Last Updated: September 2023
This website ("Site") is owned and operated by Protiviti Inc. ("we," “us,” or "Protiviti"). This Privacy Notice ("Notice") describes how we use and disclose certain information that may identify you as an individual or is reasonably associated with you (“Personal Information”) and describes the rights you have with respect to such Personal Information. We may collect Personal Information about you through your use of the Site, or through our relationship with you. This Site is hosted in the United States and is generally intended only for users in the United States. If you are accessing our Site from outside the United States our privacy practices will be governed by a country or region-specific privacy notice for the applicable Protiviti website for that country or region.
By using our Site, clicking a checkbox, or providing Personal Information to us, you consent to the collection, use, and disclosure of your information as described in this Notice.
The Personal Information We Collect About You
Registering; Downloading Documents; Contacting Us:
When you choose to register with us (including when you register for an event on the Site), download documents, or use a “contact us” function, we may collect certain Personal Information required for this purpose. For such activities we collect the following categories of Personal Information from you or from our service providers:
- Identifiers such as name, email address, phone number, country, industry, company name, and role/title when you register with us or use tools available through the Site.
- Professional information if you download certain whitepapers, reports, or newsletters, in which case you will need to provide your company name, job title, professional areas of interest, your industry, and the types of newsletter to which you wish to subscribe.
- Identifiers such as your first and last name, email address, and your country if you utilize the Preference Center to let us know your areas of interest, your industry, or the types of whitepapers or newsletters you subscribe.
When you apply for a job with us, we collect the following categories of Personal Information from you:
- Identifiers, such as your name, email and mailing address, phone number, and any login ID / email address and password created by you.
- Professional or employment-related information and education information, such as your job search criteria and preferences, your availability to work, your employment experience, current job title, educational history, your skills, reference information, background check information, pay / compensation expectations, ability to work in the United States, whether you now or in the future require sponsorship to continue work authorization, languages spoken, and other information contained in your resume. If we run a background check on you, we may also collect some of this information from our background check provider although we would first obtain your written consent before proceeding with a check.
- Financial information such as direct deposit or bank account information to administer payments.
- Internet activity, such as your browsing activity on the Site, IP address, cookies, and geolocation data.
- Characteristics of protected classifications under applicable law when you apply for a job with us such as gender (optional), ethnicity (optional), and whether you are a veteran (optional).
When you subscribe to KnowledgeLeader we collect the following categories of Personal Information from you:
- Identifiers such as your name, email address, country, city, state, and zip code. If you subscribe to KnowledgeLeader, you will be asked for billing details including country, contact name, phone number, email address, company name, address, city, state, and zip code.
- Professional or employment-related information such as your job title, position/role, company, and industry.
Information we Collect Automatically:
When you visit or use the Site we may obtain Personal Information automatically from you or your browsing activities on the Site. For such activities, we collect the following categories of Personal Information from you:
- Internet activity, such as your browsing activity on the Site, IP address, cookies, links you click on the Site, referring URL, and geolocation data.
- Your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, and Internet browser type and version.
How We Use Personal Information
We use Personal Information for the following business and commercial purposes:
- We use identifiers, characteristics of protected classifications, professional or employment related, and education information to:
- provide you with requested information or services;
- track your preferences;
- learn about what professional interests you have;
- provide you with information regarding employment opportunities and career-related information;
- respond to your requests or questions;
- verify and authenticate your identity;
- for security purposes to protect use, our affiliates, and our customers;
- comply with court orders, law enforcement requests, or other legal requirements;
- market to you; and
- improve our products and services.
- We may from time to time use identifiers and internet or other electronic activity information to:
- send you automated email messages; and
- marketing materials regarding our services.
- We may use financial information to pay our vendors and contractors.
- We may also use geolocation data for our business purposes, such as data analysis, audits, and improving our services.
We may also from time to time use your Personal Information to send you automated email messages or marketing materials regarding our services. These email messages may contain web beacons and other features that help us make sure that you received and were able to open the message. You may opt out of receiving such marketing email messages at any time by sending a message with "unsubscribe" in the subject line to [email protected], or by following the instructions in any marketing communication.
Disclosures of Personal Information for Business and Commercial Purposes
For business and commercial purposes, Protiviti may disclose the following categories of Personal Information to assist Protiviti with a variety of business and commercial functions:
- Identifiers such as your name and email address.
- Characteristics of protected classifications under applicable law such as gender, ethnicity, or whether you are a veteran.
- Internet or other electronic activity information such as network activity information, browsing history on the Site, search history on the Site, and your interaction with an advertisement.
- Geolocation data.
- Financial information such as banking information.
- Professional or employment-related information.
- Education information.
Such functions may include hosting our Web servers, analyzing data, counting ad impressions to unique visitors, detecting security incidents, protecting against malicious, deceptive, fraudulent, and illegal activity, providing legal, accounting and marketing services, customer relationship management services, processing payments, and providing other support services.
Protiviti may disclose such Personal Information to the following categories of recipients:
- Vendors. We may share Personal Information with our vendors who perform business functions and services on our behalf, such as the provider of Protiviti’s customer relationship management solution and other vendors who host our Web servers, analyze data, and provide legal, accounting, marketing, and support services.
- As required or appropriate by law. We may disclose Personal Information to regulatory authorities, government authorities, law enforcement, or courts to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to (a) comply with the law requiring such disclosure; (b) protect the rights or property of Protiviti or its affiliated companies; (c) prevent a crime or protect national security; or (d) protect the personal safety of the users or the public.
- Business transfers. We also may disclose or transfer Personal Information to a recipient in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
Cookies and Other Tracking Technologies
We may collect Personal Information using cookies and other tracking technologies in a variety of ways, including:
- Pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of Site users and email recipients, market our services to you, measure the success of our marketing campaigns and compile statistics about Site usage and response rates.
We may use advertising companies to serve ads regarding our services when you access and use other websites, based on information relating to your use of the Site. To do so, these companies may place or recognize a unique cookie on your browser (including through use of pixel tags).
If you would like more information about opting out of this advertising in desktop and mobile browsers on the particular device on which you are accessing this Notice or this type of advertising, please visit here and optout.aboutads.info.
We do not knowingly collect Personal Information from children under 16 years old, and we do not "sell" or "share" (as those terms are defined under applicable California privacy laws) the Personal Information of children under 16 years old. If we become aware that we have received or collected Personal Information about a child under 16 years old, we will delete that Personal Information as soon as possible.
External links and Third-Party Data Collection
This Notice does not address, and we are not responsible for, the privacy practices of any third parties, including any third party operating any site or service to which the Site links.
Security of Personal Information
We use organizational, technical, and administrative measures designed to protect Personal Information within our organization. Unfortunately, no data transmission or storage system is 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
We keep your Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) for as long as we have an ongoing relationship with you; (ii) as required by a legal obligation to which we are subject to; or (iii) as advisable in light of our legal position (such as in regard of applicable statutes of limitations, litigation, or regulatory investigations).
We may delete Personal Information for inactive accounts from our database, subject to any applicable legal or regulatory obligations. Furthermore, we may delete Personal Information from our database at any time and without providing any reason.
Revisions to the Notice
We may occasionally update this Notice. When we do so we will revise the “last updated” date appearing at the top of this page. If we make material changes to this Notice, we will post updates here for your review. We will also take other steps as necessary depending on the nature of the changes, including obtaining your consent or providing you with the opportunity to delete your Personal Information where required by local data protection laws.
Subject to certain exceptions detailed in the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”) and other applicable laws and regulations, if you are a California resident you have the following rights in relation to your Personal Information:
- Right to Know and Access. The right to request access to your Personal Information, including (a) the categories of Personal Information we have collected, (b) the categories of sources from which we have collected your Personal Information, (c) the business or commercial purpose for collecting, selling, or sharing your Personal Information, (d) the categories of third parties to whom we disclose Personal Information, and (e) the specific pieces of Personal Information we have collected about you;
- Right to Deletion. The right to request deletion of your Personal Information; however, to the extent permitted by applicable law, we may be required to retain some of your Personal Information, and certain Personal Information is strictly necessary in order for us to fulfill the purposes described in this Notice; and
- Right to Opt-Out of Sale. The right to opt-out of the "sale" [or "sharing"] of your Personal Information (as such defined under applicable California laws), if applicable. If we have sold your Personal Information, you also have the right to request information about the Personal Information about you that we have "sold" [or "shared"] and the categories of third parties to whom the Personal Information was sold [or shared].
- Right to Correction. If we maintain any inaccurate information about you, request correction of that inaccurate Personal Information;
- Right to Limit Use of Sensitive Personal Information. For sensitive Personal Information that we collect, request that we limit our use of your sensitive Personal Information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests such goods or services and as otherwise authorized under applicable laws; and
- Right to non-discrimination. the right not to be subject to discriminatory treatment for exercising their rights under the CCPA.
Exercising Your California Consumer Rights. Should you wish to exercise the rights as detailed above, you may:
- contact us by phone at (800) 803-9336; or
- complete our online form by clicking on this link
Categories of Personal Information Collected. The CCPA/CPRA requires that we identify the categories of information we have collected about you in the preceding twelve (12) months. Please see The Personal Information We Collect About You section above for these categories.
Sale or Sharing of Personal Information. Protiviti does not “sell” Personal Information as contemplated by the CPRA, nor do we knowingly sell the Personal Information of minors under sixteen (16) years of age. Protiviti may “share” Personal Information with our advertising partners as described in the “Retargeting” section above. You may opt-out of this sharing by utilizing the “Do Not Sell or Share My Personal Information” link or by utilizing a Global Privacy Control as explained below.
Verification. In order to verify a request from you exercising your rights, you will need to submit a form referenced in the “Exercising other California consumer rights section” above providing (i) your legal first and last name, (ii) email address you use to correspond with Protiviti, (iii) describe your relationship with Protiviti, and (iv) provide the state you currently reside in. After you submit the form, Protiviti will send you a response email to your email on record and you will need to verify your email by clicking a “Confirm Email” button in the email Protiviti will send you. If we are unable to verify your identity using the above information, we may request additional information for this purpose, or reject your request.
Requests from other authorized individuals. If you authorize another person or agent to make a rights request on your behalf, please have the authorized agent call (800) 803-9336 to verify the authorization before processing the request. To complete the authorization, your authorized person will need to submit documentation evidencing the authorization to make the request on your behalf and the person will need to verify their identity with Protiviti. Documented evidence of authorization must be a signed power of attorney or other similar document establishing the designated person’s right to act on your behalf.
California "Shine the Light" law. California Civil Code Section 1798.83, also known as California's "Shine the Light" law, permits residents of California to request certain details about information we may disclose to third parties for direct marketing purposes. If you are a California resident and would like to request this information, please contact us in accordance with the “Contact Us” section below.
Do Not Track Signals. Some web browsers or smartphones have the ability to set “Do Not Track” requests to block user activity from being tracked across web pages or devices. Our Site and does not recognize “Do Not Track” browser signals.
Global Privacy Control. We have implemented a means to respond to the Global Privacy Control as required by the CPRA. We utilize our consent management platform (One Trust) to process Global Privacy Control signals and, when recognized, treat such signals as a request to “do not sell or share my personal information.”
Protiviti does not sell personal information within the meaning of Nevada law. Nevada residents may email questions regarding Protiviti’s practices relating to personal information to [email protected].
Standard Contractual Clauses
Protiviti utilizes Standard Contractual Clauses and other applicable transfer mechanisms for data transfers from data controllers in the European Union to processors established outside the European Union or the European Economic Area, where appropriate.
Data Privacy Framework Notice
Protiviti Inc. in the U.S. ("Protiviti US") participates in the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework (collectively, the "Frameworks") as set forth by the U.S. Department of Commerce with respect to personal information of the types described below that is transferred from the European Economic Area, the U.K. and Switzerland to the United States. Protiviti US’s participation in the Frameworks applies to Personal Information received in the U.S. from the EU, Switzerland, and the UK about our corporate clients' personnel, customers and vendors (collectively, "European Client Engagement Data").
We have certified our participation in the Frameworks to the Department of Commerce and commit to the principles embodied in these Frameworks, including its principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability to the extent applicable to Protiviti US as a processor acting on behalf of our corporate clients. This Notice only applies to personal information within the scope of Protiviti U.S’s Data Privacy Framework certifications.
If there is any conflict between the terms in this privacy notice and the Framework Principles, the Framework Principles shall govern. To learn more about the Frameworks, and to view our certification, please visit here.
European Client Engagement Data Collection, Use, and Disclosure
We operate as a processor acting on behalf of our corporate clients regarding the collection, use, and disclosure of European Client Engagement Data to provide services to our corporate clients, and we process European Client Engagement Data that our corporate clients submit to our services in accordance with their instructions. If you are an employee at, or customer or vendor of, our corporate clients, please consult the privacy policies of that entity for information about its privacy practices.
Rights of EU, UK, and Swiss Data Subjects
To the extent we operate as a processor acting on behalf of our corporate clients to provide them services, we do not use or disclose European Client Engagement Data in a manner that would directly subject us to rights requests as a controller under applicable laws.
If you are an EU, UK, or Swiss data subject, you have the right to access your own European Client Engagement Data subject to certain limitations. If you wish to make a privacy rights request under EU, UK, or Swiss privacy laws please contact us as described below and provide the name of the corporate client who submitted your data to us. We will refer your request to that corporate client and will support them as needed in responding to your request.
Recourse, Enforcement, and Liability under the Frameworks
In compliance with the Frameworks, Protiviti commits to resolve complaints about our collection or use of European Client Engagement Data. Individuals with inquiries or complaints regarding our Frameworks policy should first contact us as specified below. In addition, please contact us as specified below if you have any questions, need access to your European Client Engagement Data, or otherwise need assistance. We remain responsible for our collection, use and disclosure of European Client Engagement Data in accordance with the Frameworks. We also are responsible for third party agents that are processing European Client Engagement Data on our behalf, unless we prove that we are not responsible for the event giving rise to the damage. In certain situations, we may be required to disclose European Client Engagement Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
If you have an unresolved concern about European Client Engagement Data that we have not addressed satisfactorily, we have committed to cooperate with the panel established by the EU Data Protection Authorities, the Swiss Federal Data Protection and Information Commissioner (FDPIC), and the UK Information Commissioners Office to serve as our independent dispute resolution bodies for the Frameworks. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Frameworks. In addition, under certain conditions, more fully described on the Data Privacy Framework website (available here), EU and Swiss residents may invoke binding arbitration for non-monetary issues when other dispute resolution procedures have been exhausted.
Contact Us Regarding the Data Privacy Framework
Please contact us at [email protected] or at the mailing address below if you have any questions, wish to exercise your rights of access, or seek other assistance related to our participation in the Frameworks as described above.
If you have any questions about our website privacy policies, please contact us at:
2884 Sand Hill Road
Menlo Park, California 94025