Revised: August 1, 2015
WE WANT TO BE CLEAR UP FRONT, THOUGH THE FOLLOWING POLICY EXPLAINS IN DETAIL:
Students who use our Services may upload or direct us to collect personal information about them and information about their education history. In this case, we will share part of all of the information we gather with potential coaches and/or third parties that can help such students get jobs. We may generate reports from our collective data holding that describe some or all of our users on an anonymous basis, and in some cases we may sell such reports. Once you have used the Services, certain results of the processing of your data will be stored on our servers indefinitely, though we remove personal information after you delete your account.
What We Collect
When you visit the Site, we log and store your IP Address and technical information about your visit like your browser type and how you progressed through the Site, where you abandoned it, etc. (“Usage Data”). We may also connect Usage Data in connection with your use of the Services.
As a Site visitor, we place a small piece of software referred to as a “cookie ” on your computer to help us collect this Usage Data. If you use the Services and create an account, we also use this cookie to recognize you on return visits and expedite the login process. You can remove this and other cookies through your browser preferences menu, though the exact method varies depending on the type of browser you use – but note that you won’t be able to log into our service if your cookies are disabled. If you visit from a mobile device, we may reference your device identifier or other information about where your visit originated.
Cookies used by our Services are “session” cookies that last between 2 and 3 hours by default, which expire after you log out. If you select “Remember me” when you login, this cookie is stored for a longer period of up to 20 years in order to expedite future logins and avoid your having to re-enter passwords frequently. We encrypt our cookies and do not store personal information in these cookies.
When you register, we collect and store your name, email, school, [address, phone] and other contact information, and you may choose to enter other information about yourself, your major, or your job history, for example. We refer to all of this information in this Policy as “Registration Information.”
When we send an email from the Service, it contains embedded software code that tracks when the email has been open or clicked upon. This functionality sends the resulting records back to our Service, which may be associated with other information you have provided us.
HOW WE USE IT
Usage Data helps us monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our Site, diagnose or fix technology problems, and otherwise plan for, improve and enhance our Site or our business operations. We may associate Usage Data we automatically collect with your other information if you become a user of the Services.
We use Registration Information to help connect you with coaches and to help employers search for potential employees, including by searching all candidates using our Services through a filtered search or query. This may result in display of your name, school, and major (for example) to a coach or an employer, in those coaches/employers/entities making direct contact with you, and/or the display of advertising those entities think might be relevant to you. Your identity and application information may be displayed to coaches and employers according to your expressed preferences when using the Services. Information about an employer’s organization may also be displayed to other users. We don’t collect or use information about you that you don’t input into the Services unless you choose to integrate a third party account you control with GEN Z Connect, in which case we may use data collected through that application in other ways.
Both Registration Information and Usage Data may be de-identified (according to our best efforts) and used to create reports about our user behavior, to run analytics, to generate advertising criteria that we allow third parties to use to target ads to our users, to make suggestions in our applications and Services for matching criteria, and other similar reporting and analytics functions (including selling anonymized reports to third parties). These external reports would not include personally-identifiable information about users of our Services.
Data regarding coaches and employers, and their behavior on the Services and in related transactions, may also be collected and used in reporting and analytics.
We may share Usage Data with our third party service providers in the course of our operations, with affiliates of our business, or in connection with the display of first or third party advertising specific to your geographic location. We may also engage third parties to help us improve our business, such as analytics providers, and such parties may have access to aggregate or individual Usage Data.
WE MAY ALSO SHARE USERS’ PERSONAL INFORMATION WITH:
Other companies owned by or under common ownership with us (i.e., any organization we own or control) or our ultimate holding companies (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use your personal information in the same way as we can under this Policy; Third party vendors, consultants and other service providers that perform services on our behalf, in order to carry out their work for us, which may include providing cloud storage or hosting services, marketing assistance, email delivery, content or service fulfillment, or providing analytics services. We share personal information with these third parties as needed to perform services for us and under reasonable confidentiality terms; Our business partners who offer a service to you jointly with us, for example, when running a co-sponsored contest or promotion or offering employment opportunities to our users; Third parties upon your request. For example, you may have the option to share your activities on our Services with your friends through social media or with coaches and/or employers you want to contact; Other parties in connection with any company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party or in the event of bankruptcy or related or similar proceedings; and Third parties as required to (i) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (ii) enforce our Terms of Service, including the investigation of potential violations thereof, (iii) investigate and defend ourselves against any third party claims or allegations, (iv) protect against harm to the rights, property or safety of Company, GEN Z Connect, its users or the public as required or permitted by law and (v) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues. We may also share information with others in an aggregated and anonymous form that does not reasonably identify you directly as an individual. Storage, Security and How to Remove Your Information
We store user Personal Information on servers in the United States under the control of our third party service provider in a single database. While we reserve the right to change service providers, the current provider maintains security features in compliance with ISO 27001, SOC1 and SOC 2/SSAE 16/ISAE 3402 (formerly known as SAS 70 Type II), PCI level 1, FISMA Moderate, and requirements of Sarbanes-Oxley.
Our servers’ data is backed up by our service providers daily. We perform monthly penetration testing on our own application to consistently improve our internal, custom security features.
Transmissions to and from (and between) our Services’ user interface(s) are encrypted with Secure Socket Layer (“SSL”) technology. We use 128-bit SSL as of the date of this policy to secure transmissions within, to, and from our Services (including data incoming from third party sources).
As of the date of this policy, we are in the process of encrypting our databases while “at rest” – that is, during storage while the data is not being used or called by our servers.
We use access restrictions to limit third party access to our admin functions. Except in cases of emergency, Administrators with access to user personal information only access the information necessary to perform their specific functions. Such Administrators must be employed by us under standard employee confidentiality restrictions or must have passed our internal review process, each of which include spending time being trained on ethical handling of data and proper data access policies. Such access is carefully logged and monitored, and the need for continued access is periodically re- reviewed.
We care about the security of your information and use commercially reasonable physical, administrative, and technological safeguards to preserve the integrity and security of all information we collect and, in some cases, share with our service providers – as described above. Information at rest, stored on our servers, is only encrypted where a partner university so requests. IF YOU ARE UNCOMFORTABLE WITH THE UNENCRYPTED STORAGE OF THE INFORMATION DESCRIBED HEREIN, PLEASE DO NOT SUBMIT INFORMATION TO US THROUGH THE SERVICES. While we take reasonable precautions against possible security breaches, no website or internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss or other breach will never occur. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Your activity on the Site does not allow us to recognize or acknowledge Do Not Track signals, though our registration process and services are secured according to specific contractual promises. Do not transmit any sensitive or personal information using the Site other than as directed to enter into a subscription or trial with us.
DELETING YOUR ACCOUNT
Personal Information is sent to archive if a user deletes or abandons their account. Users can do so by sending a message to email@example.com requesting such deletion. You can also archive your account within the Service. If deletion is requested, accounts are archived for sixty days in case the user changes his or her mind, or a career services agent makes a mistake and didn’t mean to delete the account. Archiving the student will not remove their Personal Information entirely from our systems. After the 60 day retention period, we will remove and/or disassociate your name, email address, and/or personal contact information from our records in any way practicable, though we retain certain usage information about your behavior and interactions while using our service, backup copies of certain of our data, and other de-identified information about your account activity notwithstanding any such deletion.
THIRD PARTY LINKS
The Site may, from time to time, contain links to and from third party websites of our partner networks, advertisers, partner merchants, retailers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.
Minors under 18 are not permitted to use our Site without express parental consent to both use the Services and be bound by our Terms of Service and this Policy. We do not intentionally collect information from minors under 13. If you believe we have collected any personal information from a child younger than 13 years of age, please notify us immediately at firstname.lastname@example.org and we will do anything reasonably possible to remove that information from our systems.
CONTACT US AND ACCESSING YOUR INFORMATION
If you have any questions about our privacy practices, or if you wish to remove any of your personal information from our records please contact us at:
Note that we do not have identifying information on file for most users. We can only remove personal information actually in our possession.
UPDATES TO THIS POLICY
If we update this policy and make material changes to it, as determined in our sole discretion, we will email our users and inform them of the update. You must check this policy periodically for minor changes, which may be made without notice at any time.