Paradox, Inc. (“Paradox”) is a cloud software company that provides recruiting products and services (the “Services”) to employers that have entered into a written agreement with Paradox (“Clients”). Paradox’s flagship product is an automated recruiting assistant, Olivia, that is used by our Clients to make their recruiting processes more efficient, user-friendly, and engaging.
At Paradox, we take data privacy seriously. This Policy describes our privacy practices for the activities set out in this statement. Please read this Policy carefully, as it outlines how we collect, use, share, and otherwise process information from which an individual can be identified (“Personal Data”). Additionally, this Policy outlines your choices and rights with respect to our processing of your Personal Data.
This Policy applies to Personal Data processed by Paradox, for which Paradox is the controller. Paradox is the controller of your Personal Data as described herein, unless expressly specified otherwise.
This Policy does not apply to Personal Data processed by Paradox, for which Paradox is not the controller. For avoidance of doubt, this Policy does not apply to the extent that we process Personal Data in the role of a processor on behalf of our Clients. If you are a potential candidate, job applicant, or employee that has submitted Personal Data to a Paradox Client, the use of your data is governed by the policies of the organization to which you have submitted a recruitment inquiry or application, or with which you are employed. For detailed privacy information regarding the use of your Personal Data by a Client, or to exercise your rights regarding such Personal Data, please reach out to that organization directly. Paradox may only access, share, distribute, or otherwise process Personal Data submitted to us by or on behalf of a Client as provided in the Agreement between Paradox and that Client, or as may be required by law.
We are not responsible for the privacy or data security practices of our Clients, which may differ from those set forth in this Policy.
Paradox’s websites and Services may contain links to other websites, applications and services maintained by third parties. The privacy and data protection practices of such third parties are governed by the privacy policies of those organizations. Please review the privacy policies of those organizations to better understand their privacy practices.
Paradox may process your Personal Data in a number of online and in-person circumstances, including, without limitation, when you: (i) visit our websites that display or link to this Policy (the “Website”); (ii) visit our offices; (iii) communicate with Paradox via email, phone, or fax; (iv) fill out a form at a conference or event; (v) register to attend an event or webinar; (vi) access or download certain content (such as a whitepaper); or (vii) engage in other interactions with Paradox that require the provision of Personal Data.
The types of Personal Data you may choose to provide to Paradox include, without limitation: your email address, job title, company information, mailing address, location, telephone number, or any other Personal Data that Paradox requests you provide as a Client or in the interest of becoming a Client. Potential candidates or employees for a position with Paradox may also provide information regarding job interests and answers to screening questions (e.g., “What is your current job title?” Or “What is the name of your current employer?”), as well as any other Personal Data that Paradox requests you provide as an applicant to a position with Paradox, or as an employee of Paradox.
We also collect Personal Data about you from third parties from whom we have purchased such Personal Data, which we may combine with Personal Data that you have provided to Paradox. Such Personal Data may include, without limitation, company information, phone numbers, job titles, mailing addresses, email addresses, and social media profiles.
When you visit the Website, our servers automatically record information that may include Personal Data. Information we collect may include, without limitation: the web address you came from or are going to, your device model, your operating system, the type of web browser you are using, your internet service provider/mobile carrier, a unique device identifier, your IP address, your mobile network carrier, your time zone and location, and additional information provided by your web browser. Whether we collect some or all of this information depends on the type of device you are using and your device settings. For example, different types of information are available to Paradox depending on whether you are using a Mac or PC, or an iPhone or Android phone. To learn more about what information your device makes available to us, please check the policies of your device manufacturer or software provider.
Third Party Website Analytics Services: We use third party analytics providers, such as Google Analytics, to provide certain information about your use of the Website. These third party analytics providers collect and track certain de-identified data and information regarding the characteristics and activities of website visitors. To learn more about how Google uses this information, please visit www.google.com/policies/privacy/partners. You may opt out of third party cookies from Google Analytics tracking by installing a browser plugin. For more information on this plugin, please visit https://tools.google.com/dlpage/gaoptout.
Do Not Track: While some internet browsers offer a “Do Not Track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard that has been adopted by industry groups, technology companies or regulators. Therefore, we do not currently commit to responding to browsers' DNT signals with respect to our websites.
We collect and process the information that we collect about you, including Personal Data, for the purposes and on the legal bases bulleted below:
Paradox may share Personal Data and other information with affiliates and third party service providers, vendors, agents and contacts (“Service Providers”). Service providers may use information we provide to them only as instructed by Paradox.
We use Service Providers to perform services on our behalf or to assist us with providing services to you. For example, we may engage Service Providers to process payments, to provide services such as communications, infrastructure and IT services, to collect debts, and to analyze and enhance data (including data about users' interactions with our service). These Service Providers may have access to your Personal Data or other information in order to provide these functions. This processing is based on the legitimate interest of you as the data subject. We require our Service Providers to agree to take reasonable steps to keep the Personal Data that we provide to them secure and we do not authorize them to use or disclose your Personal Data except in connection with the provision of services to Paradox.
We may disclose your Personal Data if we are required to do so by law or we, in good faith, believe that such action is necessary to: (i) comply with the law or with legal processes; (ii) protect and defend our rights and property; (iii) protect against misuse or unauthorized use of our Websites and/or Services; or (iv) protect the personal safety or property of our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).
If Paradox goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information may be among the assets transferred.
We may disclose aggregate, anonymous, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.
If you would like to review and update, delete or no longer use your Personal Data, call us at (888) 283-4817, email us at email@example.com, or contact us via postal mail at the address listed in Section 11 “Contact Paradox”, below. Subject to applicable law, we will retain and use your account information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
As described above, if you do not wish to receive promotional e-mails from us, you may opt out at any time by following the opt-out link contained in the e-mail itself. Please note that it may take up to ten (10) days to process your request. Please also note that if you opt out of receiving promotional communications from us, we may continue to communicate with you regarding service-related issues.
If you do not wish to continue receiving messages you may opt-out of receiving mobile message services by replying STOP, STOPALL, UNSUBSCRIBE, CANCEL, END or QUIT to any mobile message that you have received from Paradox or through the Website. After sending such message you may receive an additional mobile message confirming your decision to opt-out. You understand and agree that the foregoing options are the only reasonable methods of opting-out.
Under the California Consumer Privacy Protection Act (CCPA), we are required to provide you with disclosures about the information we may collect (including Personal Data), the purpose for which we collect such information, the sources of that information, and the categories of third parties with whom we share that information. You may exercise these rights as described in Section 7 “Accessing and Managing Your Personal Data”. Please refer to Sections 1 through 6 of this Policy, wherein we describe how we collect data, for what purposes, from what sources, and with whom we may share that information.
California residents have the right to request access to or deletion of their Personal Data. You may exercise these rights as described in Section 7 “Accessing and Managing Your Personal Data”. California residents also have the right to request additional details about our information practices and to not be discriminated against for exercising their rights.
Paradox does not sell any of your Personal Data.
Paradox takes all reasonable precautions to verify your identity in connection with fulfilling its responsibilities under the CCPA. The verification steps may vary. We evaluate each request based on the individual submitting the request and the category of data related to the request (Personal Data or other information).
As a service provider under the CCPA, Paradox also assists our Clients in their compliance with the CCPA. If you have submitted Personal Data to a Paradox Client via the Services, you may submit a data deletion or modification request to Paradox as described herein. Paradox will assist with any deletion requests that a Client may receive by notifying the applicable Client of such request and performing the deletion upon Client approval.
Do Not Track: While some internet browsers offer a “Do Not Track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard that has been adopted by industry groups, technology companies or regulators. Therefore, we do not currently commit to responding to browsers' DNT signals with respect to our Websites.
Please see Section 10 “Additional Privacy Info”, below, for information regarding Paradox’s data security obligations under the CCPA, our data retention practices, and our practices regarding any material changes to this Policy. For information on how to contact Paradox regarding any CCPA or privacy related inquiry, please review Section 11 “Contact Paradox”.
Personal Data collected by Paradox may be stored and processed in the United States or in any other country where Paradox or its affiliates, subsidiaries, or third-party service providers maintain facilities. When you provide Personal Data to Paradox, you consent to the processing and transfer of your information within the United States and around the world. We follow applicable data protection laws when transferring Personal Data.
Paradox will process your Personal Data for the legitimate interests of Paradox, or, when needed, with your explicit consent. If you have provided consent for the processing of your Personal Data, you have the right to withdraw consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. You have the right to request access to and rectification or erasure of your Personal Data, as well as the right to restrict processing, object to processing, and, under certain circumstances, exercise the right to data portability. You have the right to lodge a complaint with a data protection supervisory authority if you believe that we have not complied with the requirements of the EU General Data Protection Regulation with regard to your Personal Data.
EU individuals with GDPR complaints are encouraged to contact our Data Protection Officer, whose contact information is listed under Section 11.2. Those individuals also have the right to file a grievance directly with their local Data Protection Administrator (“DPA”). To find out more about the relevant DPA’s, EU individuals can refer to https://edpb.europa.eu/about-edpb/board/members_en.
UK individuals can find information about the Information Commissioner’s Office by going to https://ico.org.uk
Paradox complies with both the EU-U.S. Privacy Shield framework and the Swiss-U.S. Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union and the United Kingdom to the United States, and from Switzerland to the United States, respectively. Paradox has certified to the Department of Commerce that it adheres to the Privacy Shield principles. If there is any conflict between the terms in this Policy and the Privacy Shield principles, the Privacy Shield principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit privacyshield.gov.
In compliance with Privacy Shield principles, Paradox commits to resolve complaints about our collection or use of your Personal Data. EU, UK and/or Swiss individuals with inquiries regarding our Privacy Shield policy should first contact Paradox, as set out under Section 11.2.
Paradox has further committed to refer unresolved Privacy Shield complaints to an independent dispute resolution mechanism, the BBB EU Privacy Shield. If you do not receive timely acknowledgement of your complaint from us, or if we have not resolved your complaint, please contact or visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint. This service is provided to you free of charge.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Pursuant to the Privacy Shield principles Paradox acknowledges that we remain liable for the onward transfer of data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages. We may be required to release personal data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.
The Federal Trade Commission has jurisdiction over Paradox’s compliance with the Privacy Shield.
Your Personal Data may be processed outside your jurisdiction, and in countries that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction, such as the EEA. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR).
Paradox employs reasonable and appropriate physical and logical security measures to protect Personal Data from loss, theft, misuse, unauthorized access, and unintentional disclosure, alteration, or destruction, including, without limitation, using SSL encryption for Personal Data in transfer and at rest. You are responsible for maintaining the security of your password or other form of authentication involved in accessing password-protected or secured resources. In order to protect you and your information, Paradox may suspend your use of the Website without notice, pending an investigation, if any security breach is suspected. We are not responsible for any lost, stolen, or compromised passwords or for any unauthorized account activity that may result.
Paradox has appointed a Data Protection Officer who is responsible for matters relating to privacy and data protection. Our Data Protection Officer can be reached by using any of the methods listed under Section 11.2 “Paradox Contact Information”.
We will retain your Personal Data only as long as needed to provide you with services or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Data entered into the Paradox Service is retained in accordance with the agreement between the Client and Paradox.
Paradox does not direct any of its communications to, or knowingly collect Personal Data from, children under thirteen (13) years of age. If we discover that a child under thirteen (13) years of age has provided us with Personal Data, we will promptly delete such Personal Data from our systems.
We reserve the right to change or update this Policy at any time. Changes to the Policy will be posted on this website and links to the Policy will indicate that the statement has been changed or updated. We encourage you to periodically review this Policy for any changes. For new users, changes or updates are effective upon posting. For existing users, changes or updates are effective 30 days after posting.
If you have any questions regarding our Policy, or if at any time after providing your Personal Data to Paradox you want to update, change, unsubscribe, or request removal or deletion of your Personal Data, or if you would like to assert any of the rights listed above, please direct your request to firstname.lastname@example.org, call us at (888) 283-4817, or contact us via postal mail at the contact information listed below. Paradox will respond to your request within a reasonable timeframe.
If you prefer not to receive marketing communications from us via email or SMS, please let us know and opt-out of such communications by exercising your rights as outlined in Section 7 “Accessing and Managing Your Personal Data”, above.
You may reach our Privacy Team at email@example.com or by calling us at (888) 283-4817.
Alternatively, you may reach us by addressing regular mail to the following addresses:
Attention: Privacy or Data Protection Officer
6330 E. Thomas Rd., Suite #200
Scottsdale, Arizona 85251