, these third parties utilize cookies to gather internet and electronic activity data. For more details about these third parties and the cookies they employ, please refer to our Cookie Policy.
Please note that some of our products include references or links to products provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or consent to our sharing personal data with them, that data is governed by their privacy statements. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners .
Exercise caution when sharing information with others
Kindly note that sharing information on public areas of the Sites or Services, or during our events, may result in others accessing and copying that information, making it public elsewhere. Consequently, anyone with access to such information can potentially use it for various purposes, including sending unsolicited communications. Please exercise caution when sharing information in these settings.
Links
Our Sites and Services may include links to other websites, or you may receive links from others. The presence of a link to a third party's website does not imply our endorsement or affiliation with it. We lack control over third-party websites, and accessing them or their content is at your own risk. It's advisable to review the privacy policy of any third-party website before providing any information to them.
The Sites and Services are intended for users who are 18 years old or older. We do not knowingly collect Personal Information from children under the age of 18. If we become aware that we have inadvertently received Personal Information from a child under the age of 18, we will delete such information from our records. California users under the age of 18 may request the removal of their content or information publicly posted on the Sites or Services by emailing us at privacy@provenbase.com. Please note that some of the user content that appears on our Sites or Services is stored and controlled by third-party providers; thus, complete and comprehensive removal of the content may not be possible.
Finally, we may share de-identified information in accordance with applicable law.
Other Sharing of Personal Data
We may permit social media platforms, third-party advertisers, and service providers, such as LinkedIn, Facebook, and digital advertising networks, to gather internet and other electronic activity data during your visits to the Sites and Services. These entities collect information to assist in analyzing the effectiveness of our advertising efforts and may track your online activities across various websites over time to deliver targeted advertising based on your interests. Generally, these third parties utilize cookies to gather internet and electronic activity data. For more details about these third parties and the cookies they employ, please refer to our Cookie Policy.
Please note that some of our products include references or links to products provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or consent to our sharing personal data with them, that data is governed by their privacy statements. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners .
Exercise caution when sharing information with others
Kindly note that sharing information on public areas of the Sites or Services, or during our events, may result in others accessing and copying that information, making it public elsewhere. Consequently, anyone with access to such information can potentially use it for various purposes, including sending unsolicited communications. Please exercise caution when sharing information in these settings.
Links
Our Sites and Services may include links to other websites, or you may receive links from others. The presence of a link to a third party's website does not imply our endorsement or affiliation with it. We lack control over third-party websites, and accessing them or their content is at your own risk. It's advisable to review the privacy policy of any third-party website before providing any information to them.
Children’s Data
The Sites and Services are intended for users who are 18 years old or older. We do not knowingly collect Personal Information from children under the age of 18. If we become aware that we have inadvertently received Personal Information from a child under the age of 18, we will delete such information from our records. California users under the age of 18 may request the removal of their content or information publicly posted on the Sites or Services by emailing us at privacy@provenbase.com. Please note that some of the user content that appears on our Sites or Services is stored and controlled by third-party providers; thus, complete and comprehensive removal of the content may not be possible.
HANDLING INFORMATION IN THE UNITED STATES
Kindly note that your Personal Information and communications may be transferred to and stored on servers or databases situated outside your state, province, or country. If you are situated outside the United States, please be informed that we process and store all information in the United States. The privacy laws in the United States may not provide the same level of protection as those in your location.
CHOICE AND CONTROL OF PERSONAL DATA
If you are a Business User, you have the ability to review, correct, update, delete, or modify most of the Personal Information associated with your account through your account settings. To opt out of specific emails and communications, you can contact us at privacy@provenbase.com. While you can opt out of marketing emails, please note that you cannot opt out of all essential account-related communications.
For inquiries about this Privacy Policy or to access, correct, or delete your personal information, please reach out to us at privacy@provenbase.com. To ensure the security of your request, we may need you to verify your identity by providing your first and last name along with the email address associated with your account. We will promptly remove your information from our system and follow up if additional details are required to fulfill your request.
The Talent Pool, a search and sourcing service available on the ProvenBase Site (please note that the name "Talent Pool" may be changed at our discretion), is designed with utmost consideration for your personal information control. Upon your request, we will verify whether we possess or are processing any information collected or gathered about you. Should we have your personal information, we are committed to furnishing you with a copy of the data. You have the right to rectify or update any inaccurate or incomplete personal information, request the deletion of your personal information, or ask us to cease its use.
There may be instances where we cannot fulfill your request, such as when it conflicts with regulatory obligations, impacts legal matters, identity verification is not feasible, or involves disproportionate cost or effort. Nevertheless, we will respond to your request within a reasonable timeframe and provide a clear explanation of our actions. To initiate a request, please utilize our self-service portal, contact us via email at privacy@provenbase.com with the subject line "Opt-Out," or reach out to our Customer Support at 877-213-7413.
Our Talent Pool facilitates our business customers, specifically Business Users, in identifying candidates to fulfill their employment requirements. In order to accomplish this, we collect and organize Personal Information from Candidates, as detailed in the aforementioned sources. This information is indexed to enable easy searching by our business customers and Business Users for the purpose of employment recruitment. Our objective is to deliver the most comprehensive results, supporting our business customers and Business Users in searching, sourcing, evaluating, and managing talent for their employment needs.
To opt out or exercise any other rights outlined above, you must verify your identity by providing your first and last name along with the email address we have on record for you. Once verified, we will promptly remove your information from our system. We will communicate with you if additional information is necessary to fulfill your request.
It's important to note that we may need to retain certain data about you to ensure continued compliance with your opt-out request. However, we will retain the minimum amount of information necessary for this purpose and will not share this information with employers, recruiters, or other users of our services.
Choices for Cookies and Similar Technologies. See the Cookies section for choices about cookies and other analytics and advertising controls.
RETENTION OF PERSONAL DATA
We retain personal data for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
We employ physical, electronic, and procedural safeguards, including encryption in transit and at rest, to uphold the confidentiality and security of information. Nonetheless, it is important to note that no data transmission over the Internet or other networks can be guaranteed to be entirely secure. Despite our efforts to safeguard information transmitted on or through the Site or Services, we cannot assure or guarantee the security of any information you transmit in this manner. Therefore, you undertake such transmissions at your own risk.
We reserve the right to modify this Privacy Policy periodically. In the event of any changes, we will notify you by posting the updated Privacy Policy on the Sites. The effective date of these changes will be indicated as the "Revised" date in the updated Privacy Policy.
For inquiries about this Privacy Policy or to access, correct, or delete your personal information, please reach out to us at privacy@provenbase.com. To ensure the security of your request, we may need you to verify your identity by providing your first and last name along with the email address associated with your account. We will promptly remove your information from our system and follow up if additional details are required to fulfill your request.
The Talent Pool, a search and sourcing service available on the ProvenBase Site (please note that the name "Talent Pool" may be changed at our discretion), is designed with utmost consideration for your personal information control. Upon your request, we will verify whether we possess or are processing any information collected or gathered about you. Should we have your personal information, we are committed to furnishing you with a copy of the data. You have the right to rectify or update any inaccurate or incomplete personal information, request the deletion of your personal information, or ask us to cease its use.
There may be instances where we cannot fulfill your request, such as when it conflicts with regulatory obligations, impacts legal matters, identity verification is not feasible, or involves disproportionate cost or effort. Nevertheless, we will respond to your request within a reasonable timeframe and provide a clear explanation of our actions. To initiate a request, please utilize our self-service portal, contact us via email at privacy@provenbase.com with the subject line "Opt-Out," or reach out to our Customer Support at 877-213-7413.
Our Talent Pool facilitates our business customers, specifically Business Users, in identifying candidates to fulfill their employment requirements. In order to accomplish this, we collect and organize Personal Information from Candidates, as detailed in the aforementioned sources. This information is indexed to enable easy searching by our business customers and Business Users for the purpose of employment recruitment. Our objective is to deliver the most comprehensive results, supporting our business customers and Business Users in searching, sourcing, evaluating, and managing talent for their employment needs.
To opt out or exercise any other rights outlined above, you must verify your identity by providing your first and last name along with the email address we have on record for you. Once verified, we will promptly remove your information from our system. We will communicate with you if additional information is necessary to fulfill your request.
It's important to note that we may need to retain certain data about you to ensure continued compliance with your opt-out request. However, we will retain the minimum amount of information necessary for this purpose and will not share this information with employers, recruiters, or other users of our services.
Choices for Cookies and Similar Technologies. See the Cookies section for choices about cookies and other analytics and advertising controls.
RETENTION OF PERSONAL DATA
We retain personal data for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
We employ physical, electronic, and procedural safeguards, including encryption in transit and at rest, to uphold the confidentiality and security of information. Nonetheless, it is important to note that no data transmission over the Internet or other networks can be guaranteed to be entirely secure. Despite our efforts to safeguard information transmitted on or through the Site or Services, we cannot assure or guarantee the security of any information you transmit in this manner. Therefore, you undertake such transmissions at your own risk.
We reserve the right to modify this Privacy Policy periodically. In the event of any changes, we will notify you by posting the updated Privacy Policy on the Sites. The effective date of these changes will be indicated as the "Revised" date in the updated Privacy Policy.
EUROPE AND OUTSIDE THE U.S AND ELSEWHERE USERS DATA PROTECTION RIGHTS
When employing the terms "EU data," "EU user," and "EU data subject," we are referring to data, users, and data subjects originating from the European Union (EU), the European Economic Area (EEA), and the United Kingdom (UK).
We highly value your information privacy. This EU User Privacy Policy has been crafted to elucidate the manner in which we collect, utilize, safeguard, and disclose information and data of EU Users, especially when they utilize the services provided on www.provenbase.com. Additionally, this EU User Privacy Policy outlines the options available to you for managing your information preferences, including the ability to opt out of specific uses of your Personal Data (as defined below). Applicable to all EU users of the Sites and Services, this Privacy Policy pertains to the offerings provided by ProvenBase, Inc.
Data Collection and ProvenBase’s Role according to the General Data Protection Regulation(“GDPR”)
When ProvenBase is a Data Controller
ProvenBase functions as a data controller when acquiring and utilizing information concerning data subjects who visit our site. This role also extends to the collection and use of information for creating and maintaining Professional Profiles and delivering services. For inquiries, ProvenBase's Data Protection Officer can be reached via email at privacy@provenbase.com.
Talent Pool Service
The Talent Pool, a searching and sourcing service provided through the ProvenBase Site (the name "Talent Pool" subject to change at our discretion), is designed to facilitate connections between employers and potential employees. Our objective is to foster successful matches in the talent acquisition process. The Talent Pool empowers users, including employers and recruiters, to search for candidates who align with their specific hiring needs. Simultaneously, individuals listed in our Talent Pool can discover new job opportunities when employers seek individuals with particular skills and talents. This enables them to explore exciting prospects that better match their professional skills and interests. It's important to note that the Talent Pool itself does not collect user information through our Site and Services.
Usage Data and Site Activity
Through the use of cookies, web beacons, and other technologies, we automatically collect the following information about your device and your interaction with our Sites or Services: the features you utilize, searches you conduct using the Services, browser agent name and version, web pages you access, links you click, your IP address, the duration of your visit to our Sites or use of our Services, and the referring URL or the webpage that directed you to our Sites (referred to as "Usage Data"). This information is utilized to monitor and enhance the functionality of the Sites and Services, improve your online experience, and facilitate a more seamless and personalized interaction. For instance, it enables us to provide appropriate browser support for Site visitors and generate customized To-Do lists for Service Users. We may merge Usage Data with Personal Data that you have shared with us.
Cookies and Similar Identifiers
We utilize cookies (small text files placed on your computer to identify your computer and web browser) and may employ anonymous identifiers (random strings of characters serving the same purposes as cookies). These tools are employed for authentication purposes, keeping track of your login status, and for the analysis and enhancement of the functionality of the Sites and Services. For detailed information about the cookies we use and your options concerning cookies, please refer to our Cookie Policy.
When ProvenBase is a Data Processor
Information Input or Uploaded During Service Utilization
While utilizing our services, you have the option to input or upload information related to potential job candidates or prospective employees, assisting you in identifying suitable candidates through ProvenBase’s technology. Additionally, you may furnish credentials for third-party sites or services to synchronize specific emails or other information with our services. This collective information is referred to as "Customer Data." ProvenBase acts as a data processor with respect to Customer Data, processing it solely in accordance with your instructions to provide the services. We treat Customer Data as confidential and do not share it with third parties or other ProvenBase users. Furthermore, ProvenBase refrains from integrating such data into ProvenBase's Talent Pool. To regulate our processing of Personal Data on your behalf, ProvenBase provides a Data Processing Addendum that you can enter into with us.
Processing Purposes and Legal Basis for Processing
As outlined in further detail below, we may process your Personal Data as a User using the following legal bases under GDPR:
We process the Personal Data you furnish to us when it is necessary to deliver the Services you have requested. This includes establishing and maintaining your account, sending you notices and other communications related to the Services, offering customer support, and fulfilling other Service-related functions.
We may process your Personal Data based on legitimate interests, or the legitimate interests of others, in the following scenarios:
Sharing and Disclosing User Information
Periodically, we may enlist the services of other businesses that we deem trustworthy and whose privacy practices align with ours ("Service Providers"). For instance, we utilize a payment processor for payment processing and may engage other Service Providers for services such as hosting, maintenance, data storage, management, and marketing. We share only the necessary information with our Service Providers to enable them to perform these services on our behalf. Each Service Provider is obligated to adopt reasonable security procedures and practices tailored to the nature of the information, ensuring the protection of your Personal Data against unauthorized access, use, or disclosure. Service Providers are strictly prohibited from utilizing Personal Data for any purpose other than specified by us.
ProvenBase uses Google Cloud Platform(GCP) and Amazon Web Services (AWS) as a Service Provider to host the Sites and Services, storing Personal Data and Customer Data. While your information is not disclosed to AWS or GCP, it is transferred through and resides on GCP and AWS-owned computers. AWS and GCP is ISO/IEC 27018 certified and maintains a system of controls specifically addressing the privacy protection of ProvenBase's content.
In compliance with legal obligations, we collaborate with government, law enforcement officials, and private parties. Personal data and any other relevant information may be disclosed to them if, in our discretion, we believe it is necessary to respond to legal requests, protect the safety, property, or rights of our organization or any third party, prevent or halt any illegal, unethical, or legally actionable activity, or comply with the law.
We may share Personal Data and Usage Data with entities controlling, controlled by, or under common control with our Company. In the event of a merger, acquisition, sale, or transfer of some or all of our assets, Personal Data and Usage Data may be disclosed or transferred in connection with such transactions. You will be provided with the opportunity to opt out of any such transfer if it results in the handling of your Personal Data in a manner materially different from this Privacy Policy.
For direct marketing purposes, we refrain from disclosing Personal Data to third parties without your explicit consent. However, certain Usage Data related to the Sites and Services may be disclosed to third parties. In such instances, your Usage Data is aggregated with that of others and does not individually identify you.
Cross-Border Data Transfers and Security Measures
Currently, ProvenBase stores and Processes Personal Information in the United States. The storage location(s) are chosen to operate efficiently and improve performance. The personal data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. We take steps designed to ensure that the data we collect under this statement is processed according to the provisions of this statement and applicable law wherever the data is located. Location of Processing European Personal Data. We transfer personal data from the European Economic Area (EEA), UK, and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/ adequacy-protection-personal-data-non-eu-countries_en .
Transfers as per the Standard Contractual Clauses
In compliance with the GDPR, we will guarantee that the transfer of personal information to a third country or international organization adheres to suitable safeguards, as outlined in Article 46 of the GDPR. This may include the use of UK or EU Standard Contractual Clauses, as applicable.
Standard Contractual Clauses are incorporated into our Data Processing Addendum so that the data-flows necessary to provide, maintain, and develop our services take place legally.
Individual/Data Subject Rights Regarding Your Personal Data under the GDPR
Residents of the European Union, European Economic Area (EEA), the UK, or Switzerland have the following rights under the GDPR. To process your request, we may request you to verify your identity for security. In these instances, we will require you to provide evidence of your identity before exercising these rights.
The right to access, correct and update your information. You can reach out to us at any time to request access to and receive information about the processing of your personal information. Upon receiving your request, we will respond within fifteen days. There are no fees or charges for the initial two requests, but subsequent requests for the same data may be subject to an administrative fee. If the data we have on you is outdated, incomplete, or incorrect, you can notify us, and we will update your information.
The right to request data erasure. If you prefer us not to utilize your data, you can request to delete your data.
The right to data portability. You have the right to request a copy of your data in a machine-readable format. Additionally, individuals can inquire about the possibility of us transmitting their data to another data controller if the legal basis for processing of your personal data is either (i) consent or (ii) the necessity for providing services to you or taking steps at your request to provide you services, and such processing is conducted through automated means.
The right to object to processing of your data. Individuals have the right to request that we cease processing your data for direct marketing or for processing data based on our legitimate interests.
The right to file a complaint. You have the right to submit a complaint to the supervisory authority in the Member State where you reside, work, or where an alleged GDPR violation has occurred.
The right to revoke your consent. If we have processed your Personal Data based on your consent, you have the right to withdraw that consent at any time.
The right to limit the processing of your data. You possess the right to limit the processing of your data under certain circumstances, including: (i) if you challenge its accuracy; (ii) if the processing is unlawful, and you object to erasure; or (iii) if it is no longer necessary for the purposes for which it was collected, but you require it for legal defense purposes.
In order to exercise your rights regarding your Personal Data including right to access, correction (rectification), erasure, restriction of processing, objection to processing, and portability, you can contact our Data Protection Officer at privacy@provenbase.com.
We highly value your information privacy. This EU User Privacy Policy has been crafted to elucidate the manner in which we collect, utilize, safeguard, and disclose information and data of EU Users, especially when they utilize the services provided on www.provenbase.com. Additionally, this EU User Privacy Policy outlines the options available to you for managing your information preferences, including the ability to opt out of specific uses of your Personal Data (as defined below). Applicable to all EU users of the Sites and Services, this Privacy Policy pertains to the offerings provided by ProvenBase, Inc.
Data Collection and ProvenBase’s Role according to the General Data Protection Regulation(“GDPR”)
When ProvenBase is a Data Controller
ProvenBase functions as a data controller when acquiring and utilizing information concerning data subjects who visit our site. This role also extends to the collection and use of information for creating and maintaining Professional Profiles and delivering services. For inquiries, ProvenBase's Data Protection Officer can be reached via email at privacy@provenbase.com.
Talent Pool Service
The Talent Pool, a searching and sourcing service provided through the ProvenBase Site (the name "Talent Pool" subject to change at our discretion), is designed to facilitate connections between employers and potential employees. Our objective is to foster successful matches in the talent acquisition process. The Talent Pool empowers users, including employers and recruiters, to search for candidates who align with their specific hiring needs. Simultaneously, individuals listed in our Talent Pool can discover new job opportunities when employers seek individuals with particular skills and talents. This enables them to explore exciting prospects that better match their professional skills and interests. It's important to note that the Talent Pool itself does not collect user information through our Site and Services.
Usage Data and Site Activity
Through the use of cookies, web beacons, and other technologies, we automatically collect the following information about your device and your interaction with our Sites or Services: the features you utilize, searches you conduct using the Services, browser agent name and version, web pages you access, links you click, your IP address, the duration of your visit to our Sites or use of our Services, and the referring URL or the webpage that directed you to our Sites (referred to as "Usage Data"). This information is utilized to monitor and enhance the functionality of the Sites and Services, improve your online experience, and facilitate a more seamless and personalized interaction. For instance, it enables us to provide appropriate browser support for Site visitors and generate customized To-Do lists for Service Users. We may merge Usage Data with Personal Data that you have shared with us.
Cookies and Similar Identifiers
We utilize cookies (small text files placed on your computer to identify your computer and web browser) and may employ anonymous identifiers (random strings of characters serving the same purposes as cookies). These tools are employed for authentication purposes, keeping track of your login status, and for the analysis and enhancement of the functionality of the Sites and Services. For detailed information about the cookies we use and your options concerning cookies, please refer to our Cookie Policy.
When ProvenBase is a Data Processor
Information Input or Uploaded During Service Utilization
While utilizing our services, you have the option to input or upload information related to potential job candidates or prospective employees, assisting you in identifying suitable candidates through ProvenBase’s technology. Additionally, you may furnish credentials for third-party sites or services to synchronize specific emails or other information with our services. This collective information is referred to as "Customer Data." ProvenBase acts as a data processor with respect to Customer Data, processing it solely in accordance with your instructions to provide the services. We treat Customer Data as confidential and do not share it with third parties or other ProvenBase users. Furthermore, ProvenBase refrains from integrating such data into ProvenBase's Talent Pool. To regulate our processing of Personal Data on your behalf, ProvenBase provides a Data Processing Addendum that you can enter into with us.
Processing Purposes and Legal Basis for Processing
As outlined in further detail below, we may process your Personal Data as a User using the following legal bases under GDPR:
- GDPR Article 6(1)(b): Processing is necessary for the performance of the Services you have requested.
- GDPR Article 6(1)(a): Processing based on your consent.
- GDPR Article 6(1)(f): Processing is necessary for our legitimate interests, or the legitimate interests of a third party, provided these interests are not overridden by your rights and freedoms.
We process the Personal Data you furnish to us when it is necessary to deliver the Services you have requested. This includes establishing and maintaining your account, sending you notices and other communications related to the Services, offering customer support, and fulfilling other Service-related functions.
We may process your Personal Data based on legitimate interests, or the legitimate interests of others, in the following scenarios:
- Compliance: To adhere to applicable laws and regulations.
- Business Administration: For the administration of our business and the enhancement of service quality.
- User Experience: To improve user experience and foster customer relationships.
- Communication: To engage with you regarding the Services or other offerings that may be of interest.
- Security: To safeguard our Service and users against threats like fraud or security breaches.
- Business Transactions: To facilitate essential business transactions, such as mergers or acquisitions.
Sharing and Disclosing User Information
Periodically, we may enlist the services of other businesses that we deem trustworthy and whose privacy practices align with ours ("Service Providers"). For instance, we utilize a payment processor for payment processing and may engage other Service Providers for services such as hosting, maintenance, data storage, management, and marketing. We share only the necessary information with our Service Providers to enable them to perform these services on our behalf. Each Service Provider is obligated to adopt reasonable security procedures and practices tailored to the nature of the information, ensuring the protection of your Personal Data against unauthorized access, use, or disclosure. Service Providers are strictly prohibited from utilizing Personal Data for any purpose other than specified by us.
ProvenBase uses Google Cloud Platform(GCP) and Amazon Web Services (AWS) as a Service Provider to host the Sites and Services, storing Personal Data and Customer Data. While your information is not disclosed to AWS or GCP, it is transferred through and resides on GCP and AWS-owned computers. AWS and GCP is ISO/IEC 27018 certified and maintains a system of controls specifically addressing the privacy protection of ProvenBase's content.
In compliance with legal obligations, we collaborate with government, law enforcement officials, and private parties. Personal data and any other relevant information may be disclosed to them if, in our discretion, we believe it is necessary to respond to legal requests, protect the safety, property, or rights of our organization or any third party, prevent or halt any illegal, unethical, or legally actionable activity, or comply with the law.
We may share Personal Data and Usage Data with entities controlling, controlled by, or under common control with our Company. In the event of a merger, acquisition, sale, or transfer of some or all of our assets, Personal Data and Usage Data may be disclosed or transferred in connection with such transactions. You will be provided with the opportunity to opt out of any such transfer if it results in the handling of your Personal Data in a manner materially different from this Privacy Policy.
For direct marketing purposes, we refrain from disclosing Personal Data to third parties without your explicit consent. However, certain Usage Data related to the Sites and Services may be disclosed to third parties. In such instances, your Usage Data is aggregated with that of others and does not individually identify you.
Cross-Border Data Transfers and Security Measures
Currently, ProvenBase stores and Processes Personal Information in the United States. The storage location(s) are chosen to operate efficiently and improve performance. The personal data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. We take steps designed to ensure that the data we collect under this statement is processed according to the provisions of this statement and applicable law wherever the data is located. Location of Processing European Personal Data. We transfer personal data from the European Economic Area (EEA), UK, and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/ adequacy-protection-personal-data-non-eu-countries_en .
Transfers as per the Standard Contractual Clauses
In compliance with the GDPR, we will guarantee that the transfer of personal information to a third country or international organization adheres to suitable safeguards, as outlined in Article 46 of the GDPR. This may include the use of UK or EU Standard Contractual Clauses, as applicable.
Standard Contractual Clauses are incorporated into our Data Processing Addendum so that the data-flows necessary to provide, maintain, and develop our services take place legally.
Individual/Data Subject Rights Regarding Your Personal Data under the GDPR
Residents of the European Union, European Economic Area (EEA), the UK, or Switzerland have the following rights under the GDPR. To process your request, we may request you to verify your identity for security. In these instances, we will require you to provide evidence of your identity before exercising these rights.
The right to access, correct and update your information. You can reach out to us at any time to request access to and receive information about the processing of your personal information. Upon receiving your request, we will respond within fifteen days. There are no fees or charges for the initial two requests, but subsequent requests for the same data may be subject to an administrative fee. If the data we have on you is outdated, incomplete, or incorrect, you can notify us, and we will update your information.
The right to request data erasure. If you prefer us not to utilize your data, you can request to delete your data.
The right to data portability. You have the right to request a copy of your data in a machine-readable format. Additionally, individuals can inquire about the possibility of us transmitting their data to another data controller if the legal basis for processing of your personal data is either (i) consent or (ii) the necessity for providing services to you or taking steps at your request to provide you services, and such processing is conducted through automated means.
The right to object to processing of your data. Individuals have the right to request that we cease processing your data for direct marketing or for processing data based on our legitimate interests.
The right to file a complaint. You have the right to submit a complaint to the supervisory authority in the Member State where you reside, work, or where an alleged GDPR violation has occurred.
The right to revoke your consent. If we have processed your Personal Data based on your consent, you have the right to withdraw that consent at any time.
The right to limit the processing of your data. You possess the right to limit the processing of your data under certain circumstances, including: (i) if you challenge its accuracy; (ii) if the processing is unlawful, and you object to erasure; or (iii) if it is no longer necessary for the purposes for which it was collected, but you require it for legal defense purposes.
In order to exercise your rights regarding your Personal Data including right to access, correction (rectification), erasure, restriction of processing, objection to processing, and portability, you can contact our Data Protection Officer at privacy@provenbase.com.
California rights
If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”), you have certain rights with respect to that information.
Within the CCPA framework, ProvenBase could be classified as a Service Provider in specific situations, processing Personal Information on behalf of a Business (ProvenBase's customer). Personal Information may be disclosed to ProvenBase by the customer for a Business Purpose as outlined in a written contract between ProvenBase and its customer. A Business Purpose refers to the utilization of Personal Information for operational needs, encompassing tasks such as auditing, security incident detection, debugging, short-term/transient use, customer service provision, internal research, and the maintenance/improvement/upgrading/enhancement of services.
Right to Know. You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You may make such a “request to know” by contacting us at privacy@provenbase.com or from the privacy choices. You have the right to access your Personal Information at no cost, limited to a maximum of two requests per year, subject to ProvenBase's confirmation of your identity.
Right to Request Deletion. You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, email us at privacy@provenbase.com or write us with your request at the mailing address below.
Right to Opt-Out. You have a right to opt-out from future “sales” of personal information. Note that the CCPA defines “sell” and “personal information” very broadly, and some of our data sharing described in this privacy statement may be considered a “sale” under those definitions. In the past 12 months, we may have sold any of the categories of personal information listed above. To opt-out from “sales” of personal information, please visit our “Do Not Sell My Personal Information” page. We do not knowingly sell the personal information of minors under 18 years of age.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your identity, for example, we may ask you to provide your first and last name and an email address.
Finally, you have a right to receive notice of our practices at or before collection of personal information, and you have a right to not be discriminated against for exercising these rights set out in the CCPA.
ProvenBase have collected the below personal information for the last twelve(12) months:
ProvenBase has distinct methods for collecting Personal Information, tailored to whether you are a non-user or a user:
Categories of Personal Information Collected for Non-users:
Real name
Alias
Phone number
Email
Approximate location (city/metro area, not your actual address)
Job title
Skills
Education
Work history
Professional social network profile picture
Professional social network link
Inferences drawn from the aforementioned information
Categories of Personal Information Collected for Users:
Real name
Alias
Address
Phone number
Mobile phone number
Email
Payment information
Company name
Computer/web browser/IP address information from cookies, web beacons, and other identifiers
Other specific information you choose to provide us with or include in your account
Personal Information Sold in the Last 12 Months
For Candidates, we disclose the Non-user Personal Information outlined earlier through ProvenBase's paid services. This facilitates our customers' ability to connect with you regarding career opportunities that align with your professional background and interests.
Personal Information Disclosed for Business Purposes in the Last 12 Months
For Business Users, the information provided in your user account remains confidential with ProvenBase. We do not sell or share your Personal Information with external parties. However, your Personal Information may be shared with your company's Admin and other authorized users to facilitate the provision of services to the customer with whom you are employed.
Response Timing and Format
We aim to address verifiable consumer requests within 45 days of receiving them. In cases where additional information is necessary to confirm your identity, the provided information will be used exclusively for verification purposes. Should an extension of up to 90 days be required, we will notify you in writing, specifying the reason for the delay.
For account holders, our written responses will be sent to the email address associated with your account. If you don't have an account, we'll deliver responses via email or an alternative method of your choice. Disclosures will pertain to the 12-month period preceding the receipt of the verifiable consumer request, and any reasons for non-compliance will be clearly explained. In handling data portability requests, we'll adopt a format facilitating easy use and transmission of Personal Information between entities.
It's important to note that we won't charge a fee for processing or responding to your verifiable consumer request, unless it is deemed excessive, repetitive, or manifestly unfounded. If a fee is applicable, we'll communicate the rationale and provide a cost estimate before proceeding. Our commitment includes responding to requests no more than twice in a 12-month period, with exceptions for information collected for a single, one-time transaction that is neither sold nor retained by ProvenBase.
Click the link here to see ProvenBase Data Subject Rights Requests Metrics data
Within the CCPA framework, ProvenBase could be classified as a Service Provider in specific situations, processing Personal Information on behalf of a Business (ProvenBase's customer). Personal Information may be disclosed to ProvenBase by the customer for a Business Purpose as outlined in a written contract between ProvenBase and its customer. A Business Purpose refers to the utilization of Personal Information for operational needs, encompassing tasks such as auditing, security incident detection, debugging, short-term/transient use, customer service provision, internal research, and the maintenance/improvement/upgrading/enhancement of services.
Right to Know. You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You may make such a “request to know” by contacting us at privacy@provenbase.com or from the privacy choices. You have the right to access your Personal Information at no cost, limited to a maximum of two requests per year, subject to ProvenBase's confirmation of your identity.
Right to Request Deletion. You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, email us at privacy@provenbase.com or write us with your request at the mailing address below.
Right to Opt-Out. You have a right to opt-out from future “sales” of personal information. Note that the CCPA defines “sell” and “personal information” very broadly, and some of our data sharing described in this privacy statement may be considered a “sale” under those definitions. In the past 12 months, we may have sold any of the categories of personal information listed above. To opt-out from “sales” of personal information, please visit our “Do Not Sell My Personal Information” page. We do not knowingly sell the personal information of minors under 18 years of age.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your identity, for example, we may ask you to provide your first and last name and an email address.
Finally, you have a right to receive notice of our practices at or before collection of personal information, and you have a right to not be discriminated against for exercising these rights set out in the CCPA.
ProvenBase have collected the below personal information for the last twelve(12) months:
| Categories of Personal Information | Examples | Collected by ProvenBase |
|---|---|---|
| Identifiers. | Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, including business and/or other freemails like Gmail, Yahoo, Hotmail, etc., account name, Social Security number, driver's license number, passport number, social networking URLs or other similar identifiers. | Name, alias, email, Social Networking URLs |
| Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Name, phone number |
| Commercial information. | Documentation of personal possessions, products or services acquired, obtained, or contemplated, as well as other records pertaining to purchasing or consumption histories or inclinations. | NOT COLLECTED |
| Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | NOT COLLECTED |
| Internet or other similar network activity. | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. | Computer/web browser/IP address information from cookies, web beacons and other identifiers |
| Geolocation data. | Physical location or movements. | Approximate location (city/metro area, not actual address) |
| Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NOT COLLECTED |
| Professional or employment-related information. | Current or past job history or performance evaluations. | Job title, skills, education, work history |
| Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NOT COLLECTED |
| Inferences drawn from other personal information. | Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | In the capacity of a service provider, diversity data produced through machine learning. |
Categories of Personal Information Collected for Non-users:
Real name
Alias
Phone number
Approximate location (city/metro area, not your actual address)
Job title
Skills
Education
Work history
Professional social network profile picture
Professional social network link
Inferences drawn from the aforementioned information
Categories of Personal Information Collected for Users:
Real name
Alias
Address
Phone number
Mobile phone number
Payment information
Company name
Computer/web browser/IP address information from cookies, web beacons, and other identifiers
Other specific information you choose to provide us with or include in your account
Personal Information Sold in the Last 12 Months
For Candidates, we disclose the Non-user Personal Information outlined earlier through ProvenBase's paid services. This facilitates our customers' ability to connect with you regarding career opportunities that align with your professional background and interests.
Personal Information Disclosed for Business Purposes in the Last 12 Months
For Business Users, the information provided in your user account remains confidential with ProvenBase. We do not sell or share your Personal Information with external parties. However, your Personal Information may be shared with your company's Admin and other authorized users to facilitate the provision of services to the customer with whom you are employed.
Response Timing and Format
We aim to address verifiable consumer requests within 45 days of receiving them. In cases where additional information is necessary to confirm your identity, the provided information will be used exclusively for verification purposes. Should an extension of up to 90 days be required, we will notify you in writing, specifying the reason for the delay.
For account holders, our written responses will be sent to the email address associated with your account. If you don't have an account, we'll deliver responses via email or an alternative method of your choice. Disclosures will pertain to the 12-month period preceding the receipt of the verifiable consumer request, and any reasons for non-compliance will be clearly explained. In handling data portability requests, we'll adopt a format facilitating easy use and transmission of Personal Information between entities.
It's important to note that we won't charge a fee for processing or responding to your verifiable consumer request, unless it is deemed excessive, repetitive, or manifestly unfounded. If a fee is applicable, we'll communicate the rationale and provide a cost estimate before proceeding. Our commitment includes responding to requests no more than twice in a 12-month period, with exceptions for information collected for a single, one-time transaction that is neither sold nor retained by ProvenBase.
Click the link here to see ProvenBase Data Subject Rights Requests Metrics data
Retention of personal data
We retain personal data for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. In general we will retain your information until you decide to close and delete your account or for up to two years after the expiration of the contract, whichever occurs first.
Security of personal data
We implement physical, electronic, and procedural measures to safeguard the confidentiality and security of information transmitted to us. Nevertheless, it's important to note that no data transmission over the Internet or other networks can be ensured to be 100% secure. Despite our efforts to protect information transmitted on or through the Sites or Services, we cannot provide an absolute guarantee of the security of any information you transmit on or through the Sites or Services. Therefore, you do so at your own risk.
Changes to this privacy statement
We will update this privacy statement when necessary to reflect changes in our products, how we use personal data or the applicable law. When we post changes to the statement, we will revise the "Last Updated" date at the top of the statement. If we make material changes to the statement, we will provide notice or obtain consent regarding such changes as may be required by law.
How to contact us
If you have a privacy concern, complaint, or a question for ProvenBase, Inc., or to contact our Data Protection Officer, please contact us at privacy@provenbase.com
If you want to report a violation of the EU user privacy policy, you can email us at legal@provenbase.com. EU data subjects also have the right to lodge a complaint with a supervisory authority concerning Provenbase’s data processing activities.
ProvenBase, Inc. Attn: Legal Department, 4000 Legato Road, Suite 1100, Fairfax, Virginia 22033, United States. Telephone: 1-(877)-213-7413.
If you want to report a violation of the EU user privacy policy, you can email us at legal@provenbase.com. EU data subjects also have the right to lodge a complaint with a supervisory authority concerning Provenbase’s data processing activities.
ProvenBase, Inc. Attn: Legal Department, 4000 Legato Road, Suite 1100, Fairfax, Virginia 22033, United States. Telephone: 1-(877)-213-7413.