ExactHire Trust Center
ExactHire values the trust that our customers place in us by letting us act as custodians of their data. We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices.
Like many other software companies, we have implemented a GDPR compliance strategy effective May 25, 2018 and beyond. We appreciate that our customers have requirements under GDPR that are directly impacted by their use of ExactHire’s Services, and we are committed to helping our customers fulfill their requirements under GDPR.
Customers Taking Action on Their Data
We are the Data Processor for our customers (Data Controllers) for the data they store about their Data Subjects (e.g. applicants, employees) in our software applications (e.g. job applications, employee records, etc.). Our customers may take action on their data by contacting our Data Privacy Officer at email@example.com; or, by accessing our Customer Data Request form within our products.
Data Subjects of our Customers
If our customers’ Data Subjects (e.g. applicants, employees) would like to take action on the data that our customers store in our applications, then the data subject should reach out to our customer (the Data Controller) directly.
Effective Date: December 16, 2020
ExactHire may transfer Personal Information to third party companies that help us provide our Services. Transfers to these third parties are governed by our contracts with our customers. We will not sell or otherwise disclose your Personal Information to third parties.
Personal Information We Collect
ExactHire may collect the following information, including Personal Information from and about you:
Your interaction with Sales, Marketing, and Client Services: We collect Personal Information such as your name, company name, email address, phone number, and billing information when you request a demo of our Services, or request sales information, marketing content or customer service.
How ExactHire Uses Your Personal Information
We may use the information that we collect about you and from you, including Personal Information, for the following purposes:
- To customize our website: We seek to improve your experience with our website. As a result, we will analyze data we collect about your use of the website.
- To manage the relationships with our customers, partners, and vendors: We may use Personal Information of customers’, partners’, and vendors’ employees (e.g., for billing purposes).
- To communicate with you: We may send emails to verify your account and for administrative purposes, such as customer account management, customer service, or system maintenance.
- To consider your job application: If you apply for a job with us, we will collect, process and store the information you provide to us for recruitment purposes. We may also retain some of your information for a reasonable period of time for purposes of considering you for future positions.
- To send you marketing communications: We may send you information about products and services that may be of interest to you, with your prior opt-in consent where required by applicable law.
- To aggregate data: We may anonymize and aggregate data collected through our website and to create statistics that may be used for any purpose, provided that such statistics do not identify any customers or individuals.
How ExactHire May Disclose or Share Your Information
- with our third-party service providers. We authorize these service providers to use or disclose the information only as necessary to perform services on behalf of ExactHire or ExactHire’s customers or to comply with legal requirements. We require these service providers by contract to safeguard the privacy and security of Personal Information that they process on our behalf or on behalf of our customers;
- if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena or warrant, violations of ExactHire’s Terms of Service, or to otherwise cooperate with law enforcement or other governmental agencies;
- if we believe, in good faith, that sharing your Personal Information is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the company, or (v) protect our property or other legal rights, or the rights, property, or safety of others;
- to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets; and
- with your authorization.
How We Hold and Secure Your Information
With regard to our Services, personally identifiable information is stored on a separate server as a security precaution and our site is encrypted using secure socket layer (SSL) technology. Since, however, no data transmission over the Internet can be guaranteed to be 100% secure, we cannot ensure or warrant its absolute security. Having said that, we do everything in our power to protect your company and your applicants’ and employees’ information.
In the event that any information under our control is compromised, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Any suspicious activity regarding your account, including automated messages or calls from parties you cannot identify, should be reported to your site administrator and ExactHire using the contact information far below.
If you have any questions about security on our website, the Services owned and operated by ExactHire, or the services offered by ExactHire through the website and Services, please contact us using the contact information far below.
How Long We Keep Your Personal Data
We will hold all the data for so long as we have an obligation to our customer to provide the Services, and thereafter until such time as we delete the customer’s account in accordance with our Customer Terms and Conditions.
Your personal information will be deleted on one of the following occurrences:
- deletion of your personal information by you (or by another person engaged by the customer); or
- receipt of a written request by you (or another person engaged by the customer–see section immediately below for details) to us.
Personal Information Collected by Our Customers via ExactHire Services
ExactHire collects Personal Information on behalf of and under the direction of our customers, but we have no direct relationship with the individual employees and job applicants of our customers who provide that Personal Information.
Our Customers’ Employment Applications
When job seekers initiate employment applications on our Customers’ sites provided by ExactHire Services, they are requesting to be considered for employment by the employer (our Customer). A job seeker is giving the employer the right to contact him/her. This contact includes, but is not limited to, communication regarding
- the status of an employment application,
- future job openings,
- requests for additional information, and
- interest in scheduling interviews or phone calls.
Means of communication include, but are not limited to, phone calls, emails, postal service mail, and text messaging. To opt out of communications from a Customer through ExactHire software, contact firstname.lastname@example.org and your information will be marked as do not contact for the given client. ExactHire cannot guarantee that a client will not communicate with a job seeker directly, as Customers could conduct communications outside of the ExactHire platform. ExactHire is the facilitator of communication via its Services; however, each individual Customer is responsible for adhering to local, state, and federal laws.
Message and data rates may apply. Some means of communication may incur charges with a Customer and/or job seeker’s service provider. If a Customer and/or job seeker agree to opt-in to receiving communications through means that may incur charges, they are agreeing that they understand and accept any charges that may occur. Individuals may opt-out of ExactHire communication at any time by using their email address to log into their account and opt out or by contacting email@example.com.
Individuals who are either employed by or applying for jobs with ExactHire customers have the right to ask the ExactHire customers to correct, amend, or delete data pertaining to those individuals. If you wish to have your Personal Information deleted from a ExactHire customer’s ExactHire account, please contact that customer directly to resolve your concern.
Third Party Service Providers
Individuals who are either employed by or applying for jobs with ExactHire customers have the right to ask the ExactHire customers to correct, amend, or delete data pertaining to those individuals.
International Data Transfers
To offer our services, we may need to transfer your Personal Information among several countries where we have employees, facilities or third party sub-processors, including the United States, where we are headquartered. By providing your Personal Data, you consent to such transfer.
Your Rights and Choices
- Subject to applicable law, you may have the rights to request access to and receive information about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, and have the information blocked or deleted, as appropriate. These rights may be limited in some circumstances by local law. To exercise these rights, please contact us as set forth below in the how to contact us section.
- Marketing communications from ExactHire. If you do not wish to receive e-mail marketing communication from us, you can opt-out by sending an email to firstname.lastname@example.org. You can also unsubscribe from e-mail marketing communications by following the instructions contained in the marketing messages you receive. Even if you opt-out or unsubscribe, we can send you certain communications relating to the Services, such as administrative messages that are considered part of your account subscription. Where required under applicable law, we will only send you marketing communications with your prior consent.
- ExactHire corporate website usage and data access. If you wish to utilize the privacy tools available on our corporate website to download your data and/or delete your user/data (if applicable), then visit Privacy Tools.
California Data Privacy
California residents have certain privacy rights as specified under California law, including the California Consumer Privacy Act of 2018 (“CCPA”). If you are a resident of California, you have the following rights:
- The right to know or request that a business disclose what Personal Information of yours that it collects, uses, discloses and sells.
- The right to request that a business delete Visitor Personal Information collected or maintained by the business, though exceptions under the CCPA may allow ExactHire to retain and use certain personal information notwithstanding your deletion request.
- The right to opt-out of the sale or transfer of Visitor Personal Information for consideration by a business (aka “Do Not Sell My Information”).
- The right not to receive discriminatory or differentiated treatment by a business because you exercised a right conferred by the CCPA.
ExactHire collects various categories of personal information when you or your employer use ExactHire Platforms or Services, including location information, log data, tracking information, and personal information related to your employment. A more detailed description of the information ExactHire collects and how we use it is provided above in the sections entitled: “Personal Information We Collect”, “How ExactHire Uses Your Personal Information”, “How ExactHire May Disclose or Share Your Information”, “How We Hold and Secure Your Information”, and “How Long We Keep Your Personal Data”.
In addition to ExactHire’s collection of your Personal Information, ExactHire may engage certain third parties to perform a function or provide services to you on behalf of ExactHire including hosting and maintenance, error monitoring, debugging, performance monitoring, billing, customer and account relationship management, database storage and management, and direct marketing campaigns. ExactHire may share your Personal Information with these third parties, but only to the extent necessary to perform these functions and provide such services. ExactHire requires these third parties to maintain the privacy and security of the Personal Information they process on our behalf.
ExactHire does not sell your Personal Information when you use ExactHire Platforms or when you use an ExactHire Service and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. ExactHire does not offer financial incentives associated with the collection, use, or disclosure of your personal information.
ExactHire will not discriminate against you for exercising any of your CCPA rights. To this end, unless permitted by the CCPA, ExactHire will not:
- Deny you access to ExactHire Platforms or Services;
- Charge you a different price or rate for a Platform or Service, including the granting of discounts or other incentives;
- Provide a different or downgraded Platform or Service;
- Suggest that you may receive a different price or rate for an ExactHire Platform or its Services or a different or downgraded Platform or Service;
To exercise your rights under the CCPA please submit a verifiable consumer request to ExactHire by emailing us at email@example.com. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access to your data twice within a twelve (12) month period. Your verifiable consumer request must:
- Be made by a natural person;
- Provide sufficient information to allow ExactHire to reasonably verify your identity and that you are the person about whom we collected personal information, or you are an authorized representative;
- Describe your request with sufficient detail that allows ExactHire to properly understand, evaluate, and respond to your request.
In certain cases, ExactHire collects and processes personal information on you at the contractual obligation of your employer. In order to respond to a verified request, ExactHire may be required to provide notice to your employer of your request, and to follow your employer’s instructions as they relate to carrying out your request.
ExactHire cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable request does not require you to create an account, but we may ask you to verify your request by logging into your account if you have one. We will only use personal information provided by a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of our website is directed to children under the age of 13. We will take steps to delete it if we learn we have inadvertently collected it.
If you learn that your child has provided us with Personal Information without your consent, you may alert us at firstname.lastname@example.org. If we learn that we have collected any Personal Information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.
How to Contact ExactHire
9002 N Purdue Rd, Ste 301
Indianapolis, IN 46268
ExactHire Terms and Conditions
ACCELERATION HR dba ExactHire
MASTER SUBSCRIPTION AGREEMENT
Effective Date: August 18, 2020
THIS MASTER SUBSCRIPTION AGREEMENT (THE “AGREEMENT”) GOVERNS LICENSEE’S ACQUISITION AND USE OF EXACTHIRE’S SERVICES. BY EXECUTING AN ORDER FORM THAT REFERENCES THIS AGREEMENT, LICENSEE AGREES TO THE TERMS OF THIS AGREEMENT. IF THE INDIVIDUAL SIGNING THE ORDER FORM FOR LICENSEE IS SIGNING ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, SUCH INDIVIDUAL REPRESENTS THAT HE OR SHE HAS THE AUTHORITY TO BIND THAT COMPANY OR OTHER LEGAL ENTITY.
1. SCOPE OF AGREEMENT
This Agreement governs ExactHire’s provision of services to Licensee (“Services”), subject to one or more ordering documents (each such document, an “Order Form”) describing the Services, each of which incorporates this Agreement by reference. The parties may add Order Forms from time to time during the term of this Agreement.
2. PROPRIETARY RIGHTS
(a) License to Services. Subject to the terms and conditions of this Agreement, ExactHire grants to Licensee during the Term a non-exclusive, non-transferable, non-sublicensable, license to access and use the Services Licensee orders solely for the purposes described on the applicable Order Form(s).
(b) Restrictions on Use of Services. The Services are licensed to Licensee for internal use only. In connection with Licensee’s use of the Services, Licensee will comply with all applicable laws, rules and regulations. Licensee will not, and will not permit any third party to: (i) copy, modify, translate, or create derivative works of the Services; (ii) reverse engineer, decompile, disassemble or otherwise attempt to reconstruct, identify or discover any source code, underlying ideas, underlying user interface techniques, or algorithms of the Services; (iii) lend, lease, offer for sale, sell or otherwise use the Services for the benefit of third parties; or (iv) attempt to circumvent any license, timing or use restrictions that are built into the Services.
(c) ExactHire Ownership of Services. Except for the rights granted in Section 2(a) above, ExactHire retains all right, title and interest, including all intellectual property rights, in and to the Services. Licensee acknowledges that the Services include ExactHire’s valuable trade secrets and improper use or disclosure would cause ExactHire irreparable harm. Accordingly, Licensee agrees to use the Services solely as authorized in this Agreement. Licensee further acknowledges that the license granted pursuant to this Agreement is not a sale and does not transfer to Licensee title or ownership of the Services or a copy of the Services, but only a right of limited use. ALL RIGHTS NOT EXPRESSLY GRANTED HEREUNDER ARE RESERVED TO EXACTHIRE.
(d) Licensee Data. Subject to the terms and conditions of this Agreement, Licensee grants to ExactHire a limited, non-transferable (except pursuant to Section 11(a) below) license to use the information and data entered into the Services by Licensee and/or Licensee personnel, or by any third parties acting on behalf of Licensee or at Licensee’s request, including job applicants or recruiting agencies (“Data”) for the purpose of providing the Services. Licensee represents and warrants that: (i) it owns the Data posted by it on or through the Services or otherwise has the right to grant the license set forth in this Section 2(d); (ii) the posting and use of Data on or through the Services does not violate the privacy rights, publicity rights, copyrights, contract rights, intellectual property rights, or any other rights of any person; and (iii) the posting of Data on the Services does not result in a breach of contract between Licensee and any third party. ExactHire may calculate aggregate, anonymized statistics about its customers’ Data and use those statistics (but not the underlying Data) for purposes of sales, marketing, business development, product enhancement, or customer service.
3. USE OF THE SERVICES; SUPPORT
(a) ExactHire’s Responsibilities. ExactHire shall:
(i) provide you with basic support in connection with your use of the Service at no additional charge, and with upgraded support if purchased separately,(ii) use commercially reasonable efforts to make the Service available 24 hours a day, 7 days a week, except for:
(a) planned downtime (which ExactHire shall schedule to the extent practicable during the weekend hours from 6:00 p.m. Friday to 3:00 a.m. Monday Eastern Time), or
(b) any unavailability caused by circumstances beyond ExactHire’s reasonable control, including acts of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems (other than those involving our employees), Internet service provider failures or delays, or denial of service attacks, and
(iii) provide the Service only in accordance with applicable laws and government regulations. ExactHire will maintain appropriate administrative, technical and physical safeguards to protect the security, confidentiality and integrity of Data.
(b) Licensee Responsibilities. Licensee will (i) be responsible for its (and, as applicable, its personnel’s) compliance with this Agreement, (ii) use commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify ExactHire immediately of any such unauthorized access and/or use of which Licensee becomes aware, and (iii) use the Services only in accordance with this Agreement and all applicable laws and government regulations. Licensee will not (w) make the Services available to any third party (except for any third parties acting on behalf of Licensee or at Licensee’s request, such as recruiting agencies), (x) sell, resell, rent or lease the Services, (y) interfere with or disrupt the integrity or performance of the Services or any third-party data contained on the Services, including, as applicable, the third-party data of Licensee’s employees, or (z) attempt to gain unauthorized access to the Services or their related systems or networks.
(a) Fees. Licensee will pay ExactHire the fees described on the applicable Order Form(s) (the “Fees”). Licensee will be invoiced for any implementation fees indicated on the Order Form(s) upon the execution date of Order Form(s). Effective two (2) weeks from date of implementation invoice, Licensee will be invoiced for first installment of recurring fees. All Fees are due within fifteen (15) days of invoice date and are based on Services ordered rather than actual usage. Payment obligations are non-cancelable with the exception of any money back guarantees noted on the Order Form(s) for Services, and subject to Section 6(d) and Order Form guarantees, fees paid are non-refundable.
(b) Payment Terms. For all Fees, Licensee will choose from the payment method and frequency of payment options presented on the Order Form(s) for Services. The preferred payment method is an annual payment via an Automated Clearing House Debit (ACH Debit) transaction; however, Licensee may select other payment options and payment methods for a slight increase in fees to be explicitly outlined in the Order Form(s) for Services.
Licensee is solely responsible for providing ExactHire accurate and complete billing and contact information and for notifying ExactHire of any changes to such information.
(c) Overdue Charges. Late Fee payments will accrue late interest at the rate of 5% of the outstanding balance, or the maximum rate permitted by law, whichever is lower, from the date such payment is over thirty (30) days past due.
(d) Taxes. Licensee will be responsible for payment of all sales, use, property, value-added, withholding, or other federal, state or local taxes except for taxes based solely on ExactHire’s net income. If ExactHire is required to pay any such taxes based on the licenses granted in this Agreement or on Licensee’s use of the Services, then such taxes will be billed to and paid by Licensee.
5. CONFIDENTIAL INFORMATION
(a) Definition of Confidential Information. As used herein, “Confidential Information” means all confidential information disclosed by a Party (“Disclosing Party”) to the other Party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Licensee’s Confidential Information will include Data; ExactHire Confidential Information will include the Services; and Confidential Information of each Party will include business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such Party. However, Confidential Information (other than Data) will not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.
(b) Protection of Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care). The Receiving Party agrees (i) not to use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as otherwise authorized by the Disclosing Party in writing, to limit access to Confidential Information of the Disclosing Party to those of its and its affiliates’ employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein. Neither party will disclose the terms of this Agreement or any Order Form to any third party other than its affiliates and its legal counsel and accountants without the other party’s prior written consent.
(c) Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.
6. TERM AND TERMINATION
(a) Term of Agreement. This Agreement takes effect on the date Licensee first signs an Order Form incorporating these terms and will remain in effect until all applicable Order Forms have expired or been terminated.
(b) Term of Purchased Subscriptions. The term of each subscription shall be as specified in the applicable Order Form(s). Except as otherwise specified in an Order Form, subscriptions will automatically renew for additional periods equal to the expiring subscription term or one year (whichever is shorter), unless either party gives the other written notice (email acceptable) at least 30 days before the end of the relevant subscription term. Except as expressly provided in the applicable Order Form(s), renewal of promotional, or one-time priced subscriptions will be at ExactHire’s applicable list price in effect at the time of the applicable renewal. Notwithstanding anything to the contrary, any renewal in which subscription volume or subscription length for any Services has decreased from the prior term will result in re-pricing at renewal without regard to the prior term’s per-unit pricing.
(c) Termination. If either Party commits a material breach or default in the performance of any of its obligations under this Agreement, then the other Party may terminate this Agreement, provided that the terminating Party gives the breaching or defaulting Party written notice of termination specifying the underlying breach or default within 30 days of discovery of such breach or default, and such breach or default remains uncured 30 days after the breaching or defaulting Party receives the notice.
(d) Effect of Termination. Upon expiration or termination of this Agreement for any reason, the rights, licenses and access to the Services granted to Licensee under this Agreement will immediately terminate. If this Agreement expires, or if ExactHire terminates this Agreement pursuant to Section 6(c), all Fees will become immediately due and payable to ExactHire. If Licensee terminates this Agreement pursuant to Section 6(c), ExactHire will provide Licensee with a pro-rated refund of any prepaid Fees covering the period from the date of termination through the end of the Term. In no event will expiration or termination of this Agreement relieve Licensee of any obligation to pay Fees payable for the period prior to the date of termination.
(e) Data. Upon expiration or termination of this Agreement for any reason, ExactHire shall provide an export file, for a reasonable fee, of all Customer Data stored on the Platform (in a reasonably usable digital format) to Licensee, if Licensee requests this within thirty (30) business days of such expiration or termination. After such 30-day period, ExactHire will have no obligation to maintain or provide any Customer Data, and as provided in the Documentation may thereafter delete or destroy all copies of Customer Data in its systems or otherwise in its possession or control.
(f) Survival. All terms and provisions of this Agreement, including any exhibits, which by their nature are intended to survive any termination or expiration of this Agreement, will so survive.
7. REPRESENTATIONS AND WARRANTIES
Each party represents and warrants to the other party that: (a) it is duly organized, validly existing and in good standing as a corporation or other entity as represented herein under the laws and regulations of its jurisdiction of incorporation, organization or chartering; (b) it has the right, power and authority to enter this Agreement and to grant the rights and licenses granted hereunder and to perform all of its obligations hereunder; (c) the execution of any Order Form(s) incorporating this Agreement by its representative whose signature is set forth therein has been duly authorized by all necessary corporate or organizational action of the party; (d) when any Order Form incorporating this Agreement is executed and delivered by both parties, this Agreement will constitute the legal, valid and binding obligation of such party, enforceable against such party in accordance with its terms; and (e) it will abide by all applicable federal, state and local laws and regulations with respect to online activities, use of end user data and the products and services offered by each party in connection with this Agreement.
8. WARRANTY DISCLAIMER
EXCEPT AS EXPRESSLY SET FORTH IN SECTION 3(a), THE SERVICES ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. AND EXACTHIRE MAKES NO PROMISES, REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT TO THE SERVICES, INCLUDING THEIR CONDITION, CONFORMITY TO ANY REPRESENTATION OR DESCRIPTION, OR THE EXISTENCE OF ANY LATENT OR PATENT DEFECTS. EXACTHIRE SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE AND ALL OTHER IMPLIED OR STATUTORY WARRANTIES, AS WELL AS ANY LOCAL JURISDICTIONAL ANALOGUES TO THE ABOVE. EXACTHIRE DOES NOT WARRANT THAT THE SERVICES WILL BE ERROR-FREE OR THAT THE SERVICES WILL WORK WITHOUT INTERRUPTIONS.
9. LIMITATION OF LIABILITY
IN NO EVENT WILL EITHER PARTY’S LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED FEES PAID BY LICENSEE TO EXACTHIRE PURSUANT TO THIS AGREEMENT. EXCEPT FOR A BREACH OF THE LICENSE RESTRICTIONS OR CONFIDENTIALITY OBLIGATIONS, IN NO EVENT WILL EITHER PARTY HAVE ANY LIABILITY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, ARISING OUT OF OR RELATED TO THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO LOSS OF ANTICIPATED PROFITS OR LOSS OR INTERRUPTION OF USE OF ANY FILES, DATA OR EQUIPMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. THE PARTIES AGREE THAT THE FOREGOING LIMITATIONS REPRESENT A REASONABLE ALLOCATION OF RISK UNDER THIS AGREEMENT.
Each party (“Indemnifying Party”) will indemnify, defend and hold the other party (“Indemnified Party”) harmless from any claim, action, suit or proceeding made or brought against the Indemnified Party arising out of or related to the Indemnifying Party’s breach of any term of this Agreement.
(a) ExactHire will indemnify, defend and hold Licensee harmless from any third party claim, action, suit or proceeding made or brought against Licensee alleging that Licensee’s use of the Services in accordance with this Agreement infringes such third party’s intellectual property rights (an “Infringement Claim”). In the event of an Infringement Claim, ExactHire may, at its sole option and expense: (A) procure for Licensee the right to continue use of the Services or infringing part thereof; or (B) modify or amend the Services or infringing part thereof, or replace the Services or infringing part thereof with other software having substantially the same or better capabilities; or, (C) if neither of the foregoing is commercially practicable, terminate this Agreement and repay to Licensee a pro rata portion, if any, of any pre- paid Fees. ExactHire will have no liability for an Infringement Claim if the actual or alleged infringement results from (1) Licensee’s breach of this Agreement, (2) Licensee’s modification, alteration or addition made to the Services or any use thereof, including any combination of the Services with software or other materials not provided by ExactHire, (3) Licensee’s failure to use any corrections or modifications made available by ExactHire that would not result in any material loss of functionality, or (4) use of the Services in a manner or in connection with a product or data not contemplated by this Agreement. ExactHire also disclaims any liability for settlements entered into by Licensee or costs incurred by Licensee in relation to an Infringement Claim that are not pre-approved by ExactHire in writing. THIS SECTION STATES THE ENTIRE LIABILITY OF EXACTHIRE WITH RESPECT TO ANY INFRINGEMENT CLAIM.
(b) Licensee will indemnify, defend and hold ExactHire harmless from any claim, action, suit or proceeding (i) made or brought against ExactHire involving allegations that Licensee breached any of its representations, warranties or obligations under this Agreement, or (ii) arising out of or resulting from ExactHire’s use of any Data in accordance with this Agreement.
11. MODIFICATION OF SERVICE OR THIS AGREEMENT
(a) The Services may be made available in free or paid versions at different levels. Not all features and functionality of the Services may be available in each version or level. ExactHire reserves the right, in its sole discretion, to modify, add, or remove portions and/or functionality of the Services on a temporary or permanent basis, without liability to Licensee or any third party.
(b) ExactHire may modify, add, or remove portions of this Agreement at any time. In the event ExactHire determines it is necessary to make a material modification to this Agreement, you will be notified of such change. Note that your use of the Services after modifications to the Agreement become effective constitutes your binding acceptance of such changes.
(c) If you are dissatisfied with the terms of this Agreement or any modifications to this Agreement or the Service, you agree that your sole and exclusive remedy is to terminate this Agreement and discontinue any use of the Service.
(a) Assignment. Neither party may assign this Agreement or any rights or obligations hereunder, directly or indirectly, by operation of law or otherwise, without the prior written consent of the other party; provided, however, that ExactHire may assign this Agreement to a parent, affiliate, subsidiary, or successor to its business, if any. Subject to the foregoing, this Agreement will inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns. Any attempted assignment in violation of this Section 11(a) will be null and void.
(b) Export Regulations. Licensee agrees to comply with all applicable export and re-export control laws and regulations, including the Export Administration Regulations (“EAR”) maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the Treasury Department’s Office of Foreign Assets Control, and the International Traffic in Arms Regulations (“ITAR”) maintained by the Department of State. Specifically, Licensee covenants that it will not — directly or indirectly — sell, export, re-export, transfer, divert, or otherwise dispose of any products, software, or technology (including products derived from or based on such technology) received from ExactHire under this Agreement to any destination, entity, or person prohibited by the laws or regulations of the United States, without obtaining prior authorization from the competent government authorities as required by those laws and regulations. Licensee agrees to indemnify, to the fullest extent permitted by law, ExactHire from and against any fines or penalties that may arise as a result of Licensee’s breach of this provision.
(c) API Integration. If you integrate with ExactHire using our API, you must use efficient programming, which will not cause too many requests to be made in too short a period of time, as-determined solely by ExactHire. If this occurs, ExactHire reserves the right to throttle your API connections, or suspend or terminate your Services.
(d) Security Breach.
(i) External Breach: In the event of a security breach, as defined by Applicable Law, by anyone other than Licensee employee, contractor or agent, upon discovery of such breach, ExactHire will:
(a) initiate remedial actions that are in compliance with Applicable Law and consistent with industry standards; and
(b) notify Licensee of the security breach, its nature and scope, the remedial actions ExactHire will undertake, and the timeline within which ExactHire expects to remedy the breach.
(ii) Internal Breach: In the event of a security breach, as defined by Applicable Law, by your employee, contractor or agent, you shall have sole responsibility for initiating remedial actions and shall notify ExactHire immediately of the breach and steps you will take to remedy the breach.
(e) Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law the remaining provisions of this Agreement will remain in full force and effect.
(f) Governing Law and Jurisdiction. This Agreement is governed by and construed under the laws of the Indiana without reference to conflict of laws principles. All disputes arising out of or related to this Agreement will be subject to the exclusive jurisdiction of the state and federal courts located in Indianapolis, Indiana, and the parties agree and submit to the exclusive jurisdiction and venue of these courts.
(g) Entire Agreement. This Agreement, together with the Order Forms, embodies the entire understanding of the parties and supersedes any previous or contemporaneous communications, whether oral or written; and may be amended only by a writing signed by both parties.
13. CONTACT INFORMATION
If you have any questions about the Service or this Agreement, you may contact us at:
10333 N. Meridian, Suite 130
Indianapolis, IN 46290
Physical Security and Compliance
ExactHire’s Services are hosted at an enterprise level, third party hosting company. It is a managed technology service provider that delivers first-in-class hosting service to businesses throughout North America. Some of the key security elements provided include:
- Biometric access, cameras, staffed lobby
- Full security audit trail, badging, positive ID
- Escort only access / full management available
- Protected / OC12 to OC-192 SONET backbones
- FM-200 or Dry Pipe fire suppression
- Redundant, conditioned power 110v to 480v
- Exceptional uptime exceeding 99.9999%
- Redundant modular cooling with on-site backup
In addition, all transactions are processed using secure encryption at the same level of encryption used by leading banks and financial services providers. Personal information is transmitted and processed securely.
Personally identifiable information is stored on a separate server as a security precaution and our sites are SSL encrypted.
Data in transit
Data in transit is protected by a SSL certificate encrypted with a 2048 bit key. Remote access is via ip-address-limited SSH. Only the firewall / load balancer is publicly accessible.
System passwords are randomly salted, created and stored using a bcrypt based one-way hashing algorithm.
Real-time data replication is used between on-site, redundant servers. Additional backups are encrypted and stored on two separate NAS devices and archival backups are transported to a vaulted, offsite storage facility.
Keeping your data secure also requires that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems.
ExactHire GDPR Readiness
ExactHire is pleased to announce that its systems and processes are compliant with the new General Data Protection Regulation (GDPR). GDPR is the new standard in the European Union (EU) governing the privacy and data protection of EU residents, effective May 25, 2018. This means that ExactHire (as the “data processor”) is able to effectively support clients (“data controllers”) who have employees and applicants residing in the EU as they also meet their own obligations under the GDPR.
To comply with GDPR, organizations must heed the following important requirements:
- Obtain consent to collect and process personal information
- Protect personal data
- Control access to personal data
- Provide the option to restrict processing and/or erase personal data
- Inform customers of data breaches
How ExactHire Handles GDPR
ExactHire is staying ahead of the GDPR changes, both in its role as a data processor and in support of data controllers. ExactHire’s efforts include:
- Providing effective human resources software platforms that enable client companies to comply with the GDPR requirements while still having a positive user experience.
- Deploying industry-standard technical processes and procedures that protect data, both when it is in transmission and while we are hosting it.
- Providing tools that allow our clients to meet the GDPR defined timelines when processing client data requests, whether it’s gathering consent, providing access, or erasing data.
- Providing notification within the required 72 hours in the event of a data breach.
- Continuing to monitor GDPR developments and guidance, to support our clients’ compliance efforts.
Data Subject Consent
How does ExactHire plan to help clients obtain consent from individual job applicants to transfer their personal data to the US?
Collecting resumes and other relevant personal information is a legitimate interest of an employer evaluating and hiring candidates. Therefore, companies do not need to collect consent from job applicants. ExactHire customers are also not required to obtain consent from candidates to transfer their personal data from the EU to the US, because ExactHire can commit to providing a level of protection for the data that is acceptable under EU law.
Because obtaining consent from applicants is not required under the GDPR and creates a larger administrative burden on employers, we suspect that our customers with facilities in the EU will want to avoid it. However, our applications are customizable, so clients who want to collect consent from candidates can do so through customized questions that can be posted on their job boards. Clients may also provide any notifications to candidates required by the GDPR on their job pages, including the requirement to alert candidates that their personal data will be transferred outside of the EU. For assistance in customizing text on job pages, please contact email@example.com.
The Right to be Forgotten
EU data subjects have the “right to be forgotten” and, therefore, ExactHire customers will be required to erase a candidate’s personal data when requested by the candidate. Companies also need to erase personal data when the business no longer has a legal basis to continue storing it under the GDPR.
ExactHire allows you to:
- Request a bulk deletion of candidate data in order to comply with your organization’s specific policies of when your legal justification for keeping candidate data has expired. Consult your legal counsel before requesting that data be deleted.
- Our data retention policies are set in yearly increments.
- Data deletion requests are processed on the first of the requested month for the respective year. For example, if data deletion request is to be repeated every year in May, and a record is created on May 18, 2018, then the permanent deletion request for that record will be processed on May 1, 2020 (since the record would not yet have been a full year old on May 1, 2019).
- Contact firstname.lastname@example.org to make a request to delete candidate data.
- Use customizable email templates to generate candidate emails requesting permission to keep their data longer than your default timeline, and keep their data when candidates agree.
- Configure which data is deleted when a candidate asks to be forgotten (for example, you might decide to delete any personal data but keep anonymized information that would allow you to generate reports on pipeline conversion).
- Request that an individual candidate’s data be deleted by contact email@example.com.
Enhanced Rights to Notice and Access
Under the GDPR, employers are required to provide a variety of details at the time personal data is collected (for example, when a candidate applies to a job), including why they are collecting certain information, how long it will be stored, and where it will be sent.
The GDPR enhances individuals’ right to access their own personal data, and companies will need to provide this data to candidates upon request in an efficient and easily portable format.
ExactHire is ready to respond to and complete data requests from data controllers on behalf of their candidates. To request a data export for a candidate, email firstname.lastname@example.org. You may specify what data should be accessible and then send it to candidates in a CSV file.
ExactHire can include language approved by you on your career sites so that any necessary notifications and disclosures are made to candidates when they apply. To make a request to update language, please contact email@example.com.
The Right to Object
People have a right to restrict their personal data from being used for direct marketing purposes.
If a candidate opts out, ExactHire has a feature which prevents users from sending any email to that candidate.
ExactHire and Our Sub-Processors
In order to provide maximum transparency, we’ve created a list of sub-processors ExactHire works with along with details on how we use data collected through these sub-processors.
Sub-processors with access to data subject personal data in ExactHire Services:
|ExactHire Sub-Processors:||Why and How Data is Used|
|CNI||Servers and network infrastructure|
|Amazon Web Services||Servers and network infrastructure|
|Desk.com and Team Support||Issue ticketing system|
|Atlassian Jira||Development ticketing system|
|Cronofy||Applicant interview scheduling|
|Twilio||Text message delivery|
|Google Analytics||Product and marketing analytics|
|Salesforce||Customer relationship management|
|PandaDoc||Sales proposal management|
|Basecamp and Trello||Project management|
|Formstack||Project implementation tool|
|Google Drive||Internal communication and documentation|
|YourBrowser.is||Browser identification tool|
|WordPress Engine||Marketing website hosting|
For more information on GDPR, visit the official EU homepage.