Effective date: June 13, 2023
- 1.Introduction; Scope of this Policy.
- 2.Where We Are a Service Provider.
- 3.Personal Data We Collect About You and Why.
- 4.Information We Disclose.
- 5.Cookies and similar Tracking Technologies; “Do Not Track”.
- 6.Overview of Your Data Rights.
- 7.Your California Privacy Rights.
- 8.Your Nevada Privacy Rights.
- 9.Your Rights and Control under EU GDPR.
- 10.Data Security and Integrity.
- 11.Retention and Removal.
- 12.Information on Children.
- 13.Right to Revise.
- 14.Contact Details.
- 15.Privacy Contacts.
Introduction; Scope of this Policy.
This Policy does not apply to (1) personal data controlled by our Customers (employers that utilize our Services, described further below); (2) personal data collected by unaffiliated sites that link to or are accessible from our Services; (3) personal data our partners may collect directly from you and control; (4) personal data collected and processed by us about our employees or job applicants responding to our job offers; and, (5) non-personal data derived from personal data, including any data that is aggregated, de-identified, or anonymized, statistical data, insights, or other predictive data that is sufficiently different from your personal data that it cannot be reversed engineered through reasonable means, or otherwise identified from analysis or further processing of the derived data (collectively referred to as the “Platform Data”). We use Platform Data to provide Customers with useful and relevant insights, build features and data services, and improve our Services.
We are the controller for the personal data discussed in this Policy, except as noted in the “Where We Are a Service Provider” section below.
Where We Are a Service Provider
Our Customers are organizations such as federal, state, local, tribal, or other municipal government agencies (including administrative agencies, departments, and offices thereof), private businesses, and educational institutions (including without limitation K-12 schools, colleges, universities, and vocational schools), who use our Services to evaluate job applicants and manage their relationship with their personnel. When we provide our Services to our Customers, the Customer generally controls and manages the personal data, and we process personal data as a data processor or service provider. Our legal obligations as a processor and service provider are set out in our Customer contracts and policies.
Where we serve as a data processor, our Customer contracts and policies require us to either instruct you to contact our Customer, or redirect your inquiry to our Customer.
Personal Data We Collect About You and Why.
In this Section we set out general categories of personal data we may collect and the purpose for using your personal data, including the personal data collected and processed over the past year. We collect and process personal data to provide you the Services, fulfill our contractual responsibility to deliver the Services to our Customers, fulfill your requests, and pursue our legitimate interests and our business and commercial purposes. We also automatically collect data during your usage and collect other personal data about you from other sources. Your personal data will only be collected and used for purposes stated herein, where you provide additional consent, or as required by law or regulation - including national security or law enforcement requirements.
Information Provided by You.
We collect personal data from you directly when you visit our Services from either your computer, mobile phone, or other device, attend one our events, or communicate with our personnel. The categories of personal data we collect from you, including over the past year, involve the following:
|Types of Personal Data||Why the Personal Data is collected|
|Identification, account, and contact data, including your name, username and password, professional or personal email address, professional or personal telephone phone number, and account preferences.||
Profile and employment data including your name, professional or personal postal address, professional or personal e-mail or telephone number, employer name and location, job title or area of expertise, work experience and performance data, search history, job interest cards, education history, skills, certificates, and licenses.
We may collect age, gender, ethnicity, race, marital or other status, and in some cases, data related to your personal health, emergency contacts, biometric data when using our mobile app or time clocks, financial account data, and state issued identifiers such as driver’s ID and social security number. Some of our Customers are required to collect this personal data by law. We also collect any other supplemental personal data added at your discretion or requested by our Customer, including answers to minimum quality questions, and status of background checks or assessment tests.
|Communications and publication data including communication content within emails, phone and other voice recordings, online forms, chats, forums including our Customer Community, date and time of the communication, and the communication method.||
|Contact preferences data including marketing content preferences, and the status of whether you opted-out of our marketing notices.||
|Transaction and billing data including the Service purchased, billing details, financial data corresponding to your selected method of payment (e.g. a credit card or a bank account number).||
You may voluntarily submit other personal data to us through our Services that we do not request and are not required for the relevant data processing activity. In such instances, you are solely responsible for such personal data.
Information Collected Automatically.
With the help of our Service Providers, we also automatically collect personal data about you and your device and how you interact with our Services. Categories of personal data collected automatically include the following:
|Types of Personal Data||Why the Personal Data is collected|
Usage data including Services you purchase, IP address, webpages visited, what you click on, features you use, how often and when you use features, location of usage, jobs performed, Service configurations, browser type and version, error logs, and e-mails you view; and,
Device data including device address or other unique device identifying numbers, type of device, software and hardware attributes, your operating system, system and performance data, and mobile application permissions including cellular data, geolocation, access to photos, camera, calendars, and reminders.
|Location data including your device’s location through data that indicates a country, state, city or postal code, and in certain instances, by tracking the latitude and longitude of your IP address, Wi-Fi address, or device.||
|Log and other automatic data collection including data about the nature of each access, IP address, ISP, files viewed, content changes in certain cases, operating systems, device type and timestamps, pages you view, links you click, browser type, access times, and addresses of websites you were on just before you arrived on our Website.||
|Cookies, pixel tags (“web beacons”), and embedded scripts within our communications and on our Services to collect data related to usage, location, device and logs.||
Information from Other Sources.
We also receive your personal data described in this policy from third party sources, including from your employer (our Customer), third party companies we purchase personal data, partners, including partners listed on our Marketplace, and co-organizers and sponsors for our events and webinars.
Partners. We collect and use personal data originally collected by partners for joint product and marketing opportunities. For example, we receive profile data about the status of background checks and assessments you participate in, updates from payment processors regarding your purchases, receipts and analytics for text communications and emails you send and receive, or other profile data from integrated systems employers choose to connect with our Services. If you sign into our Services with Facebook or other single sign on services, we import the requested data from your account.
Data brokers. We purchase additional contact data to supplement and correct the contact and employment data we collect, including your name, professional or personal email address, professional or personal telephone phone number, employer name and location, job title or area of expertise.
Public sources. We collect personal data from publicly accessible websites and government sources, including your name, email address, and other profile data such as job title, employer name, and professional expertise.
We combine personal data about you from your use of the Services with other personal data to make inferences about you or our Customers. We may produce insights with the help of independent sources and processors. If you believe that your personal data was improperly collected or provided to use by one of the sources described above, please contact us at firstname.lastname@example.org.
Information Collected When Using the PowerLine Application
Our purpose in providing the PowerLine Application (“App”) is very simple: to help you maximize your mental wellbeing. Our commitment to protecting your privacy while using the App comes from a deep awareness of the sensitivity of information regarding one’s mental wellbeing. If your employer has sponsored your access to our App, we will only collect from you the minimum personal information necessary to set up your initial access to the App (name, email address). Thereafter, your access to and use of the App will be anonymous and will not be tracked. In this way, we can protect your privacy while helping you manage your health.
Anonymous Data refers to data that by itself does not permit the identification of a specific individual. We collect such information only insofar as is necessary or appropriate to fulfill the purpose of your interaction with the App. We may collect the following types of Anonymous Data when you use the App:
- Measurement data produced by the Apps. We may collect the Apps version, device hardware model, device operating system (OS) version, language and region settings, or timestamp.
- Apps crash reports. When the App crashes, we may collect information relating to the crash including device state, device hardware model, device OS version, and software processes that triggered the crash.
- Apps usage and interactions. We may collect statistics about the behavior of users of the App to understand how they interact with the App and for error reporting.
Information We Disclose.
We share personal data with other parties for the purposes stated herein or as required by law. The following categories are the entities we’ve shared personal data with, including over the past year.
We disclose personal data to our Customers (your current or potential employer) that utilize our services. For instance, when a job applicant responds to a job posting, we will share your personal data with the employer in order to facilitate the job search and hiring process. If your current or former employer uses one of our Services, personal data you input into those Services is accessible by that employer’s end users - subject to the security and access controls set up by the employer. In addition, if you sign up for an Access membership, we may share your personal data with Customers and their designated agents for recruitment purposes or to demonstrate to Customers or potential Customers products designed to enhance their recruitment capabilities. You may cancel your Access membership at any time.
To Service Providers.
We share personal data with services providers to provide services on our behalf. For instance, we use service providers to facilitate our support services, data security, email, web hosting, research and analytics, data enrichment services, deliver and help us track our marketing and advertising content, process credit card payments, deliver payroll processing and disbursements, coordinate our customer conferences, and manage our sales and customer relations.
We share personal data with analytics and advertising companies that may act as our processor and a controller in other instances. We work with other entities to perform research, under controls that are designed to protect your privacy. We publish or allow others to publish insights, presented as either aggregated, anonymized, de-identified, or non-personal data.
If you download or access content on our Services or attend an event or webinar we host or co-host, we may share your personal data with sponsors of the event or webinar. The sponsor may also be a controller of your personal data in this instance, and processing of your personal data will be subject to the sponsors’ privacy statements as well.
To other parties when you give your consent.
We may also share personal data where you provide your consent or post your personal data publicly. Where required by law, additional consent is obtained before personal data is transferred to us or forwarded to other parties. For example, we share personal data with background check providers if a job applicant consents and we are instructed to do so by our Customers.
During your use of the Services, you may have the opportunity to visit or link to other websites, including websites by third parties unaffiliated with us. We have no relationship or control over unaffiliated websites. These websites might collect personal data about you, and you should review the privacy policies of such other websites to see how they treat your personal data.
To other third parties where required by law.
We also share personal data or data in order to meet any applicable law, regulation, legal process or enforceable governmental request, investigate violations and enforce policies, detect, prevent, or otherwise address fraud, protect against harm to the rights, property or safety of our users or the public, protect your vital interests or the vital interests of another natural person; and where disclosure is necessary for establishment, exercise or defense of legal claims or where there is reasonable belief that disclosure is required by law or regulations.
Mergers, Acquisitions, Dissolutions, Affiliates.
We may transfer or disclose personal data to another entity who acquires or may acquire any or all of our business units, whether such acquisition is by way of merger, consolidation or purchase of all or a substantial portion of our assets, or bankruptcy. We disclose personal data to our affiliates with our Customers’ consent in order to facilitate any Service transition or implementation services.
Cookies and similar Tracking Technologies; “Do Not Track”.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser and device you use to access our Services. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
- Authentication to identify you when you visit our Services, as you navigate our Services, to confirm whether you are currently logged in, and determine if an occurrence affects you.
- Metrics to determine how you use the Services, what features you utilize and how often, how much time you spend on the Services and features, and other details about the hiring and HR process. This data is aggregated and anonymized.
- Personalization to store information about your preferences and personalize our Services to you, including to supply Customers with details about their hiring processes, and provide job recommendations to job applicants and Customers based on their past interest.
- Security to protect user accounts, including preventing fraudulent use of login credentials and to protect our Services generally.
- Advertising and feedback to determine whether our advertising and feedback inquiries are received, opened, if the content or campaign is effective, and to provide you more specific content about Services we or our partners offer.
- Analysis to help us analyze the use and performance of our Services, and display different versions of features or content, all of which helps us determine what parts of our Services need improvement and which ones you enjoy most (which may include marketing content).
- Google Analytics and Adsense to analyze the use of our Services and publish advertisements. Google's use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet. You may opt out of personalized advertising by visiting Ads Settings.
Other data gathering mechanisms, such as web beacons, HTML Storage Objects, and web tags, are used by us and our service providers to gather more specific data on your use. A web beacon (also called a web bug or clear GIF) is a graphic on a webpage or in an email message that is designed to monitor who is reading the page or message. Web beacons are often invisible because they are typically only 1-by-1 pixel in size. Web beacons are often used alongside cookies to track activity. Web beacons may be used to add data to a profile about a site visited, provide an independent accounting of how many people have visited a website, gather statistics about usage, among other things. HTML Storage Objects are program code that collects data about your activity on our Services. The HTML is temporarily downloaded onto your device while you are connected to our Online Services.
Overview of Your Data Rights.
Your data rights for personal data where we are the data controller.
You can review and enforce your personal data rights through your account, communications you receive from us, third party mechanisms, or with the assistance of our support team using the emails at the end of this Policy. For instance, you can:
- Place limits on which Customers can preview your profile by logging into your account on https://www.governmentjobs.com and going to your account settings. Job applicants can utilize similar privacy controls on a per Customer basis in each Career Page account created.
- Correct inaccurate personal data about you where permitted under certain circumstance by modifying or deleting personal data within your account by logging in to your applicable account and following the prompts to either “update my profile” or “delete my profile.”
- Change your communication preferences or unsubscribe from a notification by following instructions contained within the notification itself (if applicable), your account settings, using your email provider preferences, or contacting us. For text message notification you can reply with “OPTOUT” to stop receiving texts.
- Confirm whether we process your personal data and, where we do, access to the personal data. To see whether personal data on you is retained on our servers, please click here. Certain users are entitled to request copies of their personal data held by us. You can print a copy of your Profile personal data using your web browser and download your attachments at any time by logging into your account and following the download process. Any further data access requests can be directed to the privacy support emails listed at the end of this Policy.
- Send valid requests to restrict or limit our use of your personal data to support by contacting us at the privacy support emails listed at the end of this Policy.
- Invoke your right to withdraw your consent at any time (where processing is based on your consent) by using the privacy controls in your settings, within certain contacts you receive, by deleting personal data within your Profile, or by deleting your account.
- Delete data within your job applicant profile or delete your job applicant account (subject to permitted exceptions) by either following the prompts to delete within your account, or contacting our support team. If you are a job applicant and you delete your account, your profile data will be removed from our job applicant server; however, deleting your account will not remove applications you previously submit to employers.
Your data rights for personal data you submit to our Customers.
Upon making your personal data available to an employer (our Customer), your personal data may be controlled by our Customer. In this regard, we are a data processor for personal data Customers maintain have us process, and your data rights are subject to our Customers’ internal policies. For these reasons, we are not in a position to directly handle data requests for personal data controlled by Customers. You should contact the Customer regarding personal data they may hold about you and to exercise any data rights you may have. We will cooperate with such inquiry in line with applicable law and our contractual obligations with the Customer.
Your California Privacy Rights.
If you are a California resident, you have the additional data rights listed below. You can exercise some of these rights by utilizing the prompts within messages we send you within your account settings, or within the privacy settings on our web pages. Otherwise, you are also able to exercise these rights by contacting our support team using the privacy support emails listed at the end of this Policy. Please note, if we cannot verify your identity we may deny certain data right requests. You can designate an authorized agent to submit requests on your behalf, but we require written proof of the agent’s permission and verify your identity directly.
|California Privacy Right||How we fulfill your California Privacy Right|
|Right to notice of what categories of personal data and sensitive data is collected about you, the business or commercial purpose of collection, and access to such data.||
We’ve provided details on what personal data is collected about you for our business purposes in the “Personal Data We Collect About You and Why” section of this policy, or you can also receive this information by contacting us. However, to ensure compliance with CCPA, the following categories of personal data as defined by the CCPA have been collected over the past year:
You can print a copy of your Profile personal data using your web browser and download your attachments at any time by logging into your account and following the download process. Any further data access requests can be directed to us at the privacy support emails listed at the end of this Policy.
|Right to know who we share your data with||We share your information with others for legitimate business purposes. See the “Information We Disclose” section of this Policy for additional details.|
|Right to opt out of sale (“Do Not Sell My Information”)||
We do not sell personal data in the traditional sense without an express consumer opt in. Should an activity we undertake constitute a “sale” under the expanded definition of “sale” within the California Consumer Privacy Act, California consumers have the right to opt-out of the sale of your personal data. To the extent we sell your personal information as the term “sell” is defined under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You may submit a request to opt-out by clicking: , by closing your Access account if you have one, or you may submit a request to us via email at: email@example.com
To the extent you had previously opted in to sharing your information by signing up for an Access membership and you later opt out, your data will still be available solely with respect to the communications with prospective employers initiated through your Access membership prior to opt-out.
We allow select companies to place tracking technologies like cookies on our sites, which allow those companies to receive information about your activity on our Services. The companies may use that data to serve you more relevant ads on our sites or others. Sharing data for online advertising like this may be considered a “sale” of personal data. California consumers have a right to opt-out of these sales. You have control over whether these technologies work on your devices. You can disable them using browser Do Not Track features or Cookie Settings provided by us.
|Right to delete certain personal data||
You have the right to request deletion of your data unless an exception applies. Upon a verified and permissible request where no exception applies, we will delete your personal data where we are a controller, and instruct applicable service providers to do the same.
You may request that we delete your personal data by closing your job seeker account if you have one, or you may submit a request to delete via email at: firstname.lastname@example.org
|Right to non-discrimination||We do not discriminate against you in response to a request for the exercise of any of your rights.|
|Right to have an authorized agent exercise your rights on your behalf.||We will require written proof of the agent’s permission to do so and will verify your identity directly.|
California Civil Code Section 1798.83 permits our visitors who are California customers to request certain information regarding our disclosure of personal data to third parties for the third parties’ direct marketing purposes. To make such a request please send a letter to: Governmentjobs.com, Inc., 2120 Park Place, Suite 100, El Segundo, CA 90245, United States Attn: Privacy Department. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note Governmentjobs is not required to respond to requests made by means other than through the provided mail address.
Your Nevada Privacy Rights.
A sale under Nevada law is the exchange of personal data for monetary consideration. We do not currently sell personal data as defined under Nevada law. If you want to submit a request relating to our compliance with Nevada law, please contact us at the privacy support emails listed at the end of this Policy.
Your Rights and Control under EU GDPR.
Data Controllers and Processors.
EU Data Subject Rights.
Data subjects in Europe whose personal data we receive through appropriate safeguards have legal rights to determine whether we hold personal data about them, to access personal data we hold about them, and to obtain its correction, update, amendment, or deletion in appropriate circumstances. In particular, your rights may include:
- Data Access, the right to access personal data we hold about you.
- Right to Restrict Processing.
- Right of Rectification, the right to correct or update your personal data.
- Right to be Forgotten, the right to delete your personal data.
- Right to Object to Processing on the basis of our legitimate interests or for direct marketing purposes.
- Right to withdraw Consent.
- Data Portability Rights, the right to receive a copy of your personal data in an electronic format.
- Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects or otherwise significantly affects you (“Automated Decision-Making”).
- Right to complain to a regulator or data protection authority about our collection and use of your personal data.
Some of these rights may be subject to exception and limitation. In any case, we will respond to your request to exercise these rights within a reasonable time but no later than within 30 days of receiving a request. To request to exercise your rights, you may contact us at any of the privacy support emails listed at the end of this Policy. Some of the rights are complex, and you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights. You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en
Lawful Basis for Processing.
For personal data subject to the European Union General Data Protection Regulation and ePrivacy Directive, we rely on multiple legal bases for processing, including:
Consent. In certain cases, we ask you for your consent to process your personal data, for instance, for certain marketing purposes. You can withdraw your consent at any time; however, this will not affect the lawfulness of the processing before your consent was withdrawn. You can withdraw your consent by using the prompts within the messages you receive, the settings within your account, or by contacting our support using any of the privacy support emails listed at the end of this Policy.
Legitimate Interest. We process certain personal data for our legitimate interests. These legitimate interests include contacting you to provide support or sending you marketing information (subject to applicable law); detecting, preventing, and investigating illegal activities and potential security issues; and maintaining and improving our Services. We will balance our interests, the purpose and necessity of processing, and the rights and risks to you before we process for legitimate interests.
Performance of a Contract We process personal data to perform our obligations under an agreement with you or our Customers. For example, we use payment information you provide when you purchase a Service.
Other Legal Bases. In some cases, we may have a legal obligation to process your personal data, such as in response to a court or regulator order. We also may need to process your personal data to protect vital interests, or to exercise, establish, or defend legal claims.
Automated Decision Making and Profiling.
We use an automated chat bot within some of our Services to screen your requests and questions. The purpose of the automated chat bot is to fulfill frequently asked questions provided by our users, tag the requests and questions to route to our most appropriate contact, and improve our responses and Services. The chat bot is not fully automated and will not have a legal or significant impact on you.
For personal data transferred from the European Union, the United Kingdom, or Switzerland, we will provide appropriate safeguards, such as through use of standard contractual clauses.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your sensitive data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal data, please submit a written request to email@example.com.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Data Security and Integrity.
We implement physical, technical, and administrative safeguards designed to maintain data accuracy, integrity, and security, prevent unauthorized access, and facilitate correct use of personal data. Our security measures take into account the risk of harm to you and Customers, as well as the availability of technology, industry common practices, effectiveness of mitigation controls, and the sustainability of those controls by us.
Although we maintain the controls listed herein, transmission of data is not without risk and we complete security of your personal data cannot be guaranteed. Please note, you are responsible for keeping your login credentials secret at all times, including your username and password.
In the event we believe the security of your personal data in our possession or control may be compromised, we may seek to notify you by e-mail and you consent to our use of e-mail as a means of such notification.
Retention and Removal.
For personal data we determine the purposes for and means by which it is processed, such personal data will not be kept for longer than necessary for the original purpose of collection, when no longer relevant, or upon permissible request. When the original purpose no longer exists, we will either delete or anonymize, or de-identify your personal data (subject to applicable law) or, if this is not possible, we will securely store your personal data until deletion is possible. Your personal data will be appropriately disposed in a manner designed to ensure it cannot be reconstructed or read. If you are a job applicant, after your account has been closed, we may retain Platform Data as permitted by law.
Where our Customer is the controller of your personal data, our retention policies and procedures are designed to allow Customers to comply with their own record retention requirements. If you are a job applicant that deletes your profile with us, your personal data will be removed, anonymized, or de-identified with our job applicant database; however, your data may persist within the applications you previously submit to our Customers until Customer disposal. Job applicants should contact the Customer they sent the application to if they seek enforcement of eligible data rights in that application.
Information on Children.
These Services are not directed at children under the age of thirteen (13) and we do not knowingly collect personal data from children under the age of thirteen (13). If we become aware that we have inadvertently received personal data from a person under the age of thirteen (13), we will delete the personal data from our records. If you believe that we have collected personal data from a child under 13 without parental consent, you may report this to us using any of the privacy support emails listed at the end of this Policy.
If you are a California resident under 18 years old, you have the right to remove personal data you have posted to our Services. Please contact us using any of the privacy support emails listed at the end of this Policy, and describe what personal data you’ve posted that you now want removed. We will use reasonable efforts to remove such personal data in compliance with the law and our other obligations stated herein. We do not sell the personal data of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age.
Right to Revise.
We reserve the right to revise our Policy to reflect changes in our online information practices or to comply with the law by publishing a new version on our website. In circumstances where we materially change the way in which we collect or use personal data, we materially change the terms of this Policy, or where personal data is no longer used consistently with a previously named purpose, we will provide notice and publish the new version on our website. You should periodically check this page to remind yourself of the rights herein.
This website is owned and operated by Governmentjobs.com, Inc. (DBA “NEOGOV”). Our principal place of business is at 2120 Park Place, Suite 100, El Segundo, CA 90245, United States. You can contact us by email, telephone, or regular mail using the contact information listed herein.
If at any time you have questions or concerns about this Policy, please feel free to e-mail us at the appropriate contact relative your jurisdiction:
Data Protection Manager at firstname.lastname@example.org
Users who have a visual disability may be able to use a screen reader or other text-to-speech tool to review the contents of this Policy. If you experience any difficulties assessing the information here or you wish to obtain a copy of this Policy, please contact us using the details above.