Last Updated: September 1, 2020
Collections of Personal Information
With respect to Site visitors, when you use or register with the Site, we may ask for certain Personal Information. We may also obtain Personal Information directly from you or your browsing activities on the Site. For such activities, we collect the following categories of Personal Information from you:
- Internet activity, such as your browsing activity on the Site, IP address, cookies, and geolocation data
- Identifiers if you utilize the Preference Center to let us know your areas of interest, your industry, or the types of whitepapers or newsletters you subscribe to in which case you will need to provide your first and last name, email address, and your country
- Professional information if you download certain whitepapers, reports, or newsletters, in which case you will need to provide your areas of interest, your industry, and the types of newsletter to which you wish to subscribe
- Professional information such as email address, country, industry, company name, and role/title when you use tools such as the Business Resilience Navigator
With respect to job applicants, we collect the following categories of Personal Information from you:
- Identifiers, such as your name and contact information such as your email and mailing address, phone number, and any login ID / email address and password created by you
- Professional or employment-related information and education information, such as your job search criteria and preferences, your availability to work, your employment experience, current job title, educational history, your skills, reference information, background check information, pay / compensation expectations, ability to work in the United States, whether you now or in the future require sponsorship to continue work authorization, languages spoken, and other information contained in your resume. If we run a background check on you, we may also collect some of this information from our background check provider although we would first obtain your written consent before proceeding with a check
- Internet activity, such as your browsing activity on the Site, IP address, cookies, and geolocation data
- Characteristics of protected classifications under applicable law when you apply for a job with us such as gender (optional), ethnicity (optional), and whether you are a veteran (optional)
With respect to subscribers of KnowledgeLeader, we collect the following categories of Personal Information from you:
- Identifiers if you sign up for KnowledgeLeader. You will be asked to provide your name, email address, country, city, state, and zip code. If you subscribe to KnowledgeLeader, you will be asked for billing details consisting of country, contact name, phone number, email address, company name, address, city, state, and zip code
- Professional or employment-related information such as your job title, position/role, company, and industry
Subject to applicable law, by providing your mobile phone number to us, you opt in and consent to receive text messages from us, which includes but is not limited to text messages sent through an automatic telephone dialing system. Consent to receive marketing text messages is not required. If you do not wish to receive marketing text messages, do not provide us with your mobile phone number.
Uses of Personal Information
We specify below the business and commercial purposes for which we use Personal Information. We use Personal Information within the categories of identifiers, characteristics of protected classifications, professional or employment related, and education information to track your preferences, learn about what professional interests you have, to provide you with information regarding employment opportunities and career-related information, to market to you, and to provide you with requested information or services. We may from time to time use your Personal Information within the categories of identifiers and internet or other electronic activity information to send you automated email messages, text messages (message and data rates may apply), or marketing materials regarding our services. We may also use Personal Information such as geolocation data for our business purposes, such as data analysis, audits, and improving our services.
We may also from time to time use your Personal Information to send you automated email messages or marketing materials regarding our services. These email messages may contain web beacons and other features that help us make sure that you received and were able to open the message. You may opt out of receiving such marketing email messages at any time by sending a message with "unsubscribe" in the subject line to [email protected], or by following the instructions in any marketing communication.
In addition to the above purposes, we use your information as described in the section below titled "Disclosures of Personal Information for Business and Commercial Purposes".
Disclosures of Personal Information for Business and Commercial Purposes
For business and commercial purposes, Protiviti may disclose to third parties the following categories of Personal Information to assist Protiviti with a variety of business and commercial functions:
- Identifiers such as your name and email address
- Characteristics of protected classifications under applicable law such as gender, ethnicity, or whether you are a veteran
- Internet or other electronic activity information such as network activity information, browsing history on the Site, search history on the Site, and your interaction with an advertisement
- Geolocation data
- Professional or employment-related information
- Education information
Such functions may include hosting our Web servers, analyzing data, counting ad impressions to unique visitors, detecting security incidents, protecting against malicious, deceptive, fraudulent, and illegal activity, providing legal, accounting and marketing services, customer relationship management services, processing payments, and providing other support services.
Protiviti may disclose such Personal Information to the following categories of third parties:
- Service Providers. We may share Personal Information with our third-party service providers who perform business functions and services on our behalf such as the provider of Protiviti’s customer relationship management solution and other third parties who host our Web servers, analyze data, and provide legal, accounting, marketing, and support services.
- As required or appropriate by law. We may disclose Personal Information to regulatory authorities, government authorities or courts to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to (a) comply with the law requiring such disclosure; (b) protect the rights or property of Protiviti or its affiliated companies; (c) prevent a crime or protect national security; or (d) protect the personal safety of the users or the public.
- Business transfers. We also may disclose or transfer information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Collection and Use of Other Information
“Other Information” is any information that generally does not reveal your specific identity or does not directly relate to an identifiable individual. We may collect Other Information in a variety of ways, including:
- Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, and Internet browser type and version. We use this information to ensure that the Site functions properly.
- Using pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of Site users and email recipients, market our services to you, measure the success of our marketing campaigns and compile statistics about Site usage and response rates.
- IP Address: Your IP Address is a number that is automatically assigned to your computer by your Internet Service Provider. An IP Address may be identified and logged automatically in our server log files whenever a user accesses the Site, along with the time of the visit and the pages visited. We use IP Addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Site. We may also derive your approximate location from your IP Address.
We may use third-party advertising companies to serve ads regarding our services when you access and use other websites, based on information relating to your use of the Site. To do so, these companies may place or recognize a unique cookie on your browser (including through use of pixel tags). By utilizing the Site, you consent to the use of cookie or other tracking technologies to serve you retargeted advertising.
If you would like more information about opting out of this advertising in desktop and mobile browsers on the particular device on which you are accessing this Policy or this type of advertising, please visit here and optout.aboutads.info.
Third Party Services
This Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Site links.
Personal Data Security and Confidentiality
We use reasonable organizational, technical and administrative measures designed to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
Revisions to the Policy
If we change this Policy we will post any updates here for your review. We will also take other steps as necessary depending on the nature of the changes, including obtaining your consent where required by local data protection laws, or providing you with the opportunity to delete your Personal Information.
Subject to certain exceptions, as a California resident, you have the right to: (i) access your Personal Information; and (ii) obtain deletion of your Personal Information. To the extent permitted by applicable law, we may be required to retain some of your Personal Information, and certain Personal Information is strictly necessary in order for us to fulfill the purposes described in this Policy.
- Exercising other California consumer rights. Should you wish to exercise the rights as detailed above, you may:
- Verification. In order to verify a request from you exercising your rights, you will need to submit a form referenced in the “Exercising other California consumer rights section” above providing (i) your legal first and last name, (ii) email address you use to correspond with Protiviti, (iii) describe your relationship with Protiviti, and (iv) provide the state you currently reside in. After you submit the form, Protiviti will send you a response email to your email on record and you will need to verify your email by clicking a “Confirm Email” button in the email Protiviti will send you.
- Requests from other authorized individuals. If you authorize another person or agent to make a rights request on your behalf, please have the authorized agent call (800) 803-9336 to verify the authorization before processing the request. To complete the authorization, your authorized person will need to submit documentation evidencing the authorization to make the request on your behalf and the person will need to verify their identity with Protiviti. Documented evidence of authorization must be a signed power of attorney or other similar document establishing the designated person’s right to act on your behalf.
Note you will not receive discriminatory treatment from us for exercising your rights.
Protiviti does not sell personal information. Nevada residents may email questions regarding Protiviti’s practices relating to personal information to [email protected].
Standard Contractual Clauses
Protiviti utilizes the Standard Contractual Clauses for data transfers from data controllers in the European Union to processors and controllers established outside the European Union or the European Economic Area, where appropriate.
EU-U.S. and SWISS-U.S. Privacy Shield Framework Participation for European Client Engagement Data
Protiviti Inc. in the U.S. (the "Protiviti US") participates in the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks (the "Frameworks"). Protiviti US’s participation in the Frameworks applies to personal data received in the U.S. from the European Union (“EU”) and Switzerland (“Swiss”) about our corporate clients' personnel, customers and vendors (collectively, "European Client Engagement Data"). We are committed to subjecting such European Client Engagement Data to the Frameworks, including its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability to the extent applicable to Protiviti US as a processor acting on behalf of our corporate clients. To learn more about the Frameworks, visit the U.S. Department of Commerce's Privacy Shield List here.
European Client Engagement Data Collection, Use, and Disclosure
We operate as a processor acting on behalf of our corporate clients regarding the collection, use, and disclosure of European Client Engagement Data and we process European Client Engagement Data that our corporate clients submit to our services in accordance with their instructions. If you are an employee at, or customer or vendor of, our corporate clients, please consult the privacy policies of that entity for information about its privacy practices.
Rights of EU and Swiss Data Subjects under the Frameworks
If you are an EU or Swiss data subject, you have the right to access your own European Client Engagement Data subject to certain limitations, such as where the legitimate rights of other persons would be infringed or where the burden or expense of providing access would be disproportionate. Please note that because Protiviti US personnel may have limited ability to access European Client Engagement Data our clients provide to us as part of our services, if you wish to request access, to limit use, or to limit disclosure, please contact us as described below and provide the name of the corporate client who submitted your data to us. We will refer your request to that corporate client, and will support them as needed in responding to your request.
Choices of EU and Swiss Data Subjects
We operate as a processor acting on behalf of our corporate clients and, as such, do not use or disclose European Client Engagement Data in a manner that is subject to choice requirements under the Frameworks.
Recourse, Enforcement, and Liability under the Frameworks
In compliance with the Frameworks, Protiviti commits to resolve complaints about our collection or use of European Client Engagement Data. Individuals with inquiries or complaints regarding our Frameworks policy should first contact us as specified below. In addition, please contact us as specified below if you have any questions, need access to your European Client Engagement Data, or otherwise need assistance. We remain responsible for our collection, use and disclosure of European Client Engagement Data in accordance with the Frameworks. We also are responsible for third party agents that are processing European Client Engagement Data on our behalf, unless we prove that we are not responsible for the event giving rise to the damage. In certain situations, we may be required to disclose European Client Engagement Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
If you have an unresolved concern about European Client Engagement Data that we have not addressed satisfactorily, we have committed to cooperate with the panel established by the EU Data Protection Authorities and the Swiss Federal Data Protection and Information Commissioner (FDPIC) to serve as our independent dispute resolution bodies for the Frameworks. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Frameworks. In addition, under certain conditions, more fully described on the Privacy Shield website (available here), EU and Swiss residents may invoke binding arbitration for non-monetary issues when other dispute resolution procedures have been exhausted.
Contact Us Regarding Privacy Shield
Please contact us at [email protected] or at the mailing address below if you have any questions, wish to exercise your rights of access, or seek other assistance related to our participation in the Frameworks as described above.
If you have any questions about our website privacy policies, please contact us at:
Mailing AddressPrivacy OfficeProtiviti Inc.2884 Sand Hill RoadSuite 200Menlo Park, California 94025+1.650.234.6000