Services Privacy Notice
Effective Date: January 1, 2020
Please note, this Services Privacy Notice is available at www.icims.com/legal/privacy-notice-services. Please refer to www.icims.com/legal/privacy-notice-website and its related domains and subdomains, including, but not limited to, www.textrecruit.com, www.jibe.com, www.icims.co.uk and www.icims.ca for the iCIMS Website Privacy Notice.
iCIMS, Inc., including its subsidiaries (collectively, “iCIMS,” “we,” or “us”) respects the privacy of its Subscribers, their Subscriber Data, and their respective Users and Candidates. All capitalized terms used in the immediately preceding sentence shall be defined in accordance with the iCIMS Subscription Agreement.
This Services Privacy Notice (“Services Notice”) explains who we are and covers our privacy practices with respect to the collection, use, and disclosure of information obtained in connection with the use of our Subscription. This Services Notice also covers information processed by iCIMS for Subscriber account, contract, and billing management purposes (e.g., the processing of Subscriber address and billing information). This Services Notice does not cover a Subscriber’s collection, use, or disclosure of any information it stores as part of the Subscription.
Driven by a passion to help companies win their war for talent, iCIMS is proud to offer leading software solutions and tools that unify all aspects of talent acquisition. With iCIMS, companies can manage their entire talent acquisition lifecycle within a single software-as-a-service application. Our focus on user-friendly technology and an exceptional customer experience has made us the largest provider in the industry. iCIMS offers the only true enterprise end-to-end talent acquisition platform.
For more information about iCIMS, please see the About Us section of our Website.
How We Obtain Your Information
As further described below, we collect several types of information from and about our Subscribers in the course of providing and supporting the Subscription.
Subscribers process Subscriber Data in the normal course of using the Subscription. Our collection, use, and disclosure of Subscriber Data processed is limited to providing and supporting the Subscription on behalf of our Subscribers, and it is done in accordance with the Subscription Agreement executed between Subscriber and iCIMS. Likewise, we process Subscriber Data at the direction of and pursuant to the instructions of our Subscribers.
As a result, under applicable data protection or privacy law, we are our Subscribers’ data processor or service provider. To that end, we also collect several types of other information from our Subscribers, including:
- Information and correspondence from Subscribers and Users submitted to us in connection with our services.
- Information we receive from our partners and service providers in connection with use of the Subscription.
- Information collected via our mobile applications.
Lastly, we collect several types of information from about our Subscribers as a data controller or business (as defined under applicable data protection or privacy law), including:
- General information collected as part of our account, contracting, and billing operations, including, but not limited to, a Subscriber’s company name and address, credit card information, and business representative’s contact information (“General Information”).
How We Use Your Information
We may use Subscriber Data to provide and support the Subscription, including updating and maintaining the Subscription and providing services. We will not use, disclose, sell, review, share, distribute, transfer, or reference any Subscriber Data except as permitted in the Subscription Agreement or as required by law.
We may use General Information for account, contracting, and billing management purposes.
How We Share Your Information
We may disclose personal information that our Subscribers and Users provide to us to the following categories of recipients:
- To our subsidiaries, affiliates, or their or our successors or assigns (including those located outside the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland) as necessary to support provision of the Subscription.
- To our private equity investor, Vista Equity Partners, and its affiliates, contractors, service providers, and other third parties, including Vista Consulting Group, which will process the personal information on the basis of its legitimate interests in overseeing the administration, research, and business operations of iCIMS.
- To our contractors, business partners, and service providers we use to support our Subscription and to assist with providing services on behalf of our Subscribers.
- To a potential buyer (and its agents and advisors) in connection with any proposed merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case Subscriber Data and personal information held by us about our Subscribers and Users will be among the assets transferred to the buyer or acquirer.
- To any competent law enforcement body, regulatory, government agency, court or other third party to: (i) comply with any court order, a request from any competent law enforcement agency, or any other legal obligation; (ii) enforce or apply the terms of the Subscription Agreement; (iii) protect the rights, property, or safety of iCIMS, our Subscribers, Users, Candidates, or others.
- In accordance with a Subscriber’s instructions.
- To any other person or organization with your consent to the disclosure.
- To fulfill the purpose for which you provide it.
Legal Basis for Processing
If you are a resident of the EEA, the UK, or Switzerland, iCIMS processes your personal information pursuant to one or more of the following legal bases:
- The processing is in our legitimate interests which do not override your data protection interests or fundamental rights and freedoms.
- The processing is necessary to perform a contract with you.
- The processing is necessary to comply with our legal obligations.
- We may also seek your consent to process or retain your personal information in certain, limited circumstances that we clearly identify to you.
Subject to the Subscription Agreement, we may store and process Subscriber Data in: (i) any country where we have facilities and (ii) any country in which we engage service providers. A list of iCIMS’ global offices is available here.
For Subscriber Data transferred to iCIMS in the U.S., iCIMS, Inc. and its subsidiaries participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. iCIMS is committed to subjecting all Subscriber Data received from the EEA, the UK, and Switzerland in reliance on each Privacy Shield Framework to the Privacy Shield Principles. To learn more about the Privacy Shield Frameworks and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield list
For other international transfers of personal information from the EEA, the UK, and Switzerland, we will implement such measures as are necessary to ensure we provide appropriate safeguards for the transferred Subscriber Data, as agreed with our Subscribers. For General Information collected, used, and disclosed by iCIMS that is subject to international transfer restrictions of EU data protection law, please see the “Legal Basis for Processing,” “International Transfer of Information,” and “EU-U.S. and Swiss-U.S. Privacy Shield Framework” sections of the iCIMS General Privacy Notice.
Security and Breach Notification
iCIMS maintains appropriate technical and organizational measures, including, but not limited to, reasonably designed administrative, physical, and technical safeguards, designed to protect Subscriber Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. The Subscription allows Subscribers to implement and configure their use of the platform and enforce some security requirements, including user access controls. iCIMS has a dedicated team responsible for monitoring and responding to security events, and it notifies Subscribers of security incidents and data breaches in accordance with its Incident Response Policy
We retain Subscriber Data according to the timeframes set forth in the Subscription Agreement. We retain General Information where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
Mobile Applications Disclosure
If you (as a Subscriber or User) download and use any of our mobile applications (each an “App”), iCIMS will automatically collect information on the type of device you use, operating system version, and the device identifier (“UDID”).
iCIMS may send you push notifications from time-to-time in order to update you about any events or promotions that iCIMS may be running. If you no longer wish to receive these types of communications, you may turn them off at the device level. To ensure you receive proper notifications, iCIMS will need to collect certain information about your device such as operating system and user identification information.
iCIMS does not ask for, access, or track any location-based information from your mobile device at any time while downloading or using our App.
iCIMS uses mobile analytics software to allow us to better understand the functionality of our App software on your phone. This software may record information such as how often you use the App, the events that occur within the App, aggregated usage, performance data, and where the App was downloaded from. iCIMS does not link the information iCIMS stores within the analytics software to any personal information you submit within the App.
Your Privacy Rights
Since each Subscriber is in control of what information, including any personal information, it collects from its Users and Candidates, how that information is used and disclosed, and how that information can be changed, Users and Candidates of the Subscription must contact the applicable Subscriber with any inquiries about how the Subscriber collects, uses, and discloses personal information, including any privacy rights or data subject access requests, including, but not limited to, how to access, rectify, correct, delete, and port personal information contained in Subscriber Data.
Where iCIMS is a data controller or business under applicable data protection or privacy law, certain jurisdictions may provide you with privacy rights regarding the information you provide to us. In particular:
- If you are a resident of the EEA, UK, or Switzerland whose personal data is respectively subject to the EU data protection law, you have certain privacy rights which include: the right to be informed, to access your information, to correct any information that is inaccurate, to have your information erased, to restrict or suppress your information, to obtain and reuse your personal data, to object to the processing of your personal information, and to object to how your data is used in automated decision making, if applicable. If you wish to enact your rights, please contact us by visiting this link or by using the contact details under the “Contact Us” heading below.
- If you are a resident of California whose personal information is subject to the California Consumer Privacy Act of 2018 (“CCPA”), you may review further details about the personal information we have collected about you over the last 12 months, including the categories of sources, by reading How We Obtain Your Information section above. We collect this information for the business and commercial purposes described in the How We Use Your Information section above. We share this information with the categories of third parties described in the How We Share Your Information section above. We do not sell (as defined in the CCPA) your personal information (and will not sell it without providing a right to opt out). Subject to certain limitations, the CCPA provides California residents the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights. California residents may make a request pursuant to their privacy rights under the CCPA by visiting this link or by using the contact details under the “Contact Us” heading below. Lastly, California law requires additional disclosures which may be found here in our Privacy Notice for California Residents.
- If you do not wish to receive our email marketing communication for promotional purposes, you may opt out by clicking on the “unsubscribe” or “opt out” link in the marketing e mails we send you.
- If we process your personal information in reliance upon your consent, you can contact us at any time to withdraw your consent.
We will respond to such requests in accordance with the requirements of applicable data protection laws. Please note that in order to fulfil your request, we may need you to provide certain information to verify your identity. Depending upon applicable data protection and privacy law, individuals may also designate an authorized agent to exercise these rights on their behalf.
Third-Party Applications, Integrations, and Websites
We may also connect to applications or integrations hosted by third parties for mutual Subscribers. These applications and integrations will interact with the Subscription and our processing of Subscriber Data will be in accordance with this Services Notice and our Subscription Agreement.
Changes to this Services Privacy Statement
iCIMS reserves the right to update or change this Services Notice from time to time. If we make material changes to this Services Notice, we will post it to the applicable sections of our Website prior to or at the time of the change becoming effective. We ask that you review the Services Notice periodically to stay informed about any updates or changes that we may have made.
You can see when this Services Notice was last updated by checking the “Effective Date” displayed at the top of this Services Notice.
To ask questions or comment about this Services Notice and our privacy practices or if you need to update, change, or remove your information or exercise any other rights,