Last Updated December 31, 2019
WHAT TYPES OF INFORMATION DOES THE COMPANY COLLECT & HOW DO WE COLLECT IT?
The Company’s primary line of business is providing shared services (human resources, legal, accounting, etc.) on behalf of its Affiliates – the Company does not have any outside clients. Accordingly, most personal information that we process has been voluntarily provided to us by you (by filling out a form on our Site, the Platform, or otherwise communicating with us), our employees, service providers, or Affiliates. With respect to the Platform, the Platform is used by the Company and its Affiliates to manage job candidates’ applications and the overall recruitment process – this includes the following companies:
- Data Analysis, Inc., a California corporation;
- O’Neil Capital Management Inc. (“OCM”), a California corporation;
- O’Neil Digital Solutions, LLC (“ODS”), a Delaware limited liability company;
- O’Neil Global Advisors, Inc. (“OGA”), a Delaware corporation;
- O’Neil Securities, Incorporated (“ONS”), a California corporation;
- William O’Neil & Co., Incorporated (“WON”), a Delaware corporation; and
- William O’Neil India Pvt. Ltd. (“WON India”), an Indian private limited company.
CATEGORIES OF PERSONAL INFORMATION
- Examples might include your name, email address, phone number, IP address, device identifier, or account name;
- Examples might include your financial information or business information;
- Examples might include your age or sex;
- Examples might include your browsing history, your search history, and information on your interaction with the Site, the Platform, and/or other Services;
- Examples might include your physical location or movements;
- Examples might include your current/past employers, job positions, salary, etc.
- The Company may make inferences drawn from other personal information listed above, to create a profile reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and/or aptitudes.
INFORMATION YOU PROVIDE TO US
When you access the Services, or otherwise communicate with us, upload information, submit a request, attend an event (in-person or otherwise), or otherwise communicate with us, directly or through a third party (e.g., SAP), we may collect and store any personal information you may provide. This could also include any information you provide to one of our Affiliates that is transferred to the Company so the Company can perform services on behalf of its Affiliates. This information may include, without limitation, your: name; phone number; birthdate; age; gender; physical address; e-mail address; e-mail communications; phone communications; messaging platform communications; data entered into forms or surveys; dates and times of access; usernames; passwords; web cookies; government identification numbers; licenses/certifications; salary/salary history; job positions; educational information; employment history; any other information on your résumé or other information that you disclose to us; and/or any information you provide to us about other people. By submitting such information, you agree that this information may be shared with third parties for the purposes detailed herein.
INFORMATION ABOUT YOUR USE OF THE SERVICES
We may also collect technical and usage information when you use the Services, including, without limitation, information obtained using various types of tracking software, such as cookies, beacons, pixels, and/or other tracking technologies which collect information about you when you use the Services. Information collected may include your browser type and version, IP address, operating system and platform, your internet service provider, when you open email that we send you or interact with an advertisement, and other information.
INFORMATION FROM OTHER SOURCES
We may collect aggregated and/or anonymized information for various purposes. Once aggregated or anonymized, information is no longer considered to be “personal information” because it will no longer be able to identify you individually and/or any of your devices used to access the Services.
HOW DOES THE COMPANY USE YOUR INFORMATION?
As the Company does not have clients outside of its Affiliates, the Company generally only uses personal information in order to: (a) evaluate a candidate’s suitability for current and/or future employment opportunities with the Company or our Affiliates; (b) to otherwise communicate with you; (c) to evaluate/engage service providers; (d) aggregate information; and (e) for purposes that are required by Applicable Laws. The Company will never use your personal information to send you marketing, advertising, or other similar messages.
TO EVALUATE QUALIFICATIONS
The Company processes personal information in order to evaluate your qualifications for current and/or future employment/engagement with the Company or our Affiliates. Additionally, the Company will use personal information so that it can manage its recruiting, hiring, and procurement processes. Further, we may also verify references you give us and you hereby authorize us to contact any person/entity you have listed as a reference.
TO COMMUNICATE WITH YOU
We use your personal information to communicate with you the Services, available job opportunities, your application, communications you have sent us, etc. We will generally communicate with you via email, web chat, and/or by telephone. By using the Services, or otherwise engaging with us, you agree that the Company and/or our representatives may email, call, or text you, including communicating with you about your interactions with the Company or the Services. Please note that if you telephone us, or if we call you, the call may be recorded for quality, training, and/or management purposes; online interactions (including through chat or email) may be recorded for similar purposes.
BY PROVIDING YOUR HOME TELEPHONE NUMBER OR MOBILE NUMBER, YOU ACKNOWLEDGE AND AGREE THAT THE COMPANY MAY MAKE CALLS AND TEXTS TO SUCH NUMBER VIA USE OF AN AUTOMATIC TELEPHONE DIALING SYSTEM (“ATDS”) OR ANOTHER SIMILAR ANNOUNCING DEVICE. However, it should be noted that consent to receive phone calls via an ATDS is not a required condition for employment or to otherwise do business with the Company or any of its Affiliates.
TO AGGREGATE & ANONYMIZE DATA
The Company may aggregate and/or anonymize any information collected for various purposes. Once aggregated or anonymized, the information will no longer be considered “personal information” because it will no longer be able to identify you and/or any of your specific devices used to access the Services. The Company may use such information for any purpose (e.g., research and development purposes), including sharing such information with third parties.
TO FULFILL OTHER PURPOSES THAT YOU HAVE CONSENTED TO
Your information will also be used to fulfill any other purpose for which you provide the information or otherwise provide your consent for the Company and/or other third parties to use such information.
FOR WHAT PURPOSES DOES THE COMPANY USE OR SHARE YOUR PERSONAL INFORMATION?
CONTRACTUAL OBLIGATION PURPOSES
As stated above, the Company’s primary line of business is performing administrative services on behalf of its Affiliates. The Company may be required to process your personal information to fulfill its contractual obligations to its Affiliates and/or to ensure that its Affiliates are able to meet their contractual or legal obligations (e.g., screening requirements imposed by a client of an Affiliate).
As the Company is part of a larger group of companies, it may be necessary for the Company to transmit your personal information to its Affiliates. Processing may be necessary so that data can be shared amongst our affiliates so that each entity can carry out their legal, regulatory, and/or contractual responsibilities and/or coordinate/implement business plans, logistics, and/or operations. This is especially true because the Company performs critical services on its Affiliates’ behalf, including services related to: accounting, human resources, legal, etc.
Processing your personal information may be necessary to facilitate the day-to-day operation of our business, to allow our service providers and other third-parties assist in providing and managing the Services, and to allow for business planning for strategic growth. This may include: managing our relationship with you, our employees, users, clients, vendors, and/or others; sharing intelligence with internal stakeholders; implementing training procedures; planning and allocating resources and budgets; performing data modelling; facilitating internal reporting; analyzing growth strategies; aggregating analytics; and/or processing personal information to create anonymized data (e.g., for product improvement, analytics, etc.).
Processing your personal information may be necessary to enable the Company’s business operations to run more efficiently, e.g., establishing how to allocate resources.
RESEARCH & DEVELOPMENT PURPOSES
Processing your personal information will likely be necessary for us to deliver and/or improve the Services. This includes processing your personal information to determine whether our offerings are working as intended, monitoring usage and conduct, and identifying and troubleshooting issues.
The Company may need to process your personal information in order to identify recurring problems and/or analyze the patterns of behavior of users in order to monitor the performance of, and users’ behavior on, the Services.
DIRECT COMMUNICATION PURPOSES
Processing your personal information may be necessary for direct communication purposes to occasionally communicate with you for non-marketing/advertising purposes.
BUSINESS-TO-BUSINESS MARKETING & SALES PURPOSES
The Company may need to process personal information in the context of communicating with other businesses, e.g., processing the information of a business contact.
DUE DILIGENCE PURPOSES
It may be necessary for the Company to process your personal information for the purposes of conducting due diligence. This could include, for example, monitoring official watch-lists, sanction lists and “do-not-do-business-with” lists published by governments and other official bodies globally. This could also include keyword searches of industry and reputable publications to determine if companies and individuals have been involved in or convicted of relevant offenses, such as fraud, bribery, and/or corruption.
FRAUD DETECTION & PREVENTION PURPOSES
Processing your personal information may be necessary for the Company to help detect and prevent fraud.
UPDATING CONTACT INFORMATION & PREFERENCES PURPOSES
Processing your personal information may be necessary to verify the accuracy of your data and to create a better understanding of our past, present, and/or prospective users, visitors, and/or applicants (including preferences related to receiving communications).
NETWORK & INFORMATION SECURITY PURPOSES
Processing your personal information may be necessary for the purposes of ensuring our network and information security, e.g., monitoring users’ access to our network for the purpose of preventing cyber-attacks, inappropriate use of data, corporate espionage, hacking, system breaches, etc. This could include preventing unauthorized access to electronic communications networks and malicious code distribution and stopping “denial of service” attacks and damage to computer and electronic communication systems.
BUSINESS CONTINUITY & DISASTER PLANNING PURPOSES
The Company may process your personal information because it is necessary to allow for the backup and protection of your information (e.g., utilizing cloud-based services to archive/protect data) in order to ensure that such information is not improperly lost or modified. Such processing may also be necessary to archive/protect data in accordance with legal, regulatory, organizational, and/or contractual obligations.
ARTIFICIAL INTELLIGENCE PURPOSES
In processing your personal information, the Company may process your data utilizing algorithms that help to streamline organizational processes, e.g., putting in place an algorithm that helps to route candidates contacts to the most appropriate Company contact/department.
COMPLIANCE WITH LAWS & REGULATIONS PURPOSES
The Company is subject to binding legal or regulatory obligations and may need to process your personal information in order to comply with such laws or regulations. Examples could include: complying with reporting obligations; complying with screening obligations; responding to law enforcement requests; and/or responding to judicial/regulatory agency requests.
COMPLIANCE WITH INDUSTRY-SPECIFIC SELF-REGULATION PURPOSES
Several of the Company’s Affiliates are part of industry self-regulatory organizations. Such organizations were formed in order to address various concerns, including: developing industry standards and best practices to protect the industry; sharing intelligence or concerns about individuals (e.g., industry-specific watch lists); sharing intelligence or concerns that may have a negative or detrimental impact on the industry; and/or ensuring that participants in the industry are following agreed-upon standards. The Company may be required to process personal information so that we may stay in compliance with these self-regulatory requirements.
REPORTING POTENTIAL THREATS TO PUBLIC SECURITY & SAFETY PURPOSES
The Company may need to use personal information to report possible criminal acts or threats to public security/safety that we identify as part of our processing activities to a competent authority.
TO FULFILL OTHER PURPOSES THAT YOU HAVE CONSENTED TO
Your information will also be used to fulfill any other purpose for which you provide the information or otherwise provide your consent for the Company and/or other third parties to use such information – assuming such use is consistent with applicable laws and regulations.
WHO DOES THE COMPANY SHARE YOUR INFORMATION WITH?
We may share your personal information with service providers who perform services on the Company’s behalf. Your information is generally shared with service providers so that the Company can fulfill, streamline, and enhance the Services. Service providers could include parties that perform research services, recruitment services, background screening services, and/or other operational support.
As stated above, the Company’s primary line of business is providing administrative services for its Affiliates. Accordingly, most personal information that we process has been provided to us by our employees, Affiliates, and/or service providers. Additionally, as the Company is part of a larger group of companies, it may be necessary for the Company to transmit your personal information within the organizational group.
We may share your personal information with competent governmental authorities when required by law and/or as necessary to protect the Company, its personnel, other users, and/or the Services.
HOW CAN I CORRECT OR UPDATE MY PERSONAL INFORMATION?
When you contact us via phone, text, email, chat, or otherwise contact us, we may include the contact information you provide to us (e.g., your address, phone number, or email address) in a profile. If your personal information changes, you may be able to correct, update, or remove your personal information provided to us by sending an email to us at: firstname.lastname@example.org.
HOW DOES THE COMPANY PROTECT MY PERSONAL INFORMATION?
SECURITY MEASURES & SAFEGUARDS
The security of personal information is very important to us. Personal information is protected by the Company in accordance with generally accepted industry standards and applicable data privacy laws, including both online and offline security measures and safeguards. The Company uses a combination of administrative, technical, personnel, and physical measures to safeguard personal information in its possession against loss, theft, and unauthorized use, disclosure, or modification. However, no one can guarantee the complete safety of your information.
IF YOU HAVE REASON TO BELIEVE THAT YOUR INTERACTION WITH US IS NO LONGER SECURE (FOR EXAMPLE, IF YOU FEEL THAT THE SECURITY OF ANY ACCOUNT YOU MIGHT HAVE WITH US HAS BEEN COMPROMISED), PLEASE IMMEDIATELY NOTIFY US OF THE PROBLEM. However, please remember that no method of electronic storage or transmission over the internet is one-hundred percent secure and, therefore, while we strive to use commercially reasonable means to protect your personal information, and will comply with applicable data privacy laws, we cannot guarantee the absolute security of such information.
Phishing is a term used to describe a type of internet scam in which inauthentic communications that appear to be coming from a legitimate source are sent in an attempt to trick you into providing confidential information. These communications usually invoke a sense of urgency and often imply that your account is about to be closed unless immediate action is taken. As an example, phishing emails will often ask you to click on a link that leads you to a webpage that simulates that of the legitimate source, but it is really a page specially designed to get you to input your confidential information such as your account number, password, social security number, or credit card number. The thieves then use that information to commit fraud and identity theft.
The Office of the Comptroller of Currency has set up a website providing information warning consumers about the dangers of these scams and how to protect yourself. To learn more about phishing, please click on the following link: https://www.occ.gov/topics/consumers-and-communities/consumer-protection/fraud-resources/phishing-attack-prevention.html. If you ever question the legitimacy of an email or other communication from the Company, please contact us at email@example.com. If you believe you have been the victim of a scam, you can file a complaint with the Federal Trade Commission at: www.consumer.gov/idtheft/.
DO NOT TRACK SIGNALS
At this time, the Services do not recognize or respond to browser’s “Do Not Track” signals.
PERSONAL INFORMATION OF CHILDREN
The Services are for a general audience and are not targeted to children. The Company, its Affiliates, and service providers do not knowingly collect, solicit, or share personal information from children under the age of sixteen (16). If such a situation is discovered, we will delete that information immediately. If you believe the Company has any information from a child under the age of sixteen (16), please contact via email at firstname.lastname@example.org.
CALIFORNIA PRIVACY RIGHTS
For users that are residents of the State of California, please click here to review the Company’s California Privacy Addendum (the “California Addendum”). The California Addendum details your rights under the California Consumer Privacy Act (“CCPA”), additional disclosures as required under the CCPA, and provides you with an explanation of how you may exercise your rights (including the Right to Opt-Out of the Sale of Personal Information). The California Addendum also details your rights under California’s “Shine the Light” law.
NEVADA PRIVACY RIGHTS
For users that are residents of the State of Nevada, the Company does not constitute a web “operator” for purposes of Nevada Senate Bill 220 (“SB-220”).
USING & ACCESSING THE SERVICES FROM OUTSIDE THE UNITED STATES
The Company is a California corporation with its headquarters located at 12655 Beatrice St., Los Angeles, California 90066, United States. Our Services are targeted at residents of the United States and our Services are governed by, and operated in accordance with, the laws of the United States. The United States is where the Services, including our servers and central database, are hosted, located, and operated. If you are accessing the Services from outside the United States, you will be voluntarily transmitting your personal information to the United States where your information will be stored and processed by the Company and/or its service providers.
For users that are residents of the European Union (“EU”) or the United Kingdom (“UK”), while the Company is an American company subject to American law, please click here to review the Company’s EU Data Privacy Addendum (the “EU Addendum”). The EU Addendum provides you with an explanation of how the Company will attempt to give effect to rights provided under the EU’s General Data Protection Regulation (“GDPR”) and provides you with additional disclosures.
Though we make every effort to preserve user privacy, we may need to disclose your personal information to others. We may share your information to provide information to our representatives, service providers, advisors, corporate affiliates, clients, and business partners, and in the event of a sale, merger, public offering, bankruptcy or other change in control of the Company and/or its affiliates, your information may be shared with the person or business obtaining ownership and control. Your information may be used to protect the rights, including legal rights, and safety of ourselves and others. We may also use your information to enforce our rights arising from any contracts entered into between you and us, including, for billing and collection. Furthermore, disclosure of personal information may be required by law where we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order, or legal process. In such cases, we may raise or waive any legal objection or right available to us.
COMPANY CONTACT INFORMATION