This privacy notice discloses the privacy practices for ScaleSec. This privacy notice applies to information collected by this website and during the employment application process. It will notify you of the following:
- What personally identifiable information is collected, how it is used, and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
We are the sole owners of the information collected on this site. We only collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to send an invoice if you prefer physical mail.
Via Employment Application Process
We use Greenhouse, an Applicant Tracking Software (ATS) solution, to manage the hiring process. This includes hosting of job descriptions, candidate profiles and resumes, interview feedback, and offer details. You may review Greenhouse’s privacy statement here.
If an offer of employment is accepted, we complete a background check using Checkr, Inc. only after obtaining your signed consent. You can read more about Checkr’s security and privacy policies here.
We use the mass-emailing tool MailChimp to send and manage occasional business-related outreach, such as our quarterly newsletter. Both our newsletters and MailChimp are CCPA and GDPR compliant; you can unsubscribe and/or manage your data by clicking the “unsubscribe or change your subscription settings” link at the bottom of any MailChimp communication. Any changes you make to your data in MailChimp will be made to your data throughout ScaleSec; for example, if you unsubscribe from MailChimp emails, you will be unsubscribed from any other unsolicited communications from ScaleSec, as well. This does **not **apply to communications relating to any engagements or open employment applications we may have with you.
You can view more details about MailChimp’s security and privacy policies here.
CCPA, Personal Information, and Access to and Control of Personal Information
The California Consumer Privacy Act (CCPA) creates rules about what consumer information can be retained, how it’s used and shared, how it can be accessed. We adhere to CCPA policy due to the presence of Personal Information (PI) within candidate files, including, but not limited to, background check information, employee identity verification, and address. Our CCPA compliance applies to all data collected in all facets of business, not just that gathered during the hiring process.
- We will provide, within sixty (60) days, an individual’s complete information, including resume, application responses, background check data (where applicable under state law), offer details, and/or other records. Consumers may request this data by completing the web form here.
- If requested, we will amend or delete all application data within thirty (30) days of request by the consumer.
- We do not retain PI for candidates that are not hired. This includes background check and identity documentation (such as copies of licenses, tax documents, passports, etc) which are removed after a maximum of thirty (30) days. For candidates that are hired, this information is removed from the applicant tracking system and stored in the employee’s personal file (and no longer subject to CCPA compliance).
- We do not gather PI of customers, contractors, or those inquiring about services. However, we welcome and comply with all data access, amendment, and/or deletion requests. If you believe we may have your PI, you may contact ScaleSec as detailed above.
- With the exception of background checks, we do not share personal data with external parties. This includes marketing providers, advertisers, solution providers, and other organizations.
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, professional services, billing, or customer service) are granted access to personally identifiable information. The systems in which we store personally identifiable information are kept in a secure environment.