FiveBy business activities are primarily in the area of Professional ANTI-PIRACY Consulting and Technical Services. FiveBy Solutions additionally conducts business in the area of Database Development and Business Intelligence.
Additional company information can be found at https://fiveby.com
In compliance with the Privacy Shield Principles, FiveBy commits to resolve complaints about our collection or use of your personal information. Individuals with inquiries or complaints regarding our Privacy Shield policy should first contact FiveBy at: Privacy@fiveby.com
FiveBy Solutions, Inc. commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
In compliance with the Privacy Shield Principles, FiveBy Solutions, Inc. commits to resolve complaints about our collection or use of your personal information. EU, Swiss and U.S. individuals with inquiries or complaints regarding our Privacy Shield policy should first contact FiveBy Solutions, Inc. at:
3040 78th Ave SE, #667
Mercer Island, WA 98040
FiveBy Solutions, Inc. has further committed to refer unresolved Privacy Shield complaints regarding HR Data to the EU Data Protection Authorities, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit http://www.uscib.org/privacy-shield for more information or to file a complaint. The services of remediation are provided at no cost to you.
Should an individual believe that resolution of their privacy issue has not been met satisfactorily they may, under certain conditions, invoke binding arbitration for complaints regarding Privacy Shield compliance. For more information you can visit: https://www.privacyshield.gov/
For any Privacy Shield related complaints that are not resolved within 45 days, you may file a complaint with our independent dispute resolution provider at the following website: https://www.jamsadr.com/about/submit-a-case
We may collect Personally Identifiable Information (PII) from Users in a variety of ways, including, but not limited to, when Users register on our site, request contact for potential partnership, follow our social media and in connection with other activities, services, features or resources we make available on our site.
Users may be asked to provide, as appropriate, their name, mailing address, email address, phone number, payment information and company name. Users may however, visit our site anonymously. We will collect PII from Users only if they voluntarily submit such information to us. Users can always refuse to supply or limit the use of their PII, except that it may prevent them from engaging in certain Site activities.
We may collect non-PII about Users whenever they interact with our website. Non-PII may include the user’s geographic region, browser type and version, time of day and connection, and technical information about Users’ means of connection to our site, such as the IP address, the Internet Service Provider (ISP) used and other similar information.
Our website and occasionally in our work with clients, appropriate data must be collected, stored and processed and security measures are in place to protect against unauthorized access, alteration, disclosure, or destruction of your personal information, username, password, transaction information and data stored on our Site. Any sensitive and private data exchanged between the Site and its Users is done using an SSL-secured communication channel, encrypted and protected using public key encryption and digital signatures. Our Site is in compliance with the Privacy Shield security standards, in order to create an environment that is as secure as possible for Users.
Our Sites security policies and practices are reviewed regularly for vulnerabilities, in order to create an environment that is as secure as possible for Users.
We may use third party service providers to help us operate our business and the Sites, or administer activities on our behalf, such as sending out newsletters or surveys. In such a case, we will not transfer PII to third parties unless such third parties have entered into an agreement in writing with us requiring them to provide at least the same level of privacy protection to your PII as required by the Principles of the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework though the third party controller need not be Privacy Shield certified. We will only transfer PII to cloud service providers who need the information in order to provide services to or perform activities on Our behalf. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, FiveBy is potentially liable. FiveBy may be required in certain circumstances to disclose PII in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may share your information to defend our company’s rights and properties, or to comply with legitimate law enforcement purposes. Users are advised that ownership transfer or data destruction may occur in the event of a merger, bankruptcy or cessation of operation.
Users may opt out from receiving mailings from FiveBy. If a user wishes to unsubscribe, they may follow the instructions in the emails. Currently FiveBy does not utilize email newsletters to convey updates or news worthy information, this is subject to change.
We may contact clients or customers of FiveBy for various reasons including responding to inquiries, payment processing, notification of errors, or incident.
FiveBy may collect and utilize Users’ personal information for the following purposes:
- To process payments: FiveBy may use the information Users provide about themselves, when partnering with us for services, to process payment for said services.
- To send periodic emails: FiveBy may use the email address you provide to send Users periodic information, including updates pertaining to FiveBy’s mission or new areas of development.
- May collect data as provided by applicants. This may include but is not limited to: email, phone numbers, and addresses.
- Employees may be asked to complete a background check based on client requirements. Third party services used for background checks include TrueScreen and HireRight.
Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our Site from those we know to be under the age of 16, and no part of our website is structured to attract anyone under 16.
Changes to This Policy
Client Collected Data
First and foremost FiveBy will follow all security and data protection policies of each of our clients. A client is identified by entering into a contractual agreement.
Additionally FiveBy has its own policy which is continuous. If at any point during a client engagement it becomes necessary for us to engage with client propagated PII in order to complete our agreed terms of service we have measures in place which limit our exposure and liability.
If we are required by our clients to collect either PII or non-personal information we will do so while on Site with the client complying with their data security measures. If any part of this data should be required to leave the clients’ Site, it will only do so on a Bitlocker encrypted machine which will also have password protection.
We require all of our client facing employees to regularly remove any client information including both PII and non-personal information. We also practice a six month maximum document retention policy.
When we use the term “personal information” we mean information that directly identifies you, or allows someone to directly contact you. Examples of personal information include your name, e-mail address, telephone number, or business contact information.
When we use the term “non-personal information” we mean information that does not directly identify you, or allow someone to directly contact you.
Additional Ways We May Share Information
We may share information about you with third parties in certain circumstances including in the following situations:
- Affiliates: We may share information with companies that we own or control, that are owned or controlled by us, or that are under common ownership or control. At this time Fiveby does not own or control wholly or commonly any additional companies.
- Blogs, Online Postings, and Testimonials: We may decide to allow users to share comments, postings, testimonials, or other information. If you choose to submit such information to us, the information that you submit may be available generally to the public. Information you provide in these areas may be read, collected, and used by others who access them.
- Business Transition: In the event that we, or any portion of our assets, are acquired we may share all types of information with the acquiring company.
- Law Enforcement: We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
- FTC: Our organization is subject to the investigatory and enforcement powers of the FTC
HOW WE SECURE INFORMATION
We take reasonable and appropriate measures to help keep information secure, and to help prevent it from becoming disclosed to individuals who are not described in this policy. While we follow reasonable procedures to try to protect the information in our possession, no security system is perfect and we cannot promise, and you should not expect, that your information will remain secure in all circumstances.
Human Resources Data
All of your data collected for employment purposes is stored on BambooHR servers in data centers using biometric authentication, key card access controls and constant video surveillance to protect the servers that store the data.
Data Security and European Union Countries – Safe Harbor Certification:
BambooHR software is hosted with Rackspace®. Rackspace® is SAS70 Type II compliant, and is Safe Harbor certified. For any additional questions or concerns please contact Customer Service.
Privacy Shield Framework:
BambooHR is certified under the Privacy Shield Framework. You can view our certification under the Framework by going to https://www.privacyshield.gov/welcome, selecting “Privacy Shield List” and then looking up Bamboo HR LLC.
Last update: This document was last updated on August 21, 2018