Etch Mobile, Inc.
  

PRIVACY NOTICE

Effective: September 25, 2018 Welcome to GoodTime! This Privacy Notice applies to https://www.goodtime.io , a website operated by Etch Mobile, Inc. (“GoodTime”). We take your privacy seriously. This Privacy Notice describes GoodTime’s policies and practices regarding its collection and use of your personal information, and it sets forth your privacy rights.

Privacy Principles

We take your privacy very seriously. That’s why we adhere to the US-EU Privacy Shield/US-Switzerland Framework Principles:
  1. Notice – We tell you what information we collect, how we use it, how our Users use it and when and how we share it.
  2. Choice – We will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than our third party processors), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
  3. Accountability for Onward Transfers - We take steps to gain assurances from our processors that they will safeguard Personal Data consistent with this policy and take steps against to stop disclosure in violation of this policy. In cases of onward transfer to third parties of Personal Data received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, Etch Mobile, Inc. is potentially liable.
  4. Security - We will take reasonable precautions to protect Personal Data in our possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
  5. Data Integrity & Purpose Limitation - We will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.
  6. Access - Upon request, we will grant individuals reasonable access to Personal Data that we hold about them, and we will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.
  7. Resource, Enforcement And Liability - We will conduct compliance audits of our relevant privacy practices to verify adherence to this Policy. Any employee that we determine is in violation of this Policy will be subject to disciplinary action up to and including termination of employment. We also have procedures for dispute resolution and binding arbitration in certain cases where a data subject believes that we have not complied with the law with respect to the application of our privacy policy.

Information We Collect

Personal Information. We collect personal information about you, like your name, employer, email address, and telephone number (“Personal Information”). Candidate and Recruiter Personal Information. We collect information to provide services to two types of users: candidates and members of the recruiting team. If you are a candidate, we will collect your Personal Information from the integrated recruiting team’s Applicant Tracking System (e.g., Greenhouse). If you are a recruiter, we will collect your Personal Information from the company employee directory/calendar (e.g., GSuite). Personal Information You Provide to Marketing and Sales. From the GoodTime website, including our blog site, we collect Personal Information when you ask us for sales and marketing information; sign up for a demo of our services; when you sign up to join our community, when you sign up to download our eBook, and when you communicate with our customer-support, participate in our community blog, marketing, and sales teams. Website Information. As is true of most other websites, the GoodTime website collects certain information automatically and stores it in log files. Only application IDs and pseudoanonymised (hashed) emails are stored to reference users. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the GoodTime’s website, including a history of the pages you view. We use this information to help us design our site to better suit your needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. The GoodTime website also uses cookies and similar technology.

Cookie Policy

Cookies are small text files placed in visitors’ computer to store their preferences. You can use your browser to block and delete cookies from your browser. However, if you do that, our website may not work properly. We use cookies, small strings of numbers and letters that are placed on your browser. We use a persistent cookie that contains login information which automatically logs you in when you return to our website. We also use the Google analytics to help us understand how users use our website and to improve GoodTime services. Google Analytics. GoodTime utilizes Google Analytics to collect information about the use of this service only on the GoodTime website. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. Use of Google Analytics Information. We use the information we get from Google Analytics only to improve this site, but in anonymous form. Google Analytics collects only the IP address assigned to you on the date you visit this site and assigns a user ID code, rather than your name or other identifying information. We do not combine the information collected through the use of Google. Analytics with personally identifiable information. Google uses this information to analyze your use of the website, to generate reports about website activities for website operators and to provide further services related to website and internet use. Google may also share such information with third parties to the extent it is legally required to do so and/or to the extent third parties process data on behalf of Google. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy as well as the Google Analytics Data Processing Agreement. Site usage is tracked using Google Analytics in accordance with their Privacy Policy. If you do not want your data to be used by Google Analytics, you may opt-out by installing Google Analytics Opt-out Browser Add-on. Data processing takes place in the United States and Google is self-certified under the EU-U.S. and Swiss-US Privacy Shield. You may deactivate Google Analytics with the help of a browser add-on if you do not want this website analysis. For more information on all of the Cookies we use please go to our Cookie Policy

How We Use Personal Information

Services. We need to share the candidate’s Personal Information to the company recruiting team (e.g., recruiters, coordinators, and interviewers to provide services). If you are a company recruiter, interviewer, or coordinator, we may also need to share your Personal Information to the candidate to set up an interview. Communication. When you make a request for information about our services, we might communicate with you directly regarding the features our services, to schedule a demo of our services, or to send you marketing materials. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements. Except as described above, we will not disclose your Personal Information to third parties for their own marketing purposes without your consent.

When and How We Share Information with Others

Services. We need to share the candidate’s Personal Information to the company recruiting team (e.g., recruiters, coordinators, and interviewers to provide services). If you are a company recruiter, interviewer, or coordinator, we may also need to share your Personal Information to the candidate to set up an interview. Communication. We collect your contact information to follow up with you on the Services and other services we offer that may be of interest to you. Third Parties. We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, sending email messages, etc. We necessarily have to share your Personal Information with such third parties as may be required to perform their functions. We take steps to ensure that these parties take protecting your privacy as seriously as we do, including entering into Data Processing Addendum, EU Model Clauses and/or ensuring they have EU-U.S. and Swiss-US Privacy Shield certification or Binding Corporate Rules. Law Enforcement and Internal Operations. Personal Information may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary (i) to respond to claims asserted against GoodTime or to comply with the legal process (for example, discovery requests, subpoenas or warrants); (ii) to enforce or administer our policies and agreements with users; (iii) for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes; or (iv) to protect the rights, property or safety of GoodTime, its users or members of the general public. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for data unless otherwise prohibited by law. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to any third party request to compel disclosure of your information. Business Transfer. GoodTime may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. Under such circumstances, GoodTime will use commercially reasonable efforts to notify its users if their personal information is to be disclosed or transferred and/or becomes subject to a different privacy policy.

Third Party Service Providers

For information regarding subprocessors and which ones collect Personal Data on our behalf please refer to our subprocessor Trust and Compliance page

Your Choices

Right to Review and Rectify Your Personal Information. You can update most of your Personal Information by logging on to your account. However, if additional assistance is required to change or delete inaccuracies within your Personal Information or would like to know what information about you was collected, please contact us at privacy@goodtime.io Right to Remove or Withdraw Consent. You have the right to withdraw consent where such consent is required to share or use data and you may request that we delete your Personal Information. If you receive communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings. You can delete your Personal Information by logging into your account and deleting your account. However, since your Personal Information is required for us to provide the services to you, deleting it will also terminate your access to the services. Deleting your Personal Information does not mean that all of it will be removed. We take steps to delete Personal Information that is no longer necessary in relation to provide the services by deleting it within 90 days of your terminating your account or if the account remains unused for more than one year. We may be required by law, to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it. Data Portability. If you would like us to transmit your Personal Information to another company providing similar services and we are required to so by law, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Information. Right to Redress. If you are located in the European Economic Area (EEA) and you believe we have violated any data protection laws please contact us immediately at privacy@goodtime.ioWe will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy within forty-five (45) days of receiving a complaint. For complaints that cannot be resolved between us and the complainant, we have agreed to participate in the dispute resolution procedures pursuant to the Privacy Shield Principles, which includes dispute resolution through means such as FTC enforcement, alternative dispute resolution process and binding arbitration. We have further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles JAMS, Inc., a non-profit alternative dispute resolution provider located in the United States. Click on the link to file an EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield Claim with JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim.

Please be advised that individuals may have the option to seek binding arbitration to resolve disputes regarding our privacy and data protection practices. An individual who decides to invoke this arbitration option must take the following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with the organization and afford the organization an opportunity to resolve the issue within the timeframe set forth in Section III.11(d)(i) of the Principles (2) make use of the independent recourse mechanism under the Principles, which is at no cost to the individual; and (3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce, at no cost to the individual.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”).  Should an individual be unable to resolve a complaint with us, they may contact the FTC at the following address:
Federal Trade Commission
Attn: Consumer Response Center
600 Pennsylvania Avenue
Washington, DC 20580
www.ftc.gov
European Economic Area subjects may also have the right to file complaints with the Data Protection Authorities located in the jurisdiction they are located in.

Data Storage and Retention

Your Personal Information is stored by GoodTime on its servers, and on the servers of the cloud-based database management services GoodTime engages, located in the United States. GoodTime retains your Personal Information for the duration of your business relationship with GoodTime. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact GoodTime’s data protection officer at Privacy@goodtime.io

Transferring Information from the EU to the US

If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.

Security of Your Information

To help protect privacy and personally identifiable information you transmit through use of our website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your Personal Information to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
For more information on how we protect information, please go to our security statement.

Changes and Updates to the Privacy Notice

As our company changes from time to time, this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice, for any reason, without notice to you, other than the posting of the amended Privacy Notice. We may send you an email reminder of our notices and material changes, but you should check our website frequently to see the current Privacy Notice is in effect and any changes that may have been made to it.

US-EU Privacy Shield Certification Information

The United States Department of Commerce has worked with the European Commission to develop the EU-U.S. Privacy Shield Framework and Swiss-US Privacy Shield Framework (“Privacy Shield”) to allow U.S. companies to meet the European Union (“EU”) law requirements that Personal Data transferred from the EU to the United States be adequately protected. Consistent with its pledge to protect personal privacy, we adhere to the Privacy Shield Principles. If there is any conflict between the policies in this Personal Data Protection Policy (this "Policy") and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield Principles, and to view our certification page, please visit https://www.privacyshield.gov
.
-----------------
Scope
This Policy applies to all Personal Data received by us in the United States from the EU, Switzerland and/or other applicable countries, recorded in any form (including electronic, paper or verbal).
Definition
The following definitions shall apply throughout this Policy:
  • "Agent" means any third party that uses Personal Data provided to us to perform tasks on behalf of and under the instructions of us.
  • "Personal Data” means Information or a set of information that identifies or could be used by or on behalf of us to identify an individual. Personal Data does not include information that is encoded, anonymous, aggregated or publicly available information that has not been combined with non-public Personal Data.
  • "Sensitive Personal Data" means Personal Data that reveals racial, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership or information that specifies the health or sex life of the individual. In addition, we will treat any information as Sensitive Personal Data which received from a third party where that third party treats and identifies the information as sensitive.

Privacy Principles

The privacy principles in this Policy are based on the Privacy Shield Principles and the EU General Data Protection Directive 95/46/EC, on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
  1. Notice
    When we collect Personal Data directly from individuals in the EU, Switzerland and/or other applicable countries, we will inform them about the purposes for which we collect and use their Personal Data, the types of third parties (other than Agents), if any, to which we disclose that information, and the choices and means, if any, that we offer individuals for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to us, or as soon as practicable thereafter, and in any event before we use the information for a purpose other than that for which it was originally collected. If we receive Personal Data from our affiliates or other entities in the EU, Switzerland and other countries with which we do business, we will use such information in accordance with the notices such entities provided and the choices made by the individuals to whom such Personal Data relates.
  2. Choice
    We will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than an Agent), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Data, we will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to (a) the disclosure of the information to a third party, or (b) the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. We will provide individuals with reasonable methods to exercise their choices. We may disclose personal information to third parties in the following instances:

    Website Consultants and Service Providers. We may disclose personal information to third party consultants and service providers (such as providers of hosting services, support, maintenance and remedial and repair services) to the extent that they require access to our databases, or the information contained in our databases, to service us and our customers under the conditions set out in the Privacy Shield Principles.
    Enforcement of Rights / Security. We reserve the right to release personal information (i) when we are under legal compulsion to do so (e.g. we have received a subpoena) or we otherwise believe that the law requires us to do so, (ii) when we believe it is necessary to protect and/or enforce the rights, property interests, or safety of us, our customers or others, or (iii) as we deem necessary to resolve disputes, troubleshoot problems, prevent fraud and/or enforce the Privacy Shield Principles.
    Reorganization or Sale. In the event that our company is merged with or becomes part of another organization, or in the event that our company is sold or it sells all or substantially all of its assets or is otherwise reorganized, the information you provide may be one of the transferred assets to the acquiring or reorganized entity.
    As Otherwise Allowed by Law. We may transfer personal information to third parties where we are expressly authorized by applicable law and the Privacy Shield Principles to do so.  We also may be required to disclose an individual's personal information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.
  3. Choice
    We will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than an Agent), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
  4. Accountability For Onward Transfers
    We will obtain assurances from our Agents that they will safeguard Personal Data consistently with this policy. If we have knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this policy, we will take reasonable steps to prevent or stop the use or disclosure.
  5. Security
    We will take reasonable precautions to protect Personal Data in our possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
  6. Data Integrity & Purpose Limitation
    We will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.
  7. Access
    Upon request, we will grant individuals reasonable access to Personal Data that we hold about them, and we will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.
  8. Resource, Enforcement And Liability
    We will conduct compliance audits of our relevant privacy practices to verify adherence to this Policy. Any employee that we determine is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

Changes and Updates to the Privacy Notice

As our company changes from time to time, this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice, for any reason, without notice to you, other than the posting of the amended Privacy Notice. This Policy may be amended from time to time, consistent with the requirements of the EU General Data Protection Directive and/or Privacy Shield Principles. We will provide appropriate public notice about such amendments.

Your California Privacy Rights

California residents who have an established business relationship with GoodTime may make a written request to GoodTime about whether GoodTime has disclosed any Personal Information to any third parties for the third parties' direct marketing purposes during the prior calendar year. To make such a request, please send an email or write us: Data Protection Officer Etch Mobile, Inc. 180 Sansome St., 14 FL San Francisco, CA, 94104, USA
privacy@goodtime.io Questions, Concerns or Complaints Please contact: Etch Mobile, Inc. (“GoodTime”) Data Protection Officer 180 Sansome St., 14 FL San Francisco, CA, 94104, USA privacy@goodtime.iotelephone: 512.299.3514