Wizeline Privacy Policy

Effective on: September 14th, 2022

Introduction and Scope

Wizeline, Inc. and its affiliates Wizeline, S. de R.L. de C.V. (Mexico), Wizeline Vietnam Company Limited (Vietnam), Wizeline Singapore Pte. Ltd. (Singapore), Wizeline Inc. Co. Ltd. (Thailand), Wizeline S.L. (Spain), Wizeline S.A.S. (Colombia), Wizeline PTY LTD (Australia), and Wizeline Technology Services, Inc (Canada) (collectively, (“Wizeline”, “we”, “us”, “our”) take the protection of personally identifiable information (“Personal Data”) very seriously. Please read this Privacy Notice (the “Notice”) to learn what we’re doing with your Personal Data, how we protect it, and your privacy rights under the European Union General Data Protection Regulation (“GDPR”), and the California Consumer Privacy Act of 2018 (“CCPA”).

What Is Covered by this Notice?

This Notice addresses data subjects whose Personal Data we may process:

in the course of processing your requests and applications when applying to Wizeline’s job openings via social networks or our website (the “Recruitment Activities”);
in the course of taking classes or courses sponsored by Wizeline (the “Learning Services”);
in our website located athttps://www.wizeline.com(the “Website”);
in our customer relationship management (CRM) software (collectively, with the Website, the “Sales and Marketing Systems”); and
in the course of providing you customer support services (“Customer Support”),

(collectively, the “Services”).

This Notice does not apply to Personal Data we collect by other means, such as Personal Data collected from or concerning our own employees.

This Notice does not cover any other data collection or processing, including the data related to our customers or customers’ clients, which we may process (and for which we act as a “data processor” or “service provider”) in the course of providing professional software development, application management, and consulting services (the “Professional Services”). Wizeline has limited rights to access the Personal Data our customers may provide to us. If you are our customers’ client and want to exercise any of your privacy rights, please contact Wizeline’s customer directly, who has control over your Personal Data.

Controllership

Within the scope of this Notice, Wizeline is the business that makes the decisions about the processing of your Personal Data (also known as the “data controller”) for the Personal Data we process in our Sales and Marketing Systems, to provide Customer Support, during the Recruitment Activities, and to provide the Learning Services.

Basis of Processing

Within the scope of this Notice, we may process your Personal Data on the basis of:

your consent;
the need to perform a contract with you or engage in precontractual necessities with you;
our legitimate interests in processing your Personal Data, which are not overridden by your rights. Some of those interests include: (1) identifying and preventing fraud; and (2) enhancing the security of our network;
the need to comply with the law; or
any other ground, as required or permitted by law.

When we rely on legitimate interests as a lawful basis of processing, you have the right to ask us more about how we decided to choose this legal basis. To do so, please use the Contact Us details below.

Where we process your Personal Data based on your consent, you may withdraw it at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect the validity of our processing of Personal Data performed on other lawful grounds.

Where we receive your Personal Data as part of providing our Services to you based on a contract, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the Services to you.

How We Receive Personal Data?

With respect to our Sales and Marketing Systems and Customer Support we may receive your Personal Data when:

you contact us directly by phone, email, Wizeline’s social networks, or on our Website;
our customers (including their employees, contractors, and other representatives of the company) provide it to us;
our service providers provide it to us;
we purchase lists of individuals who might be interested in becoming customers of ours;
we collect this information from your activity when you use our Website; or
a friend of yours or one of our partners or customers refers you to our Services by providing your Personal Data to us.

With respect to our Recruitment Activities or Learning Services, we may receive your Personal Data when:

you contact us via phone, email, Wizeline’s social networks, or our Website; and
a friend of yours or one of our partners or customers refers you to our Recruitment Activities or Learning Services by providing your Personal Data to us.

If we receive your Personal Data from a third party, we will notify you, where required by applicable laws, without undue delay. We will not collect additional categories of Personal Data without informing you.

Categories of Personal Data

Within the scope of this Notice, we may process the following types of Personal Data:

biographical information, such as first and last name;
contact information, such as address, phone number, location, or e-mail address;
employment information, such as your historic job information, current job title or company name;
information of your interaction with our Website, like browsing history, search history, browser type, and Internet Protocol address; and
any other type of Personal Data you choose to submit to us through our Recruitment Activities, Learning Services, Customer Support, or the Sales and Marketing Systems.

For What Purposes Do We Use Your Personal Data?

We may process your Personal Data for the purposes of:

enabling the use of our Services and Website;
improving our Services and Website in order to better serve you;
responding to your requests or questions;
administering contests, promotions, or surveys related to our Services;
processing your transactions;
developing and tracking sales leads;
sending periodic emails regarding your orders or other products and services;
facilitating and optimizing our sales operations;
providing our recruitment services and facilitating the recruitment process;
enabling you to submit your resume, applying online for jobs or subscribing to alerts about jobs we think may be of interest to you;
communicating with you and answering your questions, or sending you information about new events or open positions.

To achieve the above purposes we need to perform different types of processing activities on your Personal Data, such as storage, access, transmission, consultation, adaptation or alteration, and combination.

Data Retention

When the purposes of processing are satisfied, we will delete the related Personal Data within six months, or upon receipt of a verified request.

We may maintain your contact information (name, e-mail, and phone number) for the purposes of reviewing future service opportunities with you, maintaining historical records of commercial activities, or exercising your privacy rights as requested.

In the context of our Recruitment Activities or Learning Services, we may maintain your contact information for the purpose of sending you relevant information about our job openings or future events.

Automated Decision-Making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making. There will always be human intervention into decisions based on automated processing, including automated analytics, testing, and profiling. If this position changes, or there is a need and lawful basis to do so, we will inform you.

Sharing Personal Data with Third Parties

We may share Personal Data with our subsidiaries and affiliates, as well as with our service providers, who assist us in operating our Website, conducting our business, providing our Services, or as required by law. However, we enter strict data processing agreements with these third parties to ensure that they keep your Personal Data confidential, only use it for the services they provide to Wizeline, and treat your Personal Data with the same level of protection that we do. The categories of third parties to which we may disclose your Personal Data include those providing:

application hosting services;
project management and content collaboration services;
team communication services;
software development services;
e-mail software;
customer relationship management (CRM) software;
recruiting software and application tracking system;
web analytics services.

Note if you are located in the EU: Some of these third parties may be located outside of the European Union or the European Economic Area. In some cases, the European Commission may have determined that in some countries, their data protection laws provide a level of protection equivalent to European Union law. You can see here the list of countries that the European Commission has recognized as providing an adequate level of protection to Personal Data. We will only transfer your Personal Data to third parties in countries not recognized as providing an adequate level of protection to Personal Data when there are appropriate safeguards in place. These may include the European-Commission-approved standard contractual data protection clauses under Article 46.2 of the GDPR, or Binding Corporate Rules (BCRs) for processors under Article 47 of the GDPR.

Sales of Your Personal Data

Wizeline generally does not directly sell your Personal Data in the conventional sense (for money). Like many companies, however, we use services that help deliver interest-based ads to you or analyze our website traffic, and may transfer Personal Data to business partners for their use. Making Personal Data (such as online identifiers or browsing activity) available to these companies may be considered a “sale” under the CCPA.

If you would like to opt out of the sales of your Personal Data that take place via cookies, you can learn how under the Cookies section below.

Other Disclosure of Your Personal Data

We may disclose your Personal Data (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders; or (ii) if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or (iii) to our subsidiaries or affiliates only if necessary for business and operational purposes as described in the section above.

If we must disclose your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy and security of your Personal Data.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any Personal Data, about individuals whose Personal Data we process in connection with providing our Services, as a group, for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, and customers.

Cookies

A “cookie” is a small file stored on your device that contains information about your device. We use cookies for authentication (session management) purposes, which are deleted when you close your browser. Those cookies are first-party cookies, since they are placed directly by us. We also use third-party cookies which are placed by our third-party service providers to track your browsing activity when you use our Website and for our Sales and Marketing Systems. If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able to use all of our Services’ features. For more information, please visithttps://www.aboutcookies.org/.

You may also set your browser to send a Do Not Track (DNT) signal. For more information, please visithttps://allaboutdnt.com/. Please note that our Services do not have the capability to respond to “Do Not Track” signals received from various web browsers.

What Privacy Rights Do You Have?

You have specific rights regarding your Personal Data collected and processed by us. In this section, we first describe those rights and then we explain how you can exercise those rights.

Right to Know What Happens to Your Personal Data

This is called the right to be informed. It means that you have the right to obtain from us all information regarding our data processing activities that concern you, such as how we collect and use your Personal Data, how long we will keep it, and who it will be shared with, among other things. We are informing you of how we process your Personal Data with this Notice.

Right to Know What Personal Data Wizeline Has About You

This is called the right of access. This right allows you to ask for full details of the Personal Data we hold about you.

You have the right to obtain from us confirmation as to whether or not we process Personal Data concerning you, and, where that is the case, a copy or access to the Personal Data and certain related information. Once we receive and confirm that the request comes from you or your authorized agent, we will disclose to you:

The categories of Personal Data we collected about you;
The categories of sources for the Personal Data we collected about you;
Our purposes for processing that Personal Data;
Where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period;
The categories of third parties with whom we share that Personal Data;
The specific pieces of Personal Data we collected about you;
If we disclosed your Personal Data for a business purpose, two separate lists laying out the:
- categories of Personal Data sold, and the categories of recipients who purchased the Personal Data; and
- categories of Personal Data disclosed for a business purpose, identifying the categories of recipients who obtained the Personal Data;
If we rely on legitimate interests as a lawful basis to process your Personal Data, the legitimate interests pursued by us or by a third party; and
The appropriate safeguards for transferring data from the EU to a third country, if applicable.

Please take into account that the GDPR allows us not to satisfy your access request when:

you already have the information;
providing such information proves impossible or would involve a disproportionate effort, or in so far providing such information is likely to render impossible or seriously impair the achievement of the objectives of that processing; and
that Personal Data must remain confidential subject to an obligation of professional secrecy regulated by Union or Member State law, including a statutory obligation of secrecy.

The CCPA prohibits us from disclosing account passwords or security questions and answers. We can inform you that we have this information generally, but we may not provide the specific items to you for security and legal reasons.

Right to Correct Your Personal Data

This is called the right to rectification. It gives you the right to ask us to correct anything that you think is wrong with the Personal Data we have on file about you and to complete any incomplete Personal Data.

Right to Delete Your Personal Data

This is called the right to erasure, right to deletion or the “right to be forgotten”. This right means you can ask for your Personal Data to be deleted.

If there is any Personal Data you would like deleted, you can ask us to do so using the contact information listed in this Notice. Sometimes we can delete your information, but other times it may not be possible, such as when the law tells us we cannot do so. If that is the case, we will consider if we can limit how we use it. There may also be circumstances where we deny your request to delete your information under applicable law, such as if we or our service providers need to retain the Personal Data to:

Complete the transaction for which we collected the Personal Data;
Provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
Debug products to identify and repair errors that impair existing intended functionality;
Enable solely internal uses reasonably aligned with your expectations based on your relationship with us;
Comply with a legal obligation, including (but not limited to) obligations from the California Electronic Communications Privacy Act; or
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Right to Ask Us to Change How We Process Your Personal Data

This is called the right to restrict processing. It is the right to ask us to only use or store your Personal Data for certain purposes.

You have this right in certain occasions, such as where you believe the data is inaccurate or the processing activity is unlawful. This right enables you to ask us to suspend the usage of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.

Right to Ask Us to Stop Using Your Personal Data

This is called the right to object. This is your right to tell us to stop using your Personal Data. You have this right where we rely on a legitimate interest of ours (or of a third party). Also, you have the right to object at any time to the processing of your Personal Data for direct marketing purposes.

We will stop processing the relevant Personal Data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your Personal Data to establish, exercise, or defend a legal claim.

Right to Port or Move Your Personal Data

This is called the right to data portability. It is the right to ask for and download Personal Data about you that you have given us, so that you can:

move it;
copy it;
keep it for yourself; or
transfer it to another organization.

We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you make a data portability request electronically, we will provide you a copy in electronic format.

Where we rely on your consent as the legal basis for processing your Personal Data, you may withdraw your consent at any time. If you withdraw your consent, our use of your Personal Data before you withdraw is still lawful.

If you have given consent for your details to be shared with a third party, and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences.

Right Not to be Discriminated Against for Exercising your Privacy Rights

We will not discriminate against you for exercising any of your privacy rights, meaning we will not:

deny you goods or services;
charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; or
provide you a different level or quality of goods or services.

Right to Lodge a Complaint with a Supervisory Authority

If the GDPR applies to the processing of your Personal Data with us, the GDPR grants you the right to lodge a complaint with a supervisory authority if you are not satisfied with how we process your Personal Data.

In particular, you can lodge a complaint in the Member State of the European Union of your habitual residence, place of work, or of the alleged violation of the GDPR.

Right to Opt Out of the Sale of Your Personal Data

You have the “right to opt out”, which means you have the right to ask us to not sell your Personal Data at any time.

As our use of some of the cookies that we use for statistical purposes and marketing purposes is the only sale of your Personal Data that Wizeline may be engaging in, the only way to opt out of sales of Personal Data is to change your cookie preferences through our cookie consent management platform. In particular, you need to choose not to allow the following categories of cookies:

Statistics
Marketing

Please consider that the preferences you submit through the cookie consent management platform, including your requests to opt out from the sale of personal information, may be stored in cookies or similar technologies that are specific to your browser. If this browser is configured to block cookies or similar technologies, our tool may not be able to store your preferences. In addition, deleting cookies on this browser may result in your preferences being removed. If your preferences are removed after you delete cookies from this browser, you will have to update these preferences again. Also, remember that private browsing technologies (such as incognito mode) automatically delete all local storage and cookies when the browsing session ends, preventing us from recording your choice made during the session; and preventing us from accessing any local storage created outside of the current session, which does not enable us to access the choice you made during a normal or previous private browsing session.

We’ll only store your preferences in this browser. Because some companies may not connect information about this browser with other web browsers or devices you may use (such as a web browser on another computer you may use, or one on a mobile device), you need to update your preferences through the cookie consent management platform to set your preferences separately for other browsers or devices you may use.”

Your Right to Opt Into the Sale of Your Personal Data

As our use of some of the cookies that we use for statistical purposes and marketing purposes is the only sale of your Personal Data that Wizeline may be engaging in, the only way to opt into sales of Personal Data is to change your cookie preferences through our cookie consent management platform. In particular, you need to choose to allow the following categories of cookies:

Statistics
Marketing

How Can You Exercise Your Privacy Rights?

To exercise any of the rights described above, please submit a request by contacting us by email at privacy@wizeline.com.

Verification of Your Identity

Bear in mind that to evaluate your privacy rights requests, we need to be sure it was you who made the request. Consequently, we may need some information to confirm that you are who you say you are.

For requests submitted via password-protected accounts, your identity is already verified.

For requests sent by other means, you will need to provide us with sufficient information that allows us to reasonably verify you are the person about whom we process Personal Data. Generally, we will request only information that we may have about you to confirm your identity, but under some circumstances we may require additional information or documentation to complete your request. We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request. Making a request does not require you to create an account with us.

We will only use the Personal Data you provide us in a request to verify your identity or authority to make the request.

Please note that you may only make a consumer request to know or data portability twice within a 12-month period under the CCPA.

Verification of Authority

If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request, a valid power of attorney on behalf of the individual.

Alternatively, you may ask the individual to directly contact us by using the Contact Us information below to verify their identity with us and confirm with us that they gave you permission to submit this request. We will only use the Personal Data you provide us in a request to verify your authority.

Response Timing and Format of Our Responses

We will confirm the receipt of your request within ten (10) days and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request.

Please allow us up to thirty (30) days to reply to you from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why, and the extension period, in writing.

If we cannot satisfy a request from you, we will also explain why in our response.

We will not charge a fee for processing or responding to your requests unless we determine that your request is excessive, repetitive, or manifestly unfounded.In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.

Privacy of Children

We do not knowingly process Personal Data of children under the age of 13.

Data Integrity & Security

Wizeline has implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect Personal Data from unauthorized processing such as unauthorized access, disclosure, alteration, storage or destruction.

U.S. Regulatory Oversight

Wizeline is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Changes to this Notice

If we make any material change to this Notice, we will post the revised Notice to this web page and update the “Effective” date above to reflect the date on which the new Notice became effective. By continuing to use our Services after we post any such changes, you accept the Notice as modified.

EU Data Protection Representative

VeraSafe has been appointed as Wizeline’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted in addition to privacy@wizeline.com, only on matters related to the processing of personal data.

To make such an inquiry, please contact VeraSafe using the following contact form: click here or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe

Plaza de la Solidaridad 12, Floor 5

29006, Malaga

Malaga

Spain

UK Data Protection Representative

VeraSafe has been appointed as Wizeline’s representative in the United Kingdom for data protection matters, pursuant to Article 27 of the United Kingdom General Data Protection Regulation. If you are located within the United Kingdom, VeraSafe can be contacted in addition to or instead of privacy@wizeline.com, only on matters related to the processing of personal data.

To make such an inquiry, please contact VeraSafe using this contact form: click here or via telephone at: +44 (20) 4532 2003.