Privacy Shield Policy
Last Updated on February 1, 2020
Important: Crelate may update this privacy statement via this website and we encourage you to periodically review this page for the most recent information on our privacy policies and practices.
Our adherence to Privacy Shield
Crelate informs Subscribers and Individuals that Crelate participates in the EU-U.S. Privacy Shield Framework and that we commit to subject all personal data received from the EU to the Privacy Shield Principles. This Privacy Shield Policy describes how Crelate uses Subscribers’ and Individuals’ respective personal information, the types of third parties Crelate may share personal information with, our liability for onward transfer, who to contact with regard to privacy concerns, how disputes can be resolved, the enforcement authority we are subject to, how and when personal information may be accessed, our commitment to security, and the choices and means we offer for limiting the user and disclosure of personal information.
Crelate informs Individuals that Crelate is a contractual agent of our Subscribers and performs data processing and tasks on behalf of and under the instruction of our Subscribers.
Crelate does not process personal information for purposes other than for the purpose(s) for which it was originally collected or subsequently authorized by its Subscribers. Crelate does not disclose personal data to third parties unless the Subscriber affirmatively and explicitly consents (“opts-in”) to the processing. Where necessary, Crelate will provide Subscribers with the opportunity to withdraw consent (“opt-out”) at which point, their personal information will no longer be disclosed to third parties.
As an agent of our Subscribers, Crelate will refer Individuals to the relevant Subscriber when questions of Choice apply.
Onward Transfer and Accountability
Where Crelate is made aware that a Crelate Third Party or Crelate Agent to whom it has provided EU personal information is processing or disclosing that information in a manner contrary to this policy, Crelate will take commercially reasonable steps to prevent or stop the processing or disclosure.
Crelate does not sell Subscriber, Individual, or personal information to third parties. In situations defined in the Privacy Shield Principles, we may be liable for the actions of the agent.
Refer to the section Our Third Parties below for a list of the third parties and the types of data we may transfer to them.
Crelate, Inc. takes commercially reasonable and appropriate measures to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the personal data.
Crelate provides hosted talent management and recruiting software to a variety of businesses. Crelate stores, processes and handles personal information on behalf of its Subscribers. The exact information that is stored within Crelate is at the discretion of our Subscribers, but will typically include contact information, resumes, and other information necessary in the process of hiring, vetting potential employees and personal information about current and past employees. Crelate acknowledges the right of EU individuals to access their personal data.
For Subscribers, upon written request, Crelate will provide details of personal information held. Crelate will take reasonable steps to allow Subscribers to correct, amend or remove their personal information.
EU Subscribers, Individuals and Visitors may request access or an identification of personal information held by contacting Crelate using the contact information listed under Point of Contact below.
For Individuals, Crelate will make reasonable efforts to assist individuals requesting access to their personal information by connecting them to the appropriate EU-based Subscriber. Crelate Subscribers are obligated to handle requests per our Terms of Service.
Crelate is not obligated to assist Subscribers, Individuals or Visitors to access personal information when the burden or expense of providing such access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Data Integrity and Purpose Limitation
Crelate will make commercially reasonable steps to ensure that any personal information it processes (including any processing through its agents or third parties) is limited by the purpose(s) for which such personal information has been collected.
In compliance with the Privacy Shield Principles, Crelate commits to resolve complaints about our collection or use of your personal information. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Crelate, Inc at firstname.lastname@example.org.
If Subscribers and Visitors do not receive timely acknowledgement of their complaint, or if their complaint is not satisfactorily addressed by Crelate, these EU individuals may bring a complaint before BBB EU Privacy Shield, an independent recourse mechanism located in the United States. For more information and to file a complaint go to www.bbb.org/EU-privacy-shield/for-eu-consumers/. The services of BBB EU Privacy Shield are provided at no cost to you.
Finally, as a last resort and under limited conditions, Subscribers and Visitors with residual complaints may have the right to invoke binding arbitration. Please see the Privacy Shield website for details.
As part of this agreement, Crelate is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).
Cooperation with Law Enforcement
Crelate may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Point of Contact
Attention: Privacy and Security Operations
805 Kirkland Ave
Kirkland, WA 98033
Our Third Parties
Crelate uses the following Third-Party Service Providers in conjunction with providing its service to our Subscribers, Visitors and Individuals.
Analytics – Crelate uses various web analytic providers to measure the usage and engagement of our service by users.
Hosting and Monitoring – Crelate uses various cloud infrastructure, monitoring and hosting providers to provide its services and maintain the performance and availability of its services.
Job Boards and other integrations – Crelate provides its Subscribers integration to a range of Third-parties. In most cases, Subscribers must opt-in to have their personal data shared with these services.
Customer Success and Payments – Crelate uses various cloud-based customer support and payment providers in connect with providing support for Subscribers and Visitors and processing payments from Subscribers.
In all cases, the Third-Parties may collect some or all of the following information in connection with providing their service: cookies, location, IP address, usage and personal data.