PYMETRICS PRIVACY POLICY

Last updated: June 24, 2019

 

 

1. INTRODUCTION

 

Pymetrics, Inc. (“Pymetrics”, “we”, “our”, or “us”) values the trust our users (“you”) place in us when they give us access to their personally-identifiable information (“Personal Information”).  This Privacy Policy (“Policy”) describes how we work to maintain that trust. 

 

Pymetrics has created this Policy in order to outline our collection, use, and sharing of information you provide to us when you access or use Pymetrics’ online and/or mobile services and websites (collectively, the “Site”), including, without limitation, pymetrics.com, any Pymetrics mobile application, and any software provided by Pymetrics in connection with such services or websites.  This Privacy Policy covers only information that we collect through the Site, and not any other information collection or processing outside of the Site.

 

Please note that we reserve the right to review and update this Privacy Policy from time to time.  Accordingly, each time you access or use the Site, you should check the Last Updated legend at the top of this Policy and review any changes since you last accessed or used the Site.  If you access or use the Site after an updated Privacy Policy is published, you will be deemed to have agreed to the amended Policy.

 

BY ACCESSING AND USING THIS SITE, YOU REPRESENT AND WARRANT THAT YOU HAVE READ AND UNDERSTOOD, AND AGREE TO THE TERMS OF, THIS PRIVACY POLICY.  IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT ACCESS OR USE THIS SITE.

 

 

2. INFORMATION THAT WE COLLECT ABOUT YOU

 

Information Provided by You Upon Creating an Account

 

When you create and register a user account (“Account”) on the Site, you may be asked to provide or confirm certain pieces of Personal Information, which may include one or more of the following:

 

1. First and last name
2. E-mail address
3. Educational history
4. Current occupation and title
5. Employment history

 

You may also be asked to provide your demographic information.  However, providing such information will always be voluntary. 

 

We may supplement the Personal Information you provide with additional Personal Information we gather from public sources or from third-parties (e.g., consumer reporting agencies) that may lawfully provide such information to us.

 

You are under no obligation to provide your Personal Information, with the caveat that your refusal to do so may prevent you from using certain of the Site’s features and services.

 

Other Information Created or Provided by You

 

We also collect the content you create, upload, or receive from others when using our Site. This includes things like videos that you record and submit to an employer and/or save on the Site.

 

Information Provided When You Contact Us

 

We may collect Personal Information that you voluntarily provide to us when you contact us with a question, comment, business inquiry, or other request for information.  We collect one or more of the following types of Personal Information when you contact us with a question or comment, or request information from us about our products and services:

 

1. Name
2. E-mail address
3. Phone Number

 

Passively Collected Information

 

When you access and use our Site, we may automatically collect and retain certain types of information, including your computer or device’s internet protocol (IP) address and other technical information about your computer or device and website usage, such as your browser type and version, time zone setting, and operating system and platform. 

 

When you play our online neuroscience-based games (the “Games”) on the Site, we also collect and retain your “Gameplay Data,” which is defined as information and data collected from your behavior and actions in the course of playing our Games, including metadata about your real-time user interaction with the Games.  After your completion of the Games, the Site will review your Gameplay Data and generate your specific “Trait Profile,” which contains the Site’s assessment and description of your cognitive, social, and personality traits.

 

When you record and submit videos (“Videos”) on the Site, we may also collect and retain voice and audio information and a transcript of your audio information in the Video. 

 

We may collect application log information like you’re the companies you’ve submitted a job application for through the Site, the specific role(s) you’ve applied for, and the time and date of such applications.

 

We also use cookies on our Sites; for more information, please see the Cookies and Other Tracking Technologies section below.

 

We may collect certain additional information when you access our Site with a mobile device or with Pymetrics IOS and Android mobile apps. This information may include location, device type, unique device identifier, operation system, and other app-specific user data. This data is analyzed to help us create a more user-friendly mobile experience. You may restrict collection of certain data, like location by changing the setting preferences on your mobile device.

 

 

3. COOKIES AND OTHER TRACKING TECHNOLOGIES THAT WE USE

 

We and our service providers use cookies, beacons, embedded scripts, and local shared objects in connection with the Site.

 

●      Cookies are small text files that are stored on your computer or device when you visit our Site.  Cookies allow a website to recognize a particular device or browser.  The use of cookies is a standard practice among websites to collect information about visitors’ activities while using the website.

 

●      Beacons are small graphical images (also known as “pixel tags” or “clear GIFs”) that may be included on our Site and typically work in conjunction with cookies to assist our site with the automated collection data on user behavior. Pymetrics will not be able to personally identify you in connection with these practices.

 

●      An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on.  The code is temporarily downloaded onto your computer or device from our web server or a third-party service provider, is active only while you are connected to the Site and is deactivated or deleted thereafter.

 

●      Local Shared Objects.  Local shared objects (or Flash cookies) are pieces of data that websites which use Adobe Flash may store on a user’s computer or device.  Third parties with whom we partner to provide certain features on our Sites or to display advertising based upon your web browsing activity use local shared objects.  Various browsers may offer their own management tools for removing local shared objects.  In addition, you may manage Flash cookies by clicking here:  http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

 

The above technologies are used in analyzing trends; administering the Site and its features and services; tracking users’ movements around the Site; and to gather demographic information about our user base as a whole.  We may receive reports based on the use of these technologies on an individual as well as aggregated basis.

 

We use cookies to remember users’ settings, market products and services to users, and for authentication purposes.  To manage the cookies that are placed on your computer, you may configure your internet browser to refuse, accept, or delete cookies from our Site at any time.  The “Help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies; how to have the browser notify you when you receive a new cookie; or how to disable cookies altogether.  Please note that if cookies are disabled or removed, not all features of our Site will operate as intended.

 

Third-Party Analytics.  We may also use service providers, such as Google Analytics, that may use cookies or other technologies to collect information about your online activities across this and other sites over time for non-advertising purposes such as those described above.  To learn more about how Google Analytics collects and processes data and the choices Google may offer to control these activities, you may visit http://www.google.com/intl/en/policies/privacy/partners/.

 

 

4. WHAT WE DO WITH THE INFORMATION WE COLLECT

 

●      General Uses.  We use the information we collect to manage, analyze, develop, customize, and improve our Site as well as our products and services (including our Games). We sometimes use automated decision making in processing your information, such as to create your “Trait Profile.” Your "Trait Profile" is used to help inform employer decisions by determining your "fit" by comparing your individual results against the results of a general candidate pool.

 

●      Information Provided When You Register for an Account and Use Our Site and Other Products and Services.  We may use this information to authorize and administer your access to the Site, verify your identity, authenticate your visits, and provide our products and services to you.  We may also use your information to improve and personalize your experience with us (including showing you relevant information such as your job matches), and, with your consent where necessary, notify you when you match a new open role on the Site, notify you when a recruiter or another user contacts you, remind you to finish any incomplete Games or Video submissions, send you information about us, and keep you informed of our products and services that may be of interest to you.  We may combine your Personal Information with other Personal Information lawfully collected from third parties in order to better market and provide our products and services. 

 

●      Information Provided When You Contact Us (Including Signing Up for Sales and Marketing Communications).  We may use this information to understand and respond to your question or comment, and/or reach out to you regarding your business inquiry or request regarding our products and services.

 

●      Passively Collected Information.  We use passively collected information to monitor and maintain the performance of our Sites; analyze trends, usage, and activities in connection with our services; validate users and ensure their technological compatibility with users; optimize our marketing efforts; and to provide our products and services to you, including analyzing your Gameplay Data and Video submissions, and developing your Trait Profile.

 

●      Aggregated or De-identified Data.  We may use your Personal Information and passively-collected information to create aggregate or de-identified data, such as data that describes the general demographics, usage, Gameplay Data, or other characteristics of a Site’s users.  We reserve the right to use, transfer, and/or sell aggregated or de-identified data about the Site’s users for any lawful purposes.  We also reserve the right to use such information in collaboration with outside researchers to measure and quantify the effectiveness of our products and services.

 

●      Public Profile.  If you select Public in your Privacy Settings tab on your Account Profile, we may use your information to match you with potential employers or job openings.

 

●      Incumbent Employees.  If you were directed to visit the Site, create an Account (or to sign into your existing Account), and play the Games or submit Videos by your current employer, then we may use your information to create a talent assessment model for a specific role at your current employer.  In such a scenario, you would be deemed an “Incumbent Employee.” 

 

●      Job Candidates.  If you were directed to visit the Site, create an Account (or to sign into your existing Account), and play the Games or submit Videos as part of the job application process for a specific employer, then we may use your information to assess your fit to the specific role(s) for this employer.  In such a scenario, you would be deemed a “Job Candidate.”

 

●      Other Purpose.  We may use your information for any additional purpose which you separately authorize in the course of accessing and using our Site.

 

Lawful Basis for Processing Your Information.  If European data protection law applies and we act as a controller, our lawful basis for collecting and using the information described in this Privacy Policy will depend on the information concerned and the specific context in which we collect or use it.  We normally collect or use information from you or others only where we have your consent to do so, where we need the information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.  In some cases, we may have a legal obligation to collect or retain personal information or may need the personal information to protect your vital interests or those of another person.  If you have questions about or need further information concerning the lawful basis on which we collect and use your personal information, please contact us using the contact details provided in Section ­­8 of this Privacy Policy.

 

 

5. WITH WHOM WE SHARE THE INFORMATION WE COLLECT

 

Personal Information of our users is an integral part of our business.  We reserve the right to share your Personal Information with third parties as described below.  We also reserve the right to transfer and/or sell other types of data, including aggregated or de-identified data derived from Personal Information, for lawful purposes in our discretion.  Note that we do not share Personal Information with third parties for their direct marketing purposes.

 

●      Service Providers.  We, like many businesses, sometimes hire other companies (“Service Providers”) to perform certain business-related functions.  Examples include customer service, maintaining databases, data storage, cloud services, and hosting services.  When we employ a Service Provider to perform a function of this nature, we provide it with the information that it needs to perform its specific function, which may include Personal Information and other information that you provide to us via the Site.  These Service Providers are authorized to use your information only as necessary to provide these services to us.

 

●      Legal Requirements.  We may disclose Personal Information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with a subpoena or similar legal obligation; (b) protect and defend our rights or property; (c) act in urgent circumstances to protect the personal safety of users of the Site or the public; (d) protect against legal liability; or (e) or as otherwise required or permitted by law.

 

●      Public Profile.  If the option is available to you, and you select Public under the “Recruiting Visibility” section of the Privacy Settings tab on your Account profile, then we may share your Personal Information and Trait Profile with a potential employer when our Site determines that you might be a good match for this employer.

 

●      Limited Profile.  If the option is available to you, and you select Limited under the “Recruiting Visibility” section of the Privacy Settings tab on your Account profile, then we may share your Personal Information and Trait Profile with potential employers that you have actively expressed interest in.

 

●      Job Candidates.  If you are a job candidate playing the Games as part of the job application process, then we share your Personal Information and Trait Profile with the employer and any third party that is pertinent to the employment application process for the specific role(s) you are applying to through our Site.

 

●      Business Transfers.  As we develop our business, we might sell or buy businesses or assets.  In the event of a corporate sale, merger, reorganization, dissolution, total or partial sale of assets in bankruptcy or similar event, your Personal Information and other information may be part of the transferred assets.

 

●      Other Third Parties.  We may disclose your information to other third parties with your prior express consent.

 

You hereby consent to our sharing of your Personal Information and other information for the above purposes.

 

Non-US Residents – International Transfers of Personal Information.  If you are located outside of the United States, the Personal Information that we collect from you may be transferred to, and stored at, a destination internationally (for example, outside the European Economic Area (“EEA”) in reliance on a variety of compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses).  It may also be processed by staff operating internationally (for example, outside the EEA who work for us or for one of our suppliers).  The country in which your Personal Information may be transferred to and processed in may have data protection laws that are different to the laws of your country (and in some cases, may not be as protective).  By submitting your Personal Information on the Site, you agree to this transfer, storing, or processing.  We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.  For more information on where we store Personal Information and on our security, please see the “Security” section in Section 8 of this Policy below. 

 

 

6. EU-U.S. AND SWISS-U.S. PRIVACY SHIELD NOTICE

 

Effective:  October 19, 2018

 

Pymetrics participates in and has certified our compliance with the EU-US Privacy Shield and the Swiss-US Privacy Shield frameworks regarding the collection, use, and onward transfer of Personal Information that we collect and process from the EEA, United Kingdom, and Switzerland.  We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for Personal Information that we receive from companies or individuals in the EEA, United Kingdom, and Switzerland.  Our Privacy Shield certification will be available here[OL1] .  We also receive some data in reliance on other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield Framework, visit the US Department of Commerce’s website (www.privacyshield.gov).

 

●      Information Processed.   See Sections 2 and 3 of this Policy.

 

●      Purposes of Information Processing.    See Section 4 of this Policy.

 

●      Third Parties with Whom We May Share Information.  See Section 5 of this Policy.

 

●      Questions or Complaints. If you are a resident of a European country participating in the Privacy Shield and you believe we maintain your Personal Information within the scope of this Privacy Shield certification, then you may direct any questions or complaints concerning our Privacy Shield compliance via the contact information in Section 8 of this Policy below.  We will work with you to resolve your issue.

 

●      Dispute Resolution.  If you are a resident of a European country participating in the Privacy Shield and you have not received timely response to your concern, or we have not addressed your concern to your satisfaction, you may seek further assistance, at no cost to you, from JAMS (www.jamsadr.com), which is an independent dispute resolution body in the United States.

 

●      Arbitration.  You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue.  If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees.  Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.

 

●      U.S. Federal Trade Commission Enforcement.  Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

 

●      Right of Access.  See Section 7 of this Policy.

 

●      Requirement to Disclose.  We may disclose Personal Information when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements, or to enforce our contractual obligations.

 

●      Liability.  If a third-party service provider providing services on Pymetrics’ behalf processes Personal Information from the EEA or Switzerland in a manner inconsistent with the applicable Privacy Shield Principles, Pymetrics will be liable unless we can prove that we are not responsible for the event giving rise to the damages.

 

●      Human Resources Data.  Pymetrics commits to cooperating with EU Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and will comply with the advice provided by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of Pymetrics’ employment relationship with our employees.

 

7. YOUR CHOICES REGARDING YOUR INFORMATION

 

Choice

 

You are not required to create an Account to gain access to many services and features of the Site.  If you use the Site’s personalized services and features (e.g., the Games and Trait Profile), you will need to create an Account and enter Personal Information, which we will treat as described in this Privacy Policy.

 

Our Opt-out Policy

 

We may send you notifications and communications using the email address you provided to us when you registered your Account.  To stop receiving some or all email communications from us, you can use the “Email Settings” tab of your Account profile to edit your email preferences.   Alternatively, you can use the “unsubscribe” mechanism provided in the email communication.

 

We will also send you service-related email announcements on rare occasions when it is necessary to do so.  For instance, if our service is temporarily suspended for maintenance, we might send you an email.  You do not have an option to opt out of these emails, which are not promotional in nature.  If you do not wish to receive these announcements, you have the option to deactivate your account.

 

We may also send you information for marketing purposes if you have signed up for such communications or otherwise indicated an interest in receiving such communications.  If you no longer wish to receive these communications, you may opt-out by contacting us directly or by clicking the opt-out link in our email marketing communications.

 

Accessing, Correcting, and Updating Your Information

 

You may access, correct, and update most of your Personal Information under the Account Settings tab of your Account profile.  You may also email us at privacy@pymetrics.com with information necessary for us to process your request.  We will respond to your request within a reasonable timeframe.  We may need to verify your identity before granting access to Personal Information in our custody or control. 

 

A note about our Games specifically: Because some of our Games are designed to test memory and instinctive behavior (which can be skewed through subsequent gameplay), once you start or complete the Games, your Gameplay Data and Trait Profile cannot be reset, amended, deleted, or overridden for a period of twelve (12) months after you have completed the Games.   

 

Deactivating Your Account

 

You may deactivate your Account using the Deactivate Account button under the Account Settings tab on your Account profile.  When you deactivate your Account, you will no longer be able to log into the Account.  You will also no longer be able to create any new Accounts with the email address associated with the deactivated Account.  If you wish to reactivate your deactivated Account, please email us at privacy@pymetrics.com with the email address. 

 

A deactivated Account does not mean that all of the information associated with your Account is expunged from our systems, although such information will now no longer be readily available to you.

 

Deleting Your Information

 

You may request to delete your Personal Information by emailing us at privacy@pymetrics.com with information necessary for us to process your request.  Note that any deletion request will be subject to our Retention Policy below. 

 

A note about our Games specifically: Because some of our Games are designed to test memory and instinctive behavior (which can be skewed through subsequent gameplay), once you start or complete the Games, your Gameplay Data and Trait Profile cannot be reset, amended, deleted, or overridden for a period of twelve (12) months after you have completed the Games.

 

GDPR Rights. If you are a ‘data subject’ protected under the EU General Data Protection Regulation (GDPR), you have certain rights regarding your Personal Information. For more information regarding your rights as a ‘data subject’, please refer to the Privacy Notice that is presented to you immediately before you begin using our Site and other products or services.

 

 

Our Retention Policy

 

We retain Personal Information from you with your consent, or where we have an ongoing legitimate business need (for example, to provide you with a service or other information you have requested or to comply with applicable legal requirements). When we have no on-going legitimate business need to process your Personal Information, we will either delete, de-identify or anonymize it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.  The follow are examples of how long we typically retain your Personal Information for legitimate business needs:

 

• When You Interact with Sales, Marketing, and Customer Support: We may retain your Personal Information as long as necessary to provide you with your request for information or other responses.

 

• When You Sign Up for an Account: We may retain your information for as long as your Account is active or as long as necessary to provide you with our services, comply with our legal obligations and regulatory requirements, preserve and protect our rights as allowed by law, resolve disputes, maintain security, prevent fraud and abuse, and enforce our agreements (including our Terms of Service).

 

In accordance with our obligations and requirements under local law, we must retain your information for a period of two (2) years following the date of your last recorded assessment for a particular role (“Assessment”). As a result, if you request deletion of any information prior to this 2-year anniversary, we must wait until the 2-year period has passed, after which we will process your deletion request.  If you do not have any recorded assessments for a role during the last two (2) years, then we will process your request within ten (10) business days of receipt.

Even if we are obligated to retain certain information, once you delete your Account or request deletion of your Personal Information, your Personal Information will cease being visible to third parties through our Site, regardless of whether you selected Public or Limited (if available to you) through the Privacy Settings tab of your Account profile.  

 

As discussed above, we may aggregate or de-identify our user’s Personal Information and other information; such data cannot be used to identify you.  We will retain such data even after any Personal Information deletion requests have been processed.

 

• When We Process Your Personal Information on Behalf of Our Customers: We retain your Personal Information in accordance with the timeframes set out in the relevant customer agreements between us and the applicable customer(s). 

 

 

8. MISCELLANEOUS

 

Other Websites.  Our Site may contain links to third-party owned and/or operated websites or mobile applications.  We do not own nor control these third-party websites or mobile applications, and accordingly assume no responsibility for the information practices of those sites or apps.  We suggest that you review their privacy, security, and data collection and distribution policies, if any, prior to providing such websites or apps with any information.

 

Blogs and Public Features of the Sites.  Our Site may contain features, e.g. job boards, forums, sharing functions, etc., that permit you to upload, post, transmit, display, perform, or distribute content and information, including your Personal Information.  Any information that you choose to disclose by means of such features becomes public information over which we are unable to exercise control.  You should exercise caution when deciding to disclose information by means of such features, and you agree to assume all responsibility for doing so.

 

Single Sign-On.  You can create an Account using third-party sign-in services such as Facebook or LinkedIn.  This service will authenticate your identity and provide you the option to share certain Personal Information with us such as your name and email address to pre-populate our sign-up form.  Please note that your relationship with Facebook, LinkedIn, or any other third-party website is governed solely by your agreement with such third-party website.

 

Security.  The security of your Personal Information is important to us.  We take commercially reasonable steps to help protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction.  For example, we use one or more of secure socket layer (SSL) encryption, firewalls, and self-updating anti-virus software.  Your Personal Information will be stored in the United States and will be subject to laws applicable in that country. While we take all steps we consider appropriate to protect your data, including technical and organization measures to ensure that your Personal Information is handled securely in accordance with this Privacy Policy; unfortunately, no company can fully eliminate security risks, so we cannot make guarantees about any part of our services.  Please create a unique password for your Account and do not share your password with anyone else.

 

Minors.  Visitors under eighteen (18) years of age are not permitted to use and/or submit their Personal Information at the Site.  We do not knowingly solicit or collect information from visitors under eighteen (18) years of age.  We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children. 

 

Contacting Us.  The Contact Us link on the Site contains an e-mail link that allow you to contact us directly with any questions or comments that you may have.  If you have any questions about this Privacy Policy or our privacy practices, please feel free to contact us at privacy@pymetrics.com or at:

 

ATTN: Data Protection Officer

Pymetrics, Inc.
102 Madison Avenue, 5^th Floor
New York, NY 10016
United States of America