1. WHAT IS BEAMERY’S APPROACH TO PRIVACY?
We at Beamery Ltd and Beamery Inc. ("Beamery", “we”, “us”, “our”) know that our users and customers (“you”, “your”) care about how your personal data is used and shared and we take your privacy seriously. We are focused on protecting your personal data and doing the right thing by you in terms of your privacy rights. For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), Beamery Ltd is the ‘controller’ and responsible for your personal data as part of using Beamery’s Website or Services (as defined below).
Beamery complies with the U.S.¬ E.U. Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from European Union member countries. Beamery has certified that it adheres to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability. To view Beamery’s participation in this framework, please visit this website.
This policy does not apply to the practices and processing of our customers, to companies that we do not own or control, to individuals that we do not employ or manage, to services provided by other companies but accessible through our Website.
We process Personal Data when you are accessing or using our Website directly as an individual ("Individual User") or as a user of a Beamery customer (“Customer User”). Our Services are accessible to you after you have signed up on our Website as an Individual User or have logged on as Customer User to your Beamery Account.
3. WHAT INFORMATION DOES BEAMERY COLLECT?
We gather Personal Data, (i) in connection with your access to our Website, (ii) if and to the extent it is necessary to provide our Services to you, and (iii) if we are entitled or obligated to process Personal Data under applicable law. Set out below in this Section 3 are the categories of Personal Data that we use and the purposes for which we use them. The categories of companies or persons who may receive Personal Data are set out Section 5 below.
A. Information You Provide to Us:
Your Personal Data: We process Personal Data you actively and knowingly provide to us. For example, we collect Personal Data such as your name and email address if you sign up for a newsletter or you request a demo of our Services. If you sign up for our Services, some information is required to create an individual Beamery Account. The same applies if you would like to use a specific feature within our Services. We will inform you which information is required in each single case so that you can choose to use the respective Service or not. If you choose not to provide us with certain information, you may not be able to register with us or to take advantage of some of our features.
You may, for example, ask us to import your contact and email history by giving us access to third party services (for example, your email account) or to use your social network information, if you give us access to your account on social network connection services. If you connect a third-party email account to your Beamery Account, we can then import, create and update versions of your address book and email communications for you to use and access in Beamery. You can also choose to upload files to or provide comments through Beamery.
Additionally, we process Personal Data that occurs while you are visiting our Website or using our Services as described below in Section 3.B. This information is pseudonymized, i.e. the information is aggregated or shortened so that it doesn’t directly identify a specific natural person (e.g. postal code instead of full address). However, with additional information that is kept separately and is subject to technical and organizational measures, it is still possible to refer to you as a natural person (e.g. via your User ID).
Additionally, we post Customer User testimonials/comments/reviews on our Website which may contain Personal Data. We do obtain the Customer User’s consent via email prior to publishing any testimonial and the relevant Customer User’s Personal Data. To request removal of your Personal Data from testimonials or comments please contact us at firstname.lastname@example.org.
Your Candidates’ Personal Data: In order to provide you with our Services pursuant to a Beamery Enterprise Agreement, we also process the Personal Data you choose to provide us with in relation to your candidates, potential job applicants, members of your talent network and other prospective employees (collectively the “Candidates”). The Candidates’ Personal Data (“Candidate Information”) that we typically process includes the names and email addresses of your Candidates, but will also include any other information you or the Candidates choose to provide us with (which must only be provided in compliance with applicable law).
Sensitive Data: We do not knowingly process information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation (collectively, “Sensitive Information”). Beamery’s Enterprise Agreements prohibit the processing of Sensitive Information via the Services and, in any event, if you ask Candidates for Sensitive Information or they reveal any Sensitive Information to you through our Services, you must ensure that you remain compliant with all applicable laws including (but not limited to) ensuring that you obtain prior written consent in relation to the collection and processing of all Sensitive Information.
Anonymized Information: We may also anonymize Personal Data so that no natural person can be individually identified anymore (e.g. replacing a name by a random number and deleting the original name; grouping 30 individual Candidates from London to one group “Candidates from London”). We use that anonymized and/or aggregated information for our own purposes or provide that information to our partners for visitor statistics and analysis of our Website, Services and our partners services.
B. Information Collected Automatically:
Log Data: When you visit the Website, whether as a Customer User or Individual User, our servers automatically record information about the browser or mobile app with which our Website is opened (“Log Data”). Log Data include your computer’s/mobile’s browser type, the requested webpage of our Website or feature of our Service, webpages visited before our Website, the time spent on those pages or features, subjects of searches on our Website and Services, access times and dates, and other related statistics. Analytics and Monitoring: We use this Log Data to monitor and analyse the use of the Website and the Services and for the Website’s technical administration, to increase our Website’s functionality and user-¬friendliness, and to better tailor it to our visitors’ needs. Additionally, we use Log Data including your IP address for security purposes like whitelisting, and prevention and recognition of attacks and malware.
Analytics on Our Customers’ Websites: Additionally, as part of our provision of the Services to you, if you install certain software code provided by us on your website, we will also process Log Data generated by this integration on our Customer’s website to anonymously monitor and analyse the use of our Services on that website, and for the respective technical administration, to increase our Service’s functionality and user-friendliness, and to better tailor it to your visitors’ needs.
Prevent or Opt-out: In any case, you are able to change the preferences on your browser or mobile device to prevent or limit your computer or device’s acceptance of these technical means, but this may prevent you from taking advantage of some of our Website’s or Service’s features. In addition to your browser or device settings, you can opt out from automatic data processing for the different tools here:
C. Information We May Receive from Third Parties
We may receive information about you or Candidates from third parties. For example, if you access our Website or Services through a third-party connection or log-in, for example, through Facebook Connect, by “following,” “liking,” adding the Beamery application, linking your Beamery Account to the Services, etc., that third party may pass certain information about your use of its service to us. This information could include, but is not limited to, the user ID associated with your account (for example, your Facebook user ID), an access token necessary to access that service, any information that you have permitted the third party to share with us including contacts or “friends”, and any information you have made public in connection with that service.
If you allow us access to your “friends list”, your friends’ user IDs, and your connection to those friends, we may process them to provide social features to you that you have actively turned on and which make your experience on our Website and in our Services more social, e.g. to allow you to invite your friends to use our Services as well as provide you with updates if and when your friends join Beamery.
Friends list information and shared contacts may also be used to improve Beamery’s Services only if and to the extent it is permitted under applicable law. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to the Services.
We also use third parties to collect publicly available information relating to your Candidates, if and to the extent legally permitted, for the purpose of completing Candidate Information (this is defined as Enrichment Data in our customer Enterprise Agreements); for example, candidate experience and social links. We append any applicable information to the existing information in your Candidate profiles once it has passed through Beamery’s proprietary algorithm and data transformation process.
Beamery will also receive the Google User Data that you give us access to. However, all such access by Beamery is subject to the following limits.
D. Limits on Beamery’s Use of your Google User Data
- Beamery will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- Beamery will not use this Gmail data for serving advertisements.
- Beamery will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for Beamery’s internal operations and even then only when the data have been aggregated and anonymized.
E. Email and Other Communications:
We may contact you by email or by other means. For example, we may communicate with you about your use of the Website or Services. If you do not want to receive email or other communications from us, please indicate your preferences by adjusting the settings in your Beamery Account or follow the instructions we provide to you in each of our emails to unsubscribe or opt-out of the relevant publication or updates. We may also contact you by email or by other means about new Beamery products or services, offers or other marketing initiatives if you have requested to receive this information from us and have not opted out of receiving this type of information.
Beamery will still send you notices as strictly required by applicable law regardless of whether you opt-out or unsubscribe from communications.
4. WHERE DO WE STORE YOUR PERSONAL DATA?
We process and store information (including Personal Data) about our Individual Users, Customer Users and customers in the United Kingdom and the United States of America. To maintain the same level of data protection in both locations, we are self-certified under the U.S.¬ E.U. Privacy Shield framework. That means that Beamery complies with this framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from European Union member countries.
As a Customer User, your organisation’s Enterprise Agreement will include specific terms in relation to data protection and our sub-processing arrangements. Additionally, in the event of data processing on behalf of our customers, such processing is subject to the terms of the data processing addendum (or similar) entered into between Beamery and the relevant customer.
5. WILL BEAMERY SHARE ANY OF THE PERSONAL DATA IT RECEIVES?
We neither rent nor sell your Personal Data or your Candidates’ Information in personally identifiable form to anyone. However, we may share such Personal Data with third parties as described below.
A. Trusted Third Parties:
We employ other companies and people to either perform tasks on our behalf or to provide specific features to you on your request. Unless we tell you otherwise, such third parties do not have any right to use the Personal Data we share with them beyond what is necessary to assist us. This includes third party companies and individuals employed by us to facilitate our Services, including the provision of maintenance services, sales and marketing applications, database management, web analytics and general improvement of the Services. We note that we may be subject to liability for sharing information to third parties in a manner inconsistent with our promises or the Privacy Shield Principles.
B. Protection of Beamery and Others:
C. With your Consent:
Except as set forth above, you will be notified when your Personal Data may be shared with third parties and will be able to object to the sharing of this information. Please take note: Our Website offers publicly accessible blogs and community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.
6. IS THE PERSONAL DATA SECURE?
Beamery takes appropriate and reasonable precautions to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. You can find details concerning our security measures (such as encryption) in our Security Policy.
Additionally, your Beamery Account is separated from other Beamery Accounts. This means that your Candidates’ Information associated with your account is separated from accounts of other customers. Your Beamery Account is protected by a password for your privacy and security. However, you must prevent unauthorized access to your Beamery Account and Personal Data by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
The transmission of information via the Internet is never completely secure and we are only able to control our Website and Services, but not the connected communication system or systems you use for accessing the Website or Services (e.g. wifi). Accordingly, unauthorized entry or use, hardware or software failure, and other factors we can neither control nor foresee, may compromise the security of information transmitted over the internet at any time.
When we choose service providers, we assess their technical and organizational measures to ensure the protection of Personal Data. The same applies to other third parties to which we are allowed to transfer this information although these third parties are solely responsible for compliance with applicable laws.
7. DO WE PROCESS DATA OF CHILDREN?
Our Services are not directed to persons under the age of 16. We neither knowingly allow such persons to register for the Services on our Website nor knowingly collect Personal Data from children under 16. No one under age 16 may provide any Personal Data to us or on the Services.
If a parent or guardian becomes aware that his or her child has provided us with Personal Data without the parent’s consent, he or she should contact us at email@example.com. If we become aware that a child under 16 has provided us with Personal Data, we will take steps to delete such information from our files.
8. WHAT PERSONAL DATA CAN I ACCESS BY MYSELF?
You have the right to access your Personal Data at any time (see Section 9 regarding your rights). You can access and, in some cases, edit or delete the following information you’ve provided to us through your Beamery Account by yourself:
- name and password
- email address
- company name
- position in company
The information you can view, update, and delete may change as the Website changes. If you have any questions about viewing or updating information we have on file about you, please contact us at firstname.lastname@example.org.
Regarding your further rights concerning your Personal Data, please see below Section 9.
9. WHAT RIGHTS DO I HAVE?
In relation to your Personal Data, you always have the following rights to the extent available under applicable law:
- Right to get transparent information about processing of your Personal Data;
- Right to get access to your Personal Data;
- Right to rectify inaccurate Personal Data concerning you and to get information about any rectification;
- Right to erase Personal Data concerning you and to get information about any erasure;
- Right to restrict processing of Personal Data concerning you and to get information about any restriction;
- Right to receive Personal Data you provided to us and which concerns you and transmit this received Personal information to another provider;
- Right to object any data processing that is based on our legitimate interest;
- Right not to be subject of a decision solely based on automated processing including profiling.
You may be able to add, update, or delete information via your Beamery Account or the Services. However, when you update information, we may maintain a copy of the original information in our records (to the extent permitted by applicable law).
We will retain your information for as long as your Beamery Account is active or as reasonably necessary to provide you with the Services (and there may be specific terms in any applicable Enterprise Agreement which deal specifically with our data retention obligations). You may request deletion of your Beamery Account by contacting us at email@example.com. Please note that some information may remain in our private records after your deletion of such information from your account (only if and to the extent permitted by applicable law). We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may use any aggregated and anonymized data derived from or incorporating your Personal Data after you update or delete it, but not in a manner that would identify you personally.
If you demand the erasure or object to any data processing please keep in mind that some Personal Data may be needed to register with us or to take advantage of some of our special features.
To request removal of your Personal Data from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may technically not be able to remove your Personal Data, in which case we will let you know if we are unable to do so and why.
If we make material changes in the way that we must obtain or renew your active prior consent for processing your Personal Data, we will notify you by sending you an email prior to the change becoming effective. If you don’t agree to the changes you may not be able to use the features or Services that are related to this consent.
11. BEAMERY’S ONGOING COMMITMENT TO PRIVACY
12. CONCERNS AND RESOLUTION
Attn: Data Protection Officer Beamery Ltd WeWork 131 Finsbury Pavement London EC2A 1NT United Kingdom
We will make every effort to resolve your concerns fully and in a timely manner.
Beamery has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to a panel of European Data Protection Authorities.
Under certain limited conditions, it is possible for individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
The regulatory agency with the authority to investigate and resolve claims should you consider our practices to be unfair or deceptive is the United States Federal Trade Commission. In Europe you can approach any supervisory authority that is competent under the General Data Protection Regulation.