This policy applies to information we collect:
- on our websites;
- through our applications;
- in email, text, and other electronic messages between you and our websites and/or applications; and
- when you interact with our advertising and applications on third party websites and services, if those applications or advertising include links to this policy.
It does not apply to information collected by:
• us offline or through any other means, including on any other website operated by 4Degrees or any third party; or
• any third party, including through any application or content (including advertising) that may link to or be accessible from or on our websites or from or in our applications.
Data Processor & Controller
Children Under the Age of 18
Our websites and applications are not intended for children under 18 years of age. No one under age 18 may provide any information to or on the websites or through our applications. We do not knowingly collect Personal Data from children under 18. If you are under 18, do not use or provide any information on our website or application or on or through any of its features, use any of the interactive or public comment features of our website or application or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data from a child under 18 without verification of parental consent, we will delete that information.
1. Information We Collect
We collect several types of information from and about users of our Services:
· by which you may be personally identified, such as name, postal address, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline (“Personal Data”);
· that is about you but individually does not identify you, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to our Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
· about your internet connection, the equipment you use to access our Services and usage details.
We collect this information:
· directly from you when you provide it to us;
· automatically as you navigate through the Services. Information collected automatically may include usage details, IP addresses, and information collected through cookies web beacons, pixels, tags, device identifiers, and other tracking technologies; and
· from third parties, for example, our business partners and our Member’s employers.
1.1 Information You Provide To Us
To create an account you provide data including personal information such as your name, email address and/or mobile number, a password and allow us to access your email messages and settings, view your contacts and view your calendars. If you register for a premium Service, we ask you for payment (e.g., credit card) and billing
Profile and Email Access
You have choices about the information on your profile and the extent to which we have access to your email messages and settings, contacts and calendars (“Member Collected Data”). This can include information in or about the content you provide (such as, Meta-Data as defined below). Member Collected Data helps you to get more from our Services. It’s your choice whether to include sensitive information on your profile. Please do not post or add personal data to your profile that you would not want to be publicly available.
In order to operate our Services, we need access to certain meta-data contained in your email messages, calendars and contacts (“Meta-Data”), including information about your contacts’ personal and/or professional information, such as: email header information (the date a file was created, the email address of a recipient, IP addresses) and calendar meeting information (e.g. times, places, attendees and contacts). Our access to the body of emails and calendar items is controlled by you (“Body-Data”) through your settings, such as the content, communications and other information when you send an email or calendar appointment, or sync or import your contact information.
To provide you a fast and efficient resolution, we will collect information such as your name, email address, as well as other content you may provide if you contact us. We also may create event logs to diagnose product related issues, and gather information related to service issues. To improve customer service, subject to applicable laws, we may also analyze any feedback provided through voluntary customer surveys.
You may choose to provide us information when you fill in a form, conduct a search, update or add information to your Account, respond to surveys, provide feedback, request support or use other features of our Services. We may also collect information at other points in our Services when clearly stated that information is being collected.
Member Collected Data
We collect Member Collected Data from you when you provide, post, upload, import, sync or integrate it to or with our Services, such as when you fill out a form or provide feedback to our Services by confirming, rejecting or refining our suggestions and other insights provided to you or complete email, contact and calendar integration at registration. When you import your address book, we receive your contacts (including contact information your service provider(s) or app automatically added to your address book when you communicated with addresses or numbers not already in your list). When you sync your email or calendars with our Services, we will collect Meta-Data such as your “email header” and calendar meeting information (e.g. times, places, attendees and contacts) and, subject to your settings, Body-Data such as the text from the main body of email correspondence.
1.2 Information From Others
Content and Email Information
You and others may post content or allow access that includes or yields information about you on our Services (as part of Member Collected Data we receive from them that includes information about you). Unless you opt-out, we collect this information and make it available as part of our Services (e.g. suggestions for your profile, or notifications to others for their contact purposes and network insights and other information), which we may use from time to time to enrich our Services, our data and the data-based insights and recommendations provided thereby.
Contact and Calendar Information
We receive Member Collected Data about you when you or others import or sync their address book or calendar with our Services, or send messages using our Services to the extent available.
We receive personal data about you when you use the services of our customers and partners, such as employers and your customers or vendors providing us their data.
1.3 Usage Data
As you navigate through and interact with our Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, such as when you view or click on content (e.g., contact information) or ads (on or off our sites and apps), perform a search or install one of our mobile apps. We use log-ins, cookies, device information and internet protocol (“IP”) addresses to identify you and log your use.
1.4 Cookies, Web Beacons and Other Similar Technologies
1.5 Your Device and Location
When you visit or leave our Services (including our plugins or cookies or similar technology on the sites of others), we receive the URL of both the site you came from and the one you go to next. We also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our Services from a mobile device, that device will send us data about your location. Most devices allow you to prevent location data from being sent to us and we honor your settings.
We collect information about you when you send, receive, or engage with messages in connection with our Services.
1.7 Workplace Provided Information
An employer (or other person or entity procuring our Services for your use) may provide us information about their employees or contractors who make use of these Services.
1.8 Sites and Services of Others
We receive information about your visits and interaction with services provided by others when you log-in with 4Degrees or visit others’ services that include our plugins, ads, cookies or similar technologies.
1.10 Association of Usage Data
The information we collect as you interact with our Services may include Personal Data, or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve our Services and to deliver a better and more personalized service by enabling us to: estimate our audience size and usage patterns; store information about your preferences, allowing us to customize our Services according to your individual interests; speed up your searches; and recognize you when you return to our Services.
1.11 Special Categories of Data
We do not ask you to provide, and we do not knowingly collect, any special categories of Personal Data from you.
2. How We Use Your Data
How we use Member Collected Data will depend on which Services you use, how you use those Services and the choices you make in your settings. We use information that we have collected about you or that you provide to us, including any Personal Data as discussed below:
2.1 To Provide our Services
We use information to provide, support, personalize and make our Services (including ads) more relevant and useful to you and others.
Our Services help you connect with others, find and be found for work and business opportunities, stay informed and be more productive.
Our Services allow you to stay in touch, in communication and up to date with colleagues, partners, clients, and other professional contacts.
We will use Member Collected Data about you (such as data provided through address book uploads or partner integrations) to suggest ways and times for you to connect with others (e.g. people within your contacts) that we have reason to believe will improve your relationship network. It is your choice whether to act on the recommendations provided to you by our Services.
Our Services allow you to stay informed about your professional network and your “network health”. We use the information about you to recommend relevant actions with our Services that might assist you in to pursuing your next opportunity. We use your content, activity and other data, including your name and picture, to provide notices to your network and others.
Our Services allow you to collaborate with colleagues, search for potential clients, customers, partners and others to do business with. Our Services offer suggestions to allow you to communicate with other professionals and schedule and prepare meetings with them. Subject to your settings, we may scan messages to provide “bots” or similar tools that prompt tasks such as scheduling meetings, draft responses, summarize messages or recommend next steps.
We will contact you through email, notices posted on our websites or applications and other ways through our Services, including text messages and push notifications. We will send you messages about the availability of our Services, security, or other service-related issues. We also send messages about how to use the Services, network updates, reminders, job suggestions and promotional messages from us and our partners. You may change your communication preferences at any time. Please be aware that you cannot opt out of receiving service messages from us, including security and legal notices. We may also enable or suggest communications between you and others through our Services, subject to your settings.
2.4 Developing Services and Research
We use data, including public feedback, to conduct research and development for the further development of our Services in order to provide you and others with a better, more intuitive and personalized experience, drive membership growth and engagement on our Services, and help connect professionals to each other and to economic opportunity.
We seek to create opportunity for members of the global workforce and to help them be more productive and successful. In some cases, we work with trusted third parties to perform this research, under controls that are designed to protect your privacy. We publish or allow others to publish economic insights, presented as aggregated data that do not identify you.
Polls and surveys are conducted by us and others through our Services. You are not obligated to respond to polls or surveys and you have choices about the information you provide. You may opt out of survey invitations.
2.5 Customer Support
We use Personal Data (which can include your communications) as needed to investigate, respond to and resolve complaints and Service issues (e.g., bugs).
2.6 Aggregate Insights
We use Personal Data to produce aggregate insights that do not identify you. For example we may use your data to generate statistics about our users, their profession or industry or the demographic distribution of visitors to a site.
2.7 Security and Investigations
2.8 Enriching Contact Records
By selectively combining your contacts and relationship information with information from other 4Degrees users we can provide you and other users with enhanced features and Services. Your contact data may be combined with other users’ contact data, as well as public data, other publicly available information and information we receive from third parties, to build more complete contact records of individuals. These records reside in the 4Degrees database and may be processed for the purposes described in the remainder of this section.
2.9 Purposes and Legal Basis for Processing
If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities (except when an exception applies as described below):
- Legitimate Interests. We will process your Personal Data as necessary for our legitimate interests. Our legitimate interests are balanced against your rights and freedoms and we do not process your Personal Data if your rights and freedoms outweigh our legitimate interests. Our lawful basis for processing is our legitimate interest in providing relationship management services to our users, enabling them to better manage and build their relationships with you; facilitate communication between 4Degrees and you; detect and correct bugs and to improve our Services; safeguard our IT infrastructure and intellectual property; detect and prevent fraud and other crime; promote and market our business; develop our product and services; and provide references to your future employers;
- To Fulfill Our Obligations to You under our Contract: This enables us to deliver the Services to you and honor our Terms of Service to fulfill our contracts with our customers;
- Enriching Contact Records. This use is necessary to deliver certain Services to you and is based on your explicit Consent; and
- As Required by Law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspections, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortious activities), defend litigation, and manage complaints or claims.
3. How We Share Information
3.1 Our Services
Your profile information is fully accessible to us for providing such information to other Members and customers of our Services in order to provide network insights and other information to such parties just as we might access their profile information to provide you with network insights and other information. As detailed in our setup and general settings, the extent to which we may access and provide information about you to other Members is subject to certain limitations determined by you; however, the more restricted our access, the greater impact it may have on our ability to provide our Services.
Your employer may offer you access to our enterprise Services. They can also buy access for you to our other products. Your employer can review and manage your use of such enterprise Services.
Depending on the enterprise Service, before you use such Service, we will ask for permission to share relevant data from your profile or use of our non-enterprise Services. We understand that certain activities are sensitive and so we will allow you to determine which information is shared with your employer through our Services to the extent you use non-enterprise Services and enterprise Services.
3.2 Communication Archival
Some Members (or their employers) need, for legal or professional compliance, to archive their communications and activity, and will use services of others to provide these archival services. We will seek enable such archiving outside of our Services. For example, a financial advisor needs to archive communications with her clients through our
Services in order to maintain her professional financial advisor license.
3.3 Third Party Services
If you opt to link your account with other services, certain data will become available to them. The sharing and use of that data will be described in, or linked to, a consent screen when you opt to link the accounts. You may revoke the link with such accounts.
Subject to your settings, excerpts from your profile will appear on the services of others (e.g., search engine results, mail and calendar applications). “Old” profile information remains on these services until they update their data cache with changes you made to your profile.
3.4 Service Providers
We use others to help us provide our Services (e.g., maintenance, analysis, audit, payments, fraud detection, marketing and development). They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated to not to disclose or use it for other purposes.
3.5 Legal Disclosures
It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third party claims or allegations, (4) protect the security or integrity of our Service (such as by sharing with companies facing similar threats); or (5) exercise or protect the rights and safety of 4Degrees, our Members, personnel, or others. We attempt to notify Members about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
3.6 Change in Control or Sale
3.7 Onward Transfer and Consent to Processing of Personal Data in Other Countries Outside the European Economic Area
If you are a resident of the European Economic Area (“EEA”), in order to provide our Services to you, we may send and store your Personal Data outside of the EEA, including to the United States. If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal data, including sensitive data, if any, by us from your region to countries which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area, including the United States. By providing your personal information, you consent to any transfer and processing in accordance with this Policy. We try to minimize disclosures of personal data as reasonably practical because we are mindful of our responsibility and potential liability in cases of onward transfers to third parties.
Your Personal Data is transferred by 4Degrees to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data. By using our Services, you represent that you have read and understood the above and hereby consent to the storage and processing of Personal Data that you provide directly to us through our Services. If you reside in the EEA, we comply with the EU-U.S. Privacy Shield Framework, which the European Commission have determined provides an adequate level of protection for your Personal Information. We agree to notify you in the event that we make a determination that we can no longer meet our obligations to provide the same level of protection as is required by the Privacy Shield principles. You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information on Privacy Shield please see: https://www.privacyshield.gov/article?id=ANNEX-I- introduction. The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield.
4. Your Choices & Obligations
We do not control the collection and use of your information collected by third parties described above in How We Share Information. When possible, these organizations are under contractual obligations to use this data only for providing the services to us and to maintain this information strictly confidential. These third parties may, however, aggregate the information they collect with information from their other customers for their own purposes.
We strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:
· Promotional Offers from 4Degrees. We will only use your contact information to promote our own or our partners products and services with your express consent. If you wish to consent to such use, you can check the relevant box located on the form on which we collect your Personal Data or otherwise seek such consent. If you wish to change your choice, you may do so at any time by logging into the Website or the Application and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us a request through the Contact Information below. If we have sent you a promotional email, you may unsubscribe by clicking the unsubscribe link at the bottom of the email.
4.1 Data Retention
We retain Member Collected Data you provide while your account is in existence or as needed to provide you Services. Even if you only use our Services infrequently, we will retain your information and keep your profile open until you decide to close your account. This includes information that you have made available to 4Degrees for the purposes of improving the Services for both you and other users of our Services. Additionally, we may retain your information in our backup and disaster recovery systems in accordance with our backup and disaster recovery policies and procedures. In some cases we choose to retain certain information in an aggregated or otherwise anonymous form such that you are no longer identifiable, indefinitely.
4.2 Rights to Access and Control Your Personal Data
We provide many choices about the collection, use and sharing of your Member Collected Data, from deleting or correcting data you include in your profile and controlling access to the body of email messages to calendar settings and contact relationship controls. We offer you access to the Member Collected Data we have about you.
4.3 Account Closure
If you choose to close your 4Degrees account, your profile will generally stop being visible to others on our Services promptly within a short period of time. We generally delete closed account information within 30 days of account closure, except as noted below.
We retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our User Agreement, or fulfill your request to “unsubscribe” from further messages from us. We will retain anonymized or otherwise aggregated information after your account has been closed.
Meta-Data that we have collected from information you have shared with us or others (e.g., through access to your email, contacts or calendars) will remain available to us for inclusion in our data archive after you closed your account or deleted the information from your own profile in an anonymized or otherwise aggregated manner; however, Body-Data that you provided to us will be destroyed within a reasonable amount of time once you closed your account or deleted the information from your own profile. Notwithstanding the foregoing, we do not control data that other Members provided to us that are copied out of our Services. Your profile may continue to be displayed in the services of others (e.g., search engine results) until they refresh their cache.
4.4 Data Subject Rights
Our lawful basis for processing is our legitimate interest in providing relationship management services to our users, enabling them to better manage and build their relationships with you. Personal Data will be retained as long as necessary to serve that purpose or until you decide it is not in your best interest to keep your information in the 4Degrees database. You have the right to object to the processing of your Personal Data at any time. Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.
Withdrawal of Consent. To the extent that our processing of your Personal Data is based on your consent, you may withdraw your consent at any time by closing your account. Withdrawing your consent will not, however, affect the lawfulness of the processing based on your consent before its withdrawal, and will not affect the lawfulness of our continued processing that is based on any other lawful basis for processing your Personal Data.
Portability. To the extent the Personal Data you provide 4Degrees is processed based on your consent, you have the right to request that we provide you a copy of, or access to, all or part of such Personal Data in structured, commonly used and machine-readable format. You also have the right to request that we transmit this Personal Data to another controller, when technically feasible.
Access and Update. You can review and change your Personal Data by logging into the Services and visiting your “Account” page. You may also notify us through the Contact Information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible.
Restrictions. You have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request we restrict our use of it if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing but we have retained it as permitted by law.
Sources. You have the right to request the sources of your Personal Data. You may do so by contacting us as indicated in the “Contact Us” section below. Please note that to protect the rights of other data subjects, we may only be able to provide you with the general categories of sources.
You can direct any questions or complaints about the use or disclosure of your EU Personal Data to us at firstname.lastname@example.org. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EU Personal Data within 45 days of receiving your complaint. For any unresolved complaints, we have agreed to cooperate with JAMS . If you are unsatisfied with the resolution of your complaint, you may contact JAMS at Jara E. Satterthwaite, Esq., JAMS, 3800 Howard Hughes Parkway, 11th Floor, Las Vegas, NV 89169, https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for further information and assistance.
Binding Arbitration: You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with 4Degrees and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).
Complaints You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
How You May Exercise Your Rights. You may exercise any of the above rights by contacting us through any of the methods listed under Contact Information below and through the live chat feature of our Website[s]. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.
5. Other Important Information
We implement security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Services like message boards. The information you share in public areas may be viewed by any user of the Services. Please take precautions to safely use our Services, including two-factor authentication.
5.2. Direct Marketing and Do Not Track Signals
We currently do not share Personal Data with third parties for their direct marketing purposes without your permission.
5.3. California Erasure Law
California law permits minors under the age of 18 to request the removal of your User Contributions, subject to certain exceptions. If you are under the age of 18 in California, you may contact us using the Contact Information below (if you contact us via email, please use the subject “California Eraser Law Request”). We may not remove your User Contributions that we are required to retain under any federal or state law, or that have been provided to a third party. While we will do our best to remove a minor’s information upon a valid request, we cannot ensure the complete or comprehensive removal of your User Contributions from our Services or any information that has been republished, copied, downloaded, or reposted by any third party, and we cannot guarantee that any such information may not be accessible to users of the Internet in the future. We do not advertise or market any of the products or services identified in California Business and Professionals Code Section 22580(i) to users who we have actual knowledge are under 18 years of age.
5.4. Contact Information
If you have any questions or complaints about this Privacy Notice, please contact us at: email@example.com
Data Protection Officer (DPO)