Privacy Policy
Last updated: July 31st, 2024
Overview
This Privacy Policy ("Policy") describes how we at Remote collect, protect, share and use the Personal Data you ("User", "you," or "your") may provide on the remote.com/en-GB website and within any of our products or services (collectively, "Website" or "Services").
Remote corporate group is made up of a number of legal entities which we use as infrastructure to provide our Services. However, for data protection purposes the entities in control of all Personal Data processed in connexion with our Website and Services are:
Remote Europe Holding, B.V., a company registered in the Netherlands under number 7403597, VAT Number NL 860597155B01, at Apollolaan 151, Unit 439, 1077AR Amsterdam, The Netherlands; and
Remote Technology Services, Inc., a company registered in the United States of America under number 7946800 at 1209 Orange St, Wilmington, DE 19801;
collectively referred to as "Remote", "we," "us," or "our".
This Privacy Policy applies to the following Data Subjects:
Registered Users of the Website and Services who have a contractual relationship with Remote, including: Clients’, Prospects’ and Partners’ representatives; Contractors and Employees;
Visitors to our Website that do not have a contractual relationship with us;
Participants at Remote promoted events;
Individuals with whom we interact with and process their personal data.
Depending on the Data Subject category and country of residence, this Policy may from time to time be supplemented by additional privacy notices issued by us and other parties which will be notified to you separately. For example, Personal Data about Employees and Contractors hired by any of our local legal entities can be co-controlled by these local entities and, where required by law, an additional policy will be notified to you in case the local entities engage in Personal Data Processing not covered in this Policy.
We commit ourselves to the highest standard for data protection and privacy. Due to our global footprint, we are subject to the applicable data protection regulations and as a guiding principle, we apply the strictest regulation to protect your data and privacy globally. This results in a broad set of rights and choices made available to you.
We have a Data Protection Officer (DPO) who monitors our compliance with the EU 2016/679 General Data Protection Regulation (EU GDPR) and UK GDPR (collectively, "GDPR"), other data protection regimes and policies of Remote in relation to the protection of Personal Data and privacy. To reach out to our DPO, please use the 'Help' button in the lower right corner of Your dashboard if you are a registered user or via this form if You are not a registered user.
Remote Technology, Inc. and Remote Technology Services, Inc. are active participants in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) and has committed to comply with the Data Privacy Framework principles.
The terms "Personal Data", "processing", "Data Subject", "Controller” "Processor", have the same meaning as in the GDPR.
Roles
Under GDPR, we may process Personal Data as a Controller or a Processor. This Privacy Policy applies to Personal Data We collect and process for Our own purposes where We act as a Controller. Where We process Your Personal data on behalf of Our Clients, We act as a Processor and We have limited rights and responsibilities.
When and how we collect data
Remote may collect your Personal Data through Our communication and Your usage of our Website and Services. Personal Data can be directly provided by You or indirectly collected by Us (i.e. from your interactions, use, and experiences with our products).
Data you give | Data we collect | When |
---|---|---|
️ | You participate in our promoted programs or giveaways | |
️ | You subscribe to our blog | |
️ | You browse pages of our website | |
️ | You opt-in for marketing messages | |
️ | You receive an email from us | |
️ | ️ | You select someone to be hired on your behalf |
️ | You request information from us | |
️ | ️ | You engage in a meeting with our team |
️ | ️ | You participate in our promoted events |
️ | ️ | You create an account in our platform |
️ | You allow our partners to share your data |
Types of data we collect
Category | Description | Data Type |
---|---|---|
Contact | Information that facilitates communication | Email and physical address, telephone number |
Location | Information about an individual's location | Country, IP address |
Identifying | Information that can identify a specific individual | Depending on the Data Subject - Name, government-issued ID, profile picture, birthdate |
Financial/Account | Information that identifies an individual's financial account or about an individual's remuneration | Bank accounts, salary, benefits |
Professional | Information about educational or professional career | Role |
Emergency contact | Information about emergency contact | Name, surname and contact details of emergency contact |
Social | Information about social status | Marital status and number of dependants |
Communication | Information communicated to or from an individual | Email conversations and the personal data that you might freely share with us in the communications. |
Special category data | Sensitive Data | Biometric data in the form of face scans for our identity verification process (KYB and KYE) Health data - e.g. disability, pregnancy, absence due to sickness, etc. |
How we use your data
What we do | Lawful Basis for processing | Data Subjects | Personal Data |
---|---|---|---|
Identity verification by means of face screening (processing of biometric sensitive data) | Processing is necessary for reasons of substantial public interest | Employees | Special category data, Identifying |
Administration, performance and termination of the employment agreement (i.e. paying out salaries and providing benefits) | Performance of a contract | Employees | Communication, Professional, Financial/Account, Identifying, Location, Contact |
Legally required purposes (i.e. managing time off and sick days, pension and retirement administration, tax reporting, establishing and exercising legal claims in connexion with the employment relationship) | Compliance with a legal obligation | Employees, Job applicants | Communication, Social, Emergency Contact, Professional, Financial/Account, Identifying, Location, Contact |
Administration, performance and termination of the contractual relationship between Remote and the Client | Performance of a contract | Customers, Contractors | Communication, Professional, Financial/Account, Identifying, Contact |
Conduct integrity screenings | Performance of a contract | Contractors | Professional, Identifying, Location |
Assistance with the drafting, negotiating, and execution of the contract between the contractor and the Client | Performance of a contract | Customers, Contractors | Communication, Professional, Financial/Account, Identifying, Location, Contact |
KYB checks | Compliance with a legal obligation | Customers, Customer’s UBO(s) and directors | Professional, Financial/Account, Identifying, Location, Contact |
Create user accounts | Performance of a contract | Customers, Employees, Contractors | Contact, Identifying, Location, Financial/Account, Professional |
Hire employees | Performance of a contract | Customers, Employees | Special category data, Communication, Social, Emergency Contact, Professional, Financial/Account, Identifying, Location, Contact |
Payment and management of contractor invoices on behalf of the Customer | Performance of a contract | Contractors, Customers | Contact, Financial/Account, Professional, Communication |
Recording of conference video calls | Consent | Customers | Communication, Contact |
Identify you and help you solve issues related to the usage of our services | Performance of a contract | Customers, Employees, Contractors | Contact, Communication |
Notify you of any changes to our services | Performance of a contract | Customers, Partners | Contact, Communication |
Contact you to improve our services and customer experience | Legitimate interest (service improvement) | Customers, Employees, Contractors, Partners | Contact, Communication |
Direct Marketing | Consent | Data Subjects who gave their explicit consent | Contact, Communication, Location, Professional |
Share your business information with our partners when you attend a promoted event | Consent | Customers, Employees | Contact, Communication, Location |
Send you marketing material about our company (newsletters, blogposts, webinars, prizes, etc.) | Legitimate interest (service promotion) | Customers, Partners | Communication, Professional, Contact |
Reporting marketing campaign activities (i.e. understanding how many leads our marketing campaigns were able to convert) | Legitimate interest (service promotion) | Customers | Communication, Location, Professional |
Aggregating pseudonymised personal data and reporting anonymised salary data for the purpose of compensation benchmarking in various industries and geographies | Legitimate interest (service improvement) | Employees, Contractors | Financial/Account |
Reaching out to Customers and candidates for the purpose our recruitment services | Legitimate interest (providing additional services to Customers in the field of recruitment and reaching out to candidates who may be interested in roles that our clients recruit for) | Customers, Employees, Contractors, | Communication, Professional, Contact |
Disclosing Personal Data to third parties | See 'Personal Data Disclosures' below | See 'Personal Data Disclosures' below | See 'Personal Data Disclosures' below |
What is "lawful basis"?
Under GDPR, we need to have a lawful basis to legally process your Personal Data for Our own purposes. For the described Personal Data Processing above, we rely on the following legal grounds:
Consent: (Art. 6(1)(a) GDPR) when we rely on this basis we only process Personal Data about you for the specific purposes you expressly authorise. You can withdraw your consent whenever you wish.
Performance of a contract: (Art. 6(1)(b) GDPR) when we rely on this basis the Data Processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
Compliance with a legal obligation: (Art. 6(1)(c) GDPR) when we rely on this basis we are obliged to process the relevant Personal Data to comply with our legal obligations.
Legitimate interests: (Art. 6(1)(f) GDPR) when we rely on this basis we process Personal Data as necessary in pursuit of our own, our business partners', or your legitimate interests. When we do this we must ensure that the interests we pursue do not override your fundamental rights and freedoms.
Substantial public interest: (Art. 9(2)(g) GDPR) when we rely on this basis we do it to prevent harm, fraud, money laundering, terrorist financing, child labour and to enable trust safety and compliance.
For Special Category data:
Employment and social security: (Art. 9(2)(b) GDPR) when we need to process data according to our employment and social protection legal obligations.
Substantial public interest: (Art. 9(2)(g) GDPR) when we rely on this basis we do it to prevent harm, fraud, money laundering, terrorist financing, child labour and to enable trust safety and compliance.
relevant provisions of applicable national laws that Remote is subject to (Art. 9(4) GDPR).
Use of artificial intelligence (AI)
Our Platform incorporates AI functionalities powered by OpenAI Ireland Limited (OpenAI). Depending on the purpose of the AI functionality we share necessary data with OpenAI that may include personal data.
When We use AI to process Personal Data for Our Services, We will provide relevant information about the details of the processing. We commit using AI in accordance with the applicable laws and respecting individual’s privacy rights.
We engage OpenAI Ireland Limited as our Processor under Article 28 GDPR. We have imposed restrictions and instructions regarding the processing of personal data under the GDPR, and OpenAI has provided sufficient guarantees of implementing appropriate technical and organisational measures.
We have implemented robust technical and organisational measures to protect the personal data used by Our AI functionalities. We transmit to OpenAI only necessary personal data related for the purpose of the AI functionality, as explained in this policy and in compliance with the GDPR.
Additionally, we participate in OpenAI’s enhanced privacy program to further safeguard your data meaning that your data is not available to other Clients and not used to train AI models.
The use of our AI functionalities is voluntary and at your discretion. If you prefer not to have your personal data disclosed to OpenAI, please refrain from using our AI-powered functionalities. We will clearly identify which AI functionalities operate with personal data, ensuring our practices remain transparent and compliant.
Remote Talent
If You use Our Remote Talent service (remote.com/en-GB/jobs), We only process Your Personal Data while browsing on Our Website. When applying to a job on remote.com/en-GB/jobs, the job Publisher will be responsible for the Personal Data You provide in the application process. We do not have access to this Personal Data and We are not responsible for it.
Freelancer Hub
If you use our Freelancer Hub service as a Contractor (Freelance contractor), we process Your personal data as a Controller under GDPR. You can exercise your data subject rights under GDPR before us as described in the relevant section below. For personal data of Contractors that are invited to our platform by our Clients, we are acting as a Processor under GDPR.
Contractor Management Protect
If you engage with the Contractor Management Protect service (CMP) as a Contractor (CMP contractor), we process Your Personal Data as a Controller under GDPR. You may exercise your data subject rights under GDPR as described in the relevant section below.
Acting as a Processor
When We process Personal Data on behalf of Our Clients to deliver Our Service, We are acting as their Processor under GDPR. In this context, We have limited rights and responsibilities regarding Your Personal Data under GDPR.
As a Processor, We are processing Your Personal Data following the instructions of Our Clients. We are not responsible for facilitating the exercise of Your data subject rights under GDPR. Please note that We will not be able to respond to such data subject requests if We act as a Processor.
Data Subjects rights
Where we are acting as a controller, and depending on your location and subject to applicable law, you may have the following rights regarding the personal information we control about you:
You may access, correct, update or request deletion of Your Personal Data;
You can object to the processing of Your Personal Data, ask us to restrict processing of Your Personal Data or request portability of Your Personal Data;
You have the right to opt-out of marketing communications we send You at any time. You can exercise this right by clicking on the unsubscribe or opt-out link in the marketing emails we send You. If You choose to opt-out of marketing, we will still send You non-promotional emails, such as emails about our ongoing business relations.
If we have collected and processed Your Personal Data with your consent, then You can withdraw Your consent at any time.
You have the right to complain to a supervisory authority about our collection and use of Your Personal Data. For more information, please contact Your local supervisory authority.
In addition, under certain conditions, You may be able to initiate binding arbitration for complaints regarding Data Privacy Framework compliance. Please check here: www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf
You may exercise any data subject rights under GDPR related to the Personal Data we process as a Controller via the "Help” button in the lower right corner of Your dashboard if You are a registered user, or via this form if You are not a registered user. We will then verify your identity and respond to your inquiry without undue delay and within one month of receipt of the request.
That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. We will inform you of any such extension, together with the reasons for the delay.
Where GDPR is not applicable, we will respond to such requests within the prescribed time period according to the applicable law.
We note that where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may refuse to act on the request. In such cases Remote shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
We kindly inform you that if we are not the Controller, we may not be able to directly address data subject requests we receive. In cases where we act as the Processor for your personal data, we will promptly notify the Controller about your request. Please understand that any response to your request will be provided only if we are authorised by the Controller. For any inquiries or additional information, we encourage you to reach out directly to the Controller.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Remote Technology, Inc. and Remote Technology Services, Inc. commit to resolve DPF Principles-related complaints about our collection and use of your personal data. EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Remote at dpo@remote.com/en-GB
How we keep your data secure
Compliance
We are committed to safeguarding Personal Data through rigorous technical and organisational measures, We use appropriate technical and organisational measures to protect the Personal Data that We collect and process. Our comprehensive data protection strategy includes encryption and security measures that are diligently applied throughout the entire lifecycle of Personal Data. Our measures are designed to provide a level of security appropriate to the risk of processing.
Infrastructure security
Data encryption in transit
Data encryption at rest
Architecture network isolation through private networks
Fully auditable access and changes
AWS is our trusted cloud provider and is compliant with the following industry standards:
All systems are protected by a firewall with security threat detection and prevention mechanisms.
Internal best practices
We follow the least privilege principle to limit systems' access to essential personnel only.
All internal tools and systems require SSO.
We practice continuous credentials auditing and management.
We conduct internal security and privacy training.
Reliability
Infrastructure-as-code allows for quick rebuilding and portability.
Our average response times are under 150ms.
We practice continuous monitoring of applications and infrastructure.
Applicational logs are shipped off site and kept for 30 days.
We create daily data backups.
Data Privacy
Users have control of their data.
We do not keep any data other than data strictly necessary for business operations.
Personal Data Disclosures
In order to provide, maintain, improve, secure and promote our Services, Remote needs to disclose Personal Data to third parties. All Personal Data in the scope of this Policy is shared within the Remote corporate group and is hosted on Amazon Web Services. This section provides further details about the specific disclosures we make to other third parties.
Suppliers (Processors)
Certain Personal Data may be disclosed to our suppliers who help us run our business. Our suppliers may process Personal Data on Our behalf solely in accordance with Our instructions and pursuant to a written agreement. For example, we use suppliers for web-hosting, secure cloud storage, video conferencing, analytics, email delivery, Client relationship management, web fonts and other services. We also use suppliers such as social media companies and search engines in order to promote our Services.
The suppliers may also process personal data on behalf of Our Clients in accordance with their instructions and pursuant to a written agreement with Us. In such cases, We act as Processor of Our Clients and our suppliers as sub-Processors. We have the right to engage sub-Processors to provide Our Services to Clients. Our Clients have the opportunity to object to Our changes of sub-Processors.
These disclosures apply to all categories of Data Subjects in the scope of this Policy. These disclosures are either necessary for the purpose of performing our contract with you or necessary for the purposes of our legitimate interests (that are to provide, maintain, improve, secure and promote our Services). When none of these bases apply, we will seek permission (consent) to share Personal Data with a specific supplier.
Our suppliers may change over the time but registered Website Users can find a regularly updated list of key suppliers (Processors and sub-Processors) here: https://employ.remote.com/en-GB/dashboard/processors
Suppliers (Controllers)
Certain Personal Data may be disclosed to other suppliers who also help us run our business but act as controllers. These suppliers process Personal Data in accordance with their own privacy policies, however in any case, our contracts with such suppliers require them to comply with applicable data protection law when processing any Personal Data they receive from us. These suppliers include financial institutions, lawyers or notaries, licensed auditors assisting or supervising us in connexion with our compliance obligations, HR and payroll providers, identity verification service providers and others.
These disclosures apply to all categories of Data Subjects in the scope of this Policy. These disclosures are either necessary for the purpose of performing our contract with you; or necessary for the purposes of our legitimate interests (that are to provide, maintain, improve, secure and promote our Services);
These suppliers may be different, depending on our business needs.
Clients (Controllers)
Personnel files, such as employment and contractor agreements, payslips information about sick leave, ID and RTW verification outcomes and other information you upload on the platform may be disclosed to Clients upon request. Our contracts with Clients require them to comply with applicable data protection law when processing any Personal Data they receive from us.
This applies to Employees and Contractors only. These disclosures are necessary for the purposes of our Client's legitimate interests (that are connected with our Client's legal obligations to have copies of personnel files; their need to produce personnel files in the context of investment rounds, acquisitions, corporate restructuring, etc in the context of the related due diligence; their need to verify any information unavailable on our Website; and other legitimate needs, so long as the related Personal Data processing complies with applicable data protection law).
These disclosures apply only to Clients on whose behalf Remote employs or contracts you.
Local authorities (Controllers)
Various authorities such as regulators, tax authorities, law enforcement agencies, courts of law and others may require us to produce information that may include Personal Data about you. What Personal Data is included depends on each request. In such cases We disclose only the requested Personal data in a secure manner and strictly upon the requirements of the applicable law.
These disclosures apply to all categories of Data Subjects in the scope of this Policy. These disclosures are necessary for the purpose of us complying with our legal obligations.
These authorities vary depending on the jurisdictions where we and our Clients operate and where Employees and Contractors reside.
Partners in HR technology
Our platform integrates with other SaaS products such as applicant tracking systems (ATS) and human resource information systems (HRIS) through our application programming interface (API). We partner with such SaaS providers to make it easier for their clients to access our services and for our clients to access their services. More information about the different use cases of our API is available here: https://remote.com/en-GB/platform/remote-api#overview-partnerships.
When partner systems integrate with our platform, they are able to pull personal data we store upon a Client request. This means that when Clients integrate Remote with other SaaS systems they use Remote will send Employee and Contractor data to the requesting Client via the partner SaaS system.
These disclosures apply to Employees and Contractors only and are necessary for the purposes of our Client's legitimate interests (that are to make it easier for them to access our services via a third party system).
The Personal Data involved depends on the data the Client requests and on the configuration of the partner SaaS system.
Corporate restructuring
If we sell or buy any assets or business, we may disclose Personal Data about you to the prospective seller or buyer of such business or assets. Conversely, if we are acquired by another business, Personal Data about our Clients will be transferred to the buyer.
These disclosures apply to all categories of Data Subjects and types of Personal Data in the scope of this. These disclosures are necessary for the purposes of our legitimate interests (that are to properly run our business and our business' continued ability to provide our Services.)
These recipients depend on who we engage with in the context of any type of corporate restructuring.
Further information
We would be happy to address any specific queries you may have about the Personal Data we disclose to third parties. If you need more specific information, please contact us using the contact details provided in this Policy.
International data transfers
Remote operates at a global level and therefore Personal Data may need to be transferred to countries outside of where it was originally collected.
When we transfer Personal Data outside the EEA or UK, we will ensure that this transfer complies with GDPR, UK GDPR and applicable laws.
This includes reliance on the EU-US Data Privacy Framework ("EU-US DPF"), the UK Extension to the EU-US DPF ("UK Extension") and the Swiss-US Data Privacy Framework ("Swiss-US DPF") as set forth by the US Department of Commerce, where such transfers are to an entity that is certified under these applicable framework(s). Find out more about Data Privacy Framework in the section below.
Where we share Personal Data with a country or organisation which does not benefit from an adequacy decision, such transfer will be based on the latest EU Standard Contractual Clauses approved by the European Commission and UK Addendum issued by the UK Information Commissioner's Office (as applicable). We implement extra measures to ensure that transfers originating from jurisdictions with transfer restriction regulations are in full accordance with local laws.
Data Privacy Framework
Remote Technology, Inc. and Remote Technology Services, Inc. have been certified to the Data Privacy Framework (DPF) program, which is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce, that it adheres to the DPF Principles. Remote Technology, Inc. and Remote Technology Services, Inc. are active participants in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) and have committed to comply with the DPF principles.
If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program and to view our certification, please visit www.dataprivacyframework.gov
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Remote Technology, Inc. and Remote Technology Services, Inc. commit to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. Please find the contact details of the EU DPAs here.
Remote is responsible for the collection and processing of data it may receive under the Data Privacy Framework, including subsequent transfers to third parties Remote engages that act on our behalf. Remote complies with the Data Privacy Framework Principles of all transfers of data in the EU.
The Federal Trade Commission (FTC) has jurisdiction over Remote Technology, Inc. and Remote Technology Services, Inc.’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
Data retention
In accordance with applicable data protection laws, we do not store Personal Data for longer than needed for the purposes of the respective processing activity. The relevant retention periods depend on the national legislation of the country you are based in.
If the Personal Data is no longer required for the performance or enforcement of contractual or legal obligations, we will either delete it or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from further processing until deletion is possible. Remote may retain your data for longer than the usual retention period if it is still necessary to:
fulfil Remote's obligations pursuant to the agreement between Remote and the Client;
fulfil Remote's obligations pursuant to the employment agreement or other agreements with you, including payment of holiday allowance;
establish, exercise, and defend a legal claim;
to deal with and resolve requests and complaints;
fulfil statutory obligations to which Remote is subject, such as continued storage pursuant to accounting legislation.
For more detailed information about the retention periods of the Personal Data that Remote processes, you can request a copy of our Retention Policy via the 'Help' button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
Privacy choices
Although restricting access to certain data might affect your experience, you can always make changes, such as:
Disable optional cookies: You can block optional cookies in your web browser (check your browser's Help page) or via the Cookie manager on our Website.
Don't provide Personal Data: You can still navigate the Website and access all our features that don't require your personal information.
You can withdraw your consent for marketing communications: We will contact you directly if we receive your consent to send marketing communication, but if you don't wish to hear from us again, please click the Unsubscribe button on the communication or use this form to let us know.
Cookies
The Website and our mobile app “Remote: Global Employment” use "cookies" and similar technologies, such as pixel tags and software development kits, to help personalise your online and in-app experience. A cookie is a text file that is placed on your hard device by a web page server or a mobile app. For detailed information about cookies and which types of cookies we use, please read our cookie policy.
Cookies cannot be used to run programs or deliver viruses to your computer.
Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
We may use cookies to collect, store, and track information for statistical purposes to operate our Website and Services. You can accept or decline such cookies.
Most web browsers automatically accept cookies, but you can modify your browser settings to disable optional cookies if you prefer (check your browser's Help page or Our website cookies manager).
If you choose to decline all cookies, you may not be able to experience all the features of the Website and Services.
To learn more about cookies and how to manage them, visit internetcookies.org.
Data of minors
We do not knowingly collect any Personal Data from persons under the age of 18. If you are under the age of 18, please do not submit any Personal Data through our Website or Service.
If you have reasons to believe that an individual under the age of 18 has provided Personal Data to us through our Website or Service, please contact us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
Changes and amendments
We reserve the right to modify this Policy relating to the Website or Services at any time in response to changing legal, regulatory, technical or business developments. You can find the date of our last update at the top of the Policy. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
Region-specific provisions
Depending on your region we may have to offer some additional information. Please find below any additional provisions applicable to you:
🇺🇸 California Consumer Privacy Act 2018 (CCPA) and California Privacy Rights Act 2022 (CPRA)
If you are a Consumer (defined as an individual “who is in the State for other than a temporary or transitory purpose” or an individual “who is domiciled in the State who is outside the State for a temporary or transitory purpose.” under the CCPA) or a Workforce Member (Consumers who are our employees, applicants, independent contractors, and other types of workers) , we need to provide you additional information about how we process your personal information and how we protect your rights.
Categories of Personal Information
You can find the types of personal information we collect about you in the section "Types of Personal Data" we collect of our privacy policy, but since California regulations have specific terms, please find below the correct applicable terms:
Identifiers (e.g. unique personal identifiers)
Any categories of personal information described in subdivision (e) of Section 1798.80. (e.g name, address, telephone number, passport number, employment history, bank account number, etc.)
Characteristics of protected classifications under California or federal law (e.g. gender, marital status)
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding the interaction with the website, applications, or advertisements (e.g. email conversations).
Geolocation data (e.g. your location).
Professional or employment-related information.
Categories of Sensitive Personal Information
Under the California regulations, the following personal information is considered sensitive and requires additional disclosure:
Personal information that reveals a consumer's:
The contents of a consumer's mail, email, and text messages unless the business is the intended recipient of the communication.
The processing of biometric information for the purpose of uniquely identifying a consumer.
Personal information collected and analysed concerning a consumer's health, sex life, or sexual orientation.
Sources of the collected information
To learn more about categories of sources from where and how we obtain personal information, please read the section "When and how we collect data" from this policy, but in short names and email addresses are provided to us by our clients and then we ask Consumers and Workforce Members to upload all other information necessary for onboarding.
How do we use the collected information?
To learn more about how we use the personal information we collect, please read the section "How we use your Personal Data" from this policy.
Sale of your personal information
In this context, the word “sale” means any “selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating orally, in writing, or by electronic means, a consumer's personal information by the business to another business or a third party, for monetary or other valuable consideration”.
Under Californian laws, this concept of sale would only apply to Remote for instance, when Remote hosts a webinar with a partner and share the attendee's list with them.
Remote will only share your data with your consent. You can withdraw your consent whenever you wish.
Your California privacy rights and how to exercise them
Opt-out to the sale of personal information (DO NOT SELL MY PERSONAL INFORMATION)
Where the disclosure of personal information is made in exchange for monetary or other valuable consideration, California residents have the right to opt-out of such disclosure under certain limitations. To exercise your right to request access or delete your personal information under California law, please follow the instruction in "Data subjects rights".
Click on the "Do not sell my personal information" button to exercise your right. We will save your opt-out for a minimal period of 12 months.
The right to know and to portability
If you are not satisfied with the information in our privacy policy, you have the right to request that we disclose to you:
the categories and sources of the personal information that we collect about you;
the purposes for which we use your information and, with whom such information is shared;
in case of sale of personal information or disclosure for a business purpose, two separate lists where we disclose:
The disclosure described above will be limited to the personal information collected or used over the past 12 months.
The information will be delivered electronically in an easily usable format to enable you to easily transmit the information to another entity – provided that this is technically feasible.
The right to request the deletion of your personal information
You have the right to request that we delete any of your personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used for compliance and other legal reasons, to identify and repair errors on this Application, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights, etc.).
If no exception applies, as a result of exercising your right, we will delete your personal information and direct any of our service providers to do so.
The right of not being discriminated for not allowing to share your data
Providing your personal information for surveys, marketing, or other purposes, is optional. Your refusal to provide your information for these purposes will not have any impact on the entering into or performance of the contract. When requested under Data Protection Laws, we will collect your prior consent before proceeding to process your personal information for these purposes.
To exercise any of the above or other rights under California law, or to contact us with questions and concerns about this privacy notice and our practices, contact us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form
if you are not a registered user.
If you are an authorised agent seeking to exercise rights on behalf of a California consumer, contact us at the email above and attach a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity before completing your rights request.
We will not respond to any request if we are unable to verify your identity and therefore confirm the personal information in our possession actually relates to you.
If you cannot submit a verifiable request, you can request a person registered with the California Secretary of State to act on your behalf.
You can submit a maximum number of 2 requests over a period of 12 months.
We will respond to your request free of charge within 45 days of its receipt. In some cases, we may need to take up to 90 days to fulfil your request, if your request needs additional time to be fulfilled will explain to you the reasons why and when do we expect to fulfil your request.
If your request is manifestly unfounded or excessive we may charge you a reasonable fee, or refuse to act on the request. Remote may also need to deny your request if we have a legitimate reason to do so. In such cases, we will communicate our choices and explain the reasons behind them.
What are the purposes for your usage of my personal information?
We will need to share your personal information for “business purposes” with service providers. We share this information to provide our services and products, like web hosting and security, payment purposes, customer support services, delivering marketing messages, or advertisements.
We may share your personal information with competent authorities for complying with the law, and also some personal information such as business contacts can be shared with third parties for "commercial purposes". This sharing may include information related to Identifiers like name and email. To know more about the recipients of your data, please reach out to us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
If you want to know more details regarding the receipt and sharing of personal information with third parties you can read the sections "How we use your Personal Data" and "Personal Data Disclosure" of our privacy policy.
We will not use your personal information for different, unrelated, or incompatible purposes without notifying you.
Our services are not directed at children under the age of 16. Therefore, we don't knowingly share the personal information of minors under the age of 16 years without appropriate consent, as required under the California Consumer Privacy Act (CCPA).
🇧🇷 LGPD - Lei Geral de Proteção de Dados
Information to users located in Brazil
The provisions contained in this section apply to all Users who are located in Brazil, according to the "Lei Geral de Proteção de Dados" (Users are referred to below, simply as “you”, “your”, “yours”). For such Users, these provisions supersede any other possibly divergent or conflicting provisions contained in the Privacy Policy.
This part of the document uses the term “personal information“ as it is defined in the Lei Geral de Proteção de Dados (LGPD). Our Data Protection Officer is Emanuel Velho and you can contact him via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
The grounds on which we process your personal information
Please check the sections “What is "legal basis"?” and "How we use your data" for more information on the legal basis we use for processing your Personal Data.
If you have any additional questions regarding our legal basis for processing please contact us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
Categories of personal information processed
Please read the section "Types of data we collect", to check the types of data we collect from you.
If you have any additional questions regarding the types of data we collect, please contact us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
Why we process your personal information
To find out why and when we process your personal information, you can read sections "When and how we collect data" and "How we use your data".
If you have any questions about why do we process your data, please contact us via the "Help" button in the lower right corner of your dashboard if you are a registered user or via this form if you are not a registered user.
Your Brazilian privacy rights
We assure you that you will never be discriminated against by exercising your rights. Please refer to section "Data Subjects rights" to understand how you can exercise your rights. We note, however, that where requests are manifestly unfounded or excessive, in particular because of their repetitive character, Remote shall (i) bear the burden of demonstrating the manifestly unfounded or excessive character of the request; and (ii) refuse to act on the request, indicating the factual or legal reasons that prevent the immediate adoption of the measure.
The rights of the data subjects under the LGPD differ a little from the rights under the GDPR. Thus, please see below the rights you have over your personal data under the LGPD:
The right to confirm the existence of the Processing of their Personal Data;
The right to request access to your Personal Data;
The right to correct your Personal Data which are incomplete, inaccurate, or outdated;
The right to anonymization, blockage or deletion of unnecessary or excessive Data or Data Processed without observing the requirements of the LGPD;
The right to withdraw your consent at any time;
The right to request the deletion of the Personal Data Processed based on your consent;
The right to request the portability of your Personal Data to another supplier/service provider;
The right to request information on the public and private entities with which the Controller has shared your Personal Data;
The right to obtain information on the possibility of not providing consent and on the consequences of such refusal; and
The right to withdraw the consent for the Processing of Personal Data.
You can also lodge a complaint related to your personal information with the ANPD (the National Data Protection Authority) or with consumer protection bodies.
In the event you wish to exercise your right to access your personal data or to confirm the existence of the processing, please let us know that you are performing this request under the LGPD and whether if you wish a simplified or complete disclosure. If you opt for the complete disclosure, please note that it might take up to 15 days to fulfil your request.
Transfer of personal information outside of Brazil permitted by the law
Please be aware that are allowed to transfer your personal information outside of the Brazilian territory when the transfer:
is necessary for compliance with a legal or regulatory obligation, the performance of a contract or preliminary procedures related to a contract, or the exercise of rights in judicial, administrative, or arbitration procedures.
is necessary for international legal cooperation between public intelligence, investigation, and prosecution bodies, according to the legal means provided by the international law;
is necessary to protect your life or physical security or those of a third party;
is authorised by the ANPD;
results from a commitment undertaken in an international cooperation agreement;
is necessary for the execution of a public policy or legal attribution of public service;
🇨🇳 PIPL - 中华人民共和国个人信息保护法
Overview
This Privacy Notice (“Notice”) describes how we at Remote (Shanghai) Global Employment Services Co., Ltd. (the “Company”) collect, use, disclose, store, process and protect your Personal Information as well as transfer your Personal Information to affiliated companies, customers and suppliers of the Company outside China for the purpose of performing the employment contract with you as our employees, administering employee management, compensation and benefits, complying with local laws and regulations, and for other purposes where processing of your Personal Information is necessary.
The provisions contained in this Notice apply to all Users who are located in the People’s Republic of China (Users are referred to below, simply as “you”, “your”, “yours”), according to the Personal Information Protection Law of the People’s Republic of China (“PIPL”). For such Users, these provisions supersede any other possibly divergent or conflicting provisions contained in our global Privacy Policy.
We commit ourselves to the highest standard for Personal Information protection and privacy. Due to our global footprint, we are subject to several data protection regulations and as a guiding principle, we apply the strictest regulation to protect your Personal Information and privacy globally. This results in a broad set of rights and choices made available to you.
The term “Personal Information”, “Sensitive Personal Information” has the same meaning as under the PIPL.
When and how we collect Personal Information
Please refer to the “When and how we collect data” section in our global Privacy Policy for details with respect to when and how we collect your Personal Information.
Under PIPL, We are required to obtain your prior consent to process Your personal information in some cases. We will every time notify you and ask for your consent when We are required in compliance with the relevant provisions of PIPL.
We will require your separate consent to process your Sensitive Personal Information every time when there is no other lawful basis.
Types of Personal Information we collect
We process various categories of Personal Information as explained in the “Types of data we collect” section unless not in compliance with the applicable laws and regulations.
Why we collect your personal information
In general, the Company, its parent companies, subsidiaries and other affiliates (located within or outside China) (collectively “Remote”) will process the Personal Information for the purposes described in “How we use your data” section of our global Privacy policy or for any of the following Purposes that Remote may notify you at the time of collection of your Personal Information:
Maintaining and keeping your Personal Information and employment records to fulfil any laws and regulations, any requirements in relation to document retention or audit requirements;
Administering immigration related matters and/or work permit, resident permit or visa matters;
Managing or terminating your employment and/or working relationship with the Company, including training, salary review, performance review, personal and career development, or disciplinary actions;
Carrying out due diligence or other monitoring, screening activities (including background checks) in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by the Company;
Responding to requests for information from public and governmental or regulatory authorities, statutory boards and for audit, compliance, investigation and inspection purpose;
Responding to legal proceedings, pursuing legal rights and remedies, defending litigation and managing any complaints or claims;
Responding to requests for letters of recommendation and background checks from any organisations or institutions, including your former or prospective employers or their agents; or
Other purposes relating to any of the above, or other purposes that are necessary for the furtherance of employment administration or management.
Data Subjects rights
You may exercise any rights under PIPL related to your Personal Information we collect via the “Help” button in the lower right corner of your dashboard via our platform. We will then verify your identity and respond to your inquiry without undue delay.
Personal Information Disclosures
All Personal Information in scope of this Notice is shared within the Remote corporate group for any of the Purposes. Remote will take appropriate technical and organisational measures to protect and safeguard your Personal Information from any unauthorised access, modification, dissemination, disclosure or deletion, such as encryption or de-identification of your Personal Information.
To run our business we need to engage Suppliers that may process your personal information. For each Supplier we want to disclose your personal information, we will request for your separate consent.
Your Personal Information may be transferred or disclosed for any of the Purposes to the following parties (located in or outside of China): public or governmental authorities, statutory boards and or industry association, customers, or to a third party appointed as an advisor or service provider, including without limitation to third party administrative payroll and IT services providers, insurance brokers, insurers, bankers, medical practitioners providing medical services to you, any actual or potential purchaser of all or part of the business of the Company or, in the case of any merger, acquisition or public offering, the purchaser or subscriber for shares in the Company and their advisors. Where any of the other parties mentioned above is located outside China, the Company will require such companies to protect your Personal Information in accordance with the applicable Personal Information protection laws of that country and ensure the level of protection for the transferred Personal Information is at least comparable to the Personal Information protection offered under applicable laws of China.
A third-party provider may collect, use, store, process and transfer your Personal Information for purposes of providing goods and/or services to the Company or any member company of Remote corporate group, and that the Company will require the third-party providers to undertake security measures for protecting the Personal Information as required by the applicable laws and regulations of the jurisdiction where such providers are located to the effect of ensuring a level of protection of your Personal Information by such third-party providers comparable to the level of protection offered by the Company.
Customers may collect, use, store, process and transfer your Personal Information uploaded on the platform for purposes of receiving our service specifically provided by you. Our contracts with customers require them to comply with applicable Personal Information protection law when processing any Personal Information they receive from us.
For each overseas recipient that will process your personal information, we will ask for your separate consent.
Data retention
You understand that your Personal Information may be used during the job application process and the term of your employment, until the latest date of the following: (i) the termination date of your employment with the Company, (ii) the date when all of the Purposes cease to exist, (iii) the expiration of the longest document and data retention period required by local laws and regulations, and (iv) the expiration of any data retention periods defined by Remote policies where applicable.
Company Device
The Company may provide you with a certain company computer, corporate email account, IT facilities or any devices which have access or are connected to Remote’s system (“Company Properties”). You agree to comply with the relevant IT and system use policies as published by the Company from time to time and you acknowledge that the Company Properties shall be used for work related purposes only and shall not be used to attend to personal affairs or any other matters that have nothing to do with work or business. You further acknowledge that any materials or data that appear on or are generated on Company Properties are presumed to be for work related purposes or work products that belong either to the Company. You agree that the Company is entitled to accessing, copying and using your corporate email account and all files, online accounts provided by the Company and communication logs (including your chat history on third party communication software installed on company computer and mobile devices) stored in Company Properties for the purpose of investigation as required by relevant laws or regulations, any government orders or any internal investigation or audit necessary to the Company.
You acknowledge and agree that the Company monitors your usage of internet and Company Properties provided by the Company and any materials or data stored in Company Properties. The Company also has the right to view and access, print, copy, and distribute any material which appears on or is recorded by its IT systems and Company Properties. In particular, where this material may impact your employment, the Company may use such material to assess your performance or conduct and to make decisions regarding your employment.
Changes and amendments
You acknowledge that we have the right to amend this Notice and provide you with a summary of the amendments, in writing, or in other manner that adequately keeps you informed or enables you to be informed of the above (any of the aforementioned manner would suffice), or forward the summary to you in the above manner.
Miscellaneous
You understand the importance of keeping your Personal Information updated in the record of the Company and will revise such information on Remote’s web platform occasionally.
No data of minors
We do not knowingly collect any personal information from individuals under the age of 18. If you are under the age of 18, please do not submit any personal information through our Website or Service.
Contact us
We have a Data Protection Officer (DPO) who monitors our compliance with the Personal Information protection laws, other data protection regimes and policies of Remote in relation to the protection of Personal Information and privacy.
For inquiries or requests about this Notice, please reach out to us via the “Help” button in the lower right corner of your dashboard via our platform.
Contact us
For inquiries or requests about this Policy, please reach out to us via the 'Help' button in the lower right corner of Your dashboard if you are a registered user or via this form if You are not a registered user.