Last updated on July 10, 2020
CarrotHR, Inc. (d/b/a “Assembly,” “we,” “us,” “our”) is committed to protecting your privacy through our compliance with the policies and practices in this notice.
This notice describes the types of information we may collect from you or that you may provide to us when you visit our website at joinassembly.com or use the Assembly service. In this notice we refer to our website and our service collectively as the "Site." This notice also describes our practices for collecting, using, maintaining, protecting, and disclosing that information. Your use of the Site is subject to our Terms of Service or other written agreement between you or your organization and us.
This notice applies to information we collect:
It does not apply to information collected by:
By accessing or using the Site, you agree to the policies and practices described in this notice. If you do not agree with our policies and practices as described in this notice, you may not use the Site. We may change this notice from time to time. Your use of the Site at any time indicates your acceptance of the version of this notice posted on the Site at such time, so please check this notice periodically for updates.
The Site is not intended for use by children under 13 years of age, and we do not knowingly collect any information from or about children under 13. If you are under 13, do not use the Site for any reason. If we learn we have collected or received personal information from or about a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information about a child under 13, please contact us at email@example.com.
We collect several types of information from and about users of the Site, including information:
We collect this information:
The information we collect on or through the Site may include:
You also may provide information to be posted on areas of the Site that are visible on the Site, such as to other users in your organization or that are transmitted to third parties as part of your or your organization’s use of the Site (collectively, "User Contributions"). Your User Contributions are posted and/or transmitted at your own risk. We limit access to certain pages according to our your or your organization’s usage and privacy settings, but you acknowledge that no security measures are perfect or impenetrable. In addition, you acknowledge that we cannot completely control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
As you navigate through and interact with the Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
The information we collect automatically is statistical data and may include personal information. This information helps us to:
The technologies we use for automatic data collection may include:
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.
We use information that we collect about you or that you provide to us:
Enhancing Services with OpenAI API:
We may also use your information to contact you about our own products and services that may be of interest to you. If you do not want us to use your information in this way, please click the ‘unsubscribe’ link in the bottom of any marketing email we’ve sent you.
We may use the information we have collected from you to enable us to display advertisements for our products and services. We only retain personal information for as long as your (or your organization’s) account is active or as necessary to provide services to you or your organization under our Terms and Conditions of Service or other agreement between you or your organization and Assembly.
We may disclose aggregated, anonymized information about our users without restriction.
We may disclose personal information that we collect or you provide as described in this notice:
You can review and change certain elements of your personal information by logging into the Site and visiting your account profile page.
You may also send us an email at firstname.lastname@example.org to request access to, correct or delete any personal information that you have provided to us. We cannot delete all of your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect or if we have a separate legal basis for possessing and processing such information, such as to fulfill the terms of a contract between you or your organization and us.
Copies of some information, such as your User Contributions, may remain viewable in cached and archived pages, or might have been copied or stored by other Site users. We will take reasonable steps to delete such information upon request, but cannot guarantee immediate deletion in all cases.
We have implemented reasonable and appropriate measures to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. The Site is hosted on secure servers provided by our hosting services provider in the United States ("US"). By using the Site or providing us with any information, you acknowledge that the processing of your information, including personal information, will take place in the US as set forth in this notice and our Terms and Conditions of Service or other agreement between you or your organization and Assembly.
The safety and security of your information also depends on you. For example, where we have given you (or where you have chosen) a password for access to certain parts of the Site, you are responsible for keeping this password confidential.
Unfortunately, the transmission of information online is not completely secure, and we cannot guarantee the security of your personal information transmitted to or through the Site, which is done at your own risk.
Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Assembly’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Assembly remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Assembly proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Assembly commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, UK, and Swiss individuals with Privacy Shield inquiries or complaints should first contact Assembly at: email@example.com
Assembly has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
We will inform you of any changes we make to our privacy policies and practices that affect this notice by posting an updated notice on this page and/or by sending you a notice of the update. The date this notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting the Site and this notice to check for any changes.
To ask questions or comment about this notice and our privacy policies and practices, please contact us at: firstname.lastname@example.org.