Privacy Policy

Criteria Corp

Privacy Policy

Effective: 17 JAN 2022

1. OUR APPROACH TO PRIVACY

1.1 Criteria Corp. and its affiliate entity- Criteria Australia Pty Ltd an Australian corporation (ABN 58 089 022 202) (collectively, “Criteria”, “we”, “our”, or “us”) is committed to protecting and respecting your privacy. This privacy policy sets out how we collect, store, process, transfer, share and use data that identifies or is associated with you (“personal information” or “PI”) and information regarding our use of cookies and similar technologies.

1.2 Criteria operates an employee and applicant testing platform that allows employers to instruct potential or current employees to take aptitude, personality and skills tests; and also provides related services through our websites, including https://www.criteriacorp.com, https://www.criteriacorp.com.au/, https://app-au.criteriacorp.com, https://www.criteriacorp.com.au, www.ondemandassessment.com, https://au.ondemandassessment.com; and related sites accessible to mobile devices, tablets, and other connected devices(collectively, the "Criteria Service").

1.3 Before accessing or using the Criteria Service, please ensure that you have read and understood our collection, storage, use and disclosure of your personal information as described in this privacy policy.

2. PERSONAL INFORMATION WE COLLECT

2.1 Information collected in two ways. Criteria collects your information in two ways:

Directly (for example, when you provide information when you use or visit the Criteria Service).
Indirectly (for example, through technology used within the Criteria Service).

2.2 The personal information you provide. We collect personal information that you voluntarily submit directly to us when you use the Criteria Service. This can include information you provide to us when you register for an account and user profile, fill in a form on the Criteria Service, create or edit your user profile on the Criteria Service, correspond with us by phone, e-mail or otherwise, subscribe to our mailing lists, newsletters or other forms of marketing communications, respond to a survey, post comments in forums, enter a promotion, or use some other feature of the Criteria Service.

1. Required PI. We will indicate to you if the provision of certain personal information is mandatory or optional. If you choose not to provide any personal information marked as mandatory, we may not be able to provide some features of the Criteria Service to you or respond to your other requests.
2. Categories of PI You Provide. The list below sets out the categories of personal information we collect about you:

Contact information, such as your name, phone number, address and e-mail address.
Employment information, such as the name of the company you work for, and information about the business unit you work for, your job title and function.
Correspondence and comments. When you contact us directly, e.g. by email, phone, mail or when you complete an online form, we will record your comments and opinions.
Video interview information, such as image, likeness, voice data, video, and other data gathered during the video interviews.

c. Use of PI You Provide. We may use this information to:

operate, maintain and provide to you the features and functionality of the Criteria Service;
communicate with you, including sending statements and invoices, communications, news, alerts and marketing communications;
deal with enquiries and complaints made by you relating to the Criteria Service;
address your questions, issues and concerns and improve the Criteria Service
determine products and services that may be of interest to you and to send you news alerts and marketing communications in accordance with your marketing preferences; and
monitor and improve the Criteria Service.

d. Required Processing of PI You Provide. The processing of the above personal information is necessary for:

the performance of a contract and to take steps prior to entering into a contract; and
our legitimate interests, namely administering and improving the Criteria Service, for marketing purposes and communicating with users.

2.3 Personal information we collect automatically. We also automatically collect the following personal information indirectly about how you access and use the Criteria Service and information about the device you use to access the Criteria Service:

a. Categories of PI Collected Automatically

Information about how you access and use the Criteria Service. For example, the website from which you came and the website to which you are going when you leave our website, how frequently you access the Criteria Service, the time you access the Criteria Service and how long you use it for, the approximate location that you access the Criteria Service from, whether you access the Criteria Service from multiple devices, and other actions you take on the Criteria Service.
Information about your device. We also collect information about the computer, tablet, smartphone or other electronic device you use to connect to the Criteria Service. This information can include details about the type of device, unique device identifying numbers, operating systems, browsers and applications connected to the Criteria Service through the device, your Internet service provider or mobile network, your IP address and your device's telephone number (if it has one).

b. Use of PI Collected Automatically. We may use the information we collect automatically to present the Criteria Service to you on your device and to determine products and services that may be of interest to you for marketing purposes. We may also use the personal information we collect from you to monitor and improve the Criteria Service and business, and to help us to develop new products and services.

c. Required Processing of PI Collected Automatically. The processing of the personal information we collect from you automatically is necessary for our legitimate interests, namely: to tailor the Criteria Service to the user and to improve the Criteria Service generally; to monitor and resolve issues; for marketing purposes; to communicate with users; to contact users; and for the detection and prevention of fraud.

2.4 Personal Information we may receive from third parties. Any personal information that we may obtain from other third-party sources will be processed by us in accordance with this privacy policy and applicable laws.

2.5 Use of Anonymized PI. We may anonymize and aggregate any of the personal information we collect (so that it does not directly identify you). We may use anonymized information for purposes that include testing our IT systems, research, data analysis, improving the Criteria Service and developing new products and features. We may also share such anonymized information with others.

3.0 HOW WE SHARE YOUR PERSONAL INFORMATION

3.1 Service Providers and Subprocessors. The Criteria Service only shares your personal information with its vendors, suppliers and other service providers that perform services for us or on our behalf and not for other purposes. For example, we may share your personal information with the following:

Amazon Web Services, Inc - as our data storage and services provider. You can read more about how Amazon Web Services uses your personal information here: https://aws.amazon.com/compliance/data-privacy-faq/

Office 365 for email communications. You can read more about how Office/Microsoft uses your personal information here: https://privacy.microsoft.com/en-us/privacystatement

Google as we use “Google Analytics” to help us understand how our customers use this site. You can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/privacy/.

In addition, we may share personal information you provide with third party vendors and other service providers that assist us with identifying and serving targeted advertisements, providing mailing, email or chat services, tax and accounting services, payments processing, data enhancement services, fraud prevention, web hosting, or providing analytic services. These third parties are listed on the Criteria subprocessor listing (updated from time to time) and available from Criteria upon request.

3.2 Employers. We share personal information of job applicants that use the Criteria Service in connection with their job search or relationship with employer-customers of Criteria. Such personal information will be handled and processed in accordance with the terms of a separate privacy policy (“Applicant Privacy Policy”) located at: https://www.ondemandassessment.com/home/privacy and https://au.ondemandassessment.com/home/privacy. In addition, employer-customers of Criteria agree to comply with all their responsibilities under applicable data privacy laws and protection regulations.

3.3 Criteria Entities. We may share personal information as needed with other companies, brands, websites or properties owned or controlled by Criteria, including but not limited to the Criteria Corp. Australia Pty. Ltd. and any other our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use your personal information in the same way as we can under this policy.

3.4 Publicly Available Information. We may share content that you post on this website or on the Criteria Service that is intended to make that content publicly available and searchable by individuals. For example, we may share job posting or similar information contained within that job posting with third parties, subject to our agreement with any such third parties-including employer-customers. We also reserve the right to share information aggregated from public sources.

3.5 Third-Party Sites You Link to from Criteria’s Website. If you use certain third-party sites or services that you link to from our website, then all information you provide via the link is provided to that third party, and is subject to the third-party’s privacy policy and terms of service. WE ARE NOT RESPONSIBLE FOR THE INFORMATION COLLECTION, USE, DISCLOSURE OR OTHER PRIVACY PRACTICES OF ANY THIRD PARTY.

3.6 Purchasers and Third Parties. Personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business.

3.7 Law enforcement, regulators and other parties for legal reasons. Third parties as required by law or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) detect and investigate illegal activities and breaches of agreements; and/or (c) exercise or protect the rights, property, or personal safety of Criteria, its users or others.

3.8 Legitimate Interests. Personal information may be disclosed when it is reasonably necessary to achieve our legitimate business interests.

3.9 Consent. We may share personal information if you have given us specific consent to use your personal information for a specific purpose.

4. [Reserved]

5. COOKIES AND SIMILAR TECHNOLOGIES

5.1 What are Cookies. Cookies are pieces of code that allow for personalization of our website experience by saving your information such as user ID and other preferences. A cookie is a small data file that we transfer to your computer's hard disk for record-keeping purposes.

5.2 Use of Cookies. Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. We use the following types of cookies:

a. Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services. The OnDemandAssessment sites do not use any cookies however, other sites, such as www.criteriacorp.com, https://criteriacorp.com.au , and other Criteria Services sites may use cookies as described above.

b. Analytical/performance cookies. They allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

c. Google Analytics. We use a tool called "Google Analytics" to collect information about use of this site. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics only to improve this site. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google's ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use (as amended for government websites) and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.

d. Functionality cookies. These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

e. Testing. We create a cookie named, "cookieTest" that stores a value of True and expires after one (1) day. This cookie is set to determine whether the user's browser has cookies enabled. We also create a cookie named, "ci_session" that stores encrypted session data when a user enters an Event ID or submits her information to begin a test. The cookie does not collect any information. It simply stores some of the IDs that are assigned to the test taker including the Test Event ID and Test Taker ID. This is used to track the user's session through test completion. The cookie is cleared when the test is complete, or the browser window is closed.

5.3 Managing Cookies. The cookies we use are designed to help you get the most from our Criteria Service but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse cookies you may not be able to use the full functionality of our Criteria Service. These settings will typically be found in the "options" or "preferences" menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the "Help" option in your browser for more details.

Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari web and iOS.

5.4 Use of WebBeacons and Other Tracking Tools. We may also employ clear gifs (also known as web beacons) which are used to anonymously track the online usage patterns of our users. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our Criteria Service.

5.5 Information on Cookies and Related Technologies. To learn more about cookies, clear gifs/web beacons and related technologies and how you may opt-out of some of this tracking, you may wish to visit http://www.allaboutcookies.org.

5.6 Opting-Out. If you only want to limit third party advertising cookies and similar technologies, you can opt out of receiving certain targeted advertising by visiting the following links (please bear in mind that there are many more companies listed on these sites than those that drop cookies via our website):

Your Online Choices ( http://www.youronlinechoices.com/ )
Network Advertising Initiative ( http://www.networkadvertising.org/ )
Digital Advertising Alliance ( http://www.aboutads.info/consumers )

5.7 Do Not Track. Please note that at this time, we do not respond to the browser “Do Not Track” (DNT) signal if enabled in your web browser. Third parties accessed through our website or the Criteria Service may have their own third-party cookies, and they may or may not respond to the DNT signal.

5.8 Cookies Used

This website uses cookies. We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

Cookies are small text files that can be used by websites to make a user's experience more efficient.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.

You can at any time change or withdraw your consent from the Cookie Declaration on our website.

Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.

Please state your consent ID and date when you contact us regarding your consent.

Your consent applies to the following domains: www.criteriacorp.com

Your current state: Allow all.

Your consent ID: 78qhx/dzX4Lrx8dU/oOti/XQmMCXRiWZapPLw0IVe1IYOb39h4XX0w==Consent date: Friday, November 19, 2021, 12:34:37 PM PST

Change your consent | Withdraw your consent

Cookie declaration last updated on 1/6/22 by Cookie Bot:

Necessary (4)

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name	Provider	Purpose	Expiry	Type
CookieConsent	Cookiebot	Stores the user's cookie consent state for the current domain	1 year	HTTP Cookie
intercom-id-#	Intercom	Allows the website to recognize the visitor, in order to optimize the chat-box functionality.	270 days	HTTP Cookie
intercom-session-#	Intercom	Sets a specific ID for the user which ensures the integrity of the website’s chat function.	6 days	HTTP Cookie
li_gc	LinkedIn	Stores the user's cookie consent state for the current domain	2 years	HTTP Cookie

Preferences (8)

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Name	Provider	Purpose	Expiry	Type
DRIFT_openTabs	Drift	Used to make the chat function consistent across tabs, if the user has multiple browser tabs open for the same website.	Persistent	HTML Local Storage
DRIFT_SESSION_ID	Drift	Allows the website to recognize the visitor, in order to optimize the chat-box functionality.	Session	HTML Local Storage
DRIFT_SESSION_STARTED	Drift	Stores a unique ID string for each chat-box session. This allows the website-support to see previous issues and reconnect with the previous supporter.	Session	HTML Local Storage
DRIFT_visitCounts	Drift	Determines the number of visits of the specific visitor. This is used in order to make the chat-box function more relevant.	Persistent	HTML Local Storage
driftt_aid	Drift	Necessary for the functionality of the website's chat-box function.	2 years	HTTP Cookie
lang [x2]	LinkedIn	Remembers the user's selected language version of a website	Session	HTTP Cookie
loglevel	Wistia	Maintains settings and outputs when using the Developer Tools Console on current session.	Persistent	HTML Local Storage

Statistics (25)

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Name	Provider	Purpose	Expiry	Type
_clck	Microsoft	Collects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.	1 year	HTTP Cookie
_clsk	Microsoft	Registers statistical data on users' behavior on the website. Used for internal analytics by the website operator.	1 day	HTTP Cookie
_cltk	Microsoft	Registers statistical data on users' behavior on the website. Used for internal analytics by the website operator.	Session	HTML Local Storage
_ga	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	2 years	HTTP Cookie
_ga_#	Google Tag Manager	Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit.	2 years	HTTP Cookie
_gat	Google	Used by Google Analytics to throttle request rate	1 day	HTTP Cookie
_gid	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	1 day	HTTP Cookie
_hjAbsoluteSessionInProgress	Hotjar	This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.	1 day	HTTP Cookie
_hjFirstSeen	Hotjar	This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website.	1 day	HTTP Cookie
_hjIncludedInPageviewSample	Hotjar	Used to detect whether the user navigation and interactions are included in the website’s data analytics.	1 day	HTTP Cookie
_hjIncludedInSessionSample	Hotjar	Registers data on visitors' website-behavior. This is used for internal analysis and website optimization.	1 day	HTTP Cookie
_hjRecordingLastActivity	www.criteriacorp.com	Sets a unique ID for the session. This allows the website to obtain data on visitor behavior for statistical purposes.	Session	HTML Local Storage
_hjSession_#	Hotjar	Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read.	1 day	HTTP Cookie
_hjSessionUser_#	Hotjar	Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read.	1 year	HTTP Cookie
_hjTLDTest	Hotjar	Registers statistical data on users' behavior on the website. Used for internal analytics by the website operator.	Session	HTTP Cookie
_vwo_uuid_v2	VWO	This cookie is set to make split-tests on the website, which optimizes the website's relevance towards the visitor – the cookie can also be set to improve the visitor's experience on a website.	1 year	HTTP Cookie
AnalyticsSyncHistory	LinkedIn	Used in connection with data-synchronization with third-party analysis service.	29 days	HTTP Cookie
collect	Google	Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.	Session	Pixel Tracker
hjViewportId	www.criteriacorp.com	Sets a unique ID for the session. This allows the website to obtain data on visitor behavior for statistical purposes.	Session	HTML Local Storage
sliguid	Salesloft	Contains an visitor ID - This is used to track visitors' navigation and interaction on the website for internal website-optimization.	1 year	HTTP Cookie
slirequested	Salesloft	Contains an visitor ID - This is used to track visitors' navigation and interaction on the website for internal website-optimization.	1 year	HTTP Cookie
ub-emb-id	assets.ubembed.com	Enables the website to make variations of their landing-page. This is used to minimize bounce-rates, which means that fewer users leave the page immediately.	Persistent	HTML Local Storage
undefined	Wistia	Collects data on visitor interaction with the website's video-content - This data is used to make the website's video-content more relevant towards the visitor.	Persistent	HTML Local Storage
v.gif	VWO	This cookie is set to make split-tests on the website, which optimizes the website's relevance towards the visitor – the cookie can also be set to improve the visitor's experience on a website.	Session	Pixel Tracker
wistia	Wistia	Used by the website to track the visitor's use of video-content - The cookie roots from Wistia, which provides video-software to websites.	Persistent	HTML Local Storage

Marketing (37)

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Name	Provider	Purpose	Expiry	Type
_gcl_au	Google Tag Manager	Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.	3 months	HTTP Cookie
_hjRecordingEnabled	www.criteriacorp.com	This cookie is used to identify the visitor and optimize ad-relevance by collecting visitor data from multiple websites – this exchange of visitor data is normally provided by a third-party data-center or ad-exchange.	Session	HTML Local Storage
_mkto_trk	Marketo	Contains data on visitor behavior and website interaction. This is used in context with the email marketing service Marketo.com, which allows the website to target visitors via email.	2 years	HTTP Cookie
_uetsid	Microsoft	Collects data on visitor behavior from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement.	1 day	HTML Local Storage
_uetsid_exp	Microsoft	Contains the expiry-date for the cookie with corresponding name.	Persistent	HTML Local Storage
_uetvid	Microsoft	Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.	1 year	HTML Local Storage
_uetvid_exp	Microsoft	Contains the expiry-date for the cookie with corresponding name.	Persistent	HTML Local Storage
ads/ga-audiences	Google	Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behavior across websites.	Session	Pixel Tracker
ANONCHK	Microsoft	Registers data on visitors from multiple visits and on multiple websites. This information is used to measure the efficiency of advertisement on websites.	1 day	HTTP Cookie
bcookie	LinkedIn	Used by the social networking service, LinkedIn, for tracking the use of embedded services.	2 years	HTTP Cookie
bscookie	LinkedIn	Used by the social networking service, LinkedIn, for tracking the use of embedded services.	2 years	HTTP Cookie
drift_aid	Drift	Sets a unique ID for the specific user. This allows the website to target the user with relevant offers through its chat functionality.	2 years	HTTP Cookie
drift_campaign_refresh	Drift	Sets a unique ID for the specific user. This allows the website to target the user with relevant offers through its chat functionality.	1 day	HTTP Cookie
DRIFT_SESSION_CAMPAIGNS	Drift	Used to determine when and where certain pop-ups on the website should be presented for the user and remember whether the user has closed these, to keep them from showing multiple times.	Persistent	HTML Local Storage
IDE	Google	Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.	1 year	HTTP Cookie
lidc	LinkedIn	Used by the social networking service, LinkedIn, for tracking the use of embedded services.	1 day	HTTP Cookie
lpv#	Salesforce	Used in context with behavioral tracking by the website. The cookie registers the user’s behavior and navigation across multiple websites and ensures that no tracking errors occur when the user has multiple browser-tabs open.	1 day	HTTP Cookie
MUID [x2]	Microsoft	Used widely by Microsoft as a unique user ID. The cookie enables user tracking by synchronizing the ID across many Microsoft domains.	1 year	HTTP Cookie
pagead/1p-conversion/#	Google	Pending	Session	Pixel Tracker
pagead/landing [x2]	Google	Collects data on visitor behavior from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement.	Session	Pixel Tracker
pagead/viewthroughconversion/1062242818	Google	Pending	Session	Pixel Tracker
site_identity	Salesloft	Collects data on user behavior and interaction in order to optimize the website and make advertisement on the website more relevant.	1 year	HTTP Cookie
slireg	Salesloft	Registers user behavior and navigation on the website, and any interaction with active campaigns. This is used for optimizing advertisement and for efficient retargeting.	6 days	HTTP Cookie
SM	Microsoft	Registers a unique ID that identifies the user's device during return visits across websites that use the same ad network. The ID is used to allow targeted ads.	Session	HTTP Cookie
SRM_B	Microsoft	Tracks the user’s interaction with the website’s search-bar-function. This data can be used to present the user with relevant products or services.	1 year	HTTP Cookie
test_cookie	Google	Used to check if the user's browser supports cookies.	1 day	HTTP Cookie
UserMatchHistory	LinkedIn	Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.	29 days	HTTP Cookie
utm_medium	www.criteriacorp.com	Collects information on user preferences and/or interaction with web-campaign content - This is used on CRM-campaign-platform used by website owners for promoting events or products.	3 months	HTTP Cookie
utm_source	www.criteriacorp.com	Determines how the user accessed the website. This information is used by the website operator in order to measure the efficiency of their marketing.	3 months	HTTP Cookie
visitor_id# [x3]	Salesforce Google Tag Manager	Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes.	10 years	HTTP Cookie
visitor_id#-hash [x3]	Salesforce Google Tag Manager	Used to encrypt and contain visitor data. This is necessary for the security of the user data.	10 years	HTTP Cookie

Unclassified (4)

Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

Name	Provider	Purpose	Expiry	Type
c.gif	Microsoft	Pending	Session	Pixel Tracker
DRIFT_ALWAYS_SEND_IDS	Drift	Pending	Session	HTML Local Storage
intercom.intercom-state-o78exqrb	Google Tag Manager	Pending	Persistent	HTML Local Storage
wistia-video-progress-#	Wistia	Pending	Persistent	HTML Local Storage

6. STORING AND TRANSFERRING YOUR PERSONAL INFORMATION

6.1 Security. We implement appropriate technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, change or damage. All personal information we collect will be stored on our secure servers. All transfers of personal information are protected by TLS encryption technology. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.

6.2 Retention Periods. We will store the personal information we collect for no longer than necessary for the purposes set out and in accordance with our legal obligations and legitimate business interests.

6.3 International Transfers of your Personal Information. Many of the features of the Criteria Service are provided and hosted in the United States and/or Australia. If you are located outside of the United States (including the EU or EEA), this may mean that your personal information will be stored and processed in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal information than the jurisdiction you are typically resident in. By visiting or using the Criteria Service, you consent to storage of your data on servers located in the United States and/or Australia. If you are using the Services from outside the United States, you consent to the transfer, storage, and processing of your data in and to the United States or other countries. Your data is also processed outside of the UK, Switzerland, and the EEA by Criteria affiliated companies, or our service providers, including to process transactions, facilitate payments, and provide support services as described in Section 3. We have entered into data processing agreements with our service providers that restrict and regulate their processing of your data on our behalf. By submitting your data or using the Criteria Services, you consent to this transfer, storage, and processing by Criteria and its processors.

6.4 Our Commitment. We will take reasonable steps to ensure that your personal information is treated securely and in accordance with applicable law and this privacy policy. If you are a resident of the EEA, the UK or Switzerland, we will protect your personal information when it is transferred outside of the EEA, the UK or Switzerland by either processing it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or by relying on the Standard Contractual Clauses approved by the European Commission.

6.5 Privacy Shield. Although Criteria no longer relies on the Privacy Shield framework for transferring your data outside of the UK, Switzerland, or the EEA, we continue to comply with key principles the EU-U.S. Privacy Shield framework and Swiss-U.S. Privacy Shield framework as set forth by the U.S. Department of Commerce (the "Privacy Shield"). To learn more about Privacy Shield, please visit the U.S. Department of Commerce Privacy Shield website: https://www.privacyshield.gov/. For more information regarding our Privacy Shield certification, please see: https://www.privacyshield.gov/list.

7.0 YOUR CHOICES RELATING TO YOUR PERSONAL INFORMATION

You can choose to access and delete your personal information. However, you might not be able to use the Criteria Service or take advantage of many of our features. If you would like to access or delete your personal information, please follow the specific instructions listed below for residents of certain jurisdictions or contact us as indicated at the end of this privacy policy, and we will consider your request in accordance with applicable laws. We reserve the right to keep any data as necessary to preserve and protect our rights to the extent permitted by law (for example, to preserve our business records or preserve records of a dispute) or to comply with obligations under local law. A closed account does not necessarily mean that all of the data is expunged from our systems.

8. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL INFORMATION

8.1 Residents of the European Union. If you are resident in the European Union, in accordance with European Union privacy law, you have the following rights in respect of your personal information that we hold:

a. Right of access. You have the right to obtain:

(i) confirmation of whether, and where, we are processing your personal information;

(ii) information about the categories of personal information we are processing, the purposes for which we process your personal information and information as to how we determine applicable retention periods;

(iii) information about the categories of recipients with whom we may share your personal information; and

(iv) a copy of the personal information we hold about you.

b. Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.

c. Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.

d. Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.

e. Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.

f. Right to object. You have a right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal information, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

g. Exercising Your Rights. If you wish to exercise one of these rights, please contact us:

If you use the Criteria Service for an employer based in Australia or the Asia-Pacific region at: https://gdpr-rep.eu/q/14194955; or Criteria Corp c/o Maetzler Rechtsanwalts GmbH & Co KG, Schellinggasse 3/10, 1010 Vienna, Austria. Please add the following subject to all correspondence: GDPR-REP ID: 14194955.
If you use the Criteria Service for an employer based in any other country (not Australia or the Asia-Pacific region) at: https://gdpr-rep.eu/q/14974834; or Criteria Corp c/o Maetzler Rechtsanwalts GmbH & Co KG, Schellinggasse 3/10, 1010 Vienna, Austria. Please add the following subject to all correspondence: GDPR-REP ID: 14974834.
If you are based in the U.K. you may also contact us at: Criteria Corp UK Ltd, 9th Floor 107 Cheapside London, United Kingdom EC2V 6DN (44 20 7862 4844).

We will, to the extent we are acting in our capacity as a data controller, honor your requests according to applicable law. In most cases we will not be acting as a data controller, but rather a data processor for the employer-customer, and as such we will also notify the employer-customer(s) associated with your personal information, who may have the obligations to fulfil your requests with respect to their control of your personal information.

h. Data Processing Addendum. If you are an employer that has contracted with us to use the Criteria Service with residents of the European Union, U.K. or Switzerland, Criteria will commit to process the data of such residents consistent with the Standard Contractual Clauses for data transfers between EU and non-EU countries; provided that you execute Criteria’s Data Processing Addendum (“DPA”) prior to using the Criteria Service.

8.2 California Residents. If you are a resident of the State of California, you may exercise the rights described below. By choosing to exercise your rights as described below, you are declaring that you are a California resident as defined in the California Consumer Privacy Act of 2018, Civil Code Section 1798.100 (“CCPA”).

a. Right to Know. You have the right to ask us for a copy of your personal information collected over the past 12 months and for information about how we collect, use, disclose, and sell it. We do not share personal information with third parties for their own direct marketing purposes without your permission. Please refer to the following sections of our privacy policy for specific information on how we collect, use, disclose, and sell personal information over the past twelve (12) months:

(i) categories of personal information we collected: Section 2.1(b), Section 2.2(a), Section 2.3, Section 2.4, as well as, the following sections of the Applicant Privacy Policy: Sections 2.3, 3.1, 3.4, 3.7, and 5.3.

(ii) sources of personal information: Section 2.1, Section 2.2, Section 2.3, Section 2.4, as well as, the following sections of the Applicant Privacy Policy: Sections 2.1, 3.1, and 5.1.

(iii) how we used personal information: Section 2.1, Section 2.2, Section 2.3, Section 2.4, Section 5.2, Section 5.4, as well as, the following sections of the Applicant Privacy Policy: Sections 2.4, 2.5, 2.6, 2.7, 3.5, 3.6, 3.7, 3.8, 5.3 and 5.5.

(iv) how we shared personal information: Section 3, Section 5.2, Section 5.5, as well as, the following sections of the Applicant Privacy Policy: Sections 3.8, 5.3 and 5.5.

b. Right to Deletion. You have the right to request for us to delete any of your personal information. If you delete your personal information, you will permanently lose access to your personal information and/or Criteria customer account. We may deny your deletion request when permitted by applicable law or for business purposes including, without limitation, when personal information is needed to comply with our legal obligations, meet regulatory requirements, support our business operations, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms and Conditions of Use, fulfill your request to “unsubscribe” from further messages from us, or confirm that we have deleted your personal information. We retain anonymized information after your account has been closed. We cannot disclose or delete specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of personal information, your account with us or the security of our systems.

c. Right to Correction. You have the right to update or modify certain of your personal information. If you have a customer account, you may update or modify your personal information by accessing your account and making the changes in your account settings. If you do not have a customer account and are TestTaker, user of our website or Criteria Service, then you may request that your personal information be updated by emailing us at: (i) https://ondemandassessment.com/candidate-request if you use the Criteria Service for an employer based in any country (except Australia or the Asia-Pacific region); or (ii) Privacy@criteriacorp.com if you use the Criteria Service for an employer based in Australia or the Asia-Pacific region. 

d. Right to Opt-Out of the Sale of Your Personal Information. You have the right to ask that we not sell your personal information. Criteria does not sell, in the traditional sense of the word, or rent personal information to third parties for money. We do, however, share your personal information as we have described in this privacy policy to make the Criteria Service available to you.

e. Right to Non-Discrimination. Criteria will not discriminate against customers or users who exercise their rights under the CCPA.

f. Exercising your Rights. If you wish to exercise one of these rights, please contact us at: (i) https://ondemandassessment.com/candidate-request if you use the Criteria Service for an employer based in any country (except Australia or the Asia-Pacific region); or (ii) Privacy@criteriacorp.com if you use the Criteria Service for an employer based in Australia or the Asia-Pacific region. Before we can process any such request, we will need to verify your identity through the email address or telephone number associated with your use of our website or Criteria Service account, and confirm your request prior to fulfilling any such request and reserve the right to deny a request where we are unable to satisfactorily complete this process. If you authorize someone to make a request on your behalf, we may also deny your request if we are unable to verify that the individual making the request is authorized to act on your behalf. Once your identity and request have been verified, we will attempt to notify the employer-customer(s) associated with your personal information for additional processing of your request.

8.3 Residents of Australia. If you are a resident of Australia and you have a complaint, you may refer it to the office of the Australian Information Commissioner (“OAIC”). You can contact OAIC by visiting www.oaic.gov.au; forwarding an email to enquiries@oaic.gov.au; telephoning 1300 363 992; or writing to OAIC at GPO Box 5218, Sydney NSW 2001.

8.4 Residents in other jurisdictions. If you are not a resident of the European Union, Australia or California, you may still have similar rights to the above. If you would like to exercise one of these rights, please contact us:

If you use the Criteria Service for an employer based in any country (excluding Australia or the Asia-Pacific region) at: https://ondemandassessment.com/candidate-request.

If you use the Criteria Service for an employer based in Australia or the Asia-Pacific region at: Privacy@criteriacorp.com

We will comply with a request to the extent required under applicable law.

9. JURISDICTION AND ENFORCEMENT

9.1 As part of our participation in the Privacy Shield, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).

9.2 You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

9.3 In compliance with the EU-US and Swiss-US Privacy Shield Principles, we commit to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us using the contact information listed below.

9.4 We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the JAMS Privacy Shield Program. Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint.

10. LINKS TO THIRD PARTY SITES

Our Criteria Service may, from time to time, contain links to and from third party websites, including those of other users, our partner networks, advertisers, partner merchants, news publications, retailers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

11. OUR POLICY TOWARDS CHILDREN

Our Criteria Service is not directed at persons under 16 and we do not knowingly collect personal information from children under 16. If you become aware that your child has provided us with personal information, without your consent, then please contact us using the details below so that we can take steps to remove such information and terminate any account your child has created with us.

12. CHANGES TO THIS POLICY

We may update this privacy policy from time to time and so you should review this page periodically. When we change this privacy policy in a material way, we will update the "Effective" date at the beginning of this privacy policy. Changes to this privacy policy are effective when they are posted on this page.

13. NOTICE TO YOU

If we need to provide you with information about something, whether for legal, marketing or other business-related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on our Criteria Service.

14. CONTACTING US

For any questions, comments and requests regarding your personal information, please contact us at:

For any country/region (except Australia and Asia Pacific Region):

Criteria Corp

750 N San Vicente Blvd. Suite 1500

West Hollywood, California USA 90069

Email: privacy@criteriacorp.com

For Australia and Asia Pacific Region:

Criteria Australia Pty Ltd Level 18, 333 Ann Street Brisbane, QLD 4000, with a copy to:

Criteria Corp, 750 North San Vicente Blvd. Suite 1500 East Tower, West Hollywood, CA 90069.

Email: Privacy@criteriacorp.com