ExactHire Trust Center

OVERVIEW

Privacy Policy

Whenever you fill out a form on our site, whether you are requesting sales information or applying to a job through ExactHire, you are providing us with personal data, and this is the policy that governs how and when we can collect, use and disclose that data. This document also explains how our website uses cookies and similar technology to gather data from visitors to the site, and also what we are and aren’t allowed to do with data we collect from ExactHire customers who communicate with us through our customer support, marketing, and sales teams.

Terms of Use

If your company has a ExactHire subscription, the ExactHire Terms of Use is the main agreement covering your rights, responsibilities, and obligations under the subscription, as well as ExactHire’s. Its terms are fully incorporated into any Order Form signed by an ExactHire customer for ExactHire Services.

Security

ExactHire values the trust that our customers place in us by letting us act as custodians of their data. We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices.

ExactHire Product Privacy RequestsGDPR Readiness

Like many other software companies, we have implemented a GDPR compliance strategy effective May 25, 2018 and beyond. We appreciate that our customers have requirements under GDPR that are directly impacted by their use of ExactHire’s Services, and we are committed to helping our customers fulfill their requirements under GDPR.

Customers Taking Action on Their Data

We are the Data Processor for our customers (Data Controllers) for the data they store about their Data Subjects (e.g. applicants, employees) in our software applications (e.g. job applications, employee records, etc.). Our customers may take action on their data by contacting our Data Privacy Officer at privacy@exacthire.com; or, by accessing our Customer Data Request form within our products.

Data Subjects of our Customers

If our customers’ Data Subjects (e.g. applicants, employees) would like to take action on the data that our customers store in our applications, then the data subject should reach out to our customer (the Data Controller) directly.

PRIVACY POLICY

ExactHire Website Privacy Policy

Effective Date: May 25, 2018

Introduction

Acceleration HR dba ExactHire (“ExactHire”) respects your privacy and is committed to protecting it in accordance with applicable laws and using generally-accepted industry practices. For purposes of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual (e.g., name, address, email address, or phone number).This Privacy Policy explains how ExactHire collects and uses the Personal Information of visitors to our website, www.exacthire.com, and how our customers use our recruiting, reference checking and onboarding software platforms (the “Services”) to collect Personal Information from individuals who are either job applicants or employees of our customers.

This Privacy Policy does not apply to our customers, who manage the Personal Information they collect through our Services in accordance with their own privacy policies. We only process Personal Information that is stored in our Services under the direction of our customers, and we have no direct relationship with the individuals whose Personal Information we process in connection with our customers’ use of our Services. For example, if you apply to a job posted on a career page of a prospective employer that is one of our customers, your Personal Information will be transferred to ExactHire. However, the prospective employer remains the entity responsible for the processing of your Personal Information and you should contact that entity directly with any questions you may have regarding its privacy policies or data processing practices, and if you want to modify your Personal Information or delete it from our Services.

ExactHire may transfer Personal Information to third party companies that help us provide our Services. Transfers to these third parties are governed by our contracts with our customers. We will not sell or otherwise disclose your Personal Information to third parties.

Personal Information We Collect

ExactHire may collect the following information, including Personal Information from and about you:

Your interaction with Sales, Marketing, and Client Services: We collect Personal Information such as your name, company name, email address, phone number, and billing information when you request a demo of our Services, or request sales information, marketing content or customer service.

Cookies, Scripts and Related Technologies: When you visit our website, www.exacthire.com, we and our third-party service providers receive and record Personal Information that you may have provided and your digital signature, such as your IP address. The technologies we use to track your movements around our website include cookies, tracking scripts and pixels, and tagging technologies, which we may employ to understand your preferences, improve your experience on our website, etc. You can control the use of cookies at the individual browser level. If you want to learn more about cookies, or how to control, disable, or delete them, please visit http://www.aboutcookies.org for detailed guidance.

Collection of Data by Advertisers: We may also use third parties to serve ads on our website or to manage our advertising on other sites. Certain third party partners may automatically collect information about your visits to this and other websites, your IP address, your ISP, the browser you use to visit our website (but not your name, address, e-mail address or telephone number). They do this by using cookies, pixel tags or other technologies. Information collected may be used, among other things, to deliver advertising targeted to your interests and to better understand the usage and visitation of our website and the other sites tracked by these third parties. This policy does not apply to, and we are not responsible for, cookies or pixel tags in third party ads, and we encourage you to check the privacy policies of advertisers and/or ad services to learn about their use of cookies and other technologies. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here: http://www.aboutads.info/choices or http://www.networkadvertising.org.

How ExactHire Uses Your Personal Information

We may use the information that we collect about you and from you, including Personal Information, for the following purposes:

  • To customize our website: We seek to improve your experience with our website. As a result, we will analyze data we collect about your use of the website.
  • To manage the relationships with our customers, partners, and vendors: We may use Personal Information of customers’, partners’, and vendors’ employees (e.g., for billing purposes).
  • To communicate with you: We may send emails to verify your account and for administrative purposes, such as customer account management, customer service, or system maintenance.
  • To consider your job application: If you apply for a job with us, we will collect, process and store the information you provide to us for recruitment purposes. We may also retain some of your information for a reasonable period of time for purposes of considering you for future positions.
  • To send you marketing communications: We may send you information about products and services that may be of interest to you, with your prior opt-in consent where required by applicable law.
  • To aggregate data: We may anonymize and aggregate data collected through our website and to create statistics that may be used for any purpose, provided that such statistics do not identify any customers or individuals.

How ExactHire May Disclose or Share Your Information

We do not sell or otherwise disclose Personal Information we collect about you, except as described in this Privacy Policy or as we disclose to you at the time this information is collected. As described in more detail below, we may share your Personal Information:

  • with our third-party service providers. We authorize these service providers to use or disclose the information only as necessary to perform services on behalf of ExactHire or ExactHire’s customers or to comply with legal requirements. We require these service providers by contract to safeguard the privacy and security of Personal Information that they process on our behalf or on behalf of our customers;
  • if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena or warrant, violations of ExactHire’s Terms of Service, or to otherwise cooperate with law enforcement or other governmental agencies;
  • if we believe, in good faith, that sharing your Personal Information is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the company, or (v) protect our property or other legal rights, or the rights, property, or safety of others;
  • to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets; and
  • with your authorization.

We do not rent, sell, or share Personal Information about you with other people or non-affiliated companies for their direct marketing purposes unless you give your consent to that sharing.Our website may contain links to third party websites or third party applications (“apps”). When you click on a link to any other website, app or location, another site or entity may collect Personal Information or anonymized data from you. We have no control over, do not review, and cannot be responsible for, these outside websites, apps or locations, or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites, apps or content, or to any collection of your Personal Information after you click on links to such websites or apps. We encourage you to read the privacy policies of every website you visit or app you use. The links to third party websites, apps or locations are for your convenience and do not signify our endorsement of such third parties or their products, apps, content or websites.

How We Hold and Secure Your Information

We care about the security of your information, and take appropriate steps including technical and organizational measures to ensure that your Personal Information is treated securely and in accordance with this Privacy Policy.

With regard to our Services, personally identifiable information is stored on a separate server as a security precaution and our site is encrypted using secure socket layer (SSL) technology.  Since, however, no data transmission over the Internet can be guaranteed to be 100% secure, we cannot ensure or warrant its absolute security.  Having said that, we do everything in our power to protect your company and your applicants’ and employees’ information.

In the event that any information under our control is compromised, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

Any suspicious activity regarding your account, including automated messages or calls from parties you cannot identify, should be reported to your site administrator and ExactHire using the contact information far below.

If you have any questions about security on our website, the Services owned and operated by ExactHire, or the services offered by ExactHire through the website and Services, please contact us using the contact information far below.

How Long We Keep Your Personal Data

We will hold all the data for so long as we have an obligation to our customer to provide the Services, and thereafter until such time as we delete the customer’s account in accordance with our Customer Terms and Conditions.

Your personal information will be deleted on one of the following occurrences:

  • deletion of your personal information by you (or by another person engaged by the customer); or
  • receipt of a written request by you (or another person engaged by the customer–see section immediately below for details) to us.

Personal Information Collected by Our Customers via ExactHire Services

ExactHire collects Personal Information on behalf of and under the direction of our customers, but we have no direct relationship with the individual employees and job applicants of our customers who provide that Personal Information. ExactHire engages third party service providers in order to assist us in providing the Services to our customers, and Personal Information collected through ExactHire will be shared with these service providers. ExactHire’s third party service providers are only permitted to use the Personal Information they receive as is necessary to provide the Services to ExactHire’s customers. In addition, the third party service providers are required to keep the Personal Information confidential. Except as provided in this Privacy Policy, ExactHire will not disclose your Personal Information to third parties without your consent.

Individuals who are either employed by or applying for jobs with ExactHire customers have the right to ask the ExactHire customers to correct, amend, or delete data pertaining to those individuals. If you wish to have your Personal Information deleted from a ExactHire customer’s ExactHire account, please contact that customer directly to resolve your concern.

International Data Transfers

We may transfer your Personal Information to countries other than the country in which the data was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided that information. When we transfer your Personal Information to other countries, we will protect it as described in this Privacy Policy.

To offer our services, we may need to transfer your Personal Information among several countries where we have employees, facilities or third party sub-processors, including the United States, where we are headquartered. By providing your Personal Data, you consent to such transfer.

Your Rights and Choices

  • Subject to applicable law, you may have the rights to request access to and receive information about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, and have the information blocked or deleted, as appropriate. These rights may be limited in some circumstances by local law. To exercise these rights, please contact us as set forth below in the how to contact us section.
  • Marketing communications from ExactHire. If you do not wish to receive e-mail marketing communication from us, you can opt-out by sending an email privacy@exacthire.com. You can also unsubscribe from e-mail marketing communications by following the instructions contained in the marketing messages you receive. Even if you opt-out or unsubscribe, we can send you certain communications relating to the Services, such as administrative messages that are considered part of your account subscription. Where required under applicable law, we will only send you marketing communications with your prior consent.
  • Cookies. If you do not want us to collect cookies on the website, you may set your browser to refuse cookies, or to alert you when cookies are being sent. You can opt out of the collection and use of certain information, which we collect about you by automated means, including cookies, when you visit our websites. Your browser may tell you how to be notified and opt out of receiving certain types of cookies. If you do so, please note that some parts of our website may then be unavailable or not function properly. Cookies must be enabled in order to use the Services.

Children’s Privacy

We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of our website is directed to children under the age of 13. We will take steps to delete it if we learn we have inadvertently collected it.

If you learn that your child has provided us with Personal Information without your consent, you may alert us at privacy@exacthire.com. If we learn that we have collected any Personal Information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.

Changes to Our Privacy Policy and Practices

We may revise this Privacy Policy, so we encourage you to review it periodically.

Posting of Revised Privacy Policy. We will post any adjustments to the Privacy Policy on this web page, and the revised version will be effective when it is posted. If you are concerned about how your information is used, you can bookmark this page and read this Privacy Policy periodically.

New Uses of Personal Information. From time to time, we may desire to use Personal Information for uses not previously disclosed in our Privacy Policy. If our practices change regarding previously collected Personal Information in a way that would be materially less restrictive than stated in the version of this Privacy Policy in effect at the time we collected the information, we will make reasonable efforts to provide notice and obtain consent to any such uses as may be required by law.

How to Contact ExactHire

If you want to provide comments or questions about our Privacy Policy, or to exercise your rights, feel free to contact us at privacy@exacthire.com, or at the mailing address below.

For questions related to this Privacy Policy, contact ExactHire at:
ExactHire

ATTN: Legal

10333 N. Meridian, Suite 130

Indianapolis, IN 46290

USA

privacy@exacthire.com

317-296-8000

ARCHIVED VERSION: Eff. 3.8.18 – 5.24.18

TERMS OF USE

ExactHire Terms and Conditions

ACCELERATION HR dba ExactHire

MASTER SUBSCRIPTION AGREEMENT

Effective Date: May 25, 2018

THIS MASTER SUBSCRIPTION AGREEMENT (THE “AGREEMENT”) GOVERNS LICENSEE’S ACQUISITION AND USE OF EXACTHIRE’S SERVICES. BY EXECUTING AN ORDER FORM THAT REFERENCES THIS AGREEMENT, LICENSEE AGREES TO THE TERMS OF THIS AGREEMENT. IF THE INDIVIDUAL SIGNING THE ORDER FORM FOR LICENSEE IS SIGNING ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, SUCH INDIVIDUAL REPRESENTS THAT HE OR SHE HAS THE AUTHORITY TO BIND THAT COMPANY OR OTHER LEGAL ENTITY.

The ExactHire Privacy Policy is incorporated herein by reference. This Agreement governs Licensee’s use of the Service(s) however accessed, including via an Internet browser, smartphone, tablet, or other mobile device.

1. SCOPE OF AGREEMENT

This Agreement governs ExactHire’s provision of services to Licensee (“Services”), subject to one or more ordering documents (each such document, an “Order Form”) describing the Services, each of which incorporates this Agreement by reference. The parties may add Order Forms from time to time during the term of this Agreement.

2. PROPRIETARY RIGHTS

(a)   License to Services. Subject to the terms and conditions of this Agreement, ExactHire grants to Licensee during the Term a non-exclusive, non-transferable, non-sublicensable, license to access and use the Services Licensee orders solely for the purposes described on the applicable Order Form(s).

(b)   Restrictions on Use of Services. The Services are licensed to Licensee for internal use only. In connection with Licensee’s use of the Services, Licensee will comply with all applicable laws, rules and regulations. Licensee will not, and will not permit any third party to: (i) copy, modify, translate, or create derivative works of the Services; (ii) reverse engineer, decompile, disassemble or otherwise attempt to reconstruct, identify or discover any source code, underlying ideas, underlying user interface techniques, or algorithms of the Services; (iii) lend, lease, offer for sale, sell or otherwise use the Services for the benefit of third parties; or (iv) attempt to circumvent any license, timing or use restrictions that are built into the Services.

(c)   ExactHire Ownership of Services. Except for the rights granted in Section 2(a) above, ExactHire retains all right, title and interest, including all intellectual property rights, in and to the Services. Licensee acknowledges that the Services include ExactHire’s valuable trade secrets and improper use or disclosure would cause ExactHire irreparable harm. Accordingly, Licensee agrees to use the Services solely as authorized in this Agreement. Licensee further acknowledges that the license granted pursuant to this Agreement is not a sale and does not transfer to Licensee title or ownership of the Services or a copy of the Services, but only a right of limited use. ALL RIGHTS NOT EXPRESSLY GRANTED HEREUNDER ARE RESERVED TO EXACTHIRE.

(d)   Licensee Data. Subject to the terms and conditions of this Agreement, Licensee grants to ExactHire a limited, non-transferable (except pursuant to Section 11(a) below) license to use the information and data entered into the Services by Licensee and/or Licensee personnel, or by any third parties acting on behalf of Licensee or at Licensee’s request, including job applicants or recruiting agencies (“Data”) for the purpose of providing the Services. Licensee represents and warrants that: (i) it owns the Data posted by it on or through the Services or otherwise has the right to grant the license set forth in this Section 2(d); (ii) the posting and use of Data on or through the Services does not violate the privacy rights, publicity rights, copyrights, contract rights, intellectual property rights, or any other rights of any person; and (iii) the posting of Data on the Services does not result in a breach of contract between Licensee and any third party. ExactHire may calculate aggregate, anonymized statistics about its customers’ Data and use those statistics (but not the underlying Data) for purposes of sales, marketing, business development, product enhancement, or customer service.

3. USE OF THE SERVICES; SUPPORT

(a)  ExactHire’s Responsibilities. ExactHire shall:

(i) provide you with basic support in connection with your use of the Service at no additional charge, and with upgraded support if purchased separately,(ii) use commercially reasonable efforts to make the Service available 24 hours a day, 7 days a week, except for:

(a) planned downtime (which ExactHire shall schedule to the extent practicable during the weekend hours from 6:00 p.m. Friday to 3:00 a.m. Monday Eastern Time), or

(b) any unavailability caused by circumstances beyond ExactHire’s reasonable control, including acts of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems (other than those involving our employees), Internet service provider failures or delays, or denial of service attacks, and

(iii) provide the Service only in accordance with applicable laws and government regulations. ExactHire will maintain appropriate administrative, technical and physical safeguards to protect the security, confidentiality and integrity of Data.

(b)   Licensee Responsibilities. Licensee will (i) be responsible for its (and, as applicable, its personnel’s) compliance with this Agreement, (ii) use commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify ExactHire immediately of any such unauthorized access and/or use of which Licensee becomes aware, and (iii) use the Services only in accordance with this Agreement and all applicable laws and government regulations. Licensee will not (w) make the Services available to any third party (except for any third parties acting on behalf of Licensee or at Licensee’s request, such as recruiting agencies), (x) sell, resell, rent or lease the Services, (y) interfere with or disrupt the integrity or performance of the Services or any third-party data contained on the Services, including, as applicable, the third-party data of Licensee’s employees, or (z) attempt to gain unauthorized access to the Services or their related systems or networks.

4. FEES

(a)  Fees. Licensee will pay ExactHire the fees described on the applicable Order Form(s) (the “Fees”). Licensee will be invoiced for implementation fees upon the execution date of Order Form(s). Effective two (2) weeks from date of implementation invoice, Licensee will be invoiced for first installment of recurring fees. All Fees are due within fifteen (15) days of invoice date and are based on Services ordered rather than actual usage. Payment obligations are non-cancelable and, subject to Section 6(d), fees paid are non-refundable.

(b)  Payment Terms. For all Fees, Licensee will choose from the payment method and frequency of payment options presented on the Order Form(s) for Services. The preferred payment method is an Automated Clearing House Debit (ACH Debit) transaction; however, Licensee may select other options for a slight increase in fees to be explicitly outlined in the Order Form(s) for Services.

Licensee is solely responsible for providing ExactHire accurate and complete billing and contact information and for notifying ExactHire of any changes to such information.

(c)  Overdue Charges. Late Fee payments will accrue late interest at the rate of 5% of the outstanding balance, or the maximum rate permitted by law, whichever is lower, from the date such payment is over thirty (30) days past due.

(d)  Taxes. Licensee will be responsible for payment of all sales, use, property, value-added, withholding, or other federal, state or local taxes except for taxes based solely on ExactHire’s net income. If ExactHire is required to pay any such taxes based on the licenses granted in this Agreement or on Licensee’s use of the Services, then such taxes will be billed to and paid by Licensee.

5. CONFIDENTIAL INFORMATION

(a)  Definition of Confidential Information. As used herein, “Confidential Information” means all confidential information disclosed by a Party (“Disclosing Party”) to the other Party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Licensee’s Confidential Information will include Data; ExactHire Confidential Information will include the Services; and Confidential Information of each Party will include business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such Party. However, Confidential Information (other than Data) will not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.

(b)  Protection of Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care). The Receiving Party agrees (i) not to use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as otherwise authorized by the Disclosing Party in writing, to limit access to Confidential Information of the Disclosing Party to those of its and its affiliates’ employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein. Neither party will disclose the terms of this Agreement or any Order Form to any third party other than its affiliates and its legal counsel and accountants without the other party’s prior written consent.

(c)  Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.

6. TERM AND TERMINATION

(a)  Term of Agreement. This Agreement takes effect on the date Licensee first signs an Order Form incorporating these terms and will remain in effect until all applicable Order Forms have expired or been terminated. If Licensee elects to use the Service for a free trial period, and does not purchase a subscription before the end of such period, this Agreement will expire at the end of the free trial period.

(b)  Term of Subscriptions. The term of each Service subscription will be described in the applicable Order Form. Except as otherwise described in an Order Form, subscriptions for a Service will automatically renew annually on the date of the signed Order Form. The agreement may be terminated by either party with a thirty (30) day written notice.

(c)  Termination. If either Party commits a material breach or default in the performance of any of its obligations under this Agreement, then the other Party may terminate this Agreement, provided that the terminating Party gives the breaching or defaulting Party written notice of termination specifying the underlying breach or default within 30 days of discovery of such breach or default, and such breach or default remains uncured 30 days after the breaching or defaulting Party receives the notice.

(d)  Effect of Termination. Upon expiration or termination of this Agreement for any reason, the rights, licenses and access to the Services granted to Licensee under this Agreement will immediately terminate. If this Agreement expires, or if ExactHire terminates this Agreement pursuant to Section 6(c), all Fees will become immediately due and payable to ExactHire. If Licensee terminates this Agreement pursuant to Section 6(c), ExactHire will provide Licensee with a pro-rated refund of any prepaid Fees covering the period from the date of termination through the end of the Term. In no event will expiration or termination of this Agreement relieve Licensee of any obligation to pay Fees payable for the period prior to the date of termination.

(e)  Data. Upon expiration or termination of this Agreement for any reason, ExactHire shall provide an export file of all Data stored on the Platform (in a reasonably usable digital format) to Licensee, if Licensee requests this within thirty (30) business days of such expiration or termination.

(f)  Survival. All terms and provisions of this Agreement, including any exhibits, which by their nature are intended to survive any termination or expiration of this Agreement, will so survive.

7. REPRESENTATIONS AND WARRANTIES

Each party represents and warrants to the other party that: (a) it is duly organized, validly existing and in good standing as a corporation or other entity as represented herein under the laws and regulations of its jurisdiction of incorporation, organization or chartering; (b) it has the right, power and authority to enter this Agreement and to grant the rights and licenses granted hereunder and to perform all of its obligations hereunder; (c) the execution of any Order Form(s) incorporating this Agreement by its representative whose signature is set forth therein has been duly authorized by all necessary corporate or organizational action of the party; (d) when any Order Form incorporating this Agreement is executed and delivered by both parties, this Agreement will constitute the legal, valid and binding obligation of such party, enforceable against such party in accordance with its terms; and (e) it will abide by all applicable federal, state and local laws and regulations with respect to online activities, use of end user data and the products and services offered by each party in connection with this Agreement.

8. WARRANTY DISCLAIMER

EXCEPT AS EXPRESSLY SET FORTH IN SECTION 3(a), THE SERVICES ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. AND EXACTHIRE MAKES NO PROMISES, REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT TO THE SERVICES, INCLUDING THEIR CONDITION, CONFORMITY TO ANY REPRESENTATION OR DESCRIPTION, OR THE EXISTENCE OF ANY LATENT OR PATENT DEFECTS. EXACTHIRE SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE AND ALL OTHER IMPLIED OR STATUTORY WARRANTIES, AS WELL AS ANY LOCAL JURISDICTIONAL ANALOGUES TO THE ABOVE. EXACTHIRE DOES NOT WARRANT THAT THE SERVICES WILL BE ERROR-FREE OR THAT THE SERVICES WILL WORK WITHOUT INTERRUPTIONS.

9. LIMITATION OF LIABILITY

IN NO EVENT WILL EITHER PARTY’S LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED FEES PAID BY LICENSEE TO EXACTHIRE PURSUANT TO THIS AGREEMENT. EXCEPT FOR A BREACH OF THE LICENSE RESTRICTIONS OR CONFIDENTIALITY OBLIGATIONS, IN NO EVENT WILL EITHER PARTY HAVE ANY LIABILITY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, ARISING OUT OF OR RELATED TO THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO LOSS OF ANTICIPATED PROFITS OR LOSS OR INTERRUPTION OF USE OF ANY FILES, DATA OR EQUIPMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. THE PARTIES AGREE THAT THE FOREGOING LIMITATIONS REPRESENT A REASONABLE ALLOCATION OF RISK UNDER THIS AGREEMENT.

10. INDEMNIFICATION

Each party (“Indemnifying Party”) will indemnify, defend and hold the other party (“Indemnified Party”) harmless from any claim, action, suit or proceeding made or brought against the Indemnified Party arising out of or related to the Indemnifying Party’s breach of any term of this Agreement.

(a)  ExactHire will indemnify, defend and hold Licensee harmless from any third party claim, action, suit or proceeding made or brought against Licensee alleging that Licensee’s use of the Services in accordance with this Agreement infringes such third party’s intellectual property rights (an “Infringement Claim”). In the event of an Infringement Claim, ExactHire may, at its sole option and expense: (A) procure for Licensee the right to continue use of the Services or infringing part thereof; or (B) modify or amend the Services or infringing part thereof, or replace the Services or infringing part thereof with other software having substantially the same or better capabilities; or, (C) if neither of the foregoing is commercially practicable, terminate this Agreement and repay to Licensee a pro rata portion, if any, of any pre- paid Fees. ExactHire will have no liability for an Infringement Claim if the actual or alleged infringement results from (1) Licensee’s breach of this Agreement, (2) Licensee’s modification, alteration or addition made to the Services or any use thereof, including any combination of the Services with software or other materials not provided by ExactHire, (3) Licensee’s failure to use any corrections or modifications made available by ExactHire that would not result in any material loss of functionality, or (4) use of the Services in a manner or in connection with a product or data not contemplated by this Agreement. ExactHire also disclaims any liability for settlements entered into by Licensee or costs incurred by Licensee in relation to an Infringement Claim that are not pre-approved by ExactHire in writing. THIS SECTION STATES THE ENTIRE LIABILITY OF EXACTHIRE WITH RESPECT TO ANY INFRINGEMENT CLAIM.

(b)  Licensee will indemnify, defend and hold ExactHire harmless from any claim, action, suit or proceeding (i) made or brought against ExactHire involving allegations that Licensee breached any of its representations, warranties or obligations under this Agreement, or (ii) arising out of or resulting from ExactHire’s use of any Data in accordance with this Agreement.

11.  MODIFICATION OF SERVICE OR THIS AGREEMENT

(a)  The Services may be made available in free or paid versions at different levels. Not all features and functionality of the Services may be available in each version or level. ExactHire reserves the right, in its sole discretion, to modify, add, or remove portions and/or functionality of the Services on a temporary or permanent basis, without liability to Licensee or any third party.

(b)  ExactHire may modify, add, or remove portions of this Agreement at any time. In the event ExactHire determines it is necessary to make a material modification to this Agreement, you will be notified of such change. Note that your use of the Services after modifications to the Agreement become effective constitutes your binding acceptance of such changes. You may review the most current version of this Agreement here.

(c)  If you are dissatisfied with the terms of this Agreement or any modifications to this Agreement or the Service, you agree that your sole and exclusive remedy is to terminate this Agreement and discontinue any use of the Service.

12.  MISCELLANEOUS

(a)  Assignment. Neither party may assign this Agreement or any rights or obligations hereunder, directly or indirectly, by operation of law or otherwise, without the prior written consent of the other party; provided, however, that ExactHire may assign this Agreement to a parent, affiliate, subsidiary, or successor to its business, if any. Subject to the foregoing, this Agreement will inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns. Any attempted assignment in violation of this Section 11(a) will be null and void.

(b)  Export Regulations. Licensee agrees to comply with all applicable export and re-export control laws and regulations, including the Export Administration Regulations (“EAR”) maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the Treasury Department’s Office of Foreign Assets Control, and the International Traffic in Arms Regulations (“ITAR”) maintained by the Department of State. Specifically, Licensee covenants that it will not — directly or indirectly — sell, export, re-export, transfer, divert, or otherwise dispose of any products, software, or technology (including products derived from or based on such technology) received from ExactHire under this Agreement to any destination, entity, or person prohibited by the laws or regulations of the United States, without obtaining prior authorization from the competent government authorities as required by those laws and regulations. Licensee agrees to indemnify, to the fullest extent permitted by law, ExactHire from and against any fines or penalties that may arise as a result of Licensee’s breach of this provision.

(c)  API Integration. If you integrate with ExactHire using our API, you must use efficient programming, which will not cause too many requests to be made in too short a period of time, as-determined solely by ExactHire. If this occurs, ExactHire reserves the right to throttle your API connections, or suspend or terminate your Services.

(d)  Security Breach.

(i) External Breach: In the event of a security breach, as defined by Applicable Law, by anyone other than Licensee employee, contractor or agent, upon discovery of such breach, ExactHire will:

(a) initiate remedial actions that are in compliance with Applicable Law and consistent with industry standards; and

(b) notify Licensee of the security breach, its nature and scope, the remedial actions ExactHire will undertake, and the timeline within which ExactHire expects to remedy the breach.

(ii) Internal Breach: In the event of a security breach, as defined by Applicable Law, by your employee, contractor or agent, you shall have sole responsibility for initiating remedial actions and shall notify ExactHire immediately of the breach and steps you will take to remedy the breach.

(e)  Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law the remaining provisions of this Agreement will remain in full force and effect.

(f)  Governing Law and Jurisdiction. This Agreement is governed by and construed under the laws of the Indiana without reference to conflict of laws principles. All disputes arising out of or related to this Agreement will be subject to the exclusive jurisdiction of the state and federal courts located in Indianapolis, Indiana, and the parties agree and submit to the exclusive jurisdiction and venue of these courts.

(g)  Entire Agreement. This Agreement, together with the Order Forms, embodies the entire understanding of the parties and supersedes any previous or contemporaneous communications, whether oral or written; and may be amended only by a writing signed by both parties.

13.  CONTACT INFORMATION

If you have any questions about the Service or this Agreement, you may contact us at:

ExactHire

ATTN: Legal

10333 N. Meridian, Suite 130

Indianapolis, IN 46290

USA

support@exacthire.com

317-296-8000

ARCHIVED VERSIONS: Eff. thru May 24, 2018

SECURITY

ExactHire values the trust that our customers place in us by letting us act as custodians of their data. We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices detailed below. Our Privacy Policy also further details the ways we handle your data.

Physical Security and Compliance

ExactHire’s Services are hosted at an enterprise level, third party hosting company.  It is a managed technology service provider that delivers first-in-class hosting service to businesses throughout North America.  Some of the key security elements provided include:

  • Biometric access, cameras, staffed lobby
  • Full security audit trail, badging, positive ID
  • Escort only access / full management available
  • Protected / OC12 to OC-192 SONET backbones
  • FM-200 or Dry Pipe fire suppression
  • Redundant, conditioned power 110v to 480v
  • Exceptional uptime exceeding 99.9999%
  • Redundant modular cooling with on-site backup

In addition, all transactions are processed using secure encryption at the same level of encryption used by leading banks and financial services providers. Personal information is transmitted and processed securely.

Security

Encryption

Personally identifiable information is stored on a separate server as a security precaution and our sites are SSL encrypted.

Data in transit

Data in transit is protected by a SSL certificate encrypted with a 2048 bit key. Remote access is via ip-address-limited SSH. Only the firewall / load balancer is publicly accessible.

Passwords

System passwords are randomly salted, created and stored using a bcrypt based one-way hashing algorithm.

Backups

Real-time data replication is used between on-site, redundant servers. Additional backups are encrypted and stored on two separate NAS devices and archival backups are transported to a vaulted, offsite storage facility.

Your Responsibilities

Keeping your data secure also requires that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems.

GDPR READINESS

ExactHire GDPR Readiness

ExactHire is pleased to announce that its systems and processes are compliant with the new General Data Protection Regulation (GDPR).  GDPR is the new standard in the European Union (EU) governing the privacy and data protection of EU residents, effective May 25, 2018. This means that ExactHire (as the “data processor”) is able to effectively support clients (“data controllers”) who have employees and applicants residing in the EU as they also meet their own obligations under the GDPR.

To comply with GDPR, organizations must heed the following important requirements:

  • Obtain consent to collect and process personal information
  • Protect personal data
  • Control access to personal data
  • Provide the option to restrict processing and/or erase personal data
  • Inform customers of data breaches

How ExactHire Handles GDPR

ExactHire is staying ahead of the GDPR changes, both in its role as a data processor and in support of data controllers. ExactHire’s efforts include:

  • Providing effective human resources software platforms that enable client companies to comply with the GDPR requirements while still having a positive user experience.
  • Deploying industry-standard technical processes and procedures that protect data, both when it is in transmission and while we are hosting it.
  • Ensuring that we recognize that our clients own their data and that we process that data only in accordance with their instructions. This acknowledgement is recognized in our Terms of Service and Privacy Policy found, respectively. Our Privacy Policy is incorporated into our Terms of Service and our Terms of Service is our contract with every client.
  • Providing tools that allow our clients to meet the GDPR defined timelines when processing client data requests, whether it’s gathering consent, providing access, or erasing data.
  • Providing notification within the required 72 hours in the event of a data breach.
  • Continuing to monitor GDPR developments and guidance, to support our clients’ compliance efforts.

GDPR Readiness

Data Subject Consent

How does ExactHire plan to help clients obtain consent from individual job applicants to transfer their personal data to the US?

Collecting resumes and other relevant personal information is a legitimate interest of an employer evaluating and hiring candidates. Therefore, companies do not need to collect consent from job applicants. ExactHire customers are also not required to obtain consent from candidates to transfer their personal data from the EU to the US, because ExactHire can commit to providing a level of protection for the data that is acceptable under EU law.

Because obtaining consent from applicants is not required under the GDPR and creates a larger administrative burden on employers, we suspect that our customers with facilities in the EU will want to avoid it. However, our applications are customizable, so clients who want to collect consent from candidates can do so through customized questions that can be posted on their job boards. Clients may also provide any notifications to candidates required by the GDPR on their job pages, including the requirement to alert candidates that their personal data will be transferred outside of the EU. For assistance in customizing text on job pages, please contact privacy@exacthire.com.

The Right to be Forgotten

EU data subjects have the “right to be forgotten” and, therefore, ExactHire customers will be required to erase a candidate’s personal data when requested by the candidate. Companies also need to erase personal data when the business no longer has a legal basis to continue storing it under the GDPR.

ExactHire allows you to:

  • Request a bulk deletion of candidate data in order to comply with your organization’s specific policies of when your legal justification for keeping candidate data has expired. Consult your legal counsel before requesting that data be deleted.
    • Our data retention policies are set in yearly increments.
    • Data deletion requests are processed on the first of the requested month for the respective year. For example, if data deletion request is to be repeated every year in May, and a record is created on May 18, 2018, then the permanent deletion request for that record will be processed on May 1, 2020 (since the record would not yet have been a full year old on May 1, 2019).
    • Contact privacy@exacthire.com to make a request to delete candidate data.
  • Use customizable email templates to generate candidate emails requesting permission to keep their data longer than your default timeline, and keep their data when candidates agree.
  • Configure which data is deleted when a candidate asks to be forgotten (for example, you might decide to delete any personal data but keep anonymized information that would allow you to generate reports on pipeline conversion).
  • Request that an individual candidate’s data be deleted by contact privacy@exacthire.com.

Enhanced Rights to Notice and Access

Under the GDPR, employers are required to provide a variety of details at the time personal data is collected (for example, when a candidate applies to a job), including why they are collecting certain information, how long it will be stored, and where it will be sent.

The GDPR enhances individuals’ right to access their own personal data, and companies will need to provide this data to candidates upon request in an efficient and easily portable format.

ExactHire is ready to respond to and complete data requests from data controllers on behalf of their candidates. To request a data export for a candidate, email privacy@exacthire.com. You may specify what data should be accessible and then send it to candidates in a CSV file.

ExactHire can include language approved by you on your career sites so that any necessary notifications and disclosures are made to candidates when they apply. To make a request to update language, please contact privacy@exacthire.com.

The Right to Object

People have a right to restrict their personal data from being used for direct marketing purposes.

If a candidate opts out, ExactHire has a feature which prevents users from sending any email to that candidate.

ExactHire and Our Sub-Processors

In order to provide maximum transparency, we’ve created a list of sub-processors ExactHire works with along with details on how we use data collected through these sub-processors.

Sub-processors with access to data subject personal data in ExactHire Services:

ExactHire Sub-Processors: Why and How Data is Used
CNI Servers and network infrastructure
Amazon Web Services Servers and network infrastructure
Desk.com Issue ticketing system
Atlassian Jira Development ticketing system
SendGrid Email delivery
Google Analytics Product and marketing analytics
Pardot Marketing automation
Salesforce Customer relationship management
Octiv Sales proposal management
Basecamp Project management
Formstack Project implementation tool
Google Drive Internal communication and documentation
YourBrowser.is Browser identification tool

More Information

For more information on GDPR, visit the official EU homepage.