The Remote Privacy Policy

Last updated: July 20th, 2020

Overview

This privacy policy ("Policy") describes how Remote Technology, Inc. ("Remote Technology, Inc.", "we," "us," or "our") collects, protects, and use the personally identifiable information ("Personal Information") you ("User", "you," or "your") may provide on the remote.com website and within any of its products or services (collectively, "Website" or "Services"). It also describes the choices available to you regarding our use of your Personal Information, your rights, and how you can exercise them.

When and how we collect data

Data you give Data we collect When
No Yes You browse pages of our website
No Yes You receive an email from us
Yes No You request information from us
Yes Yes You post a job ad
Yes Yes You create a user profile
Yes Yes You submit a job application
Yes Yes You refer someone to be hired
Yes Yes You ask us to pay your contractors

Types of data we collect

We collect information to provide better services to you.

  • Contact Information that facilitates communication. E.g. email and physical address, telephone number.
  • Location Information about an individual's location. E.g. Country, IP address.
  • Identifying Information that can identify a specific individual. E.g. Name, government-issued ID, picture, birthdate.
  • Financial/Account Information that identifies an individual’s financial account. E.g. Credit card number, bank accounts.
  • Professional Information about educational or professional career. E.g. Job title, work history, schools attended.
  • Social Information about social connections. E.g. Emergency contact.
  • Communication Information communicated to or from an individual. E.g. Email conversations.

How we use your data

  • Service Provision

    • Create user accounts
    • Post job ads
    • Perform payments
    • Refer employees
    • Manage payments
    • Legal basis for processing: Performance of a contract Legitimate interests
  • Customer support

    • Identify you and help you solve issues related to the usage of our services
    • Notify you of any changes to our services
    • Legal basis for processing: Performance of a contract
  • Marketing Purposes

    • Inform you about our services, products, or content
    • Legal basis for processing: Legitimate interests Consent

What is "legal basis?"

Under the GDPR, we need to have a legal basis to process your personally identifiable information lawfully. For the described data processing, we use:

  • Performance of a contract: The data processing is necessary for the performance of a contract in which you are a party or to take steps at the request of the data subject before entering a contract.
  • Legitimate interests: We process your data following our own, our business partners', or your legitimate interests. For example, this occurs when we show you ads for jobs, present your profile to recruiting partners, or when we believe you would benefit from our services, products, or content.
  • Consent: We will only process your personal data for the specific purposes you allowed us to. You can withdraw your consent whenever you wish.

Privacy choices

Although restricting access to certain data might affect your experience, you can always make changes, such as:

  • Disable cookies: You can block cookies in your web browser (check your browser's Help page).
  • Don't provide personal information: You can still navigate the Website and access all our features that don't require your personal information.
  • Opt out of marketing communications: We will only contact you directly if we receive your contact request, but if you don't wish to hear from us again, please send us an email to [email protected] to let us know.

Data subjects rights

You may exercise any rights related to the data we collect by sending an email to [email protected]. We will then verify your identity and respond to your inquiry as promptly as we can, but we may need up to 30 days for certain requests.

Find below a summary list of your rights and how you can exercise them:

Access data

You can access the personal information we hold about you directly on your user profile. If you need additional information regarding:

  • The data categories we process;
  • The purposes of the data processing;
  • Retention period;
  • To whom we disclose personal information;
  • Any other information about your data, please send us an email.

Email subject: Personal Information inquiry.

Additional information: Please let us know what kind of data you would like to access.

Rectification

You can update most of the personal information we hold about you directly on your account's profile. Please keep in mind that some personal information, such as financial data, may be restricted from modification on the platform to avoid processing errors. If you need to modify a restricted field, please contact us by email.

Email subject: Data rectification.

Additional information: Please let us know: the fields to update, the old data values to be replaced, the new data values.

Data Portability

We can export and send a Json file containing all personal information we have collected.

Email subject: Data export.

Additional information: If you would like us to send your information, please let us know by email.

Object processing

Where we use legitimate interests to process your personal information, you have have the right to object to the processing. To exercise your right, please send us an email. If your objection is related to receiving marketing communications or our newsletter, please hit the unsubscribe link on the communication you no longer wish to receive.

Email subject: Object to data processing.

Additional information: If the data has no other purpose except within the process to which you object, we will delete that data.

Restrict processing

You can restrict your data from being processed if:

  • We processed or will process inaccurate personal information;
  • We processed your personal information unlawfully;
  • We don't need need to process your personal data, but we need to keep it to allow you to establish, exercise, or defend a legal claim;
  • You exercised your right to object processing, but we are still validating your request;

Email subject: Restrict data processing.

Additional information: Let us know why you want us to restrict your data processing.

Erasure

Your personal information can be deleted, provided that such deletion does not prevent us from complying with any legal obligations.

Email subject: Data deletion.

Additional information: Send us an email that states the reason for your deletion request. We will reply to you to confirm we have deleted your account or to let you know why we are unable to fulfill the request.

Lodge a complaint

If you believe that we are not processing your data in a lawful way under the GDPR or if you are not satisfied with any response we provide, you may lodge a complaint with a relevant data protection authority.

Email subject: Data privacy.

Additional information: Under certain conditions, you may able to invoke binding arbitration for complaints regarding Privacy Shield compliance. Please check here.

How we keep your data secure

Compliance

We are fully compliant with the EU's General Data Protection Regulation. Data protection is ensured by encryption and security measures throughout the lifecycle of your employees’ data.

Infrastructure security

  • Data encryption in transit;
  • Data encryption at rest;
  • Architecture network isolation through private networks;
  • Fully auditable access and changes;
  • AWS is our trusted cloud provider and is compliant with the following industry standards:
    • SOC I/II/III
    • ISO 27001/27017/27018
    • PCI-DSS
  • All systems are protected by a firewall with security threat detection and prevention mechanisms.

Internal best practices

  • We follow the least privilege principle to limit systems' access to essential personnel only;
  • All internal tools and systems require SSO;
  • We practice continuous credentials auditing and management;
  • We conduct internal security and privacy training.

Reliability

  • Infrastructure-as-code allows for quick rebuilding and portability;
  • Our average response times are under 150ms;
  • We practice continuous monitoring of applications and infrastructure;
  • Applicational logs are shipped off site and kept for 30 days;
  • We create daily data backups.

Data Privacy

  • Sensitive data (i.e., documents) is encrypted and only accessible by data owners and internal platform administrators;
  • Users have full control of their data.
  • We do not keep any data other than data strictly necessary for business operations.

Personal Data Disclosure

Third parties who process your data

We rely on third-party sub-processors to ensure the successful provision of our services. Any third party with whom we share personal information is subject to an extensive security and privacy assessment review to ensure they can provide adequate technical and organizational security measures. Remote Technology, Inc. shall remain liable for any unlawful processing from our sub-processors unless we are able to prove that we are not responsible for the unlawful processing.

Please find here a list of our current sub-processors.

We rely on a data controller, Transferwise, to assist us in processing payment information. We might also need to disclose your personal data to comply with applicable law, enforce contractual rights, and respond to requests from courts, law enforcement, or regulatory agencies and government authorities as long as the request is deemed lawful.

International data transfers

To guarantee service, personal information collected may be processed outside of your country. We ensure that we only transfer data to third parties that can meet high standards of technical and organizational data protection and privacy measures.

Data retention

Due to legal and fiscal obligations, Remote may have to retain certain types of personal data for up to 10 years. Remote will never disclose or share your personal data unless doing so is required to comply with legal obligations.

If you believe Remove is retaining personal data for invalid legal or fiscal obligations, please contact us at [email protected].

Cookies

The Website uses "cookies" to help personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server.

  • Cookies cannot be used to run programs or deliver viruses to your computer.
  • Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
  • We may use cookies to collect, store, and track information for statistical purposes to operate our Website and Services. You can accept or decline cookies.
  • Most web browsers automatically accept cookies, but you can modify your browser settings to disable cookies if you prefer (check your browser's Help page).
  • If you choose to decline cookies, you may not be able to experience all the features of the Website and Services.

To learn more about cookies and how to manage them, visit internetcookies.org.

EU-US and Swiss-US Privacy Shield

Remote Technology, Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.

Remote has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our certification, please visit https://www.privacyshield.gov/.

Remote Technology, Inc. commits to cooperate with the panel established by the EU data protection authorities (DPAs), the Swiss Federal Data Protection, or the Information Commissioner. EU, Swiss, and UK individuals can contact EU DPA, the Swiss Federal Data Protection, or the Information Commissioner as applicable. Please find the contact details of the EU DPAs.

The Federal Trade Commission has jurisdiction over Remote Technology, Inc.’s compliance with the Privacy Shield.

Privacy of minors

We do not knowingly collect any Personal Information from persons under the age of 18. If you are under the age of 18, please do not submit any Personal Information through our Website or Service.

If you have reason to believe that a person under the age of 18 has provided Personal Information to us through our Website or Service, please contact us at [email protected].

Changes and amendments

We reserve the right to modify this Policy relating to the Website or Services at any time, effective upon posting of an updated version of this Policy on the Website. You can find the date of our last update at the top of the document.

Acceptance of this policy

You acknowledge that you have read this Policy and agree to all its terms and conditions. By using the Website or its Services, you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to use or access the Website and its Services.

Contact us

For inquiries or requests, please contact us at [email protected].

Employ World Half-circle

Have a question?

Just in case you haven’t found what you’re looking for, feel free to contact us.

Contact us