Privacy Policy
Effective Date: September 16, 2024
Last Updated: October 2, 2024
At Ghost Jobs, LLC ("we," "us," or "our"), your privacy is our priority. This Privacy Policy outlines how we collect, use, share, and protect your personal information when you use our services, including our website GhostJobs.io, mobile applications, and related tools (collectively, the "Services"). By accessing or using the Services, you consent to the terms outlined in this Privacy Policy.
If you have any questions or concerns about your privacy, please contact us at [email protected].
__
1. Information We Collect
We collect personal data that is essential for providing our Services and improving your experience.
The information we collect includes:
A. Personal Data You Provide
- Account Registration: Name, email address, username, password, and any other information you provide during sign-up.
- Profile Information: Job history, preferences, reviews, and interactions with the platform.
- Payment Information: If you make purchases through our platform, we may collect payment data (such as credit card information) through third-party payment processors. All payment data is stored by our payment processor, Stripe. You can view their privacy notice here.
- Communication: Information from your communications with us, including customer support and inquiries.
B. Information Automatically Collected
- Device Information: IP address, browser type, device type, operating system.
- Usage Data: Pages visited, time spent on the platform, clicks, and interactions.
- Cookies and Tracking Technologies: We use cookies to enhance user experience, remember preferences, and analyze site traffic. See our Cookie Policy section for more information.
C. Data from Third Parties
- Linked Accounts: If you link your GhostJobs.io account to third-party services (e.g., LinkedIn or Google), we may collect information from those services with your permission.
__
2. How We Use Your Information
We process your data for the following purposes:
- To Provide Our Services: Personal data is necessary to operate our platform, including maintaining your account, providing access to job posting histories, and user reviews.
- To Improve Our Platform: We analyze usage data and feedback to improve platform functionality and user experience.
- To Communicate: We use your email address to send notifications, updates, and responses to your inquiries.
- To Protect Users: We use security measures to safeguard your personal data and prevent fraud or abuse on the platform.
- To Comply with Legal Obligations: Where necessary, we process personal data to comply with legal requirements.
__
3. Sharing Your Information
We do not sell, rent, or trade your personal data. However, we may share your data in the following circumstances:
- Service Providers: We share personal data with third-party vendors who assist us in providing the Services, such as hosting services, payment processors, and customer support.
- Legal Requirements: We may share information if required to comply with legal obligations, protect the rights of Ghost Jobs, LLC, or respond to lawful requests.
- Business Transfers: In the event of a merger, sale, or acquisition, your data may be transferred to the new owner.
__
4. How Long We Keep Your Information
We retain your personal information for as long as necessary to provide the Services and meet legal obligations. Once we no longer need your data, we will securely delete or anonymize it.
Data Retention Policy
Our data retention policy is designed to ensure that we keep your personal data only for as long as it is necessary for the purposes for which it was collected, or to comply with legal and regulatory requirements. Here are the key points of our data retention policy:
- Active Accounts: We retain personal data associated with active accounts for the duration of the account's existence.
- Inactive Accounts: For accounts that have been inactive for more than 24 months, we may anonymize or delete personal data, except where we have a legal obligation to retain it.
- Transaction Data: We retain transaction-related data for a period of 7 years to comply with tax and financial regulations.
- Communication Records: We keep records of customer service communications for 2 years from the date of the last interaction.
- Log Data: Server logs and other technical data are retained for up to 90 days for security and troubleshooting purposes.
- Anonymized Data: We may retain anonymized data indefinitely for analytical and statistical purposes.
You can request the deletion of your personal data at any time by contacting us at [email protected] or submitting a request form via our Privacy Request Page. We will process your request within 30 days, subject to any legal obligations that may require us to retain certain information.
__
5. Data Security
We implement security measures to protect your personal data from unauthorized access, alteration, or disclosure. While we strive to secure your data, no security system is foolproof. Transmission of data is at your own risk.
Data Breach Notification Policy
In the event of a data breach that affects your personal information, we are committed to notifying you promptly and in accordance with applicable laws. Our data breach notification policy includes the following:
- Detection and Investigation: We have systems in place to detect potential data breaches. Upon detection, we will immediately investigate to confirm the breach and assess its scope and impact.
- Notification Timeline:
- For users in the European Union: We will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.
- For users in the United States: We will notify you in accordance with state laws, which typically require notification without unreasonable delay and within 30-60 days.
- Notification Method: We will notify you via email using the contact information associated with your account. If the breach affects a large number of users, we may also post a notification on our website.
- Content of Notification: Our notification will include:
- A description of the nature of the breach
- The types of personal data affected
- Recommended steps to protect yourself from potential harm
- A description of the measures we are taking to address the breach
- Contact information for further questions or concerns
- Follow-up Actions: We will keep you informed of the steps we are taking to mitigate the impact of the breach and prevent future incidents.
__
6. Your Privacy Rights
Depending on your location, you may have the right to:
- Access: Request a copy of the data we hold about you.
- Rectification: Correct inaccurate data.
- Deletion: Request deletion of your personal data.
- Restriction: Limit the processing of your data in certain circumstances.
- Portability: Request a copy of your data in a structured, machine-readable format.
To exercise these rights, please contact us at [email protected] or submit a request form via our Privacy Request Page.
__
7. GDPR Compliance
If you are located in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). As a data controller, we are responsible for processing your personal data in accordance with GDPR requirements. You have the right to lodge a complaint with your local data protection authority.
This section outlines your rights under GDPR and how we ensure compliance.
1. Your GDPR Rights
As an EEA resident, you have the following rights concerning your personal data:
- Right of Access: You have the right to request access to the personal data we hold about you.
- Right to Rectification: You can request the correction of inaccurate or incomplete personal data.
- Right to Erasure (Right to Be Forgotten): You may request that we delete your personal data, subject to legal and contractual exceptions.
- Right to Restrict Processing: You can request that we limit how we process your personal data under certain circumstances.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another data controller.
- Right to Object: You can object to our processing of your data for certain purposes, such as direct marketing.
- Right to Withdraw Consent: Where we rely on your consent to process your personal data, you can withdraw that consent at any time.
2. How to Exercise Your Rights
If you wish to exercise any of your rights under GDPR, please contact us at [email protected] or submit a request form via our Privacy Request Page. We will respond to your request as soon as possible, and no later than one month from the date of the request. Please note that we may need to verify your identity before processing your request.
3. Legal Basis for Processing Your Data
Under GDPR, we process your personal data based on the following legal grounds:
- Consent: When you have given explicit consent for us to process your data (e.g., signing up for our services).
- Contractual Necessity: When data processing is necessary to fulfill a contract with you (e.g., providing access to your account).
- Legitimate Interests: When we have a legitimate business interest in processing your data, such as improving our services, provided that this interest is not overridden by your data protection rights.
- Legal Obligations: When we must process your data to comply with applicable laws and regulations.
4. Data Transfers Outside of the EEA
Ghost Jobs, LLC is located in the United States, and your personal data may be transferred to and processed in a location outside of the EEA. We implement safeguards to ensure that your personal data remains protected in accordance with GDPR. These safeguards may include Standard Contractual Clauses, which are approved by the European Commission.
5. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy, or to comply with legal obligations. Once your personal data is no longer needed, we will securely delete or anonymize it.
6. Data Protection Officer (DPO)
In compliance with GDPR, we have designated a Data Protection Officer (DPO) to oversee our data protection strategies and ensure GDPR compliance. For any inquiries regarding your personal data, you may contact our DPO at:
Email: [email protected]
7. Automated Decision-Making and Profiling
We do not use your personal data for any automated decision-making processes or profiling that would have a significant impact on you.
8. Filing a Complaint
If you believe that we are not handling your personal data in accordance with GDPR or have concerns about how we are processing your data, you have the right to lodge a complaint with your local data protection authority.
__
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our website to enhance your experience, analyze website traffic, and improve the quality of our services. This Cookie Policy explains what cookies are, how we use them, and how you can manage them.
By using our website, you consent to the use of cookies in accordance with this Cookie Policy.
1. What Are Cookies?
Cookies are small text files that are stored on your device (computer, tablet, or smartphone) when you visit a website. They allow the website to recognize your device, remember your preferences, and collect information about your browsing habits.
Cookies can be session cookies (which are deleted after you close your browser) or persistent cookies (which remain on your device until they expire or are deleted manually).
2. Types of Cookies We Use
We use the following types of cookies on our website:
A. Essential Cookies
These cookies are necessary for the functioning of the website. Without them, the website cannot provide basic services like account login, security features, or job search functionality.
- Purpose: Enable core functionalities such as user authentication and access to secure areas of the website.
- Examples: Login cookies, session cookies, security cookies.
B. Performance and Analytics Cookies
These cookies help us understand how visitors interact with our website by collecting information on site usage, such as pages visited, time spent on the site, and any issues encountered. This data is used to improve the website's functionality and user experience.
- Purpose: Track and analyze user behavior to improve website performance.
- Examples: Google Analytics cookies.
C. Functionality Cookies
These cookies allow the website to remember your preferences and provide a more personalized experience, such as remembering your language or region settings.
- Purpose: Enhance user experience by remembering user preferences and settings.
- Examples: Language preference cookies.
D. Targeting or Advertising Cookies
These cookies are used to deliver relevant advertisements to you based on your interests. They also help limit the number of times you see a particular ad and measure the effectiveness of ad campaigns.
- Purpose: Show personalized ads based on your browsing activity and measure ad performance.
- Examples: Google AdSense, Facebook Pixel.
E. Third-Party Cookies
In some cases, third-party cookies may be placed on your device when you interact with embedded content from third-party websites, such as social media sharing buttons or video embeds. These cookies are governed by the third party's privacy policy.
- Purpose: Allow third parties to track your interactions with their services on our website.
- Examples: YouTube cookies, LinkedIn cookies.
3. How We Use Cookies
We use cookies to:
- Improve the functionality and performance of our website.
- Provide personalized features, such as saving your job searches or preferences.
- Analyze website traffic and user behavior to enhance our services.
- Deliver targeted advertising based on your browsing activity.
- Ensure security and prevent fraudulent activities.
4. How to Manage Cookies
You have the right to manage and control the use of cookies. You can control cookies through the following methods:
A. Browser Settings
Most browsers allow you to manage cookies via your browser settings. You can set your browser to:
- Block or delete cookies.
- Alert you when a cookie is being set.
- Disable certain types of cookies.
Please note that disabling certain cookies may affect your ability to use some features of the website, such as logging into your account or saving job search preferences.
B. Opt-Out of Third-Party Cookies
To opt out of third-party cookies used for advertising, you can visit:
- Google Ads Settings: https://adssettings.google.com
- Network Advertising Initiative: https://www.networkadvertising.org
- Your Online Choices (EU users): https://www.youronlinechoices.eu
C. Do Not Track Signals
Some browsers offer a "Do Not Track" (DNT) feature that signals to websites you do not want to be tracked. However, there is no standard for how websites should respond to DNT signals, so we do not currently respond to them.
5. Changes to This Cookie Policy
We may update this Cookie Policy periodically to reflect changes in our use of cookies or applicable laws. Any updates will be posted on this page with the "Last Updated" date. We encourage you to review this policy regularly to stay informed about our use of cookies.
6. Contact Us
If you have any questions about this Cookie Policy, or if you would like more information about how we use cookies, please contact us at:
- Email us at: [email protected]
- Submit a request form via our Privacy Request Page.
__
9. Children's Privacy
Our Services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from minors. If you believe we have collected such information, please contact us at [email protected], and we will promptly delete the data.
Children's Online Privacy Protection Act (COPPA) Compliance
While our Services are not directed at children under 13 years of age, we recognize the importance of protecting children's privacy online. In compliance with the Children's Online Privacy Protection Act (COPPA), we adhere to the following principles:
- No Collection of Children's Data: We do not knowingly collect, use, or disclose personal information from children under 13 years of age.
- Parental Consent: If we discover that we have inadvertently collected information from a child under 13, we will promptly delete the information unless we receive verifiable parental consent to retain it.
- Limited Information: If parental consent is obtained, we will only collect information that is reasonably necessary for the child's participation in the authorized activity.
- Parental Access: Parents can review their child's personal information, request its deletion, and refuse to permit further collection or use of the child's information.
- Security: We maintain the confidentiality, security, and integrity of information collected from children, including by taking reasonable steps to release such information only to parties capable of maintaining its confidentiality and security.
- Education: We provide information about our privacy practices to parents and support efforts to educate children about online safety and privacy.
If you believe a child under 13 has provided us with personal information without parental consent, please contact us at [email protected], and we will take steps to delete the information and prevent future unauthorized collection.
__
10. California Residents' Privacy Rights (CCPA & CalOPPA)
If you are a California resident, you are entitled to certain privacy rights under the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA).
This section outlines those rights and how you can exercise them.
1. Your Rights Under CCPA
California residents have the following rights concerning their personal information:
- Right to Know: You have the right to request that we disclose the personal information we have collected, used, or shared about you in the past 12 months.
- Right to Delete: You may request that we delete any personal information we have collected from you, subject to certain exceptions (e.g., if the information is necessary to complete a transaction or for legal compliance).
- Right to Opt-Out: If we sell your personal information, you have the right to opt out of such sales. To opt out, please visit our Do Not Sell Or Share My Personal Information page.
- Right to Non-Discrimination: You have the right to receive equal service and pricing, even if you exercise your privacy rights under CCPA.
2. Categories of Personal Information We Collect
We may collect the following categories of personal information from you:
- Identifiers (e.g., name, email address, account information)
- Internet or network activity (e.g., browsing history on our site)
- Geolocation data
- Inferences drawn from other data (e.g., preferences or characteristics)
3. How We Use Your Personal Information
We use the information collected for the purposes described in our Privacy Policy, including to provide our services, improve user experience, and comply with legal requirements.
4. How We Share Your Personal Information
We may share your personal information with third parties for business purposes, such as service providers, hosting providers, and analytics tools. We do not sell your personal information.
5. Do Not Track (CalOPPA Requirement)
Our website does not respond to Do Not Track (DNT) signals from web browsers. DNT is a setting you can enable in your browser to signal that you do not want your browsing activity tracked, but there is no industry-wide standard on how websites should respond to such signals. As a result, we currently do not alter our practices when we receive a DNT signal.
6. Exercising Your Rights
To exercise any of your rights under CCPA or CalOPPA, you can:
- Visit our Do Not Sell Or Share My Personal Information page to opt-out of the sale of your personal information.
- Email us at: [email protected]
- Submit a request form via our Privacy Request Page.
We may need to verify your identity before processing your request. We will respond to your request within 45 days, as required by the CCPA.
7. Managing Cookies and Tracking Technologies
To manage cookies, you can:
- Adjust your browser settings to block or delete cookies.
- Use our Cookie Consent Tool to manage cookie preferences, including opting out of interest-based advertising.
Please note that disabling cookies may affect certain features of our website.
8. Changes to This Section
We may update this section periodically to remain compliant with applicable laws. Please check this page regularly for updates.
__
11. Accessibility (WCAG Compliance)
We are committed to ensuring digital accessibility for people with disabilities. We are continually improving the user experience for everyone and applying the relevant accessibility standards.
Measures to Support Accessibility
- Web Content Accessibility Guidelines (WCAG): We strive to conform to the Web Content Accessibility Guidelines (WCAG) 2.1 at Level AA. These guidelines explain how to make web content more accessible for people with disabilities.
- Accessible Design: We implement accessible design principles, including:
- Providing text alternatives for non-text content
- Creating content that can be presented in different ways without losing information
- Making it easier for users to see and hear content
- Ensuring all functionality is available from a keyboard
- Giving users enough time to read and use content
- Not using content that could cause seizures or physical reactions
- Helping users navigate and find content
- Making text content readable and understandable
- Making content appear and operate in predictable ways
- Helping users avoid and correct mistakes
- Assistive Technologies: Our website is designed to be compatible with various assistive technologies, including screen readers, magnification software, and voice recognition software.
- Ongoing Improvements: We regularly review and improve our website to enhance accessibility and usability.
- Feedback: We welcome your feedback on the accessibility of our website. Please let us know if you encounter accessibility barriers on our website by contacting us at [email protected].
- Accessibility Statement: We maintain an accessibility statement that outlines our commitment to accessibility and provides information about the accessibility features of our website.
__
12. International Data Transfer
Ghost Jobs, LLC is based in the United States, and your information may be transferred to, stored, or processed in the United States or other countries where our service providers maintain facilities. We want to ensure that your personal data is protected when transferred internationally.
Data Transfer Mechanisms
- Standard Contractual Clauses (SCCs): We primarily rely on the European Commission's Standard Contractual Clauses for data transfers outside the EEA. These clauses ensure that your personal data receives an adequate level of protection in the recipient country.
- Privacy Shield: While the EU-US Privacy Shield framework has been invalidated, we continue to comply with its principles for historical data transfers.
- Adequacy Decisions: Where applicable, we transfer data to countries that have received an adequacy decision from the European Commission, recognizing that they provide an adequate level of data protection.
- Consent: In certain circumstances, we may transfer your data based on your explicit consent to the proposed transfer.
Additional Safeguards
In addition to these transfer mechanisms, we implement additional safeguards to protect your data:
- Encryption of data in transit and at rest
- Access controls and data minimization practices
- Regular security assessments of our data processors
Your Rights
You have the right to obtain information about the safeguards we have put in place to protect your data during international transfers. If you have any questions or concerns about our data transfer practices, please contact us at [email protected].
__
13. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Any changes will be posted on this page, and we may notify you through email or other means. Please review this policy regularly for updates.
__
14. Contact Information
For questions or concerns about this Privacy Policy, please contact us:
- Email: [email protected]
- Submit a request form via our Privacy Request Page.