Last updated: July 20th, 2020
When and how we collect data
|Data you give||Data we collect||When|
|x||You browse pages of your website|
|x||You receive an email from us|
|x||You request information from us|
|x||x||You post a job ad|
|x||x||You create a user profile|
|x||x||You submit a job application|
|x||x||You refer someone to be hired|
|x||x||You ask us to pay your contractors|
Types of data we collect
|Contact||Information that facilitates communication||Email address, physical address, telephone number|
|Location||Information about an individual’s location||Country, IP address|
|Identifying||Information that can identify a specific individual||Name, government-issued ID, profile picture, birthdate|
|Financial/Account||Information that identifies an individual’s financial account||Credit card number, bank accounts|
|Professional||Information about educational or professional career||Job title, work history, schools attended|
|Social||Information about social connections||Emergency contact|
|Communication||Information communicated to or from an individual||Email conversations|
How we use your data
|What we do||Purpose of processing||Legal Basis for processing|
|Create user accounts
Post job ads
|Service Provision||Legitimate interests
Performance of a contract
|Identify you and help you solve issues related to the usage of our services Notify you of any changes to our services||Customer Support||Performance of a contract|
|Inform you about our services, products, or content||Marketing purposes||Legitimate interests|
Whats is “legal basis?”
Under the GDPR, we need to have a legal basis to process your personally identifiable information lawfully. For the described data processing, we use:
Performance of a contract: The data processing is necessary for the performance of a contract in which you are a party or to take steps at the request of the data subject before entering a contract.
Legitimate interests: We process your data following our own, our business partners', or your legitimate interests. For example, this occurs when we show you ads for jobs, present your profile to recruiting partners, or when we believe you would benefit from our services, products, or content.
Although restricting access to certain data might affect your experience, you can always make changes, such as:
Disable cookies: You can block cookies in your web browser (check your browser’s Help page).
Don’t provide personal information: You can still navigate the Website and access all our features that don’t require your personal information.
Opt out of marketing communications: We will only contact you directly if we receive your contact request, but if you don’t wish to hear from us again, please send us an email to [email protected] to let us know.
Data subjects rights
You may exercise any rights related to the data we collect by sending an email to [email protected]. We will then verify your identity and respond to your inquiry as promptly as we can, but we may need up to 30 days for certain requests.
Find below a summary list of your rights and how you can exercise them:
|Right to||Description||E-mail subject||Additional information|
|Access||You can access the personal information we hold about you directly on your user profile. If you need additional information regarding:
- the data categories we process
- the purposes of the data processing
- retention period
- to whom we disclose personal information
- any other information about your data, please send us an email
|Personal Information inquiry||Please let us know what kind of data you would like to access.|
|Rectification||You can update most of the personal information we hold about you directly on your account’s profile.
Please keep in mind that some personal information, such as financial data, may be restricted from modification on the platform to avoid processing errors. If you need to modify a restricted field, please contact us by email.
|Data rectification||Please let us know:
- the fields to update
- the old data values to be replaced
- the new data values
|Data Portability||We can export and send a Json file containing all personal information we have collected.||Data Export||If you would like us to send your information, please let us know by email.|
|Object processing||Where we use legitimate interests to process your personal information, you have have the right to object to the processing.
To exercise your right, please send us an email.
If your objection is related to receiving marketing communications or our newsletter, please hit the unsubscribe link on the communication you no longer wish to receive.
|Object to data processing||If the data has no other purpose except within the process to which you object, we will delete that data.|
|Restrict processing||You can restrict your data from being processed if:
- we processed or will process inaccurate personal information
- we processed your personal information unlawfully
- we don’t need need to process your personal data, but we need to keep it to allow you to establish, exercise, or defend a legal claim
- you exercised your right to object processing, but we are still validating your request
|Restrict data processing||Let us know why you want us to restrict your data processing.|
|Erasure||Your personal information can be deleted, provided that such deletion does not prevent us from complying with any legal obligations.||Data deletion||Send us an email that states the reason for your deletion request. We will reply to you to confirm we have deleted your account or to let you know why we are unable to fulfill the request.|
|Lodge a complaint||If you believe that we are not processing your data in a lawful way under the GDPR or if you are not satisfied with any response we provide, you may lodge a complaint with a relevant data protection authority.||Data privacy||Under certain conditions, you may able to invoke binding arbitration for complaints regarding Privacy Shield compliance. Please check here|
How we keep your data secure
- We are fully compliant with the EU’s General Data Protection Regulation. Data protection is ensured by encryption and security measures throughout the lifecycle of your employees’ data.
- Data encryption in transit
- Data encryption at rest
- Architecture network isolation through private networks
- Fully auditable access and changes
- AWS is our trusted cloud provider and is compliant with the following industry standards:
- SOC I/II/III
- ISO 27001/27017/27018
- All systems are protected by a firewall with security threat detection and prevention mechanisms.
Internal best practices
- We follow the least privilege principle to limit systems' access to essential personnel only.
- All internal tools and systems require SSO.
- We practice continuous credentials auditing and management.
- We conduct internal security and privacy training.
- Infrastructure-as-code allows for quick rebuilding and portability.
- Our average response times are under 150ms.
- We practice continuous monitoring of applications and infrastructure.
- Applicational logs are shipped off site and kept for 30 days.
- We create daily data backups.
- Sensitive data (i.e., documents) is encrypted and only accessible by data owners and internal platform administrators.
- Users have full control of their data.
- We do not keep any data other than data strictly necessary for business operations.
Personal Data Disclosure
We rely on third-party sub-processors to ensure the successful provision of our services. Any third party with whom we share personal information is subject to an extensive security and privacy assessment review to ensure they can provide adequate technical and organizational security measures.
Remote Technology, Inc. shall remain liable for any unlawful processing from our sub-processors unless we are able to prove that we are not responsible for the unlawful processing.
We rely on a data controller, TransferWise, to assist us in processing payment information.
We might also need to disclose your personal data to comply with applicable law, enforce contractual rights, and respond to requests from courts, law enforcement, or regulatory agencies and government authorities as long as the request is deemed lawful.
International data transfers
To guarantee service, personal information collected may be processed outside of your country. We ensure that we only transfer data to third parties that can meet high standards of technical and organizational data protection and privacy measures.
Due to legal and fiscal obligations, Remote may have to retain certain types of personal data for up to 10 years.
If you believe Remove is retaining personal data for invalid legal or fiscal obligations, please contact us at [email protected].
Remote will never disclose or share your personal data unless doing so is required to comply with legal obligations.
The Website uses “cookies” to help personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server.
Cookies cannot be used to run programs or deliver viruses to your computer.
Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
Most web browsers automatically accept cookies, but you can modify your browser settings to disable cookies if you prefer (check your browser’s Help page).
If you choose to decline cookies, you may not be able to experience all the features of the Website and Services.
To learn more about cookies and how to manage them, visit internetcookies.org.
EU-US and Swiss-US Privacy Shield
Remote Technology, Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.
Remote Technology, Inc. commits to cooperate with the panel established by the EU data protection authorities (DPAs), the Swiss Federal Data Protection, or the Information Commissioner. EU, Swiss, and UK individuals can contact EU DPA, the Swiss Federal Data Protection, or the Information Commissioner as applicable. Please find the contact details of the EU DPAs here.
The Federal Trade Commission has jurisdiction over Remote Technology, Inc.’s compliance with the Privacy Shield.
Privacy of minors
We do not knowingly collect any Personal Information from persons under the age of 18. If you are under the age of 18, please do not submit any Personal Information through our Website or Service.
If you have reason to believe that a person under the age of 18 has provided Personal Information to us through our Website or Service, please contact us at [email protected].
Changes and amendments
We reserve the right to modify this Policy relating to the Website or Services at any time, effective upon posting of an updated version of this Policy on the Website. You can find the date of our last update at the top of the document.
Acceptance of this policy
You acknowledge that you have read this Policy and agree to all its terms and conditions.
By using the Website or its Services, you agree to be bound by this Policy.
If you do not agree to abide by the terms of this Policy, you are not authorized to use or access the Website and its Services.
For inquiries or requests, please contact us at [email protected].